Konkuk-KUIT · Nico1eKim · Nov 20, 2024 · Nov 22, 2024
diff --git a/src/main/java/com/kuit/kuit4serverauth/config/WebConfig.java b/src/main/java/com/kuit/kuit4serverauth/config/WebConfig.java
@@ -16,5 +16,7 @@ public WebConfig(AuthInterceptor authInterceptor) {
     @Override
     public void addInterceptors(InterceptorRegistry registry) {
         // TODO /profile, /admin 앞에 붙이기
+        registry.addInterceptor(authInterceptor)
+                .addPathPatterns("/profile", "/admin");
     }
 }
diff --git a/src/main/java/com/kuit/kuit4serverauth/controller/UserController.java b/src/main/java/com/kuit/kuit4serverauth/controller/UserController.java
@@ -1,5 +1,9 @@
 package com.kuit.kuit4serverauth.controller;
 
+import com.kuit.kuit4serverauth.model.User;
+import com.kuit.kuit4serverauth.repository.UserRepository;
+import com.kuit.kuit4serverauth.service.JwtUtil;
+import io.jsonwebtoken.Claims;
 import jakarta.servlet.http.HttpServletRequest;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
@@ -8,16 +12,36 @@
 
 @RestController
 public class UserController {
+    private final UserRepository userRepository;
+
+    public UserController(UserRepository userRepository) {
+        this.userRepository = userRepository;
+    }
 
     @GetMapping("/profile")
     public ResponseEntity<String> getProfile(HttpServletRequest request) {
         // TODO : 로그인 한 사용자면 username 이용해 "Hello, {username}" 반환하기
+        String username = (String) request.getAttribute("username");
+
+        if (username != null) {
+            User user = userRepository.findByUsername(username);
+            if (user != null) {
+                return ResponseEntity.ok("Hello, " + user.getUsername());
+            }
+        }
+
         return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("Unauthorized");
     }
 
     @GetMapping("/admin")
     public ResponseEntity<String> getAdmin(HttpServletRequest request) {
         // TODO: role이 admin이면 "Hello, admin" 반환하기
+        String role = (String) request.getAttribute("role");
+
+        if ("ROLE_ADMIN".equals(role)) {
+            return ResponseEntity.ok("Hello, admin");
+        }
+
         return ResponseEntity.status(HttpStatus.FORBIDDEN).body("Forbidden");
     }
 }
diff --git a/src/main/java/com/kuit/kuit4serverauth/service/JwtUtil.java b/src/main/java/com/kuit/kuit4serverauth/service/JwtUtil.java
@@ -11,7 +11,7 @@
 
 @Component
 public class JwtUtil {
-    private final String secret = "mysecretkey";
+    private final String secret = "mysecurekeymysecurekeymysecurekeymysecurekey";
     private final long expirationMs = 3600000; // 1 hour
 
     public String generateToken(String username, String role) {