diff --git a/src/main/java/com/bbteam/budgetbuddies/domain/user/dto/UserDto.java b/src/main/java/com/bbteam/budgetbuddies/domain/user/dto/UserDto.java index 449178b2..55312f17 100644 --- a/src/main/java/com/bbteam/budgetbuddies/domain/user/dto/UserDto.java +++ b/src/main/java/com/bbteam/budgetbuddies/domain/user/dto/UserDto.java @@ -46,4 +46,10 @@ public static class ModifyUserDto { private String email; private String name; } + + @Getter + @Builder + public static class AuthUserDto { + private Long id; + } } diff --git a/src/main/java/com/bbteam/budgetbuddies/global/config/WebConfig.java b/src/main/java/com/bbteam/budgetbuddies/global/config/WebConfig.java new file mode 100644 index 00000000..712fb35a --- /dev/null +++ b/src/main/java/com/bbteam/budgetbuddies/global/config/WebConfig.java @@ -0,0 +1,21 @@ +package com.bbteam.budgetbuddies.global.config; + +import com.bbteam.budgetbuddies.global.security.utils.AuthArgumentResolver; +import lombok.RequiredArgsConstructor; +import org.springframework.context.annotation.Configuration; +import org.springframework.web.method.support.HandlerMethodArgumentResolver; +import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; + +import java.util.List; + +@Configuration +@RequiredArgsConstructor +public class WebConfig implements WebMvcConfigurer { + + private final AuthArgumentResolver authArgumentResolver; + + @Override + public void addArgumentResolvers(List argumentResolvers) { + argumentResolvers.add(authArgumentResolver); + } +} \ No newline at end of file diff --git a/src/main/java/com/bbteam/budgetbuddies/global/security/otp/OtpService.java b/src/main/java/com/bbteam/budgetbuddies/global/security/otp/OtpService.java index ff76eb7f..40c2eac3 100644 --- a/src/main/java/com/bbteam/budgetbuddies/global/security/otp/OtpService.java +++ b/src/main/java/com/bbteam/budgetbuddies/global/security/otp/OtpService.java @@ -66,7 +66,7 @@ public OtpNumber generateOtp(String phoneNumber) { otpCache.put(phoneNumber, otp); // 실제 메시지 전송 - sendMessage(phoneNumber, otp); + sendMessage(phoneNumber, otp); return otp; } @@ -85,7 +85,7 @@ public void sendMessage(String phoneNumber, OtpNumber otp) { message.setTo(phoneNumber); // 수신 번호 설정 // 메시지 내용 설정 (한글 45자 이하일 경우 자동으로 SMS로 전송) - message.setText("[빈주머니즈]\n인증번호: " + otp.getOtp()); + message.setText("[빈주머니즈]\n인증번호: " + otp.getOtp() + "\n보안을 위해 번호를 타인과 공유하지 마세요."); // 메시지 전송 요청 및 응답 로그 출력 SingleMessageSentResponse response = this.messageService.sendOne(new SingleMessageSendingRequest(message)); diff --git a/src/main/java/com/bbteam/budgetbuddies/global/security/utils/AuthArgumentResolver.java b/src/main/java/com/bbteam/budgetbuddies/global/security/utils/AuthArgumentResolver.java new file mode 100644 index 00000000..7560b0f2 --- /dev/null +++ b/src/main/java/com/bbteam/budgetbuddies/global/security/utils/AuthArgumentResolver.java @@ -0,0 +1,47 @@ +package com.bbteam.budgetbuddies.global.security.utils; + +import com.bbteam.budgetbuddies.apiPayload.code.status.ErrorStatus; +import com.bbteam.budgetbuddies.apiPayload.exception.GeneralException; +import com.bbteam.budgetbuddies.domain.user.dto.UserDto; +import com.bbteam.budgetbuddies.domain.user.entity.User; +import lombok.NonNull; +import lombok.RequiredArgsConstructor; +import org.springframework.core.MethodParameter; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.stereotype.Component; +import org.springframework.web.bind.support.WebDataBinderFactory; +import org.springframework.web.context.request.NativeWebRequest; +import org.springframework.web.method.support.HandlerMethodArgumentResolver; +import org.springframework.web.method.support.ModelAndViewContainer; + +@Component +@RequiredArgsConstructor +public class AuthArgumentResolver implements HandlerMethodArgumentResolver { + + // @Auth 존재 여부 확인 + @Override + public boolean supportsParameter(MethodParameter parameter) { + return parameter.hasParameterAnnotation(AuthUser.class); + } + + // @Auth 존재 시, 사용자 정보 확인하여 반환 + @Override + public Object resolveArgument(@NonNull MethodParameter parameter, ModelAndViewContainer mavContainer, @NonNull NativeWebRequest webRequest, WebDataBinderFactory binderFactory) throws Exception { + Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); + if (authentication == null) { + throw new GeneralException(ErrorStatus._USER_NOT_FOUND); + } + + Object principal = authentication.getPrincipal(); + if (!(principal instanceof User user)) { + throw new GeneralException(ErrorStatus._USER_NOT_FOUND); + } + + UserDto.AuthUserDto authUserDto = UserDto.AuthUserDto.builder() + .id(user.getId()) + .build(); + + return authUserDto; + } +} \ No newline at end of file diff --git a/src/main/java/com/bbteam/budgetbuddies/global/security/utils/AuthUser.java b/src/main/java/com/bbteam/budgetbuddies/global/security/utils/AuthUser.java new file mode 100644 index 00000000..9fa4a0e1 --- /dev/null +++ b/src/main/java/com/bbteam/budgetbuddies/global/security/utils/AuthUser.java @@ -0,0 +1,12 @@ +package com.bbteam.budgetbuddies.global.security.utils; + +import java.lang.annotation.ElementType; +import java.lang.annotation.Retention; +import java.lang.annotation.RetentionPolicy; +import java.lang.annotation.Target; + + +@Target(ElementType.PARAMETER) +@Retention(RetentionPolicy.RUNTIME) +public @interface AuthUser { +}