diff --git a/src/main/java/com/smunity/server/domain/account/dto/LoginResponseDto.java b/src/main/java/com/smunity/server/domain/account/dto/LoginResponseDto.java index b613abc..9230f76 100644 --- a/src/main/java/com/smunity/server/domain/account/dto/LoginResponseDto.java +++ b/src/main/java/com/smunity/server/domain/account/dto/LoginResponseDto.java @@ -5,15 +5,15 @@ @Builder public record LoginResponseDto( - Long memberId, + String username, MemberRole memberRole, String accessToken, String refreshToken ) { - public static LoginResponseDto of(Long memberId, MemberRole memberRole, String accessToken, String refreshToken) { + public static LoginResponseDto of(String username, MemberRole memberRole, String accessToken, String refreshToken) { return LoginResponseDto.builder() - .memberId(memberId) + .username(username) .memberRole(memberRole) .accessToken(accessToken) .refreshToken(refreshToken) diff --git a/src/main/java/com/smunity/server/domain/account/dto/RegisterResponseDto.java b/src/main/java/com/smunity/server/domain/account/dto/RegisterResponseDto.java index 5a66f6d..7687dc2 100644 --- a/src/main/java/com/smunity/server/domain/account/dto/RegisterResponseDto.java +++ b/src/main/java/com/smunity/server/domain/account/dto/RegisterResponseDto.java @@ -8,7 +8,6 @@ @Builder public record RegisterResponseDto( - Long id, String username, MemberRole role, LocalDateTime createdAt @@ -16,7 +15,6 @@ public record RegisterResponseDto( public static RegisterResponseDto from(Member member) { return RegisterResponseDto.builder() - .id(member.getId()) .username(member.getUsername()) .role(member.getRole()) .createdAt(member.getCreatedAt()) diff --git a/src/main/java/com/smunity/server/domain/account/service/AccountService.java b/src/main/java/com/smunity/server/domain/account/service/AccountService.java index d44aea6..3aa823c 100644 --- a/src/main/java/com/smunity/server/domain/account/service/AccountService.java +++ b/src/main/java/com/smunity/server/domain/account/service/AccountService.java @@ -45,7 +45,7 @@ public LoginResponseDto login(LoginRequestDto requestDto) { Member member = memberRepository.findByUsername(requestDto.username()) .orElseThrow(() -> new GeneralException(ErrorCode.ACCOUNT_NOT_FOUND)); checkPassword(requestDto.password(), member.getPassword()); - return generateToken(member.getId(), member.getRole()); + return generateToken(member.getUsername(), member.getId(), member.getRole()); } public LoginResponseDto refresh(RefreshRequestDto requestDto) { @@ -54,14 +54,14 @@ public LoginResponseDto refresh(RefreshRequestDto requestDto) { Member member = memberRepository.findById(oldRefreshToken.getMemberId()) .orElseThrow(() -> new GeneralException(ErrorCode.ACCOUNT_NOT_FOUND)); refreshTokenService.deleteRefreshToken(oldRefreshToken.getToken()); - return generateToken(member.getId(), member.getRole()); + return generateToken(member.getUsername(), member.getId(), member.getRole()); } - private LoginResponseDto generateToken(Long memberId, MemberRole memberRole) { + private LoginResponseDto generateToken(String username, Long memberId, MemberRole memberRole) { String accessToken = jwtTokenProvider.createAccessToken(memberId, memberRole, false); String refreshToken = jwtTokenProvider.createAccessToken(memberId, memberRole, true); refreshTokenService.saveRefreshToken(memberId, refreshToken); - return LoginResponseDto.of(memberId, memberRole, accessToken, refreshToken); + return LoginResponseDto.of(username, memberRole, accessToken, refreshToken); } private void validateUser(String memberName, String username) { diff --git a/src/main/java/com/smunity/server/domain/member/controller/MemberController.java b/src/main/java/com/smunity/server/domain/member/controller/MemberController.java index f166f7e..40f8755 100644 --- a/src/main/java/com/smunity/server/domain/member/controller/MemberController.java +++ b/src/main/java/com/smunity/server/domain/member/controller/MemberController.java @@ -9,7 +9,6 @@ import com.smunity.server.domain.member.service.MemberQueryService; import com.smunity.server.global.security.annotation.AuthMember; import com.smunity.server.global.security.annotation.AuthVerified; -import com.smunity.server.global.validation.annotation.PermissionCheck; import jakarta.validation.Valid; import lombok.RequiredArgsConstructor; import org.springdoc.core.annotations.ParameterObject; @@ -32,12 +31,6 @@ public ResponseEntity> readMembers(@ParameterObject Page return ResponseEntity.ok(responseDtoPage); } - @GetMapping("/{id}") - public ResponseEntity readMember(@PermissionCheck @PathVariable Long id) { - MemberInfoResponseDto responseDto = memberQueryService.readMember(id); - return ResponseEntity.ok(responseDto); - } - @GetMapping("/me") public ResponseEntity readMemberInfo(@AuthMember Long memberId) { MemberInfoResponseDto responseDto = memberQueryService.readMember(memberId); diff --git a/src/main/java/com/smunity/server/domain/member/dto/MemberInfoResponseDto.java b/src/main/java/com/smunity/server/domain/member/dto/MemberInfoResponseDto.java index daa0d99..514b670 100644 --- a/src/main/java/com/smunity/server/domain/member/dto/MemberInfoResponseDto.java +++ b/src/main/java/com/smunity/server/domain/member/dto/MemberInfoResponseDto.java @@ -5,7 +5,6 @@ @Builder public record MemberInfoResponseDto( - Long id, String username, String name, String department, @@ -14,7 +13,6 @@ public record MemberInfoResponseDto( public static MemberInfoResponseDto from(Member member) { return MemberInfoResponseDto.builder() - .id(member.getId()) .username(member.getUsername()) .name(member.getName()) .department(member.getDepartment().getName()) diff --git a/src/main/java/com/smunity/server/global/security/config/SecurityConfig.java b/src/main/java/com/smunity/server/global/security/config/SecurityConfig.java index 172d23d..25e21c1 100644 --- a/src/main/java/com/smunity/server/global/security/config/SecurityConfig.java +++ b/src/main/java/com/smunity/server/global/security/config/SecurityConfig.java @@ -73,7 +73,7 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { .requestMatchers(HttpMethod.GET, "/api/v1/questions/**").permitAll() // 관리자 권한을 가진 사용자 (ROLE_ADMIN) - .requestMatchers("/api/v1/members", "/api/v1/questions/{questionId}/answer", "/actuator/**").hasRole("ADMIN") + .requestMatchers("/api/v1/members", "/api/v1/questions/{questionId}/answer").hasRole("ADMIN") // 인증된 사용자 (ROLE_USER, ROLE_ADMIN) .anyRequest().authenticated() diff --git a/src/main/java/com/smunity/server/global/validation/annotation/PermissionCheck.java b/src/main/java/com/smunity/server/global/validation/annotation/PermissionCheck.java deleted file mode 100644 index ea97c08..0000000 --- a/src/main/java/com/smunity/server/global/validation/annotation/PermissionCheck.java +++ /dev/null @@ -1,22 +0,0 @@ -package com.smunity.server.global.validation.annotation; - -import com.smunity.server.global.validation.validator.PermissionCheckValidator; -import jakarta.validation.Constraint; -import jakarta.validation.Payload; - -import java.lang.annotation.ElementType; -import java.lang.annotation.Retention; -import java.lang.annotation.RetentionPolicy; -import java.lang.annotation.Target; - -@Retention(RetentionPolicy.RUNTIME) -@Target({ElementType.PARAMETER}) -@Constraint(validatedBy = PermissionCheckValidator.class) -public @interface PermissionCheck { - - String message() default "권한이 없습니다."; - - Class[] groups() default {}; - - Class[] payload() default {}; -} diff --git a/src/main/java/com/smunity/server/global/validation/validator/PermissionCheckValidator.java b/src/main/java/com/smunity/server/global/validation/validator/PermissionCheckValidator.java deleted file mode 100644 index 5b769e6..0000000 --- a/src/main/java/com/smunity/server/global/validation/validator/PermissionCheckValidator.java +++ /dev/null @@ -1,49 +0,0 @@ -package com.smunity.server.global.validation.validator; - -import com.smunity.server.global.security.util.PermissionUtil; -import com.smunity.server.global.validation.annotation.PermissionCheck; -import jakarta.validation.ConstraintValidator; -import jakarta.validation.ConstraintValidatorContext; -import lombok.RequiredArgsConstructor; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.stereotype.Component; - -import static com.smunity.server.global.exception.code.ErrorCode.MEMBER_FORBIDDEN; - -/** - * PermissionCheck 어노테이션에 대한 유효성 검사를 수행하는 Validator 클래스 - */ -@Component -@RequiredArgsConstructor -public class PermissionCheckValidator implements ConstraintValidator { - - /** - * 주어진 값에 대한 권한 검사를 수행 - * - * @return 권한이 있으면 true, 없으면 false (HandlerMethodValidationException) - */ - @Override - public boolean isValid(Long value, ConstraintValidatorContext context) { - Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); - if (authentication == null || !checkPermission(value, authentication)) { - addViolation(context); - return false; - } - return true; - } - - // 인증 정보를 바탕으로 권한 확인 - private boolean checkPermission(Long value, Authentication authentication) { - Long memberId = Long.valueOf(authentication.getName()); - boolean isAdmin = PermissionUtil.isAdmin(authentication.getAuthorities()); - return PermissionUtil.checkPermission(memberId, isAdmin, value); - } - - // 유효성 검사 실패 시 위반 사항을 추가 (ErrorCode 이름) - private void addViolation(ConstraintValidatorContext context) { - context.disableDefaultConstraintViolation(); - context.buildConstraintViolationWithTemplate(MEMBER_FORBIDDEN.name()) - .addConstraintViolation(); - } -}