admin/ocr-java
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: admin:d9211cc12b3adb87696723db283c24cbb2239b0c
Branches Tags
admin:main
...
compare: admin:main
Branches Tags
admin:main

7 Commits
d9211cc12b ... main

Author SHA1 Message Date
root
8fe6a32ede Merge branch 'main' of https://git.byeori.cloud/admin/ocr-java 
pull merge
 2026-03-25 23:20:05 +09:00
root
fee9b12395 로그인 구조 변경 2026-02-27 18:16:26 +09:00
root
5fd0c03560 userid 타입 변경 2026-02-27 11:14:31 +09:00
byeori
89d1acf5c9 구조 변경 2026-02-25 17:53:07 +09:00
byeori
6a2405a782 ds_store제거 2026-02-25 17:51:55 +09:00
root
d8af2f71c6 Merge branch 'main' of https://git.byeori.cloud/admin/ocr-java 
merge
 2026-02-18 15:19:59 +09:00
root
a92d31e371 보안 검토 2026-02-03 00:15:27 +09:00
5 changed files with 75 additions and 35 deletions
Expand all files Collapse all files

3
prd/src/main/java/site/ocr/prd/SecurityConfig.java → prd/src/main/java/site/ocr/prd/config/SecurityConfig.java
View File

@@ -1,4 +1,4 @@
package site.ocr.prd; package site.ocr.prd.config;
import java.util.List; import java.util.List;
@@ -22,6 +22,7 @@ public class SecurityConfig {
configuration.setAllowedOrigins(List.of("http://localhost:3000")); configuration.setAllowedOrigins(List.of("http://localhost:3000"));
configuration.setAllowedMethods(List.of("GET","POST", "PUT","DELETE","OPTION")); configuration.setAllowedMethods(List.of("GET","POST", "PUT","DELETE","OPTION"));
configuration.setAllowedHeaders(List.of("*")); configuration.setAllowedHeaders(List.of("*"));
configuration.setAllowCredentials(true);
return configuration; return configuration;
}; };
cors.configurationSource(configurationSource); cors.configurationSource(configurationSource);

2
prd/src/main/java/site/ocr/prd/WebClientConfig.java → prd/src/main/java/site/ocr/prd/config/WebClientConfig.java
View File

@@ -1,4 +1,4 @@
package site.ocr.prd; package site.ocr.prd.config;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;

4
prd/src/main/java/site/ocr/prd/WebMVCConfig.java → prd/src/main/java/site/ocr/prd/config/WebMVCConfig.java
View File

@@ -1,10 +1,12 @@
package site.ocr.prd; package site.ocr.prd.config;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry; import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
import site.ocr.prd.SessionLoggingInterceptor;
@Configuration @Configuration
public class WebMVCConfig implements WebMvcConfigurer { public class WebMVCConfig implements WebMvcConfigurer {

60
prd/src/main/java/site/ocr/prd/contorllers/LoginController.java
View File

@@ -1,6 +1,9 @@
package site.ocr.prd.contorllers; package site.ocr.prd.contorllers;
import java.time.Duration; import java.util.Map;
import org.slf4j.Logger;
import java.util.HashMap;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpHeaders; import org.springframework.http.HttpHeaders;
import org.springframework.http.ResponseCookie; import org.springframework.http.ResponseCookie;
import org.springframework.http.ResponseEntity; import org.springframework.http.ResponseEntity;
@@ -9,7 +12,6 @@ import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestBody;
import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletRequest;
import site.ocr.prd.components.JwtProvider;
import site.ocr.prd.dto.LoginReqDTO; import site.ocr.prd.dto.LoginReqDTO;
import site.ocr.prd.dto.LoginResDTO; import site.ocr.prd.dto.LoginResDTO;
import site.ocr.prd.dto.UserInfoInqyReqDTO; import site.ocr.prd.dto.UserInfoInqyReqDTO;
@@ -24,23 +26,23 @@ import org.springframework.web.bind.annotation.RequestParam;
@Controller @Controller
public class LoginController { public class LoginController {
//Logger 선언
private static final Logger logger = LoggerFactory.getLogger(LoginController.class);
//service 선언 //service 선언
private final LoginService loginService; private final LoginService loginService;
//JWT 선언
private final JwtProvider jwtProvider;
public LoginController(LoginService loginService, JwtProvider provider) { public LoginController(LoginService loginService) {
this.loginService = loginService; this.loginService = loginService;
this.jwtProvider = provider;
} }
/** /**
* 프론트에서 카카오로 로그인 요청 후 카카오에서 리다이렉트 해준 인가코드로 토큰 발급 및 사용자정보 조회 * 프론트에서 카카오로 로그인 요청 후 카카오에서 리다이렉트 해준 인가코드로 토큰 발급 및 사용자정보 조회
* @param redirectRespn 카카오에서 리다이렉트해준 인가코드 * @param redirectRespn 카카오에서 리다이렉트해준 인가코드
*/ */
@GetMapping("/oauth/oauth-kakao-authorize") //kakao에서 get으로 리다이렉트 해줌 @GetMapping("/oauth/oauth-kakao-authorize") //kakao에서 get으로 리다이렉트 해줌
public ResponseEntity kakaoLoginRequest(HttpServletRequest redirectRespn) { public ResponseEntity<Map<String, String>> kakaoLoginRequest(HttpServletRequest redirectRespn) {
String code = redirectRespn.getParameter("code"); String code = redirectRespn.getParameter("code");
System.out.println("인가코드 :: " + code); logger.info("인가코드 :: " + code);
/** /**
* 카카오에 토큰값 요청 * 카카오에 토큰값 요청
@@ -62,7 +64,7 @@ public class LoginController {
* @param refresh_token 사용자 리프레시 토큰 * @param refresh_token 사용자 리프레시 토큰
*/ */
LoginResDTO loginResult = loginService.getToken(loginRequest); LoginResDTO loginResult = loginService.getToken(loginRequest);
System.out.println("결과 :: " + loginResult.toString()); logger.info("토큰발급 결과 :: " + loginResult.toString());
UserInfoInqyReqDTO userInfoInqyRequest = new UserInfoInqyReqDTO(); UserInfoInqyReqDTO userInfoInqyRequest = new UserInfoInqyReqDTO();
userInfoInqyRequest.setAccess_token(loginResult.getAccess_token()); userInfoInqyRequest.setAccess_token(loginResult.getAccess_token());
@@ -72,25 +74,35 @@ public class LoginController {
* @param access_token 사용자정보 조회용 토큰 * @param access_token 사용자정보 조회용 토큰
*/ */
UserInfoInqyResDTO userInfoInqyResponse = loginService.getUserInfo(userInfoInqyRequest); UserInfoInqyResDTO userInfoInqyResponse = loginService.getUserInfo(userInfoInqyRequest);
System.out.println("사용자정보 :: " + userInfoInqyResponse.toString()); logger.info("사용자정보 :: " + userInfoInqyResponse.toString());
/** ResponseCookie cookie = loginService.createJwtCookie(userInfoInqyResponse.getId());
* jwt 생성
* oauth를 통해 받은 토큰을 직접 사용하지 말고 id에 jwt키를 발급해서 사용 Map<String, String> response = new HashMap<>();
* cookie에 저장 response.put("success", "true");
*/ response.put("userId", userInfoInqyResponse.getId());
String jwt = jwtProvider.createJwtToken(userInfoInqyResponse.getId()); response.put("message", "Login successful");
ResponseCookie cookie = ResponseCookie.from("accessToken", jwt) response.put("userInfo", userInfoInqyResponse.getName());
.httpOnly(true)
.secure(true)
.sameSite("Lax")
.maxAge(Duration.ofHours(1))
.build();
return ResponseEntity.status(302) return ResponseEntity.status(302)
.header(HttpHeaders.SET_COOKIE, cookie.toString()) .header(HttpHeaders.SET_COOKIE, cookie.toString())
.header(HttpHeaders.LOCATION, "http://localhost:3000/main") .header(HttpHeaders.LOCATION, "http://localhost:3000/pages/oauth/callback")
.build(); .body(response);
}
/**
* JWT 토큰 조회 (프론트에서 로그인 상태 확인용)
* @param userId 사용자 ID
* @return 로그인 결과 및 JWT 토큰
*/
@GetMapping("/oauth/get-jwt-token")
public ResponseEntity<Map<String, String>> getJwtToken(@RequestParam String userId) {
ResponseCookie cookie = loginService.createJwtCookie(userId);
Map<String, String> response = new java.util.HashMap<>();
response.put("token", cookie.toString());
return ResponseEntity.ok()
.header(HttpHeaders.SET_COOKIE, cookie.toString())
.body(response);
} }
@GetMapping("login/oauth-kakao-token") @GetMapping("login/oauth-kakao-token")

37
prd/src/main/java/site/ocr/prd/services/LoginService.java
View File

@@ -1,13 +1,19 @@
package site.ocr.prd.services; package site.ocr.prd.services;
import java.time.Duration;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpHeaders; import org.springframework.http.HttpHeaders;
import org.springframework.http.MediaType; import org.springframework.http.MediaType;
import org.springframework.http.ResponseCookie;
import org.springframework.stereotype.Service; import org.springframework.stereotype.Service;
import org.springframework.web.reactive.function.BodyInserters; import org.springframework.web.reactive.function.BodyInserters;
import org.springframework.web.reactive.function.client.WebClient; import org.springframework.web.reactive.function.client.WebClient;
import com.fasterxml.jackson.databind.JsonNode; import com.fasterxml.jackson.databind.JsonNode;
import site.ocr.prd.components.JwtProvider;
import site.ocr.prd.dto.LoginReqDTO; import site.ocr.prd.dto.LoginReqDTO;
import site.ocr.prd.dto.LoginResDTO; import site.ocr.prd.dto.LoginResDTO;
import site.ocr.prd.dto.UserInfoInqyReqDTO; import site.ocr.prd.dto.UserInfoInqyReqDTO;
@@ -16,17 +22,21 @@ import site.ocr.prd.dto.UserInfoInqyResDTO;
@Service @Service
public class LoginService { public class LoginService {
//logger 선언
private static final Logger logger = LoggerFactory.getLogger(LoginService.class);
//webclient builder //webclient builder
private final WebClient webClient; private final WebClient webClient;
//JWT provider
private final JwtProvider jwtProvider;
public LoginService(WebClient.Builder builder, JwtProvider jwtProvider) {
public LoginService(WebClient.Builder builder) {
this.webClient = builder.build(); this.webClient = builder.build();
this.jwtProvider = jwtProvider;
} }
public LoginResDTO getToken(LoginReqDTO request) { public LoginResDTO getToken(LoginReqDTO request) {
System.out.println("kakao auth code = {}" + request.getCode()); logger.info("kakao auth code :: " + request.getCode());
LoginResDTO result = webClient.post() LoginResDTO result = webClient.post()
.uri("https://kauth.kakao.com/oauth/token") .uri("https://kauth.kakao.com/oauth/token")
@@ -54,15 +64,30 @@ public class LoginService {
.block(); .block();
//사용자ID //사용자ID
//jsonnode :: {"id":4438121341,"connected_at":"2025-09-09T03:53:23Z"}
logger.info("jsonnode :: " + root.toString());
String id = root.path("id").asText(); String id = root.path("id").asText();
String name = root.path("name").asText(); String name = root.path("name").asText();
String email = root.path("email").asText(); String email = root.path("email").asText();
//jsonnode :: {"id":4438121341,"connected_at":"2025-09-09T03:53:23Z"}
System.out.println("jsonnode :: " + root.toString());
result.setId(id); result.setId(id);
result.setName(name); result.setName(name);
result.setEmail(email); result.setEmail(email);
return result; return result;
} }
/**
* JWT 토큰을 생성하고 ResponseCookie로 변환
* @param userId 사용자 ID
* @return ResponseCookie JWT 토큰이 포함된 쿠키
*/
public ResponseCookie createJwtCookie(String userId) {
String jwt = jwtProvider.createJwtToken(userId);
return ResponseCookie.from("accessToken", jwt)
.httpOnly(true)
.secure(true)
.sameSite("Lax")
.maxAge(Duration.ofHours(1))
.build();
}
} }