Skip to content

Commit

Permalink
Merge pull request #115 from Me1tingPot/feature/#111
Browse files Browse the repository at this point in the history 
refactor : ์†Œ์ผ“ jwt ์ธ์ฆ ๋กœ์ง
  • Loading branch information
@yewonahn
yewonahn authored Jun 30, 2024
2 parents 4b5672a + 9437f41 commit c3ce070
Show file tree
Hide file tree
Showing 3 changed files with 11 additions and 22 deletions.
28 changes: 9 additions & 19 deletions src/main/java/meltingpot/server/config/JwtChannelInterceptor.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,10 @@
import org.springframework.messaging.simp.stomp.StompHeaderAccessor;
import org.springframework.messaging.support.ChannelInterceptor;

import org.springframework.messaging.support.MessageHeaderAccessor;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;

import java.util.List;
Expand All @@ -35,38 +39,24 @@ public class JwtChannelInterceptor implements ChannelInterceptor {
private final String SUB_MESSAGE_PREFIX = "/sub/";

private final TokenProvider tokenProvider;
private final AccountRepository accountRepository;
private final ChatRoomUserRepository chatRoomUSerRepository;

@Override
public Message<?> preSend(Message<?> message, MessageChannel channel) {
StompHeaderAccessor headerAccessor = StompHeaderAccessor.wrap(message);
Map<String, Object> sessionAttributes = headerAccessor.getSessionAttributes();
StompHeaderAccessor headerAccessor = MessageHeaderAccessor.getAccessor(message, StompHeaderAccessor.class);

if (StompCommand.CONNECT.equals(headerAccessor.getCommand())) {

List<String> authorization = headerAccessor.getNativeHeader("Authorization");
if (authorization == null || authorization.size() != 1) {
throw new BadRequestException(AUTHORIZATION_CHECK_FAIL);
}
String accessToken = authorization.get(0);
String accessToken = authorization.get(0).substring(7);

if (tokenProvider.validateToken(accessToken)) {
Claims claims = tokenProvider.getSocketTokenClaims(accessToken);
String username = claims.getSubject();
Authentication authentication = tokenProvider.getAuthentication(accessToken);

Account account = accountRepository.findByUsername(username)
.orElseThrow(() -> new ResourceNotFoundException(ACCOUNT_NOT_FOUND));

List<ChatRoomUser> chatRoomUsers = chatRoomUSerRepository.findAllByUserId(account.getId());
List<Long> chatRooms = chatRoomUsers.stream()
.map(ChatRoomUser::getChatRoom)
.map(ChatRoom::getId)
.toList();

sessionAttributes.put("username", account.getUsername());
sessionAttributes.put("chatRooms", chatRooms);
headerAccessor.setSessionAttributes(sessionAttributes);
SecurityContextHolder.getContext().setAuthentication(authentication);
headerAccessor.setUser(authentication);
} else {
throw new InvalidTokenException(ResponseCode.INVALID_AUTH_TOKEN);
}
Expand Down
1 change: 0 additions & 1 deletion src/main/java/meltingpot/server/config/WebSocketConfig.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,6 @@ public void configureMessageBroker(MessageBrokerRegistry registry) {
@Override
public void registerStompEndpoints(StompEndpointRegistry registry) {
// ์ฃผ์†Œ : ws://localhost:8080/chat
registry.addEndpoint("/chat").setAllowedOriginPatterns("*").withSockJS();
registry.addEndpoint("/chat").setAllowedOriginPatterns("*");
registry.setErrorHandler(chatErrorHandler);
}
Expand Down
4 changes: 2 additions & 2 deletions src/main/java/meltingpot/server/config/WebSocketSecurityConfig.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,8 @@ public class WebSocketSecurityConfig extends AbstractSecurityWebSocketMessageBro
protected void configureInbound(MessageSecurityMetadataSourceRegistry messages) {
messages
.nullDestMatcher().permitAll()
.simpDestMatchers("/app/**").authenticated()
.simpSubscribeDestMatchers("/topic/**").authenticated()
.simpDestMatchers("/pub/**").authenticated()
.simpSubscribeDestMatchers("/sub/**").authenticated()
.anyMessage().denyAll();
}

Expand Down

0 comments on commit c3ce070

Please sign in to comment.