From 5d491e05dad8efc34c883341cd849dbc7f0258af Mon Sep 17 00:00:00 2001 From: Jaehyun Ahn <91878695+uwoobeat@users.noreply.github.com> Date: Tue, 5 Mar 2024 19:46:04 +0900 Subject: [PATCH 1/2] =?UTF-8?q?feat:=20=EC=96=B4=EB=93=9C=EB=AF=BC=20?= =?UTF-8?q?=EC=9E=84=EC=8B=9C=20=EB=A1=9C=EA=B7=B8=EC=9D=B8=20API=20?= =?UTF-8?q?=EC=A0=9C=EA=B1=B0=20(#256)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit refactor: 어드민 로그인 관련 클래스 제거 --- .../gdsc/domain/auth/api/AuthController.java | 29 ------------ .../domain/auth/application/AuthService.java | 45 ------------------- .../domain/auth/dto/request/LoginRequest.java | 3 -- .../auth/dto/response/LoginResponse.java | 8 ---- .../gdsc/global/config/WebSecurityConfig.java | 2 - 5 files changed, 87 deletions(-) delete mode 100644 src/main/java/com/gdschongik/gdsc/domain/auth/api/AuthController.java delete mode 100644 src/main/java/com/gdschongik/gdsc/domain/auth/application/AuthService.java delete mode 100644 src/main/java/com/gdschongik/gdsc/domain/auth/dto/request/LoginRequest.java delete mode 100644 src/main/java/com/gdschongik/gdsc/domain/auth/dto/response/LoginResponse.java diff --git a/src/main/java/com/gdschongik/gdsc/domain/auth/api/AuthController.java b/src/main/java/com/gdschongik/gdsc/domain/auth/api/AuthController.java deleted file mode 100644 index f0b09e4a1..000000000 --- a/src/main/java/com/gdschongik/gdsc/domain/auth/api/AuthController.java +++ /dev/null @@ -1,29 +0,0 @@ -package com.gdschongik.gdsc.domain.auth.api; - -import com.gdschongik.gdsc.domain.auth.application.AuthService; -import com.gdschongik.gdsc.domain.auth.dto.request.LoginRequest; -import com.gdschongik.gdsc.domain.auth.dto.response.LoginResponse; -import io.swagger.v3.oas.annotations.Operation; -import io.swagger.v3.oas.annotations.tags.Tag; -import lombok.RequiredArgsConstructor; -import org.springframework.http.ResponseEntity; -import org.springframework.web.bind.annotation.PostMapping; -import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RestController; - -@Tag(name = "Auth", description = "어드민 인증 API입니다.") -@RestController -@RequestMapping("/auth") -@RequiredArgsConstructor -public class AuthController { - - private final AuthService authService; - - @Operation(summary = "로그인", description = "로그인을 수행합니다. 어드민만 가능합니다.") - @PostMapping("/login") - public ResponseEntity login(@RequestBody LoginRequest request) { - LoginResponse response = authService.loginAdmin(request); - return ResponseEntity.ok().body(response); - } -} diff --git a/src/main/java/com/gdschongik/gdsc/domain/auth/application/AuthService.java b/src/main/java/com/gdschongik/gdsc/domain/auth/application/AuthService.java deleted file mode 100644 index 956bdff4e..000000000 --- a/src/main/java/com/gdschongik/gdsc/domain/auth/application/AuthService.java +++ /dev/null @@ -1,45 +0,0 @@ -package com.gdschongik.gdsc.domain.auth.application; - -import com.gdschongik.gdsc.domain.auth.dto.request.LoginRequest; -import com.gdschongik.gdsc.domain.auth.dto.response.LoginResponse; -import com.gdschongik.gdsc.domain.member.dao.MemberRepository; -import com.gdschongik.gdsc.domain.member.domain.Member; -import com.gdschongik.gdsc.domain.member.domain.MemberRole; -import com.gdschongik.gdsc.global.exception.CustomException; -import com.gdschongik.gdsc.global.exception.ErrorCode; -import com.gdschongik.gdsc.global.property.SwaggerProperty; -import lombok.RequiredArgsConstructor; -import lombok.extern.slf4j.Slf4j; -import org.springframework.stereotype.Service; - -@Slf4j -@Service -@RequiredArgsConstructor -public class AuthService { - - private final SwaggerProperty swaggerProperty; - private final JwtService jwtService; - private final MemberRepository memberRepository; - - public LoginResponse loginAdmin(LoginRequest request) { - Member member = memberRepository - .findByEmail(request.email()) - .orElseThrow(() -> new CustomException(ErrorCode.MEMBER_NOT_FOUND)); - - if (member.getRole() != MemberRole.ADMIN) { - log.error("Invalid role"); - throw new CustomException(ErrorCode.INVALID_ROLE); - } - - if (!request.password().equals(swaggerProperty.getPassword())) { - log.error("Invalid password"); - throw new CustomException(ErrorCode.INVALID_PASSWORD); - } - - String accessToken = - jwtService.createAccessToken(member.getId(), member.getRole()).tokenValue(); - String refreshToken = jwtService.createRefreshToken(member.getId()).tokenValue(); - - return LoginResponse.from(accessToken, refreshToken); - } -} diff --git a/src/main/java/com/gdschongik/gdsc/domain/auth/dto/request/LoginRequest.java b/src/main/java/com/gdschongik/gdsc/domain/auth/dto/request/LoginRequest.java deleted file mode 100644 index 21b4317ed..000000000 --- a/src/main/java/com/gdschongik/gdsc/domain/auth/dto/request/LoginRequest.java +++ /dev/null @@ -1,3 +0,0 @@ -package com.gdschongik.gdsc.domain.auth.dto.request; - -public record LoginRequest(String email, String password) {} diff --git a/src/main/java/com/gdschongik/gdsc/domain/auth/dto/response/LoginResponse.java b/src/main/java/com/gdschongik/gdsc/domain/auth/dto/response/LoginResponse.java deleted file mode 100644 index b542817fc..000000000 --- a/src/main/java/com/gdschongik/gdsc/domain/auth/dto/response/LoginResponse.java +++ /dev/null @@ -1,8 +0,0 @@ -package com.gdschongik.gdsc.domain.auth.dto.response; - -public record LoginResponse(String accessToken, String refreshToken) { - - public static LoginResponse from(String accessToken, String refreshToken) { - return new LoginResponse(accessToken, refreshToken); - } -} diff --git a/src/main/java/com/gdschongik/gdsc/global/config/WebSecurityConfig.java b/src/main/java/com/gdschongik/gdsc/global/config/WebSecurityConfig.java index 7814328fa..b22ac5abb 100644 --- a/src/main/java/com/gdschongik/gdsc/global/config/WebSecurityConfig.java +++ b/src/main/java/com/gdschongik/gdsc/global/config/WebSecurityConfig.java @@ -93,8 +93,6 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http.authorizeHttpRequests(authorize -> authorize .requestMatchers("/oauth2/**") .permitAll() - .requestMatchers("/auth/**") - .permitAll() .requestMatchers("/gdsc-actuator/**") .permitAll() .requestMatchers("/onboarding/verify-email") From 8fa2740c5fb99a7e51a26362a2397efd741aa14d Mon Sep 17 00:00:00 2001 From: Jaehyun Ahn <91878695+uwoobeat@users.noreply.github.com> Date: Tue, 5 Mar 2024 20:19:28 +0900 Subject: [PATCH 2/2] =?UTF-8?q?chore:=20Prometheus=20+=20Grafana=20?= =?UTF-8?q?=EB=AA=A8=EB=8B=88=ED=84=B0=EB=A7=81=20=ED=99=98=EA=B2=BD=20?= =?UTF-8?q?=EC=84=B8=ED=8C=85=20(#253)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * chore: 프로메테우스 의존성 추가 * chore: 액추에이터에 프로메테우스 엔드포인트 활성화 * chore: 프로메테우스 엔드포인트 노출 * feat: 프로메테우스 엔드포인트에 대한 basic auth 적용 * fix: 오타 수정 * refactor: 스웨거 프로퍼티를 Basic Auth 프로퍼티로 변경 * style: spotless 적용 --- build.gradle | 3 +++ .../gdsc/global/config/PropertyConfig.java | 4 ++-- .../gdsc/global/config/WebSecurityConfig.java | 21 +++++++++++++++---- ...erProperty.java => BasicAuthProperty.java} | 4 ++-- src/main/resources/application-actuator.yml | 4 +++- src/main/resources/application-security.yml | 4 ++++ src/main/resources/application-swagger.yml | 8 ------- src/main/resources/application.yml | 1 - 8 files changed, 31 insertions(+), 18 deletions(-) rename src/main/java/com/gdschongik/gdsc/global/property/{SwaggerProperty.java => BasicAuthProperty.java} (78%) delete mode 100644 src/main/resources/application-swagger.yml diff --git a/build.gradle b/build.gradle index dad56014c..21b2e716a 100644 --- a/build.gradle +++ b/build.gradle @@ -73,6 +73,9 @@ dependencies { // Excel implementation 'org.apache.poi:poi:5.2.5' + + // Monitoring + implementation 'io.micrometer:micrometer-registry-prometheus' } tasks.named('test') { diff --git a/src/main/java/com/gdschongik/gdsc/global/config/PropertyConfig.java b/src/main/java/com/gdschongik/gdsc/global/config/PropertyConfig.java index e53aa228e..107edc5fe 100644 --- a/src/main/java/com/gdschongik/gdsc/global/config/PropertyConfig.java +++ b/src/main/java/com/gdschongik/gdsc/global/config/PropertyConfig.java @@ -1,9 +1,9 @@ package com.gdschongik.gdsc.global.config; +import com.gdschongik.gdsc.global.property.BasicAuthProperty; import com.gdschongik.gdsc.global.property.DiscordProperty; import com.gdschongik.gdsc.global.property.JwtProperty; import com.gdschongik.gdsc.global.property.RedisProperty; -import com.gdschongik.gdsc.global.property.SwaggerProperty; import com.gdschongik.gdsc.global.property.email.EmailProperty; import org.springframework.boot.context.properties.EnableConfigurationProperties; import org.springframework.context.annotation.Configuration; @@ -11,7 +11,7 @@ @EnableConfigurationProperties({ JwtProperty.class, RedisProperty.class, - SwaggerProperty.class, + BasicAuthProperty.class, DiscordProperty.class, EmailProperty.class }) diff --git a/src/main/java/com/gdschongik/gdsc/global/config/WebSecurityConfig.java b/src/main/java/com/gdschongik/gdsc/global/config/WebSecurityConfig.java index b22ac5abb..6f7346951 100644 --- a/src/main/java/com/gdschongik/gdsc/global/config/WebSecurityConfig.java +++ b/src/main/java/com/gdschongik/gdsc/global/config/WebSecurityConfig.java @@ -10,7 +10,7 @@ import com.gdschongik.gdsc.domain.auth.application.JwtService; import com.gdschongik.gdsc.domain.member.dao.MemberRepository; import com.gdschongik.gdsc.global.annotation.ConditionalOnProfile; -import com.gdschongik.gdsc.global.property.SwaggerProperty; +import com.gdschongik.gdsc.global.property.BasicAuthProperty; import com.gdschongik.gdsc.global.security.CustomSuccessHandler; import com.gdschongik.gdsc.global.security.CustomUserService; import com.gdschongik.gdsc.global.security.JwtExceptionFilter; @@ -46,7 +46,7 @@ public class WebSecurityConfig { private final CookieUtil cookieUtil; private final ObjectMapper objectMapper; private final EnvironmentUtil environmentUtil; - private final SwaggerProperty swaggerProperty; + private final BasicAuthProperty basicAuthProperty; private void defaultFilterChain(HttpSecurity http) throws Exception { http.httpBasic(AbstractHttpConfigurer::disable) @@ -75,6 +75,19 @@ public SecurityFilterChain swaggerFilterChain(HttpSecurity http) throws Exceptio return http.build(); } + @Bean + @Order(2) + @ConditionalOnProfile(PROD) + public SecurityFilterChain prometheusFilterChain(HttpSecurity http) throws Exception { + defaultFilterChain(http); + + http.securityMatcher("/gdsc-actuator/prometheus").httpBasic(withDefaults()); + + http.authorizeHttpRequests(authorize -> authorize.anyRequest().authenticated()); + + return http.build(); + } + @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { defaultFilterChain(http); @@ -109,8 +122,8 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { @Bean public InMemoryUserDetailsManager inMemoryUserDetailsManager() { - UserDetails user = User.withUsername(swaggerProperty.getUsername()) - .password(passwordEncoder().encode(swaggerProperty.getPassword())) + UserDetails user = User.withUsername(basicAuthProperty.getUsername()) + .password(passwordEncoder().encode(basicAuthProperty.getPassword())) .roles("SWAGGER") .build(); return new InMemoryUserDetailsManager(user); diff --git a/src/main/java/com/gdschongik/gdsc/global/property/SwaggerProperty.java b/src/main/java/com/gdschongik/gdsc/global/property/BasicAuthProperty.java similarity index 78% rename from src/main/java/com/gdschongik/gdsc/global/property/SwaggerProperty.java rename to src/main/java/com/gdschongik/gdsc/global/property/BasicAuthProperty.java index 01f130866..f9da1d27a 100644 --- a/src/main/java/com/gdschongik/gdsc/global/property/SwaggerProperty.java +++ b/src/main/java/com/gdschongik/gdsc/global/property/BasicAuthProperty.java @@ -6,8 +6,8 @@ @Getter @AllArgsConstructor -@ConfigurationProperties(prefix = "swagger") -public class SwaggerProperty { +@ConfigurationProperties(prefix = "auth") +public class BasicAuthProperty { private final String username; private final String password; diff --git a/src/main/resources/application-actuator.yml b/src/main/resources/application-actuator.yml index 9290215f9..4782929d7 100644 --- a/src/main/resources/application-actuator.yml +++ b/src/main/resources/application-actuator.yml @@ -2,7 +2,7 @@ management: endpoints: web: exposure: - include: health + include: health, prometheus base-path: /gdsc-actuator jmx: exposure: @@ -11,3 +11,5 @@ management: endpoint: health: enabled: true + prometheus: + enabled: true diff --git a/src/main/resources/application-security.yml b/src/main/resources/application-security.yml index 1b7f71345..56531e408 100644 --- a/src/main/resources/application-security.yml +++ b/src/main/resources/application-security.yml @@ -21,3 +21,7 @@ jwt: secret: ${JWT_REFRESH_TOKEN_SECRET:} expiration-time: ${JWT_REFRESH_TOKEN_EXPIRATION_TIME:604800} issuer: ${JWT_ISSUER:} + +auth: + username: ${SWAGGER_USER:default} + password: ${SWAGGER_PASSWORD:default} diff --git a/src/main/resources/application-swagger.yml b/src/main/resources/application-swagger.yml deleted file mode 100644 index 48c84e48b..000000000 --- a/src/main/resources/application-swagger.yml +++ /dev/null @@ -1,8 +0,0 @@ -spring: - config: - activate: - on-profile: "security" - -swagger: - username: ${SWAGGER_USER:default} - password: ${SWAGGER_PASSWORD:default} diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml index 8a19f8167..e82c6f9d9 100644 --- a/src/main/resources/application.yml +++ b/src/main/resources/application.yml @@ -8,7 +8,6 @@ spring: include: - redis - security - - swagger - actuator - discord - email