package com.dbnt.kcscbackend.auth;
import com.dbnt.kcscbackend.auth.service.EgovLoginService;
import com.dbnt.kcscbackend.config.common.BaseController;
import com.dbnt.kcscbackend.auth.entity.LoginVO;
import com.dbnt.kcscbackend.config.common.ResponseCode;
import com.dbnt.kcscbackend.config.common.ResultVO;
import com.dbnt.kcscbackend.config.egov.EgovMessageSource;
import com.dbnt.kcscbackend.config.jwt.EgovJwtTokenUtil;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.responses.ApiResponse;
import io.swagger.v3.oas.annotations.responses.ApiResponses;
import io.swagger.v3.oas.annotations.tags.Tag;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.*;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.HashMap;
/**
* 일반 로그인을 처리하는 컨트롤러 클래스
* @author 공통서비스 개발팀 박지욱
* @since 2009.03.06
* @version 1.0
* @see
*
*
* << 개정이력(Modification Information) >>
*
* 수정일 수정자 수정내용
* ------- -------- ---------------------------
* 2009.03.06 박지욱 최초 생성
* 2011.08.31 JJY 경량환경 템플릿 커스터마이징버전 생성
*
*
*/
@Slf4j
@RestController
@RequiredArgsConstructor
@RequestMapping("/auth")
@Tag(name="EgovLoginApiController",description = "로그인 관련")
public class EgovLoginApiController extends BaseController {
/** EgovLoginService */
private EgovLoginService loginService;
/** EgovMessageSource */
@Resource(name = "egovMessageSource")
EgovMessageSource egovMessageSource;
/** JWT */
@Autowired
private EgovJwtTokenUtil jwtTokenUtil;
@Operation(
summary = "JWT 로그인",
description = "JWT 로그인 처리",
tags = {"EgovLoginApiController"}
)
@ApiResponses(value = {
@ApiResponse(responseCode = "200", description = "로그인 성공"),
@ApiResponse(responseCode = "300", description = "로그인 실패")
})
@PostMapping(value = "/join")
public HashMap actionJoin(@RequestBody LoginVO loginVO, HttpServletRequest request) throws Exception {
HashMap resultMap = new HashMap();
return resultMap;
}
/**
* 일반 로그인을 처리한다
* @param loginVO - 아이디, 비밀번호가 담긴 LoginVO
* @param request - 세션처리를 위한 HttpServletRequest
* @return result - 로그인결과(세션정보)
* @exception Exception
*/
@Operation(
summary = "일반 로그인",
description = "일반 로그인 처리",
tags = {"EgovLoginApiController"}
)
@ApiResponses(value = {
@ApiResponse(responseCode = "200", description = "로그인 성공"),
@ApiResponse(responseCode = "300", description = "로그인 실패")
})
@PostMapping(value = "/login", consumes = {MediaType.APPLICATION_JSON_VALUE , MediaType.TEXT_HTML_VALUE})
public HashMap actionLogin(@RequestBody LoginVO loginVO, HttpServletRequest request) throws Exception {
HashMap resultMap = new HashMap();
// 1. 일반 로그인 처리
LoginVO loginResultVO = loginService.actionLogin(loginVO);
if (loginResultVO != null && loginResultVO.getId() != null && !loginResultVO.getId().equals("")) {
request.getSession().setAttribute("LoginVO", loginResultVO);
resultMap.put("resultVO", loginResultVO);
resultMap.put("resultCode", "200");
resultMap.put("resultMessage", "성공 !!!");
} else {
resultMap.put("resultVO", loginResultVO);
resultMap.put("resultCode", "300");
resultMap.put("resultMessage", egovMessageSource.getMessage("fail.common.login"));
}
return resultMap;
}
@Operation(
summary = "JWT 로그인",
description = "JWT 로그인 처리",
tags = {"EgovLoginApiController"}
)
@ApiResponses(value = {
@ApiResponse(responseCode = "200", description = "로그인 성공"),
@ApiResponse(responseCode = "300", description = "로그인 실패")
})
@PostMapping(value = "/login-jwt")
public HashMap actionLoginJWT(@RequestBody LoginVO loginVO, HttpServletRequest request, ModelMap model) throws Exception {
HashMap resultMap = new HashMap();
// 1. 일반 로그인 처리
LoginVO loginResultVO = loginService.actionLogin(loginVO);
if (loginResultVO != null && loginResultVO.getId() != null && !loginResultVO.getId().equals("")) {
log.debug("===>>> loginVO.getUserSe() = "+loginVO.getUserSe());
log.debug("===>>> loginVO.getId() = "+loginVO.getId());
log.debug("===>>> loginVO.getPassword() = "+loginVO.getPassword());
String jwtToken = jwtTokenUtil.generateToken(loginResultVO);
String username = jwtTokenUtil.getUserSeFromToken(jwtToken);
log.debug("Dec jwtToken username = "+username);
//서버사이드 권한 체크 통과를 위해 삽입
//EgovUserDetailsHelper.isAuthenticated() 가 그 역할 수행. DB에 정보가 없으면 403을 돌려 줌. 로그인으로 튕기는 건 프론트 쪽에서 처리
request.getSession().setAttribute("LoginVO", loginResultVO);
resultMap.put("resultVO", loginResultVO);
resultMap.put("jToken", jwtToken);
resultMap.put("resultCode", "200");
resultMap.put("resultMessage", "성공 !!!");
} else {
resultMap.put("resultVO", loginResultVO);
resultMap.put("resultCode", "300");
resultMap.put("resultMessage", egovMessageSource.getMessage("fail.common.login"));
}
return resultMap;
}
/**
* 로그아웃한다.
* @return resultVO
* @exception Exception
*/
@Operation(
summary = "로그아웃",
description = "로그아웃 처리(JWT,일반 관계 없이)",
tags = {"EgovLoginApiController"}
)
@ApiResponses(value = {
@ApiResponse(responseCode = "200", description = "로그아웃 성공"),
})
@GetMapping(value = "/logout")
public ResultVO actionLogoutJSON(HttpServletRequest request, HttpServletResponse response) throws Exception {
ResultVO resultVO = new ResultVO();
new SecurityContextLogoutHandler().logout(request, response, null);
resultVO.setResultCode(ResponseCode.SUCCESS.getCode());
resultVO.setResultMessage(ResponseCode.SUCCESS.getMessage());
return resultVO;
}
}