OncePerRequestFilter 를 상속하여 구현하고 필터로 등록하기
→ 요청에 대해 한번만 동작
import com.sample.springjwt.dto.CustomUserDetails;
import com.sample.springjwt.entity.UserEntity;
import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.filter.OncePerRequestFilter;
public class JWTFilter extends OncePerRequestFilter {
private final JWTUtil jwtUtil;
public JWTFilter(JWTUtil jwtUtil){
this.jwtUtil = jwtUtil;
}
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
throws ServletException, IOException {
//request에서 Authorization 헤더를 찾음
String authorization = request.getHeader("Authorization");
//Authorization 헤더 검증
if(authorization == null || authorization.startsWith("Bearer ")){
System.out.println("token null");
filterChain.doFilter(request, response); // 다음 필터로 넘겨주기
return;
}
//Bearer를 제거한 순수 토큰만을 추출
String token = authorization.split(" ")[1];
//토큰의 소멸시간 검증
if(jwtUtil.isExpired(token)){
System.out.println("token null");
filterChain.doFilter(request, response);
return;
}
//토큰에서 username과 role 획득
String username = jwtUtil.getUsername(token);
String role = jwtUtil.getRole(token);
//userEntity를 생성하여 값 set
UserEntity userEntity = new UserEntity();
userEntity.setUsername(username);
userEntity.setPassword("temppassword");
userEntity.setRole(role);
//UserDetails에 회원 정보 객체 담기
CustomUserDetails customUserDetails = new CustomUserDetails(userEntity);
//스프링 시큐리티 인증 토큰 생성
Authentication authToken = new UsernamePasswordAuthenticationToken(customUserDetails, null, customUserDetails.getAuthorities());
//세션에 사용자 등록
SecurityContextHolder.getContext().setAuthentication(authToken);
filterChain.doFilter(request, response);
}
}
http
.addFilterBefore(new JWTFilter(jwtUtil), LoginFilter.class);