[Spring Core] 강인화 과제 제출합니다.

.gitignore

@@ -4,6 +4,7 @@ build/
 !gradle/wrapper/gradle-wrapper.jar
 !**/src/main/**/build/
 !**/src/test/**/build/
+!**/src/main/resources/application.yml
 
 ### STS ###
 .apt_generated

build.gradle

@@ -19,8 +19,12 @@ dependencies {
 	implementation 'org.springframework.boot:spring-boot-starter-thymeleaf'
 	implementation 'org.springframework.boot:spring-boot-starter-web'
 	implementation 'org.springframework.boot:spring-boot-starter-jdbc'
+	implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
 	runtimeOnly 'com.mysql:mysql-connector-j'
-	testImplementation 'org.springframework.boot:spring-boot-starter-test'
+//	testImplementation 'org.springframework.boot:spring-boot-starter-test'
+	implementation 'org.springframework.boot:spring-boot-starter-security'
+	implementation 'io.jsonwebtoken:jjwt:0.9.1'
+	implementation 'javax.xml.bind:jaxb-api:2.3.0'
 }
 
 tasks.named('test') {

src/main/java/com/example/demo/configuration/AuthenticationConfig.java

@@ -0,0 +1,44 @@
+package com.example.demo.configuration;
+
+import com.example.demo.jwt.JwtFilter;
+import com.example.demo.service.MemberService;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpMethod;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
+import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+
+@Configuration
+@EnableWebSecurity
+public class AuthenticationConfig {
+
+    private final MemberService memberService;
+
+    @Value("${jwt.secret}")
+    private String secretKey;
+
+    public AuthenticationConfig(MemberService memberService) {
+        this.memberService = memberService;
+    }
+
+    @Bean
+    public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {
+        httpSecurity
+                .csrf(AbstractHttpConfigurer::disable)
+                .formLogin(AbstractHttpConfigurer::disable)
+                .authorizeHttpRequests(authorize -> authorize
+                        .requestMatchers("/members/join").permitAll()
+                        .requestMatchers("/members/login").permitAll()
+                        .requestMatchers(HttpMethod.POST).authenticated()
+                        .requestMatchers(HttpMethod.GET).permitAll()
+                        .anyRequest().authenticated()
+                )
+                .addFilterBefore(new JwtFilter(memberService, secretKey), UsernamePasswordAuthenticationFilter.class);
+        return httpSecurity.build();
+    }
+
+}

src/main/java/com/example/demo/configuration/EncoderConfig.java

@@ -0,0 +1,15 @@
+package com.example.demo.configuration;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+
+@Configuration
+public class EncoderConfig {
+
+    @Bean
+    public BCryptPasswordEncoder encoder() {
+        return new BCryptPasswordEncoder();
+    }
+
+}

src/main/java/com/example/demo/controller/ArticleController.java

@@ -1,69 +1,72 @@
 package com.example.demo.controller;
 
-import java.net.URI;
-import java.util.List;
-
-import org.springframework.http.ResponseEntity;
-import org.springframework.web.bind.annotation.DeleteMapping;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PathVariable;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.PutMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestParam;
-import org.springframework.web.bind.annotation.RestController;
-
 import com.example.demo.controller.dto.request.ArticleCreateRequest;
-import com.example.demo.controller.dto.response.ArticleResponse;
 import com.example.demo.controller.dto.request.ArticleUpdateRequest;
+import com.example.demo.controller.dto.response.ArticleResponse;
+import com.example.demo.exception.RestApiException;
+import com.example.demo.exception.error.ArticleErrorCode;
+import com.example.demo.exception.error.CommonErrorCode;
 import com.example.demo.service.ArticleService;
+import com.example.demo.service.BoardService;
+import com.example.demo.service.MemberService;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.*;
+
+import java.net.URI;
+import java.util.List;
 
 @RestController
+@RequestMapping("/articles")
 public class ArticleController {
 
     private final ArticleService articleService;
+    private final MemberService memberService;
+    private final BoardService boardService;
 
-    public ArticleController(ArticleService articleService) {
+    public ArticleController(ArticleService articleService, MemberService memberService, BoardService boardService) {
         this.articleService = articleService;
+        this.memberService = memberService;
+        this.boardService = boardService;
     }
 
-    @GetMapping("/articles")
-    public ResponseEntity<List<ArticleResponse>> getArticles(
-        @RequestParam Long boardId
-    ) {
+    @GetMapping()
+    public ResponseEntity<List<ArticleResponse>> getArticles(@RequestParam Long boardId) {
         List<ArticleResponse> response = articleService.getByBoardId(boardId);
         return ResponseEntity.ok(response);
     }
 
-    @GetMapping("/articles/{id}")
-    public ResponseEntity<ArticleResponse> getArticle(
-        @PathVariable Long id
-    ) {
+    @GetMapping("/{id}")
+    public ResponseEntity<ArticleResponse> getArticle(@PathVariable Long id) {
+        if (articleService.getArticles().stream().noneMatch(res -> res.id().equals(id))) {
+            throw new RestApiException(CommonErrorCode.RESOURCE_NOT_FOUND);
+        }
         ArticleResponse response = articleService.getById(id);
         return ResponseEntity.ok(response);
     }
 
-    @PostMapping("/articles")
-    public ResponseEntity<ArticleResponse> crateArticle(
-        @RequestBody ArticleCreateRequest request
-    ) {
+    @PostMapping()
+    public ResponseEntity<ArticleResponse> crateArticle(@RequestBody ArticleCreateRequest request) {
+        if (request.boardId() == null || request.authorId() == null || request.title() == null || request.description() == null) {
+            throw new RestApiException(CommonErrorCode.NULL_PARAMETER);
+        }
+        if (boardService.getBoards().stream().noneMatch(res -> res.id().equals(request.boardId())) || memberService.getAll().stream().noneMatch(res -> res.id().equals(request.authorId()))) {
+            throw new RestApiException(ArticleErrorCode.REFERENCE_ERROR);
+        }
         ArticleResponse response = articleService.create(request);
         return ResponseEntity.created(URI.create("/articles/" + response.id())).body(response);
     }
 
-    @PutMapping("/articles/{id}")
-    public ResponseEntity<ArticleResponse> updateArticle(
-        @PathVariable Long id,
-        @RequestBody ArticleUpdateRequest request
-    ) {
+    @PutMapping("/{id}")
+    public ResponseEntity<ArticleResponse> updateArticle(@PathVariable Long id, @RequestBody ArticleUpdateRequest request) {
+        if (boardService.getBoards().stream().noneMatch(res -> res.id().equals(request.boardId()))) {
+            throw new RestApiException(ArticleErrorCode.REFERENCE_ERROR);
+        }
         ArticleResponse response = articleService.update(id, request);
         return ResponseEntity.ok(response);
     }
 
-    @DeleteMapping("/articles/{id}")
-    public ResponseEntity<Void> updateArticle(
-        @PathVariable Long id
-    ) {
+    @DeleteMapping("/{id}")
+    public ResponseEntity<Void> updateArticle(@PathVariable Long id) {
         articleService.delete(id);
         return ResponseEntity.noContent().build();
     }

src/main/java/com/example/demo/controller/BoardController.java

@@ -1,61 +1,72 @@
 package com.example.demo.controller;
 
-import java.util.List;
-
-import org.springframework.http.ResponseEntity;
-import org.springframework.web.bind.annotation.DeleteMapping;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PathVariable;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.PutMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RestController;
-
 import com.example.demo.controller.dto.request.BoardCreateRequest;
 import com.example.demo.controller.dto.request.BoardUpdateRequest;
 import com.example.demo.controller.dto.response.BoardResponse;
+import com.example.demo.exception.RestApiException;
+import com.example.demo.exception.error.BoardErrorCode;
+import com.example.demo.exception.error.CommonErrorCode;
+import com.example.demo.service.ArticleService;
 import com.example.demo.service.BoardService;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.*;
+
+import java.util.List;
 
 @RestController
+@RequestMapping("/boards")
 public class BoardController {
 
     private final BoardService boardService;
+    private final ArticleService articleService;
 
-    public BoardController(BoardService boardService) {
+    public BoardController(BoardService boardService, ArticleService articleService) {
         this.boardService = boardService;
+        this.articleService = articleService;
     }
 
-    @GetMapping("/boards")
+    @GetMapping()
     public List<BoardResponse> getBoards() {
         return boardService.getBoards();
     }
 
-    @GetMapping("/boards/{id}")
+    @GetMapping("/{id}")
     public BoardResponse getBoard(
         @PathVariable Long id
     ) {
+        if (boardService.getBoards().stream().noneMatch(res -> res.id().equals(id))) {
+            throw new RestApiException(CommonErrorCode.RESOURCE_NOT_FOUND);
+        }
         return boardService.getBoardById(id);
     }
 
-    @PostMapping("/boards")
+    @PostMapping()
     public BoardResponse createBoard(
         @RequestBody BoardCreateRequest request
     ) {
+        if (request.name() == null) {
+            throw new RestApiException(CommonErrorCode.NULL_PARAMETER);
+        }
         return boardService.createBoard(request);
     }
 
-    @PutMapping("/boards/{id}")
+    @PutMapping("/{id}")
     public BoardResponse updateBoard(
         @PathVariable Long id,
         @RequestBody BoardUpdateRequest updateRequest
     ) {
         return boardService.update(id, updateRequest);
     }
 
-    @DeleteMapping("/boards/{id}")
+    @DeleteMapping("/{id}")
     public ResponseEntity<Void> deleteBoard(
         @PathVariable Long id
     ) {
+        if (articleService.getArticles()
+                .stream()
+                .anyMatch(res -> res.boardId().equals(id))) {
+            throw new RestApiException(BoardErrorCode.ARTICLE_EXISTENCE);
+        }
         boardService.deleteBoard(id);
         return ResponseEntity.noContent().build();
     }

src/main/java/com/example/demo/controller/MemberController.java

@@ -1,65 +1,77 @@
 package com.example.demo.controller;
 
-import java.util.List;
-
-import org.springframework.http.ResponseEntity;
-import org.springframework.web.bind.annotation.DeleteMapping;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PathVariable;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.PutMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RestController;
-
 import com.example.demo.controller.dto.request.MemberCreateRequest;
+import com.example.demo.controller.dto.request.MemberLoginRequest;
 import com.example.demo.controller.dto.request.MemberUpdateRequest;
 import com.example.demo.controller.dto.response.MemberResponse;
+import com.example.demo.exception.RestApiException;
+import com.example.demo.exception.error.CommonErrorCode;
+import com.example.demo.exception.error.MemberErrorCode;
+import com.example.demo.service.ArticleService;
 import com.example.demo.service.MemberService;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.*;
+
+import java.util.List;
 
 @RestController
+@RequestMapping("/members")
 public class MemberController {
 
     private final MemberService memberService;
+    private final ArticleService articleService;
 
-    public MemberController(MemberService memberService) {
+    public MemberController(MemberService memberService, ArticleService articleService) {
         this.memberService = memberService;
+        this.articleService = articleService;
     }
 
-    @GetMapping("/members")
+    @GetMapping()
     public ResponseEntity<List<MemberResponse>> getMembers() {
         List<MemberResponse> response = memberService.getAll();
         return ResponseEntity.ok(response);
     }
 
-    @GetMapping("/members/{id}")
-    public ResponseEntity<MemberResponse> getMember(
-        @PathVariable Long id
-    ) {
+    @GetMapping("/{id}")
+    public ResponseEntity<MemberResponse> getMember(@PathVariable Long id) {
+        if (memberService.getAll().stream().noneMatch(res -> res.id().equals(id))) {
+            throw new RestApiException(CommonErrorCode.RESOURCE_NOT_FOUND);
+        }
         MemberResponse response = memberService.getById(id);
         return ResponseEntity.ok(response);
     }
 
-    @PostMapping("/members")
-    public ResponseEntity<MemberResponse> create(
-        @RequestBody MemberCreateRequest request
-    ) {
+    @PostMapping("/join")
+    public ResponseEntity<MemberResponse> create(@RequestBody MemberCreateRequest request) {
+        if (request.name() == null || request.email() == null || request.password() == null) {
+            throw new RestApiException(CommonErrorCode.NULL_PARAMETER);
+        }
+        if (memberService.getAll().stream().anyMatch((res -> res.email().equals(request.email())))) {
+            throw new RestApiException(MemberErrorCode.EMAIL_CONFLICT);
+        }
         MemberResponse response = memberService.create(request);
         return ResponseEntity.ok(response);
     }
 
-    @PutMapping("/members/{id}")
-    public ResponseEntity<MemberResponse> updateMember(
-        @PathVariable Long id,
-        @RequestBody MemberUpdateRequest request
-    ) {
+    @PostMapping("/login")
+    public ResponseEntity<String> login(@RequestBody MemberLoginRequest request) {
+        return ResponseEntity.ok().body(memberService.login(request));
+    }
+
+    @PutMapping("/{id}")
+    public ResponseEntity<MemberResponse> updateMember(@PathVariable Long id, @RequestBody MemberUpdateRequest request) {
+        if (memberService.getAll().stream().filter(res -> !res.id().equals(id)).anyMatch(res -> res.email().equals(request.email()))) {
+            throw new RestApiException(MemberErrorCode.EMAIL_CONFLICT);
+        }
         MemberResponse response = memberService.update(id, request);
         return ResponseEntity.ok(response);
     }
 
-    @DeleteMapping("/members/{id}")
-    public ResponseEntity<Void> deleteMember(
-        @PathVariable Long id
-    ) {
+    @DeleteMapping("/{id}")
+    public ResponseEntity<Void> deleteMember(@PathVariable Long id) {
+        if (articleService.getArticles().stream().anyMatch(res -> res.authorId().equals(id))) {
+            throw new RestApiException(MemberErrorCode.ARTICLE_EXISTENCE);
+        }
         memberService.delete(id);
         return ResponseEntity.noContent().build();
     }

src/main/java/com/example/demo/controller/dto/request/MemberLoginRequest.java

@@ -0,0 +1,4 @@
+package com.example.demo.controller.dto.request;
+
+public record MemberLoginRequest(String email, String password) {
+}