<aside> 💡 앱은 로그인이 안되면(인증이 안되면) 쓸 수 없도록 다 막아둔다.
</aside>
WebMvcConfig 변경
package shop.mtcoding.blog._core.config;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
import shop.mtcoding.blog._core.interceptor.LoginInterceptor;
@Configuration // IoC
public class WebMvcConfig implements WebMvcConfigurer {
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(new LoginInterceptor())
.addPathPatterns("/api/**")
.excludePathPatterns("/api/boards/{id:\\\\d+}/detail");
}
}
<aside> 💡 api가 붙어있으면 전부 json을 응답 받겠다는 말이다.
</aside>
package shop.mtcoding.blog.user;
import jakarta.servlet.http.HttpSession;
import lombok.RequiredArgsConstructor;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.PutMapping;
@RequiredArgsConstructor
@Controller
public class UserController {
private final UserService userService;
private final HttpSession session;
// TODO: 회원정보 조회 API 필요 @GetMapping("/api/users/{id}")
@PutMapping("/api/users/{id}")
public String update(UserRequest.UpdateDTO requestDTO) {
User sessionUser = (User) session.getAttribute("sessionUser");
userService.update(sessionUser.getId(), requestDTO);
session.setAttribute("sessionUser", sessionUser);
return "redirect:/";
}
@PostMapping("/join")
public String join(UserRequest.JoinDTO requestDTO) {
userService.join(requestDTO);
return "redirect:/";
}
@GetMapping("/logout")
public String logout() {
session.invalidate();
return "redirect:/";
}
@PostMapping("/login")
public String login(UserRequest.LoginDTO requestDTO) {
User sessionUser = userService.login(requestDTO);
session.setAttribute("sessionUser", sessionUser);
return "redirect:/";
}
}
조인에 인증이 붙으면 안되니 놔둔다.
로그인도 인증이 붙으면 안되니 놔둔다.
로그아웃은 건드릴 필요가없음
package shop.mtcoding.blog.board;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpSession;
import lombok.RequiredArgsConstructor;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.*;
import shop.mtcoding.blog.user.User;
import java.util.List;
@RequiredArgsConstructor
@Controller
public class BoardController {
private final BoardService boardService;
private final HttpSession session;
// TODO: 글 목록조회 API 필요 @GetMapping("/")
// TODO: 글 조회 API 필요 @GetMapping("/api/boards/{id}")
// TODO: 글 상세보기 API 필요 @GetMapping("/api/boards/{id}/detail")
@PostMapping("/api/boards")
public String save(BoardRequest.SaveDTO requestDTO) {
User sessionUser = (User) session.getAttribute("sessionUser");
boardService.save(requestDTO, sessionUser);
return "redirect:/";
}
@PutMapping("/api/boards/{id}")
public String findById(@PathVariable Integer id, BoardRequest.UpdateDTO requestDTO) {
User sessionUser = (User) session.getAttribute("sessionUser");
boardService.update(id, sessionUser.getId(), requestDTO);
return "redirect:/board/" + id;
}
// SSR(서버 사이드 렌더링)은 DTO 를 만들지 않아도 된다. 필요한 데이터만 렌더링해서 클라이언트에게
// 전달할 것이니까.
@DeleteMapping("/api/boards/{id}")
public String delete(@PathVariable Integer id) {
User sessionUser = (User) session.getAttribute("sessionUser");
boardService.delete(id, sessionUser.getId());
return "redirect:/";
}
}