Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: 대기열 구축 #150

Merged
merged 22 commits into from
Jan 8, 2024
Merged

feat: 대기열 구축 #150

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
22 commits
Select commit Hold shift + click to select a range
15b33ee
feat: 대기열 등록 api
Jan 2, 2024
6fcddaf
feat: 남은 대기자 수 api 구현
Jan 2, 2024
e666844
refactor
Jan 2, 2024
dcb77b3
chore
Jan 2, 2024
427b00d
chore
Jan 2, 2024
445a242
chore: BookingQueueController 엔드포인트, 메서드명 수정
Jan 2, 2024
0f7c8cc
chore
Jan 3, 2024
73ba4b1
feat: booking token 인증 설정
Jan 3, 2024
7f02a7c
feat: 예매 토큰 발행 api 구현
Jan 3, 2024
2eb66c6
fix: 예매 토큰 발행 버그 수정
Jan 3, 2024
21d17fe
fix: 대기열 대기번호 eventId 기준으로 수정
Jan 3, 2024
bfde9a8
feat: 대기열 이탈 콜백 api 구현
Jan 3, 2024
35f154f
feat: 세션 아이디 발급 api 구현
Jan 3, 2024
936e86e
fix: memberId -> sessionId
Jan 3, 2024
c084be1
feaet: 예매 생성시 세션 아이디 대기열에서 제거
Jan 4, 2024
80912f8
fix: entryLimit 설정
Jan 4, 2024
33a638f
resolve conflict
Jan 7, 2024
75565ff
feat: 대기열 입장 시 만료된 세션에 대해 클렌징하는 로직 추가
Jan 7, 2024
768ca63
fix: 클렌징 로직 getOrderInQueue 요청 시 수행하도록 수정
Jan 7, 2024
bd8190c
chore
Jan 8, 2024
af549a9
test: 테스트 코드 정리
Jan 8, 2024
29cad79
resolve conflict
Jan 8, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions api/api-booking/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,4 +14,10 @@ dependencies {
implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
implementation 'org.springframework.boot:spring-boot-starter-data-redis'
implementation 'org.springframework.boot:spring-boot-starter-thymeleaf'

//TODO: security 의존성 core-security 에서 추가
implementation 'org.springframework.boot:spring-boot-starter-security'
implementation 'io.jsonwebtoken:jjwt-api:0.12.3'
implementation 'io.jsonwebtoken:jjwt-impl:0.12.3'
implementation 'io.jsonwebtoken:jjwt-jackson:0.12.3'
}
38 changes: 38 additions & 0 deletions ...api-booking/src/main/java/com/pgms/apibooking/common/exception/BookingAuthEntryPoint.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
package com.pgms.apibooking.common.exception;

import java.io.IOException;

import org.springframework.http.MediaType;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.stereotype.Component;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.pgms.coredomain.response.ErrorResponse;

import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import lombok.extern.slf4j.Slf4j;

@Component
@Slf4j
public class BookingAuthEntryPoint implements AuthenticationEntryPoint {
private final ObjectMapper objectMapper;

public BookingAuthEntryPoint() {
this.objectMapper = new ObjectMapper();
objectMapper.findAndRegisterModules();
}

@Override
public void commence(HttpServletRequest request, HttpServletResponse response,
AuthenticationException authException) throws IOException, ServletException {
BookingErrorCode errorCode = BookingErrorCode.BOOKING_TOKEN_NOT_EXIST;
response.setStatus(errorCode.getStatus().value());
response.setContentType(MediaType.APPLICATION_JSON_VALUE);

ErrorResponse errorResponse = new ErrorResponse(errorCode.getCode(), errorCode.getMessage());
response.getWriter().write(objectMapper.writeValueAsString(errorResponse));
}
}
9 changes: 7 additions & 2 deletions ...pibooking/exception/BookingErrorCode.java → ...ng/common/exception/BookingErrorCode.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package com.pgms.apibooking.exception;
package com.pgms.apibooking.common.exception;

import org.springframework.http.HttpStatus;

Expand Down Expand Up @@ -31,7 +31,12 @@ public enum BookingErrorCode {
ACCOUNT_TRANSFER_ERROR(HttpStatus.BAD_REQUEST, "ACCOUNT_TRANSFER_ERROR", "계좌 송금 오류가 발생했습니다. 확인 후 다시 시도해주세요."),
TOSS_PAYMENTS_ERROR(HttpStatus.BAD_REQUEST, "TOSS_PAYMENTS_CLIENT_ERROR", "Toss Payments API 오류가 발생했습니다."),

BOOKING_NOT_FOUND(HttpStatus.NOT_FOUND, "BOOKING_NOT_FOUND", "존재하지 않는 예매입니다.");
BOOKING_NOT_FOUND(HttpStatus.NOT_FOUND, "BOOKING_NOT_FOUND", "존재하지 않는 예매입니다."),

BOOKING_SESSION_ID_NOT_EXIST(HttpStatus.BAD_REQUEST, "BOOKING_SESSION_ID_NOT_EXIST", "예매 세션 ID가 존재하지 않습니다."),
BOOKING_TOKEN_NOT_EXIST(HttpStatus.UNAUTHORIZED, "BOOKING_TOKEN_NOT_EXIST", "예매 토큰이 존재하지 않습니다."),
INVALID_BOOKING_TOKEN(HttpStatus.UNAUTHORIZED, "INVALID_BOOKING_TOKEN", "올바르지 않은 예매 토큰입니다."),
OUT_OF_ORDER(HttpStatus.BAD_REQUEST, "OUT_OF_ORDER", "예매 순서가 아닙니다.");

private final HttpStatus status;
private final String code;
Expand Down
2 changes: 1 addition & 1 deletion ...pibooking/exception/BookingException.java → ...ng/common/exception/BookingException.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package com.pgms.apibooking.exception;
package com.pgms.apibooking.common.exception;

import lombok.Getter;

Expand Down
2 changes: 1 addition & 1 deletion ...ng/exception/BookingExceptionHandler.java → ...on/exception/BookingExceptionHandler.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package com.pgms.apibooking.exception;
package com.pgms.apibooking.common.exception;

import java.util.Objects;

Expand Down
50 changes: 50 additions & 0 deletions ...ing/src/main/java/com/pgms/apibooking/common/exception/BookingExceptionHandlerFilter.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
package com.pgms.apibooking.common.exception;

import java.io.IOException;

import org.springframework.http.MediaType;
import org.springframework.stereotype.Component;
import org.springframework.web.filter.OncePerRequestFilter;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.pgms.coredomain.response.ErrorResponse;

import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import lombok.extern.slf4j.Slf4j;

@Component
@Slf4j
public class BookingExceptionHandlerFilter extends OncePerRequestFilter {
private final ObjectMapper objectMapper;

public BookingExceptionHandlerFilter() {
this.objectMapper = new ObjectMapper();
objectMapper.findAndRegisterModules();
}

@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
FilterChain filterChain) throws ServletException, IOException {
try {
filterChain.doFilter(request, response);
} catch (BookingException e) {
BookingErrorCode bookingErrorCode = e.getErrorCode();
sendFailResponse(response, bookingErrorCode);
} catch (Exception e) {
log.error(e.getMessage(), e);
BookingErrorCode bookingErrorCode = BookingErrorCode.INTERNAL_SERVER_ERROR;
sendFailResponse(response, bookingErrorCode);
}
}

private void sendFailResponse(HttpServletResponse response, BookingErrorCode bookingErrorCode) throws IOException {
response.setStatus(bookingErrorCode.getStatus().value());
response.setContentType(MediaType.APPLICATION_JSON_VALUE);

ErrorResponse errorResponse = new ErrorResponse(bookingErrorCode.getCode(), bookingErrorCode.getMessage());
response.getWriter().write(objectMapper.writeValueAsString(errorResponse));
}
}
26 changes: 26 additions & 0 deletions ...oking/src/main/java/com/pgms/apibooking/common/interceptor/BookingSessionInterceptor.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
package com.pgms.apibooking.common.interceptor;

import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;

import com.pgms.apibooking.common.exception.BookingErrorCode;
import com.pgms.apibooking.common.exception.BookingException;

import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;

@Component
public class BookingSessionInterceptor implements HandlerInterceptor {

@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws
Exception {
String bookingSessionId = request.getHeader("Booking-Session-Id");
if (bookingSessionId == null || bookingSessionId.isBlank()) {
throw new BookingException(BookingErrorCode.BOOKING_SESSION_ID_NOT_EXIST);
}

request.setAttribute("bookingSessionId", bookingSessionId);
return true;
}
}
24 changes: 24 additions & 0 deletions api/api-booking/src/main/java/com/pgms/apibooking/common/jwt/BookingAuthToken.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
package com.pgms.apibooking.common.jwt;

import org.springframework.security.authentication.AbstractAuthenticationToken;

public class BookingAuthToken extends AbstractAuthenticationToken {

private final String sessionId;

public BookingAuthToken(String sessionId) {
super(null);
this.sessionId = sessionId;
super.setAuthenticated(true);
}

@Override
public Object getCredentials() {
return null;
}

@Override
public Object getPrincipal() {
return this.sessionId;
}
}
53 changes: 53 additions & 0 deletions api/api-booking/src/main/java/com/pgms/apibooking/common/jwt/BookingJwtAuthFilter.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
package com.pgms.apibooking.common.jwt;

import java.io.IOException;

import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;
import org.springframework.web.filter.OncePerRequestFilter;

import com.pgms.apibooking.common.exception.BookingErrorCode;
import com.pgms.apibooking.common.exception.BookingException;

import io.jsonwebtoken.JwtException;
import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;

@Component
@Slf4j
@RequiredArgsConstructor
public class BookingJwtAuthFilter extends OncePerRequestFilter {

private final BookingJwtProvider bookingJwtProvider;

@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
FilterChain filterChain) throws ServletException, IOException {
String token = parseToken(request);

if (token != null) {
try {
BookingJwtPayload authentication = bookingJwtProvider.validateAndParsePayload(token);
BookingAuthToken bookingAuthToken = new BookingAuthToken(authentication.getSessionId());
SecurityContextHolder.getContext().setAuthentication(bookingAuthToken);
} catch (JwtException | BookingException e) {
log.warn(e.getMessage(), e);
throw new BookingException(BookingErrorCode.INVALID_BOOKING_TOKEN);
}
}

filterChain.doFilter(request, response);
}

private String parseToken(HttpServletRequest request) {
String headerAuth = request.getHeader("Booking-Authorization");
if (headerAuth != null && headerAuth.startsWith("Bearer ")) {
return headerAuth.substring(7);
}
return null;
}
}
21 changes: 21 additions & 0 deletions api/api-booking/src/main/java/com/pgms/apibooking/common/jwt/BookingJwtPayload.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
package com.pgms.apibooking.common.jwt;

import java.util.HashMap;
import java.util.Map;

import jakarta.validation.Payload;
import lombok.AllArgsConstructor;
import lombok.Getter;

@Getter
@AllArgsConstructor
public class BookingJwtPayload implements Payload {

private final String sessionId;

public Map<String, String> toMap() {
return new HashMap<>() {{
put("sessionId", sessionId);
}};
}
}
38 changes: 38 additions & 0 deletions api/api-booking/src/main/java/com/pgms/apibooking/common/jwt/BookingJwtProvider.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
package com.pgms.apibooking.common.jwt;

import java.util.Date;

import javax.crypto.SecretKey;

import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
import lombok.AllArgsConstructor;

@AllArgsConstructor
public class BookingJwtProvider {
private final String issuer;
private final SecretKey secretKey;
private final Long expirySeconds;

public String generateToken(BookingJwtPayload payload) {
Long now = System.currentTimeMillis();
Date expirationMilliSeconds = new Date(now + expirySeconds * 1000);

return Jwts.builder()
.issuer(issuer)
.issuedAt(new Date(now))
.expiration(expirationMilliSeconds)
.claims(payload.toMap())
.signWith(secretKey)
.compact();
}

public BookingJwtPayload validateAndParsePayload(String token) {
Claims claims = Jwts.parser()
.verifyWith(secretKey)
.build()
.parseSignedClaims(token)
.getPayload();
return new BookingJwtPayload(claims.get("sessionId", String.class));
}
}
2 changes: 1 addition & 1 deletion ...om/pgms/apibooking/util/DateTimeUtil.java → .../apibooking/common/util/DateTimeUtil.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package com.pgms.apibooking.util;
package com.pgms.apibooking.common.util;

import java.time.LocalDateTime;
import java.time.format.DateTimeFormatter;
Expand Down
33 changes: 33 additions & 0 deletions api/api-booking/src/main/java/com/pgms/apibooking/config/JwtConfig.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
package com.pgms.apibooking.config;

import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import com.pgms.apibooking.common.jwt.BookingJwtProvider;

import io.jsonwebtoken.security.Keys;
import lombok.Getter;

@Getter
@Configuration
public class JwtConfig {

@Value("${jwt.issuer}")
private String issuer;

@Value("${jwt.secret-key}")
private String secretKey;

@Value("${jwt.expiry-seconds}")
private Long expirySeconds;

@Bean
public BookingJwtProvider jwtProvider() {
return new BookingJwtProvider(
issuer,
Keys.hmacShaKeyFor(secretKey.getBytes()),
expirySeconds
);
}
}
59 changes: 59 additions & 0 deletions api/api-booking/src/main/java/com/pgms/apibooking/config/SecurityConfig.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
package com.pgms.apibooking.config;

import java.util.List;

import org.springframework.boot.autoconfigure.security.servlet.PathRequest;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;

import com.pgms.apibooking.common.exception.BookingExceptionHandlerFilter;
import com.pgms.apibooking.common.exception.BookingAuthEntryPoint;
import com.pgms.apibooking.common.jwt.BookingJwtAuthFilter;

import lombok.RequiredArgsConstructor;

@Configuration
@EnableWebSecurity
@RequiredArgsConstructor
public class SecurityConfig {

private final BookingJwtAuthFilter bookingJwtAuthFilter;
private final BookingExceptionHandlerFilter bookingExceptionHandlerFilter;
private final BookingAuthEntryPoint bookingAuthEntryPoint;

@Bean
public SecurityFilterChain bookingFilterChain(HttpSecurity http) throws Exception {
List<RequestMatcher> permitAllMatchers = List.of(
new AntPathRequestMatcher("/api/*/bookings/enter-queue", HttpMethod.POST.toString()),
new AntPathRequestMatcher("/api/*/bookings/order-in-queue", HttpMethod.GET.toString()),
new AntPathRequestMatcher("/api/*/bookings/issue-token", HttpMethod.GET.toString())
);

return http
.csrf(AbstractHttpConfigurer::disable)
.headers(headers -> headers.frameOptions(HeadersConfigurer.FrameOptionsConfig::sameOrigin))
.authorizeHttpRequests(authorize -> authorize
.requestMatchers(PathRequest.toH2Console()).permitAll()
.requestMatchers(permitAllMatchers.toArray(new RequestMatcher[0])).permitAll()
.anyRequest().authenticated()
)
.exceptionHandling(exceptionHandling -> exceptionHandling
.authenticationEntryPoint(bookingAuthEntryPoint)
)
.sessionManagement(
sessionManagement -> sessionManagement.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
.addFilterBefore(bookingJwtAuthFilter, BasicAuthenticationFilter.class)
.addFilterBefore(bookingExceptionHandlerFilter, BookingJwtAuthFilter.class)
.build();
}
}
Loading