feat(admin): 콘텐츠 관리자 로그인 API 추가
This commit is contained in:
@@ -0,0 +1,15 @@
|
||||
package kr.co.vividnext.sodalive.admin.member
|
||||
|
||||
import kr.co.vividnext.sodalive.common.ApiResponse
|
||||
import kr.co.vividnext.sodalive.member.login.LoginRequest
|
||||
import org.springframework.web.bind.annotation.PostMapping
|
||||
import org.springframework.web.bind.annotation.RequestBody
|
||||
import org.springframework.web.bind.annotation.RequestMapping
|
||||
import org.springframework.web.bind.annotation.RestController
|
||||
|
||||
@RestController
|
||||
@RequestMapping("/admin/member")
|
||||
class AdminMemberLoginController(private val service: AdminMemberLoginService) {
|
||||
@PostMapping("/login")
|
||||
fun login(@RequestBody request: LoginRequest) = ApiResponse.ok(service.login(request))
|
||||
}
|
||||
@@ -0,0 +1,8 @@
|
||||
package kr.co.vividnext.sodalive.admin.member
|
||||
|
||||
import kr.co.vividnext.sodalive.member.MemberRole
|
||||
|
||||
data class AdminMemberLoginResponse(
|
||||
val token: String,
|
||||
val role: MemberRole
|
||||
)
|
||||
@@ -0,0 +1,39 @@
|
||||
package kr.co.vividnext.sodalive.admin.member
|
||||
|
||||
import kr.co.vividnext.sodalive.common.SodaException
|
||||
import kr.co.vividnext.sodalive.jwt.TokenProvider
|
||||
import kr.co.vividnext.sodalive.member.MemberAdapter
|
||||
import kr.co.vividnext.sodalive.member.MemberRole
|
||||
import kr.co.vividnext.sodalive.member.login.LoginRequest
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken
|
||||
import org.springframework.security.crypto.password.PasswordEncoder
|
||||
import org.springframework.stereotype.Service
|
||||
|
||||
@Service
|
||||
class AdminMemberLoginService(
|
||||
private val repository: AdminMemberRepository,
|
||||
private val passwordEncoder: PasswordEncoder,
|
||||
private val tokenProvider: TokenProvider
|
||||
) {
|
||||
fun login(request: LoginRequest): AdminMemberLoginResponse {
|
||||
val member = repository.findByEmail(request.email)
|
||||
?: throw SodaException(messageKey = "common.error.bad_credentials")
|
||||
|
||||
if (member.role != MemberRole.ADMIN && member.role != MemberRole.CONTENT_MANAGER) {
|
||||
throw SodaException(messageKey = "common.error.bad_credentials")
|
||||
}
|
||||
|
||||
if (!member.isActive || !passwordEncoder.matches(request.password, member.password)) {
|
||||
throw SodaException(messageKey = "common.error.bad_credentials")
|
||||
}
|
||||
|
||||
val authentication = UsernamePasswordAuthenticationToken(
|
||||
MemberAdapter(member),
|
||||
null,
|
||||
MemberAdapter(member).authorities
|
||||
)
|
||||
val token = tokenProvider.createToken(authentication = authentication, memberId = member.id!!)
|
||||
|
||||
return AdminMemberLoginResponse(token = token, role = member.role)
|
||||
}
|
||||
}
|
||||
@@ -6,7 +6,9 @@ import kr.co.vividnext.sodalive.member.MemberRole
|
||||
import kr.co.vividnext.sodalive.member.QMember.member
|
||||
import org.springframework.data.jpa.repository.JpaRepository
|
||||
|
||||
interface AdminMemberRepository : JpaRepository<Member, Long>, AdminMemberQueryRepository
|
||||
interface AdminMemberRepository : JpaRepository<Member, Long>, AdminMemberQueryRepository {
|
||||
fun findByEmail(email: String?): Member?
|
||||
}
|
||||
|
||||
interface AdminMemberQueryRepository {
|
||||
fun getMemberTotalCount(role: MemberRole? = null): Int
|
||||
|
||||
@@ -101,6 +101,10 @@ class AdminMemberService(
|
||||
MemberRole.CREATOR -> messageSource.getMessage("admin.member.role.creator", langContext.lang).orEmpty()
|
||||
MemberRole.AGENT -> messageSource.getMessage("admin.member.role.agent", langContext.lang).orEmpty()
|
||||
MemberRole.BOT -> messageSource.getMessage("admin.member.role.bot", langContext.lang).orEmpty()
|
||||
MemberRole.CONTENT_MANAGER ->
|
||||
messageSource
|
||||
.getMessage("admin.member.role.content_manager", langContext.lang)
|
||||
.orEmpty()
|
||||
}
|
||||
|
||||
val loginType = when (it.provider) {
|
||||
|
||||
@@ -74,6 +74,7 @@ class SecurityConfig(
|
||||
.antMatchers("/member/login/kakao").permitAll()
|
||||
.antMatchers("/member/login/apple").permitAll()
|
||||
.antMatchers("/member/login/line").permitAll()
|
||||
.antMatchers("/admin/member/login").permitAll()
|
||||
.antMatchers("/creator-admin/member/login").permitAll()
|
||||
.antMatchers("/member/forgot-password").permitAll()
|
||||
.antMatchers("/stplat/terms_of_service").permitAll()
|
||||
|
||||
@@ -1044,6 +1044,11 @@ class SodaMessageSource {
|
||||
Lang.KO to "봇",
|
||||
Lang.EN to "Bot",
|
||||
Lang.JA to "ボット"
|
||||
),
|
||||
"admin.member.role.content_manager" to mapOf(
|
||||
Lang.KO to "콘텐츠 관리자",
|
||||
Lang.EN to "Content Manager",
|
||||
Lang.JA to "コンテンツ管理者"
|
||||
)
|
||||
)
|
||||
|
||||
|
||||
@@ -177,7 +177,7 @@ enum class Gender {
|
||||
}
|
||||
|
||||
enum class MemberRole {
|
||||
ADMIN, BOT, USER, CREATOR, AGENT
|
||||
ADMIN, BOT, USER, CREATOR, AGENT, CONTENT_MANAGER
|
||||
}
|
||||
|
||||
enum class MemberProvider {
|
||||
|
||||
@@ -0,0 +1,66 @@
|
||||
package kr.co.vividnext.sodalive.admin.member
|
||||
|
||||
import kr.co.vividnext.sodalive.member.MemberRole
|
||||
import kr.co.vividnext.sodalive.member.login.LoginRequest
|
||||
import org.junit.jupiter.api.Assertions.assertEquals
|
||||
import org.junit.jupiter.api.Assertions.assertTrue
|
||||
import org.junit.jupiter.api.BeforeEach
|
||||
import org.junit.jupiter.api.DisplayName
|
||||
import org.junit.jupiter.api.Test
|
||||
import org.mockito.Mockito
|
||||
import org.springframework.http.MediaType
|
||||
import org.springframework.test.web.servlet.MockMvc
|
||||
import org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post
|
||||
import org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath
|
||||
import org.springframework.test.web.servlet.result.MockMvcResultMatchers.status
|
||||
import org.springframework.test.web.servlet.setup.MockMvcBuilders
|
||||
|
||||
class AdminMemberLoginControllerTest {
|
||||
private lateinit var service: AdminMemberLoginService
|
||||
private lateinit var controller: AdminMemberLoginController
|
||||
private lateinit var mockMvc: MockMvc
|
||||
|
||||
@BeforeEach
|
||||
fun setup() {
|
||||
service = mock()
|
||||
controller = AdminMemberLoginController(service = service)
|
||||
mockMvc = MockMvcBuilders.standaloneSetup(controller).build()
|
||||
}
|
||||
|
||||
@Test
|
||||
@DisplayName("POST /admin/member/login은 token과 role을 응답한다")
|
||||
fun shouldReturnTokenAndRole() {
|
||||
val request = LoginRequest(email = "admin@test.com", password = "password")
|
||||
val loginResponse = AdminMemberLoginResponse(token = "admin-token", role = MemberRole.ADMIN)
|
||||
Mockito.`when`(service.login(request)).thenReturn(loginResponse)
|
||||
|
||||
val response = controller.login(request)
|
||||
|
||||
assertTrue(response.success)
|
||||
assertEquals("admin-token", response.data?.token)
|
||||
assertEquals(MemberRole.ADMIN, response.data?.role)
|
||||
}
|
||||
|
||||
@Test
|
||||
@DisplayName("POST /admin/member/login은 JSON으로 token과 role을 응답한다")
|
||||
fun shouldReturnTokenAndRoleJson() {
|
||||
val request = LoginRequest(email = "content@test.com", password = "password")
|
||||
Mockito.`when`(service.login(request)).thenReturn(
|
||||
AdminMemberLoginResponse(token = "content-token", role = MemberRole.CONTENT_MANAGER)
|
||||
)
|
||||
|
||||
mockMvc.perform(
|
||||
post("/admin/member/login")
|
||||
.contentType(MediaType.APPLICATION_JSON)
|
||||
.content("""{"email":"content@test.com","password":"password"}""")
|
||||
)
|
||||
.andExpect(status().isOk)
|
||||
.andExpect(jsonPath("$.success").value(true))
|
||||
.andExpect(jsonPath("$.data.token").value("content-token"))
|
||||
.andExpect(jsonPath("$.data.role").value("CONTENT_MANAGER"))
|
||||
}
|
||||
|
||||
private inline fun <reified T> mock(): T {
|
||||
return Mockito.mock(T::class.java)
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,98 @@
|
||||
package kr.co.vividnext.sodalive.admin.member
|
||||
|
||||
import kr.co.vividnext.sodalive.common.SodaException
|
||||
import kr.co.vividnext.sodalive.jwt.TokenProvider
|
||||
import kr.co.vividnext.sodalive.member.Member
|
||||
import kr.co.vividnext.sodalive.member.MemberRepository
|
||||
import kr.co.vividnext.sodalive.member.MemberRole
|
||||
import kr.co.vividnext.sodalive.member.login.LoginRequest
|
||||
import kr.co.vividnext.sodalive.member.token.MemberTokenRepository
|
||||
import org.junit.jupiter.api.Assertions.assertEquals
|
||||
import org.junit.jupiter.api.Assertions.assertThrows
|
||||
import org.junit.jupiter.api.Assertions.assertTrue
|
||||
import org.junit.jupiter.api.BeforeEach
|
||||
import org.junit.jupiter.api.DisplayName
|
||||
import org.junit.jupiter.api.Test
|
||||
import org.mockito.Mockito
|
||||
import org.springframework.security.crypto.password.PasswordEncoder
|
||||
|
||||
class AdminMemberLoginServiceTest {
|
||||
private lateinit var repository: AdminMemberRepository
|
||||
private lateinit var passwordEncoder: PasswordEncoder
|
||||
private lateinit var tokenRepository: MemberTokenRepository
|
||||
private lateinit var service: AdminMemberLoginService
|
||||
|
||||
@BeforeEach
|
||||
fun setup() {
|
||||
repository = mock()
|
||||
passwordEncoder = mock()
|
||||
tokenRepository = mock()
|
||||
val tokenProvider = TokenProvider(
|
||||
secret = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==",
|
||||
tokenValidityInSeconds = 3600,
|
||||
repository = mock<MemberRepository>(),
|
||||
tokenRepository = tokenRepository
|
||||
)
|
||||
tokenProvider.afterPropertiesSet()
|
||||
service = AdminMemberLoginService(
|
||||
repository = repository,
|
||||
passwordEncoder = passwordEncoder,
|
||||
tokenProvider = tokenProvider
|
||||
)
|
||||
}
|
||||
|
||||
@Test
|
||||
@DisplayName("관리자는 관리자 로그인 API로 token과 role을 받는다")
|
||||
fun shouldLoginAdmin() {
|
||||
val member = createMember(id = 1L, role = MemberRole.ADMIN)
|
||||
Mockito.`when`(repository.findByEmail("admin@test.com")).thenReturn(member)
|
||||
Mockito.`when`(passwordEncoder.matches("password", "encoded-password")).thenReturn(true)
|
||||
|
||||
val response = service.login(LoginRequest(email = "admin@test.com", password = "password"))
|
||||
|
||||
assertTrue(response.token.isNotBlank())
|
||||
assertEquals(MemberRole.ADMIN, response.role)
|
||||
}
|
||||
|
||||
@Test
|
||||
@DisplayName("콘텐츠 관리자는 관리자 로그인 API로 token과 role을 받는다")
|
||||
fun shouldLoginContentManager() {
|
||||
val member = createMember(id = 2L, role = MemberRole.CONTENT_MANAGER)
|
||||
Mockito.`when`(repository.findByEmail("content@test.com")).thenReturn(member)
|
||||
Mockito.`when`(passwordEncoder.matches("password", "encoded-password")).thenReturn(true)
|
||||
|
||||
val response = service.login(LoginRequest(email = "content@test.com", password = "password"))
|
||||
|
||||
assertTrue(response.token.isNotBlank())
|
||||
assertEquals(MemberRole.CONTENT_MANAGER, response.role)
|
||||
}
|
||||
|
||||
@Test
|
||||
@DisplayName("일반 사용자는 관리자 로그인 API를 사용할 수 없다")
|
||||
fun shouldRejectUser() {
|
||||
val member = createMember(id = 3L, role = MemberRole.USER)
|
||||
Mockito.`when`(repository.findByEmail("user@test.com")).thenReturn(member)
|
||||
|
||||
val exception = assertThrows(SodaException::class.java) {
|
||||
service.login(LoginRequest(email = "user@test.com", password = "password"))
|
||||
}
|
||||
|
||||
assertEquals("common.error.bad_credentials", exception.messageKey)
|
||||
Mockito.verifyNoInteractions(tokenRepository)
|
||||
}
|
||||
|
||||
private fun createMember(id: Long, role: MemberRole): Member {
|
||||
val member = Member(
|
||||
email = "member$id@test.com",
|
||||
password = "encoded-password",
|
||||
nickname = "member$id",
|
||||
role = role
|
||||
)
|
||||
member.id = id
|
||||
return member
|
||||
}
|
||||
|
||||
private inline fun <reified T> mock(): T {
|
||||
return Mockito.mock(T::class.java)
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user