Merge pull request #19 from mju-likelion/feature/login-api-#18

Feature/#18 로그인 API 개발

src/main/java/org/mjulikelion/baker/controller/AuthController.java

@@ -0,0 +1,26 @@
+package org.mjulikelion.baker.controller;
+
+import jakarta.servlet.http.HttpServletResponse;
+import jakarta.validation.Valid;
+import lombok.AllArgsConstructor;
+import org.mjulikelion.baker.dto.request.auth.AuthLoginRequestDto;
+import org.mjulikelion.baker.dto.response.ResponseDto;
+import org.mjulikelion.baker.service.auth.AuthQueryService;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+@RequestMapping("auth")
+@AllArgsConstructor
+public class AuthController {
+    private final AuthQueryService authQueryService;
+
+    @PostMapping("/login")
+    public ResponseEntity<ResponseDto<Void>> login(@RequestBody @Valid AuthLoginRequestDto authLoginRequestDTO,
+                                                   HttpServletResponse response) {
+        return this.authQueryService.login(authLoginRequestDTO, response);
+    }
+}

src/main/java/org/mjulikelion/baker/dto/request/auth/AuthLoginRequestDto.java

@@ -0,0 +1,12 @@
+package org.mjulikelion.baker.dto.request.auth;
+
+import jakarta.validation.constraints.NotBlank;
+import lombok.Getter;
+
+@Getter
+public class AuthLoginRequestDto {
+    @NotBlank
+    private String managerId;
+    @NotBlank
+    private String password;
+}

src/main/java/org/mjulikelion/baker/service/auth/AuthQueryService.java

@@ -0,0 +1,13 @@
+package org.mjulikelion.baker.service.auth;
+
+import jakarta.servlet.http.HttpServletResponse;
+import jakarta.validation.Valid;
+import org.mjulikelion.baker.dto.request.auth.AuthLoginRequestDto;
+import org.mjulikelion.baker.dto.response.ResponseDto;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.RequestBody;
+
+public interface AuthQueryService {
+    ResponseEntity<ResponseDto<Void>> login(@RequestBody @Valid AuthLoginRequestDto authLoginRequestDTO,
+                                            HttpServletResponse response);
+}

src/main/java/org/mjulikelion/baker/service/auth/AuthQueryServiceImpl.java

@@ -0,0 +1,60 @@
+package org.mjulikelion.baker.service.auth;
+
+import static org.mjulikelion.baker.constant.SecurityConstant.ACCESS_TOKEN;
+import static org.mjulikelion.baker.constant.SecurityConstant.ROOT_PATH;
+import static org.mjulikelion.baker.errorcode.ErrorCode.AUTHENTICATION_ERROR;
+
+import jakarta.servlet.http.Cookie;
+import jakarta.servlet.http.HttpServletResponse;
+import org.mjulikelion.baker.dto.request.auth.AuthLoginRequestDto;
+import org.mjulikelion.baker.dto.response.ResponseDto;
+import org.mjulikelion.baker.exception.AuthenticationException;
+import org.mjulikelion.baker.util.security.JwtEncoder;
+import org.mjulikelion.baker.util.security.JwtTokenProvider;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.core.Authentication;
+import org.springframework.stereotype.Service;
+
+@Service
+public class AuthQueryServiceImpl implements AuthQueryService {
+    private final AuthenticationManagerBuilder authenticationManagerBuilder;
+    private final JwtTokenProvider jwtTokenProvider;
+    private final int cookieMaxAge;
+
+    public AuthQueryServiceImpl(AuthenticationManagerBuilder authenticationManagerBuilder,
+                                JwtTokenProvider jwtTokenProvider,
+                                @Value("${security.jwt.cookie.max-age}") int cookieMaxAge) {
+        this.authenticationManagerBuilder = authenticationManagerBuilder;
+        this.jwtTokenProvider = jwtTokenProvider;
+        this.cookieMaxAge = cookieMaxAge;
+    }
+
+    @Override
+    public ResponseEntity<ResponseDto<Void>> login(AuthLoginRequestDto authLoginRequestDTO,
+                                                   HttpServletResponse response) {
+        try {
+            UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(
+                    authLoginRequestDTO.getManagerId(),
+                    authLoginRequestDTO.getPassword());
+
+            Authentication authentication = authenticationManagerBuilder.getObject().authenticate(authenticationToken);
+
+            String jwtToken = jwtTokenProvider.generateToken(authentication).getAccessToken();
+
+            Cookie cookie = new Cookie(ACCESS_TOKEN,
+                    JwtEncoder.encodeJwtBearerToken(jwtToken));
+
+            cookie.setMaxAge(cookieMaxAge);
+            cookie.setHttpOnly(true);
+            cookie.setPath(ROOT_PATH);
+            response.addCookie(cookie);
+        } catch (Exception e) {
+            throw new AuthenticationException(AUTHENTICATION_ERROR, e.getMessage());
+        }
+        return new ResponseEntity<>(ResponseDto.res(HttpStatus.OK, "OK"), HttpStatus.OK);
+    }
+}