Commit @6ca0c3fb7bbf3196e04f78b2b8bccfe18bc27ce7

hmkim 03-26

250326 김혜민 중복로그인 및 세션방식 수정

@6ca0c3fb7bbf3196e04f78b2b8bccfe18bc27ce7

f4fc74f

6ca0c3f

src/main/java/com/takensoft/cms/token/service/impl/RefreshTokenServiceImpl.java

--- src/main/java/com/takensoft/cms/token/service/impl/RefreshTokenServiceImpl.java

+++ src/main/java/com/takensoft/cms/token/service/impl/RefreshTokenServiceImpl.java


 package com.takensoft.cms.token.service.impl;
 
+import com.takensoft.cms.loginPolicy.service.LoginPolicyService;
 import com.takensoft.cms.token.dao.RefreshTokenDAO;
 import com.takensoft.cms.token.service.RefreshTokenService;
 import com.takensoft.cms.mber.vo.MberAuthorVO;
 import com.takensoft.cms.mber.vo.MberVO;
 import com.takensoft.cms.token.vo.RefreshTknVO;
-import com.takensoft.common.config.RedisConfig;
 import com.takensoft.common.util.HttpRequestUtil;
 import com.takensoft.common.util.JWTUtil;
-import com.takensoft.common.util.LoginUtil;
 import io.jsonwebtoken.ExpiredJwtException;
 import lombok.RequiredArgsConstructor;
 import org.egovframe.rte.fdl.cmmn.EgovAbstractServiceImpl;

     private final RefreshTokenDAO refreshTokenDAO;
     private final JWTUtil jwtUtil;
     private final HttpRequestUtil httpRequestUtil;
-    private final LoginUtil loginUtil;
+    private final LoginPolicyService loginPolicyService;
     private final RedisTemplate<String, String> redisTemplate;
 
     @Value("${jwt.accessTime}")

             refreshTknVO.setMbrId((String) jwtUtil.getClaim(refreshTokenCheck(req).get("refreshToken").toString(), "mbrId"));
 
             //중복로그인 비허용시 삭제
-            if (!loginUtil.isAllowMultipleLogin()) {
+            if (!loginPolicyService.getPolicy()) {
                 redisTemplate.delete("jwt:" + refreshTknVO.getMbrId()); // 기존 JWT 삭제
             }
             return delete(req, refreshTknVO);

             String userId = (String) jwtUtil.getClaim(refreshToken, "mbrId");
 
             // 중복 로그인 비허용 체크 (DB에 저장된 리프레시 토큰과 비교)
-            if (!loginUtil.isAllowMultipleLogin()) {
+            if (!loginPolicyService.getPolicy()) {
                 String storedRefreshToken = redisTemplate.opsForValue().get("jwt:" + userId);
 
                 if (storedRefreshToken == null || !storedRefreshToken.equals(refreshToken)) {

     public int delete(HttpServletRequest req, RefreshTknVO refreshTknVO) {
             refreshTknVO.setUseIp(httpRequestUtil.getIp(req));
             //중복로그인 비허용시 삭제
-            if (!loginUtil.isAllowMultipleLogin()) {
+            if (!loginPolicyService.getPolicy()) {
                 redisTemplate.delete("jwt:" + refreshTknVO.getMbrId()); // 기존 JWT 삭제
             }
             return refreshTokenDAO.deleteByRefresh(refreshTknVO);

f4fc74f

6ca0c3f

src/main/java/com/takensoft/cms/token/web/RefreshTokenController.java

--- src/main/java/com/takensoft/cms/token/web/RefreshTokenController.java

+++ src/main/java/com/takensoft/cms/token/web/RefreshTokenController.java


 package com.takensoft.cms.token.web;
 
 
+import com.takensoft.cms.loginPolicy.service.LoginModeService;
+import com.takensoft.cms.loginPolicy.service.LoginPolicyService;
+import com.takensoft.cms.mber.vo.MberVO;
 import com.takensoft.cms.token.service.RefreshTokenService;
+import com.takensoft.cms.token.vo.RefreshTknVO;
 import com.takensoft.common.message.MessageCode;
 import com.takensoft.common.util.ResponseData;
 import com.takensoft.common.util.ResponseUtil;
+import com.takensoft.common.util.SessionUtil;
+import jakarta.servlet.http.HttpSession;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RestController;
 

 
     private final ResponseUtil resUtil;
     private final RefreshTokenService refreshTokenService;
-
+    private final LoginPolicyService loginPolicyService;
+    private final LoginModeService loginModeService;
+    private final SessionUtil sessionUtil;
+    private final RedisTemplate<String, String> redisTemplate;
     /**
      * @param req - HTTP 요청 객체
      * @param res - HTTP 응답 객체

      */
     @PostMapping(value = "/mbr/logout.json")
     public ResponseEntity<?> logout(HttpServletRequest req, HttpServletResponse res){
-        int result = refreshTokenService.deleteByRefresh(req, res);
-        if(result > 0) {
-            Cookie cookie = new Cookie("refresh", null);
-            cookie.setMaxAge(0); // 생명주기
-            //cookie.setSecure(true); // https 통신을 할 경우 true로 사용
-            cookie.setPath("/"); // 쿠키 적용 범위
-            cookie.setHttpOnly(true);
-            res.addCookie(cookie);
+        Authentication auth = SecurityContextHolder.getContext().getAuthentication();
+
+        if (auth != null && auth.getPrincipal() instanceof MberVO) {
+            MberVO mber = (MberVO) auth.getPrincipal();
+            String mbrId = mber.getMbrId();
+            String loginType = loginModeService.getLoginMode(); // "J" or "S"
+
+            // ✅ Refresh 토큰 삭제 (DB)
+            RefreshTknVO refresh = new RefreshTknVO();
+            refresh.setMbrId(mbrId);
+            int result =  refreshTokenService.delete(req, refresh);
+
+            if ("S".equals(loginType)) {
+                // ✅ 세션 방식: 세션 만료 + SessionMap에서 제거
+                HttpSession session = req.getSession(false);
+                if (session != null) session.invalidate();
+                sessionUtil.removeSession(mbrId);
+            } else {
+                // ✅ JWT 방식: Redis에서 삭제
+                if (!loginPolicyService.getPolicy()) {
+                    redisTemplate.delete("jwt:" + mbrId);
+                }
+                // 쿠키 제거
+                Cookie cookie = new Cookie("refresh", null);
+                cookie.setMaxAge(0);
+                cookie.setHttpOnly(true);
+                cookie.setPath("/");
+                res.addCookie(cookie);
+            }
+
+            //  SecurityContext 제거
+            SecurityContextHolder.clearContext();
             return resUtil.successRes(result, MessageCode.LOGOUT_SUCCESS);
-        } else {
-            return resUtil.errorRes(MessageCode.COMMON_UNKNOWN_ERROR);
         }
+            return resUtil.errorRes(MessageCode.COMMON_UNKNOWN_ERROR);
     }
 
     /**

f4fc74f

6ca0c3f

src/main/java/com/takensoft/common/config/SecurityConfig.java

--- src/main/java/com/takensoft/common/config/SecurityConfig.java

+++ src/main/java/com/takensoft/common/config/SecurityConfig.java


 package com.takensoft.common.config;
 
 import com.takensoft.cms.accesCtrl.service.AccesCtrlService;
+import com.takensoft.cms.loginPolicy.service.LoginModeService;
+import com.takensoft.cms.loginPolicy.service.LoginPolicyService;
 import com.takensoft.cms.mber.service.LgnHstryService;
 import com.takensoft.cms.token.service.RefreshTokenService;
 import com.takensoft.common.filter.AccesFilter;

 import com.takensoft.common.exception.CustomAccessDenieHandler;
 import com.takensoft.common.exception.CustomAuthenticationEntryPoint;
 import com.takensoft.common.util.JWTUtil;
-import com.takensoft.common.util.LoginUtil;
+import com.takensoft.common.util.SessionUtil;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;

     private final CustomAccessDenieHandler accessDenieHandler;
     private final HttpRequestUtil httpRequestUtil;
     private final AppConfig appConfig;
-    private final RedisConfig redisConfig;
-    private final LoginUtil loginUtil;
+    private final LoginModeService loginModeService;
+    private final LoginPolicyService loginPolicyService;
+    private final SessionUtil sessionUtil;
 
     private static String FRONT_URL;    // 프론트 접근 허용 URL
     private static long JWT_ACCESSTIME; // access 토큰 유지 시간

      * @param jwtUtil - JWT 유틸리티 객체
      * @param authenticationEntryPoint - 인증 실패 시 처리 엔트리 포인트
      * @param accessDenieHandler - 접근 거부 처리 핸들러
-     * @param loginUtil
      * @param fUrl - 프론트엔드 URL (application.yml에서 값을 읽어 옴)
      * @param aTime - JWT 접근 토큰 유효 시간 (application.yml에서 값을 읽어 옴)
      * @param rTime - JWT 리프레시 토큰 유효 시간 (application.yml에서 값을 읽어 옴)

      * @param redisTemplate
 *
      */
-    public SecurityConfig(AuthenticationConfiguration authenticationConfiguration, JWTUtil jwtUtil, RefreshTokenService refreshTokenService, AccesCtrlService accesCtrlService, AppConfig appConfig, RedisConfig redisConfig,
+    public SecurityConfig(AuthenticationConfiguration authenticationConfiguration, JWTUtil jwtUtil, RefreshTokenService refreshTokenService, AccesCtrlService accesCtrlService, AppConfig appConfig,
                           LgnHstryService lgnHstryService, CustomAuthenticationEntryPoint authenticationEntryPoint, CustomAccessDenieHandler accessDenieHandler, HttpRequestUtil httpRequestUtil,
-                          LoginUtil loginUtil, @Value("${front.url}") String fUrl, @Value("${jwt.accessTime}") long aTime, @Value("${jwt.refreshTime}") long rTime, @Value("${cookie.time}") int ctime, RedisTemplate<String, String> redisTemplate) {
+                          LoginModeService loginModeService, LoginPolicyService loginPolicyService, SessionUtil sessionUtil, @Value("${front.url}") String fUrl, @Value("${jwt.accessTime}") long aTime, @Value("${jwt.refreshTime}") long rTime, @Value("${cookie.time}") int ctime, RedisTemplate<String, String> redisTemplate) {
 
         this.authenticationConfiguration = authenticationConfiguration;
         this.refreshTokenService = refreshTokenService;

         this.jwtUtil = jwtUtil;
         this.httpRequestUtil = httpRequestUtil;
         this.appConfig = appConfig;
-        this.redisConfig = redisConfig;
-        this.loginUtil = loginUtil;
-
+        this.loginModeService = loginModeService;
+        this.loginPolicyService = loginPolicyService;
+        this.sessionUtil = sessionUtil;
         this.FRONT_URL = fUrl;
         this.JWT_ACCESSTIME = aTime;
         this.JWT_REFRESHTIME = rTime;

 //                .anyRequest().permitAll() // 모든 사용자 접근 가능
         );
 
-        // 로그인 방식에 따라 필터 적용 (JWT vs 세션)
-        if ("S".equals(loginUtil.getLoginMode())) {
-            http.addFilterBefore(new SessionAuthFilter(jwtUtil, redisTemplate, redisConfig, loginUtil), LoginFilter.class);
+        // 로그인 방식에 따라 필터 적용 (JWT or 세션)
+        if ("S".equals(loginModeService.getLoginMode())) {
+            http.addFilterBefore(new SessionAuthFilter(jwtUtil, redisTemplate, loginPolicyService), LoginFilter.class);
         } else {
-            http.addFilterBefore(new JWTFilter(jwtUtil, appConfig, loginUtil, redisTemplate), LoginFilter.class);
+            http.addFilterBefore(new JWTFilter(jwtUtil, appConfig, loginPolicyService, redisTemplate), LoginFilter.class);
         }
 
-//        http.addFilterBefore(new JWTFilter(jwtUtil, appConfig, redisConfig, redisTemplate), LoginFilter.class); // 토큰 검증 필터
         http.addFilterBefore(new AccesFilter(accesCtrlService, httpRequestUtil, appConfig), JWTFilter.class); // 아이피 검증
         http.addFilterAt(new LoginFilter(authenticationManager(authenticationConfiguration), jwtUtil, refreshTokenService, lgnHstryService, httpRequestUtil,
-                appConfig,loginUtil, JWT_ACCESSTIME, JWT_REFRESHTIME, COOKIE_TIME, redisTemplate), UsernamePasswordAuthenticationFilter.class); // 로그인 필터
+                 loginModeService, loginPolicyService, sessionUtil, JWT_ACCESSTIME, JWT_REFRESHTIME, COOKIE_TIME, redisTemplate), UsernamePasswordAuthenticationFilter.class); // 로그인 필터
 
         return http.build();
     }

f4fc74f

6ca0c3f

src/main/java/com/takensoft/common/filter/JWTFilter.java

--- src/main/java/com/takensoft/common/filter/JWTFilter.java

+++ src/main/java/com/takensoft/common/filter/JWTFilter.java


 package com.takensoft.common.filter;
 
+import com.takensoft.cms.loginPolicy.service.LoginPolicyService;
 import com.takensoft.cms.mber.vo.MberAuthorVO;
 import com.takensoft.cms.mber.vo.MberVO;
 import com.takensoft.common.config.AppConfig;
-import com.takensoft.common.config.RedisConfig;
 import com.takensoft.common.exception.FilterExceptionHandler;
 import com.takensoft.common.util.ErrorResponse;
 import com.takensoft.common.util.JWTUtil;
-import com.takensoft.common.util.LoginUtil;
 import io.jsonwebtoken.ExpiredJwtException;
 import io.jsonwebtoken.JwtException;
 import org.springframework.data.redis.core.RedisTemplate;

     private static final String AUTHORIZATION_HEADER = "Authorization";
     private final JWTUtil jwtUtil;
     private final AppConfig appConfig;
-    private final LoginUtil loginUtil;
+    private final LoginPolicyService loginPolicyService;
     private final RedisTemplate<String, String> redisTemplate;
     /**
      * @param jwtUtil JWT 유틸리티 클래스의 인스턴스
      *
      * JWTFilter 생성자
      */
-    public JWTFilter(JWTUtil jwtUtil, AppConfig appConfig, LoginUtil loginUtil, RedisTemplate<String, String> redisTemplate) {
+    public JWTFilter(JWTUtil jwtUtil, AppConfig appConfig, LoginPolicyService loginPolicyService, RedisTemplate<String, String> redisTemplate) {
         this.jwtUtil = jwtUtil;
         this.appConfig = appConfig;
-        this.loginUtil = loginUtil;
+        this.loginPolicyService = loginPolicyService;
         this.redisTemplate = redisTemplate;
     }
     /**

 
             // 중복 로그인 비허용 설정이면 Redis에서 최신 JWT 가져와 비교
             String userId = (String) jwtUtil.getClaim(accessToken, "mbrId");
-            if (!loginUtil.isAllowMultipleLogin()) {
+            if (!loginPolicyService.getPolicy()) {
                 String storedToken = redisTemplate.opsForValue().get("jwt:" + userId);
                 if (storedToken == null) {
                 } else if (!storedToken.equals(accessToken)) {

f4fc74f

6ca0c3f

src/main/java/com/takensoft/common/filter/LoginFilter.java

--- src/main/java/com/takensoft/common/filter/LoginFilter.java

+++ src/main/java/com/takensoft/common/filter/LoginFilter.java


 package com.takensoft.common.filter;
 
 import com.fasterxml.jackson.databind.ObjectMapper;
+import com.takensoft.cms.loginPolicy.service.LoginModeService;
+import com.takensoft.cms.loginPolicy.service.LoginPolicyService;
 import com.takensoft.cms.mber.dto.LoginDTO;
 import com.takensoft.cms.mber.service.LgnHstryService;
 import com.takensoft.cms.token.service.RefreshTokenService;

 import com.takensoft.common.exception.FilterExceptionHandler;
 import com.takensoft.common.util.HttpRequestUtil;
 import com.takensoft.common.util.JWTUtil;
-import com.takensoft.common.util.LoginUtil;
+import com.takensoft.common.util.SessionUtil;
+import jakarta.servlet.http.HttpSession;
 import lombok.SneakyThrows;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.data.redis.core.RedisTemplate;
-import org.springframework.http.HttpStatus;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;

     private final RefreshTokenService refreshTokenService;
     private final LgnHstryService lgnHstryService;
     private final HttpRequestUtil httpRequestUtil;
-    private final AppConfig appConfig;
-    private final LoginUtil loginUtil;
+    private final LoginModeService loginModeService;
+    private final LoginPolicyService loginPolicyService;
+    private final SessionUtil sessionUtil;
 
     private static long JWT_ACCESSTIME; // access 토큰 유지 시간
     private static long JWT_REFRESHTIME; // refresh 토큰 유지 시간

      * LoginFilter 생성자
      */
     public LoginFilter(AuthenticationManager authenticationManager, JWTUtil jwtUtil, RefreshTokenService refreshTokenService, LgnHstryService lgnHstryService, HttpRequestUtil httpRequestUtil,
-                       AppConfig appConfig, LoginUtil loginUtil, @Value("${jwt.accessTime}")long aTime, @Value("${jwt.refreshTime}")long rTime, @Value("${cookie.time}")int ctime, RedisTemplate<String, String> redisTemplate) {
+                      LoginModeService loginModeService,LoginPolicyService loginPolicyService,SessionUtil sessionUtil, @Value("${jwt.accessTime}")long aTime, @Value("${jwt.refreshTime}")long rTime, @Value("${cookie.time}")int ctime, RedisTemplate<String, String> redisTemplate) {
         this.authenticationManager = authenticationManager;
         this.jwtUtil = jwtUtil;
         this.refreshTokenService = refreshTokenService;
         this.lgnHstryService = lgnHstryService;
         this.httpRequestUtil = httpRequestUtil;
-        this.appConfig = appConfig;
-        this.loginUtil = loginUtil;
-
+        this.loginModeService = loginModeService;
+        this.loginPolicyService = loginPolicyService;
+        this.sessionUtil = sessionUtil;
         this.JWT_ACCESSTIME = aTime;
         this.JWT_REFRESHTIME = rTime;
         this.COOKIE_TIME = ctime;

      */
     @SneakyThrows
     @Override
-    protected void successfulAuthentication(HttpServletRequest req, HttpServletResponse res, FilterChain chain, Authentication authentication) {
+    protected void successfulAuthentication(HttpServletRequest req, HttpServletResponse res, FilterChain chain, Authentication authentication) throws IOException {
         MberVO mber = (MberVO) authentication.getPrincipal();
 
         // 로그인 이력 등록

         lgnHstryVO.setBrwsrNm(httpRequestUtil.getBrowser(httpRequestUtil.getUserAgent(req)));
         lgnHstryService.LgnHstrySave(lgnHstryVO);
 
+        // 로그인 방식 확인 JWT or SESSION
+        String loginType = loginModeService.getLoginMode();
+
         // 토큰 생성(access, refresh)
         String accessToken = jwtUtil.createJwt("Authorization", mber.getMbrId(), mber.getLgnId(), mber.getMbrNm(), (List) mber.getAuthorities(), JWT_ACCESSTIME);
         String refreshToken = jwtUtil.createJwt("refresh", mber.getMbrId(), mber.getLgnId(), mber.getMbrNm(), (List) mber.getAuthorities(), JWT_REFRESHTIME);

         }
         // refreshToken DB 저장
         refresh.setToken(refreshToken);
-        refreshTokenService.saveRefreshToken(req, res, refresh, JWT_REFRESHTIME);
 
-        // Redis에 AccessToken 저장 (중복 로그인 비허용 설정일 때)
-        if (!loginUtil.isAllowMultipleLogin()) {
-            redisTemplate.delete("jwt:" + mber.getMbrId()); // 기존 JWT 삭제
-            redisTemplate.opsForValue().set("jwt:" + mber.getMbrId(), accessToken, JWT_ACCESSTIME, TimeUnit.MILLISECONDS);
+
+        if ("S".equals(loginType)) {
+            HttpSession session = req.getSession(true);
+            session.setAttribute("JWT_TOKEN", accessToken);
+
+            // 중복 로그인 비허용일 때 기존 세션 만료
+            if (!loginPolicyService.getPolicy()) {
+                sessionUtil.registerSession(mber.getMbrId(), session);
+            }
+
+        } else {
+            res.setHeader("Authorization", accessToken);
+            res.addCookie(jwtUtil.createCookie("refresh", refreshToken, COOKIE_TIME));
+
+            // 중복 로그인 비허용일 때 Redis 저장
+            if (!loginPolicyService.getPolicy()) {
+                redisTemplate.delete("jwt:" + mber.getMbrId());
+                redisTemplate.opsForValue().set("jwt:" + mber.getMbrId(), accessToken, JWT_ACCESSTIME, TimeUnit.MILLISECONDS);
+            }
         }
-
-        // 응답설정
-        res.setHeader("Authorization", accessToken);
-//        res.setHeader("refresh", refreshToken);
-        // 쿠키 방식
-        res.addCookie(jwtUtil.createCookie("refresh",refreshToken, COOKIE_TIME));
-        res.setStatus(HttpStatus.OK.value());
+        refreshTokenService.saveRefreshToken(req, res, refresh, JWT_REFRESHTIME);
+        res.setHeader("login-type", loginType);
     }
 
     /**

f4fc74f

6ca0c3f

src/main/java/com/takensoft/common/filter/SessionAuthFilter.java

--- src/main/java/com/takensoft/common/filter/SessionAuthFilter.java

+++ src/main/java/com/takensoft/common/filter/SessionAuthFilter.java


 package com.takensoft.common.filter;
 
+import com.takensoft.cms.loginPolicy.service.LoginPolicyService;
 import com.takensoft.cms.mber.vo.MberAuthorVO;
 import com.takensoft.cms.mber.vo.MberVO;
-import com.takensoft.common.config.RedisConfig;
 import com.takensoft.common.util.JWTUtil;
-import com.takensoft.common.util.LoginUtil;
 import jakarta.servlet.FilterChain;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;

 
     private final JWTUtil jwtUtil;
     private final RedisTemplate<String, String> redisTemplate;
-    private final RedisConfig redisConfig;
-    private final LoginUtil loginUtil;
-    public SessionAuthFilter(JWTUtil jwtUtil,
-                             RedisTemplate<String, String> redisTemplate,
-                             RedisConfig redisConfig, LoginUtil loginUtil) {
+    private final LoginPolicyService loginPolicyService;
+    public SessionAuthFilter(JWTUtil jwtUtil, RedisTemplate<String, String> redisTemplate, LoginPolicyService loginPolicyService) {
         this.jwtUtil = jwtUtil;
         this.redisTemplate = redisTemplate;
-        this.redisConfig = redisConfig;
-        this.loginUtil = loginUtil;
+        this.loginPolicyService = loginPolicyService;
     }
     /**
      * @param request HttpServletRequest 객체

      * 세션 Filter 검증
      */
     @Override
-    protected void doFilterInternal(HttpServletRequest request,
-                                    HttpServletResponse response,
-                                    FilterChain filterChain) throws ServletException, IOException {
-
-        // JWT 방식이면 이 필터는 동작하지 않음
-        if (!"S".equalsIgnoreCase(loginUtil.getLoginMode())) {
-            filterChain.doFilter(request, response);
-            return;
-        }
-
+    protected void doFilterInternal(HttpServletRequest request,HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
         HttpSession session = request.getSession(false);
         if (session == null || session.getAttribute("JWT_TOKEN") == null) {
             response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized");

         }
 
         // 중복 로그인 허용 여부 확인
-        if (!loginUtil.isAllowMultipleLogin()) {
+        if (!loginPolicyService.getPolicy()) {
             String mbrId = (String) jwtUtil.getClaim(accessToken, "mbrId");
             String storedToken = redisTemplate.opsForValue().get("jwt:" + mbrId);
             if (storedToken != null && !storedToken.equals(accessToken)) {

         mber.setMbrNm((String) jwtUtil.getClaim(accessToken, "mbrNm"));
         mber.setAuthorList(roles);
 
-        UsernamePasswordAuthenticationToken authentication =
-                new UsernamePasswordAuthenticationToken(mber, null, mber.getAuthorities());
+        UsernamePasswordAuthenticationToken authToken = new UsernamePasswordAuthenticationToken(mber, null, mber.getAuthorities());
 
-        SecurityContextHolder.getContext().setAuthentication(authentication);
+        SecurityContextHolder.getContext().setAuthentication(authToken);
 
         filterChain.doFilter(request, response);
     }

f4fc74f

6ca0c3f

src/main/java/com/takensoft/common/idgen/context/ContextIdgen.java

--- src/main/java/com/takensoft/common/idgen/context/ContextIdgen.java

+++ src/main/java/com/takensoft/common/idgen/context/ContextIdgen.java


     // 로그인 방식
     @Bean(name = "loginModeIdgen")
     public IdgenService loginModeIdgen() {
-        IdgenService idgenService = new IdgenService();
-        idgenService.setCipers(15);
-        idgenService.setFillChar('0');
-        idgenService.setPrefix("LOGIN_MODE_");
-        idgenService.setTblNm("LOGIN_MODE_ID");
-        return idgenService;
+        IdgenService idgenServiceImpl = new IdgenService();
+        idgenServiceImpl.setCipers(15);
+        idgenServiceImpl.setFillChar('0');
+        idgenServiceImpl.setPrefix("LOGIN_MODE_");
+        idgenServiceImpl.setTblNm("LOGIN_MODE_ID");
+        return idgenServiceImpl;
     }
 }

f4fc74f

src/main/java/com/takensoft/common/util/LoginUtil.java (deleted)

--- src/main/java/com/takensoft/common/util/LoginUtil.java

...	...	@@ -1,55 +0,0 @@
	1	-package com.takensoft.common.util;
	2	-
	3	-import com.takensoft.cms.loginPolicy.service.LoginModeService;
	4	-import com.takensoft.cms.loginPolicy.service.LoginPolicyService;
	5	-import org.springframework.stereotype.Component;
	6	-
	7	-/**
	8	- * @author : takensoft
	9	- * @since : 2025.01.22
	10	- * @modification
	11	- * since \| author \| description
	12	- * 2025.01.22 \| takensoft \| 최초 등록
	13	- *
	14	- * 중복로그인, 로그인 방식 등의 유틸리티
	15	- */
	16	-@Component
	17	-public class LoginUtil {
	18	-
	19	-
	20	- private final LoginPolicyService loginPolicyService;
	21	- private final LoginModeService loginModeService;
	22	- /**
	23	- *
	24	- * 기본 생성자
	25	- * @param loginPolicyService
	26	- * @param loginModeService
	27	- */
	28	- public LoginUtil(LoginPolicyService loginPolicyService, LoginModeService loginModeService) {
	29	- this.loginPolicyService = loginPolicyService;
	30	- this.loginModeService = loginModeService;
	31	- }
	32	-
	33	- /**
	34	- * @return allowMultipleLogin - 중복로그인 허용/비허용 반환
	35	- *
	36	- * 중복 로그인 허용 여부를 반환하는 메서드
	37	- */
	38	- public boolean isAllowMultipleLogin() {
	39	- Boolean result = loginPolicyService.getPolicy();
	40	- return result;
	41	- }
	42	-
	43	- /**
	44	- * @return allowMultipleLogin - 중복로그인 허용/비허용 반환
	45	- *
	46	- * 중복 로그인 허용 여부를 반환하는 메서드
	47	- */
	48	- public String getLoginMode() {
	49	- String result = loginModeService.getLoginMode();
	50	- return result;
	51	- }
	52	-
	53	-
	54	-
	55	-}

6ca0c3f

src/main/java/com/takensoft/common/util/SessionUtil.java (added)

+++ src/main/java/com/takensoft/common/util/SessionUtil.java

...	...	@@ -0,0 +1,38 @@
	1	+package com.takensoft.common.util;
	2	+
	3	+import jakarta.servlet.http.HttpSession;
	4	+import org.springframework.stereotype.Component;
	5	+
	6	+import java.util.HashMap;
	7	+import java.util.Map;
	8	+
	9	+/**
	10	+ * @author : takensoft
	11	+ * @since : 2025.01.22
	12	+ * @modification
	13	+ * since \| author \| description
	14	+ * 2025.01.22 \| takensoft \| 최초 등록
	15	+ *
	16	+ * 중복로그인, 로그인 방식 등의 유틸리티
	17	+ */
	18	+@Component
	19	+public class SessionUtil {
	20	+
	21	+ private final Map<String, HttpSession> sessionMap = new HashMap<>();
	22	+
	23	+ public synchronized void registerSession(String mbrId, HttpSession newSession) {
	24	+ // 기존 세션 있으면 강제 로그아웃
	25	+ HttpSession oldSession = sessionMap.get(mbrId);
	26	+ if (oldSession != null && oldSession != newSession) {
	27	+ oldSession.invalidate();
	28	+ }
	29	+ sessionMap.put(mbrId, newSession);
	30	+ }
	31	+
	32	+ public void removeSession(String mbrId) {
	33	+ sessionMap.remove(mbrId);
	34	+ }
	35	+
	36	+
	37	+
	38	+}

Add a comment

Open 0
Closed 0

List

...	...	@@ -171,11 +171,11 @@
171	171	// 로그인 방식
172	172	@Bean(name = "loginModeIdgen")
173	173	public IdgenService loginModeIdgen() {
174		- IdgenService idgenService = new IdgenService();
175		- idgenService.setCipers(15);
176		- idgenService.setFillChar('0');
177		- idgenService.setPrefix("LOGIN_MODE_");
178		- idgenService.setTblNm("LOGIN_MODE_ID");
179		- return idgenService;
	174	+ IdgenService idgenServiceImpl = new IdgenService();
	175	+ idgenServiceImpl.setCipers(15);
	176	+ idgenServiceImpl.setFillChar('0');
	177	+ idgenServiceImpl.setPrefix("LOGIN_MODE_");
	178	+ idgenServiceImpl.setTblNm("LOGIN_MODE_ID");
	179	+ return idgenServiceImpl;
180	180	}
181	181	} (파일 끝에 줄바꿈 문자 없음)

...	...	@@ -1,14 +1,13 @@
1	1	package com.takensoft.cms.token.service.impl;
2	2
	3	+import com.takensoft.cms.loginPolicy.service.LoginPolicyService;
3	4	import com.takensoft.cms.token.dao.RefreshTokenDAO;
4	5	import com.takensoft.cms.token.service.RefreshTokenService;
5	6	import com.takensoft.cms.mber.vo.MberAuthorVO;
6	7	import com.takensoft.cms.mber.vo.MberVO;
7	8	import com.takensoft.cms.token.vo.RefreshTknVO;
8		-import com.takensoft.common.config.RedisConfig;
9	9	import com.takensoft.common.util.HttpRequestUtil;
10	10	import com.takensoft.common.util.JWTUtil;
11		-import com.takensoft.common.util.LoginUtil;
12	11	import io.jsonwebtoken.ExpiredJwtException;
13	12	import lombok.RequiredArgsConstructor;
14	13	import org.egovframe.rte.fdl.cmmn.EgovAbstractServiceImpl;
...	...	@@ -48,7 +47,7 @@
48	47	private final RefreshTokenDAO refreshTokenDAO;
49	48	private final JWTUtil jwtUtil;
50	49	private final HttpRequestUtil httpRequestUtil;
51		- private final LoginUtil loginUtil;
	50	+ private final LoginPolicyService loginPolicyService;
52	51	private final RedisTemplate<String, String> redisTemplate;
53	52
54	53	@Value("${jwt.accessTime}")
...	...	@@ -149,7 +148,7 @@
149	148	refreshTknVO.setMbrId((String) jwtUtil.getClaim(refreshTokenCheck(req).get("refreshToken").toString(), "mbrId"));
150	149
151	150	//중복로그인 비허용시 삭제
152		- if (!loginUtil.isAllowMultipleLogin()) {
	151	+ if (!loginPolicyService.getPolicy()) {
153	152	redisTemplate.delete("jwt:" + refreshTknVO.getMbrId()); // 기존 JWT 삭제
154	153	}
155	154	return delete(req, refreshTknVO);
...	...	@@ -180,7 +179,7 @@
180	179	String userId = (String) jwtUtil.getClaim(refreshToken, "mbrId");
181	180
182	181	// 중복 로그인 비허용 체크 (DB에 저장된 리프레시 토큰과 비교)
183		- if (!loginUtil.isAllowMultipleLogin()) {
	182	+ if (!loginPolicyService.getPolicy()) {
184	183	String storedRefreshToken = redisTemplate.opsForValue().get("jwt:" + userId);
185	184
186	185	if (storedRefreshToken == null \|\| !storedRefreshToken.equals(refreshToken)) {
...	...	@@ -239,7 +238,7 @@
239	238	public int delete(HttpServletRequest req, RefreshTknVO refreshTknVO) {
240	239	refreshTknVO.setUseIp(httpRequestUtil.getIp(req));
241	240	//중복로그인 비허용시 삭제
242		- if (!loginUtil.isAllowMultipleLogin()) {
	241	+ if (!loginPolicyService.getPolicy()) {
243	242	redisTemplate.delete("jwt:" + refreshTknVO.getMbrId()); // 기존 JWT 삭제
244	243	}
245	244	return refreshTokenDAO.deleteByRefresh(refreshTknVO);

...	...	@@ -1,16 +1,25 @@
1	1	package com.takensoft.cms.token.web;
2	2
3	3
	4	+import com.takensoft.cms.loginPolicy.service.LoginModeService;
	5	+import com.takensoft.cms.loginPolicy.service.LoginPolicyService;
	6	+import com.takensoft.cms.mber.vo.MberVO;
4	7	import com.takensoft.cms.token.service.RefreshTokenService;
	8	+import com.takensoft.cms.token.vo.RefreshTknVO;
5	9	import com.takensoft.common.message.MessageCode;
6	10	import com.takensoft.common.util.ResponseData;
7	11	import com.takensoft.common.util.ResponseUtil;
	12	+import com.takensoft.common.util.SessionUtil;
	13	+import jakarta.servlet.http.HttpSession;
8	14	import lombok.RequiredArgsConstructor;
9	15	import lombok.extern.slf4j.Slf4j;
	16	+import org.springframework.data.redis.core.RedisTemplate;
10	17	import org.springframework.http.HttpHeaders;
11	18	import org.springframework.http.HttpStatus;
12	19	import org.springframework.http.MediaType;
13	20	import org.springframework.http.ResponseEntity;
	21	+import org.springframework.security.core.Authentication;
	22	+import org.springframework.security.core.context.SecurityContextHolder;
14	23	import org.springframework.web.bind.annotation.PostMapping;
15	24	import org.springframework.web.bind.annotation.RestController;
16	25
...	...	@@ -34,7 +43,10 @@
34	43
35	44	private final ResponseUtil resUtil;
36	45	private final RefreshTokenService refreshTokenService;
37		-
	46	+ private final LoginPolicyService loginPolicyService;
	47	+ private final LoginModeService loginModeService;
	48	+ private final SessionUtil sessionUtil;
	49	+ private final RedisTemplate<String, String> redisTemplate;
38	50	/**
39	51	* @param req - HTTP 요청 객체
40	52	* @param res - HTTP 응답 객체
...	...	@@ -44,18 +56,41 @@
44	56	*/
45	57	@PostMapping(value = "/mbr/logout.json")
46	58	public ResponseEntity<?> logout(HttpServletRequest req, HttpServletResponse res){
47		- int result = refreshTokenService.deleteByRefresh(req, res);
48		- if(result > 0) {
49		- Cookie cookie = new Cookie("refresh", null);
50		- cookie.setMaxAge(0); // 생명주기
51		- //cookie.setSecure(true); // https 통신을 할 경우 true로 사용
52		- cookie.setPath("/"); // 쿠키 적용 범위
53		- cookie.setHttpOnly(true);
54		- res.addCookie(cookie);
	59	+ Authentication auth = SecurityContextHolder.getContext().getAuthentication();
	60	+
	61	+ if (auth != null && auth.getPrincipal() instanceof MberVO) {
	62	+ MberVO mber = (MberVO) auth.getPrincipal();
	63	+ String mbrId = mber.getMbrId();
	64	+ String loginType = loginModeService.getLoginMode(); // "J" or "S"
	65	+
	66	+ // ✅ Refresh 토큰 삭제 (DB)
	67	+ RefreshTknVO refresh = new RefreshTknVO();
	68	+ refresh.setMbrId(mbrId);
	69	+ int result = refreshTokenService.delete(req, refresh);
	70	+
	71	+ if ("S".equals(loginType)) {
	72	+ // ✅ 세션 방식: 세션 만료 + SessionMap에서 제거
	73	+ HttpSession session = req.getSession(false);
	74	+ if (session != null) session.invalidate();
	75	+ sessionUtil.removeSession(mbrId);
	76	+ } else {
	77	+ // ✅ JWT 방식: Redis에서 삭제
	78	+ if (!loginPolicyService.getPolicy()) {
	79	+ redisTemplate.delete("jwt:" + mbrId);
	80	+ }
	81	+ // 쿠키 제거
	82	+ Cookie cookie = new Cookie("refresh", null);
	83	+ cookie.setMaxAge(0);
	84	+ cookie.setHttpOnly(true);
	85	+ cookie.setPath("/");
	86	+ res.addCookie(cookie);
	87	+ }
	88	+
	89	+ // SecurityContext 제거
	90	+ SecurityContextHolder.clearContext();
55	91	return resUtil.successRes(result, MessageCode.LOGOUT_SUCCESS);
56		- } else {
57		- return resUtil.errorRes(MessageCode.COMMON_UNKNOWN_ERROR);
58	92	}
	93	+ return resUtil.errorRes(MessageCode.COMMON_UNKNOWN_ERROR);
59	94	}
60	95
61	96	/**

...	...	@@ -1,6 +1,8 @@
1	1	package com.takensoft.common.config;
2	2
3	3	import com.takensoft.cms.accesCtrl.service.AccesCtrlService;
	4	+import com.takensoft.cms.loginPolicy.service.LoginModeService;
	5	+import com.takensoft.cms.loginPolicy.service.LoginPolicyService;
4	6	import com.takensoft.cms.mber.service.LgnHstryService;
5	7	import com.takensoft.cms.token.service.RefreshTokenService;
6	8	import com.takensoft.common.filter.AccesFilter;
...	...	@@ -11,7 +13,7 @@
11	13	import com.takensoft.common.exception.CustomAccessDenieHandler;
12	14	import com.takensoft.common.exception.CustomAuthenticationEntryPoint;
13	15	import com.takensoft.common.util.JWTUtil;
14		-import com.takensoft.common.util.LoginUtil;
	16	+import com.takensoft.common.util.SessionUtil;
15	17	import org.springframework.beans.factory.annotation.Value;
16	18	import org.springframework.context.annotation.Bean;
17	19	import org.springframework.context.annotation.Configuration;
...	...	@@ -53,8 +55,9 @@
53	55	private final CustomAccessDenieHandler accessDenieHandler;
54	56	private final HttpRequestUtil httpRequestUtil;
55	57	private final AppConfig appConfig;
56		- private final RedisConfig redisConfig;
57		- private final LoginUtil loginUtil;
	58	+ private final LoginModeService loginModeService;
	59	+ private final LoginPolicyService loginPolicyService;
	60	+ private final SessionUtil sessionUtil;
58	61
59	62	private static String FRONT_URL; // 프론트 접근 허용 URL
60	63	private static long JWT_ACCESSTIME; // access 토큰 유지 시간
...	...	@@ -68,7 +71,6 @@
68	71	* @param jwtUtil - JWT 유틸리티 객체
69	72	* @param authenticationEntryPoint - 인증 실패 시 처리 엔트리 포인트
70	73	* @param accessDenieHandler - 접근 거부 처리 핸들러
71		- * @param loginUtil
72	74	* @param fUrl - 프론트엔드 URL (application.yml에서 값을 읽어 옴)
73	75	* @param aTime - JWT 접근 토큰 유효 시간 (application.yml에서 값을 읽어 옴)
74	76	* @param rTime - JWT 리프레시 토큰 유효 시간 (application.yml에서 값을 읽어 옴)
...	...	@@ -76,9 +78,9 @@
76	78	* @param redisTemplate
77	79	*
78	80	*/
79		- public SecurityConfig(AuthenticationConfiguration authenticationConfiguration, JWTUtil jwtUtil, RefreshTokenService refreshTokenService, AccesCtrlService accesCtrlService, AppConfig appConfig, RedisConfig redisConfig,
	81	+ public SecurityConfig(AuthenticationConfiguration authenticationConfiguration, JWTUtil jwtUtil, RefreshTokenService refreshTokenService, AccesCtrlService accesCtrlService, AppConfig appConfig,
80	82	LgnHstryService lgnHstryService, CustomAuthenticationEntryPoint authenticationEntryPoint, CustomAccessDenieHandler accessDenieHandler, HttpRequestUtil httpRequestUtil,
81		- LoginUtil loginUtil, @Value("${front.url}") String fUrl, @Value("${jwt.accessTime}") long aTime, @Value("${jwt.refreshTime}") long rTime, @Value("${cookie.time}") int ctime, RedisTemplate<String, String> redisTemplate) {
	83	+ LoginModeService loginModeService, LoginPolicyService loginPolicyService, SessionUtil sessionUtil, @Value("${front.url}") String fUrl, @Value("${jwt.accessTime}") long aTime, @Value("${jwt.refreshTime}") long rTime, @Value("${cookie.time}") int ctime, RedisTemplate<String, String> redisTemplate) {
82	84
83	85	this.authenticationConfiguration = authenticationConfiguration;
84	86	this.refreshTokenService = refreshTokenService;
...	...	@@ -89,9 +91,9 @@
89	91	this.jwtUtil = jwtUtil;
90	92	this.httpRequestUtil = httpRequestUtil;
91	93	this.appConfig = appConfig;
92		- this.redisConfig = redisConfig;
93		- this.loginUtil = loginUtil;
94		-
	94	+ this.loginModeService = loginModeService;
	95	+ this.loginPolicyService = loginPolicyService;
	96	+ this.sessionUtil = sessionUtil;
95	97	this.FRONT_URL = fUrl;
96	98	this.JWT_ACCESSTIME = aTime;
97	99	this.JWT_REFRESHTIME = rTime;
...	...	@@ -167,17 +169,16 @@
167	169	// .anyRequest().permitAll() // 모든 사용자 접근 가능
168	170	);
169	171
170		- // 로그인 방식에 따라 필터 적용 (JWT vs 세션)
171		- if ("S".equals(loginUtil.getLoginMode())) {
172		- http.addFilterBefore(new SessionAuthFilter(jwtUtil, redisTemplate, redisConfig, loginUtil), LoginFilter.class);
	172	+ // 로그인 방식에 따라 필터 적용 (JWT or 세션)
	173	+ if ("S".equals(loginModeService.getLoginMode())) {
	174	+ http.addFilterBefore(new SessionAuthFilter(jwtUtil, redisTemplate, loginPolicyService), LoginFilter.class);
173	175	} else {
174		- http.addFilterBefore(new JWTFilter(jwtUtil, appConfig, loginUtil, redisTemplate), LoginFilter.class);
	176	+ http.addFilterBefore(new JWTFilter(jwtUtil, appConfig, loginPolicyService, redisTemplate), LoginFilter.class);
175	177	}
176	178
177		-// http.addFilterBefore(new JWTFilter(jwtUtil, appConfig, redisConfig, redisTemplate), LoginFilter.class); // 토큰 검증 필터
178	179	http.addFilterBefore(new AccesFilter(accesCtrlService, httpRequestUtil, appConfig), JWTFilter.class); // 아이피 검증
179	180	http.addFilterAt(new LoginFilter(authenticationManager(authenticationConfiguration), jwtUtil, refreshTokenService, lgnHstryService, httpRequestUtil,
180		- appConfig,loginUtil, JWT_ACCESSTIME, JWT_REFRESHTIME, COOKIE_TIME, redisTemplate), UsernamePasswordAuthenticationFilter.class); // 로그인 필터
	181	+ loginModeService, loginPolicyService, sessionUtil, JWT_ACCESSTIME, JWT_REFRESHTIME, COOKIE_TIME, redisTemplate), UsernamePasswordAuthenticationFilter.class); // 로그인 필터
181	182
182	183	return http.build();
183	184	}

...	...	@@ -1,13 +1,12 @@
1	1	package com.takensoft.common.filter;
2	2
	3	+import com.takensoft.cms.loginPolicy.service.LoginPolicyService;
3	4	import com.takensoft.cms.mber.vo.MberAuthorVO;
4	5	import com.takensoft.cms.mber.vo.MberVO;
5	6	import com.takensoft.common.config.AppConfig;
6		-import com.takensoft.common.config.RedisConfig;
7	7	import com.takensoft.common.exception.FilterExceptionHandler;
8	8	import com.takensoft.common.util.ErrorResponse;
9	9	import com.takensoft.common.util.JWTUtil;
10		-import com.takensoft.common.util.LoginUtil;
11	10	import io.jsonwebtoken.ExpiredJwtException;
12	11	import io.jsonwebtoken.JwtException;
13	12	import org.springframework.data.redis.core.RedisTemplate;
...	...	@@ -42,17 +41,17 @@
42	41	private static final String AUTHORIZATION_HEADER = "Authorization";
43	42	private final JWTUtil jwtUtil;
44	43	private final AppConfig appConfig;
45		- private final LoginUtil loginUtil;
	44	+ private final LoginPolicyService loginPolicyService;
46	45	private final RedisTemplate<String, String> redisTemplate;
47	46	/**
48	47	* @param jwtUtil JWT 유틸리티 클래스의 인스턴스
49	48	*
50	49	* JWTFilter 생성자
51	50	*/
52		- public JWTFilter(JWTUtil jwtUtil, AppConfig appConfig, LoginUtil loginUtil, RedisTemplate<String, String> redisTemplate) {
	51	+ public JWTFilter(JWTUtil jwtUtil, AppConfig appConfig, LoginPolicyService loginPolicyService, RedisTemplate<String, String> redisTemplate) {
53	52	this.jwtUtil = jwtUtil;
54	53	this.appConfig = appConfig;
55		- this.loginUtil = loginUtil;
	54	+ this.loginPolicyService = loginPolicyService;
56	55	this.redisTemplate = redisTemplate;
57	56	}
58	57	/**
...	...	@@ -102,7 +101,7 @@
102	101
103	102	// 중복 로그인 비허용 설정이면 Redis에서 최신 JWT 가져와 비교
104	103	String userId = (String) jwtUtil.getClaim(accessToken, "mbrId");
105		- if (!loginUtil.isAllowMultipleLogin()) {
	104	+ if (!loginPolicyService.getPolicy()) {
106	105	String storedToken = redisTemplate.opsForValue().get("jwt:" + userId);
107	106	if (storedToken == null) {
108	107	} else if (!storedToken.equals(accessToken)) {

...	...	@@ -1,6 +1,8 @@
1	1	package com.takensoft.common.filter;
2	2
3	3	import com.fasterxml.jackson.databind.ObjectMapper;
	4	+import com.takensoft.cms.loginPolicy.service.LoginModeService;
	5	+import com.takensoft.cms.loginPolicy.service.LoginPolicyService;
4	6	import com.takensoft.cms.mber.dto.LoginDTO;
5	7	import com.takensoft.cms.mber.service.LgnHstryService;
6	8	import com.takensoft.cms.token.service.RefreshTokenService;
...	...	@@ -11,11 +13,11 @@
11	13	import com.takensoft.common.exception.FilterExceptionHandler;
12	14	import com.takensoft.common.util.HttpRequestUtil;
13	15	import com.takensoft.common.util.JWTUtil;
14		-import com.takensoft.common.util.LoginUtil;
	16	+import com.takensoft.common.util.SessionUtil;
	17	+import jakarta.servlet.http.HttpSession;
15	18	import lombok.SneakyThrows;
16	19	import org.springframework.beans.factory.annotation.Value;
17	20	import org.springframework.data.redis.core.RedisTemplate;
18		-import org.springframework.http.HttpStatus;
19	21	import org.springframework.security.authentication.AuthenticationManager;
20	22	import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
21	23	import org.springframework.security.core.Authentication;
...	...	@@ -49,8 +51,9 @@
49	51	private final RefreshTokenService refreshTokenService;
50	52	private final LgnHstryService lgnHstryService;
51	53	private final HttpRequestUtil httpRequestUtil;
52		- private final AppConfig appConfig;
53		- private final LoginUtil loginUtil;
	54	+ private final LoginModeService loginModeService;
	55	+ private final LoginPolicyService loginPolicyService;
	56	+ private final SessionUtil sessionUtil;
54	57
55	58	private static long JWT_ACCESSTIME; // access 토큰 유지 시간
56	59	private static long JWT_REFRESHTIME; // refresh 토큰 유지 시간
...	...	@@ -67,15 +70,15 @@
67	70	* LoginFilter 생성자
68	71	*/
69	72	public LoginFilter(AuthenticationManager authenticationManager, JWTUtil jwtUtil, RefreshTokenService refreshTokenService, LgnHstryService lgnHstryService, HttpRequestUtil httpRequestUtil,
70		- AppConfig appConfig, LoginUtil loginUtil, @Value("${jwt.accessTime}")long aTime, @Value("${jwt.refreshTime}")long rTime, @Value("${cookie.time}")int ctime, RedisTemplate<String, String> redisTemplate) {
	73	+ LoginModeService loginModeService,LoginPolicyService loginPolicyService,SessionUtil sessionUtil, @Value("${jwt.accessTime}")long aTime, @Value("${jwt.refreshTime}")long rTime, @Value("${cookie.time}")int ctime, RedisTemplate<String, String> redisTemplate) {
71	74	this.authenticationManager = authenticationManager;
72	75	this.jwtUtil = jwtUtil;
73	76	this.refreshTokenService = refreshTokenService;
74	77	this.lgnHstryService = lgnHstryService;
75	78	this.httpRequestUtil = httpRequestUtil;
76		- this.appConfig = appConfig;
77		- this.loginUtil = loginUtil;
78		-
	79	+ this.loginModeService = loginModeService;
	80	+ this.loginPolicyService = loginPolicyService;
	81	+ this.sessionUtil = sessionUtil;
79	82	this.JWT_ACCESSTIME = aTime;
80	83	this.JWT_REFRESHTIME = rTime;
81	84	this.COOKIE_TIME = ctime;
...	...	@@ -121,7 +124,7 @@
121	124	*/
122	125	@SneakyThrows
123	126	@Override
124		- protected void successfulAuthentication(HttpServletRequest req, HttpServletResponse res, FilterChain chain, Authentication authentication) {
	127	+ protected void successfulAuthentication(HttpServletRequest req, HttpServletResponse res, FilterChain chain, Authentication authentication) throws IOException {
125	128	MberVO mber = (MberVO) authentication.getPrincipal();
126	129
127	130	// 로그인 이력 등록
...	...	@@ -138,6 +141,9 @@
138	141	lgnHstryVO.setBrwsrNm(httpRequestUtil.getBrowser(httpRequestUtil.getUserAgent(req)));
139	142	lgnHstryService.LgnHstrySave(lgnHstryVO);
140	143
	144	+ // 로그인 방식 확인 JWT or SESSION
	145	+ String loginType = loginModeService.getLoginMode();
	146	+
141	147	// 토큰 생성(access, refresh)
142	148	String accessToken = jwtUtil.createJwt("Authorization", mber.getMbrId(), mber.getLgnId(), mber.getMbrNm(), (List) mber.getAuthorities(), JWT_ACCESSTIME);
143	149	String refreshToken = jwtUtil.createJwt("refresh", mber.getMbrId(), mber.getLgnId(), mber.getMbrNm(), (List) mber.getAuthorities(), JWT_REFRESHTIME);
...	...	@@ -152,20 +158,29 @@
152	158	}
153	159	// refreshToken DB 저장
154	160	refresh.setToken(refreshToken);
155		- refreshTokenService.saveRefreshToken(req, res, refresh, JWT_REFRESHTIME);
156	161
157		- // Redis에 AccessToken 저장 (중복 로그인 비허용 설정일 때)
158		- if (!loginUtil.isAllowMultipleLogin()) {
159		- redisTemplate.delete("jwt:" + mber.getMbrId()); // 기존 JWT 삭제
160		- redisTemplate.opsForValue().set("jwt:" + mber.getMbrId(), accessToken, JWT_ACCESSTIME, TimeUnit.MILLISECONDS);
	162	+
	163	+ if ("S".equals(loginType)) {
	164	+ HttpSession session = req.getSession(true);
	165	+ session.setAttribute("JWT_TOKEN", accessToken);
	166	+
	167	+ // 중복 로그인 비허용일 때 기존 세션 만료
	168	+ if (!loginPolicyService.getPolicy()) {
	169	+ sessionUtil.registerSession(mber.getMbrId(), session);
	170	+ }
	171	+
	172	+ } else {
	173	+ res.setHeader("Authorization", accessToken);
	174	+ res.addCookie(jwtUtil.createCookie("refresh", refreshToken, COOKIE_TIME));
	175	+
	176	+ // 중복 로그인 비허용일 때 Redis 저장
	177	+ if (!loginPolicyService.getPolicy()) {
	178	+ redisTemplate.delete("jwt:" + mber.getMbrId());
	179	+ redisTemplate.opsForValue().set("jwt:" + mber.getMbrId(), accessToken, JWT_ACCESSTIME, TimeUnit.MILLISECONDS);
	180	+ }
161	181	}
162		-
163		- // 응답설정
164		- res.setHeader("Authorization", accessToken);
165		-// res.setHeader("refresh", refreshToken);
166		- // 쿠키 방식
167		- res.addCookie(jwtUtil.createCookie("refresh",refreshToken, COOKIE_TIME));
168		- res.setStatus(HttpStatus.OK.value());
	182	+ refreshTokenService.saveRefreshToken(req, res, refresh, JWT_REFRESHTIME);
	183	+ res.setHeader("login-type", loginType);
169	184	}
170	185
171	186	/**

...	...	@@ -1,10 +1,9 @@
1	1	package com.takensoft.common.filter;
2	2
	3	+import com.takensoft.cms.loginPolicy.service.LoginPolicyService;
3	4	import com.takensoft.cms.mber.vo.MberAuthorVO;
4	5	import com.takensoft.cms.mber.vo.MberVO;
5		-import com.takensoft.common.config.RedisConfig;
6	6	import com.takensoft.common.util.JWTUtil;
7		-import com.takensoft.common.util.LoginUtil;
8	7	import jakarta.servlet.FilterChain;
9	8	import jakarta.servlet.ServletException;
10	9	import jakarta.servlet.http.HttpServletRequest;
...	...	@@ -33,15 +32,11 @@
33	32
34	33	private final JWTUtil jwtUtil;
35	34	private final RedisTemplate<String, String> redisTemplate;
36		- private final RedisConfig redisConfig;
37		- private final LoginUtil loginUtil;
38		- public SessionAuthFilter(JWTUtil jwtUtil,
39		- RedisTemplate<String, String> redisTemplate,
40		- RedisConfig redisConfig, LoginUtil loginUtil) {
	35	+ private final LoginPolicyService loginPolicyService;
	36	+ public SessionAuthFilter(JWTUtil jwtUtil, RedisTemplate<String, String> redisTemplate, LoginPolicyService loginPolicyService) {
41	37	this.jwtUtil = jwtUtil;
42	38	this.redisTemplate = redisTemplate;
43		- this.redisConfig = redisConfig;
44		- this.loginUtil = loginUtil;
	39	+ this.loginPolicyService = loginPolicyService;
45	40	}
46	41	/**
47	42	* @param request HttpServletRequest 객체
...	...	@@ -53,16 +48,7 @@
53	48	* 세션 Filter 검증
54	49	*/
55	50	@Override
56		- protected void doFilterInternal(HttpServletRequest request,
57		- HttpServletResponse response,
58		- FilterChain filterChain) throws ServletException, IOException {
59		-
60		- // JWT 방식이면 이 필터는 동작하지 않음
61		- if (!"S".equalsIgnoreCase(loginUtil.getLoginMode())) {
62		- filterChain.doFilter(request, response);
63		- return;
64		- }
65		-
	51	+ protected void doFilterInternal(HttpServletRequest request,HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
66	52	HttpSession session = request.getSession(false);
67	53	if (session == null \|\| session.getAttribute("JWT_TOKEN") == null) {
68	54	response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized");
...	...	@@ -78,7 +64,7 @@
78	64	}
79	65
80	66	// 중복 로그인 허용 여부 확인
81		- if (!loginUtil.isAllowMultipleLogin()) {
	67	+ if (!loginPolicyService.getPolicy()) {
82	68	String mbrId = (String) jwtUtil.getClaim(accessToken, "mbrId");
83	69	String storedToken = redisTemplate.opsForValue().get("jwt:" + mbrId);
84	70	if (storedToken != null && !storedToken.equals(accessToken)) {
...	...	@@ -95,10 +81,9 @@
95	81	mber.setMbrNm((String) jwtUtil.getClaim(accessToken, "mbrNm"));
96	82	mber.setAuthorList(roles);
97	83
98		- UsernamePasswordAuthenticationToken authentication =
99		- new UsernamePasswordAuthenticationToken(mber, null, mber.getAuthorities());
	84	+ UsernamePasswordAuthenticationToken authToken = new UsernamePasswordAuthenticationToken(mber, null, mber.getAuthorities());
100	85
101		- SecurityContextHolder.getContext().setAuthentication(authentication);
	86	+ SecurityContextHolder.getContext().setAuthentication(authToken);
102	87
103	88	filterChain.doFilter(request, response);
104	89	}

Delete comment