feat: 로그인 리스폰스 수정

Author: HuitaePark

src/main/java/com/waitit/capstone/domain/auth/dto/LoginResponseDto.java

@@ -0,0 +1,16 @@
+package com.waitit.capstone.domain.auth.dto;
+
+import com.fasterxml.jackson.annotation.JsonInclude;
+import lombok.Builder;
+import lombok.Getter;
+
+@Getter
+@Builder
+@JsonInclude(JsonInclude.Include.NON_NULL) // null인 필드는 JSON 응답에서 제외
+public class LoginResponseDto {
+    private String message;
+    private String phoneNumber;
+    private String name;
+    private String role;
+    private String refresh; // 모바일 클라이언트용
+}

src/main/java/com/waitit/capstone/global/config/SecurityConfig.java

@@ -1,5 +1,6 @@
 package com.waitit.capstone.global.config;
 
+import com.fasterxml.jackson.databind.ObjectMapper; // ObjectMapper 임포트 추가
 import com.waitit.capstone.domain.auth.service.CustomOAuth2UserService;
 import com.waitit.capstone.domain.auth.service.RefreshTokenService;
 import com.waitit.capstone.global.security.jwt.CustomLogoutFilter;
@@ -33,25 +34,23 @@
 @AllArgsConstructor
 public class SecurityConfig {
 
-    //AuthenticationManager가 인자로 받을 AuthenticationConfiguraion 객체 생성자 주입
     private final AuthenticationConfiguration authenticationConfiguration;
     private final JWTUtil jwtUtil;
     private final RefreshTokenService refreshTokenService;
     private final RefreshTokenResolver refreshTokenResolver;
     private final CustomOAuth2UserService customOAuth2UserService;
+    private final ObjectMapper objectMapper; // ObjectMapper 주입 추가
 
-
-    //AuthenticationManager Bean 등록
     @Bean
     public AuthenticationManager authenticationManager(AuthenticationConfiguration configuration) throws Exception {
         return configuration.getAuthenticationManager();
     }
-    @Bean //비밀번호 암호화 객체 생성
+    @Bean
     public BCryptPasswordEncoder bCryptPasswordEncoder(){
         return new BCryptPasswordEncoder();
     }
 
-    @Bean //cors 설정 빈
+    @Bean
     public CorsConfigurationSource corsConfigurationSource() {
         CorsConfiguration config = new CorsConfiguration();
         config.setAllowedOriginPatterns(List.of("*"));
@@ -68,41 +67,25 @@ public CorsConfigurationSource corsConfigurationSource() {
 
     @Bean
     public SecurityFilterChain filterChain(HttpSecurity http) throws Exception{
-        //cors 설정
         http.cors(cors -> cors.configurationSource(corsConfigurationSource()));
-        //csrf disable
         http.csrf(AbstractHttpConfigurer::disable);
-
-        //form 로그인 방식 disable
         http.formLogin(AbstractHttpConfigurer::disable);
-
-        //http basic 인증방식 disable
         http.httpBasic(AbstractHttpConfigurer::disable);
 
-        //oauth2
         http
                 .oauth2Login((oauth2)->oauth2
                         .userInfoEndpoint(userInfoEndpointConfig -> userInfoEndpointConfig
                                 .userService(customOAuth2UserService)));
 
-        //경로별 인가작업 -> 일단 작업을 위해 모두 허용
-        /*.authorizeHttpRequests((auth) -> auth
-                        .requestMatchers("/login", "/", "/join").permitAll()
-                        .requestMatchers("/admin").hasRole("ADMIN")
-                        .anyRequest().authenticated());
-         */
         http.authorizeHttpRequests(auth->auth.anyRequest().permitAll());
 
-        //JWTFilter 등록
         http.addFilterAfter(new JWTFilter(jwtUtil), LoginFilter.class);
 
-        //필터 추가 LoginFilter()는 인자를 받음 (AuthenticationManager() 메소드에 authenticationConfiguration 객체를 넣어야 함)
-        http.addFilterAt(new LoginFilter(authenticationManager(authenticationConfiguration),jwtUtil,refreshTokenService), UsernamePasswordAuthenticationFilter.class);
+        // LoginFilter 생성자에 objectMapper 추가
+        http.addFilterAt(new LoginFilter(authenticationManager(authenticationConfiguration), jwtUtil, refreshTokenService, objectMapper), UsernamePasswordAuthenticationFilter.class);
 
-        //로그아웃 필터 추가
         http.addFilterBefore(new CustomLogoutFilter(jwtUtil,refreshTokenService,refreshTokenResolver), LogoutFilter.class);
 
-        //세션을 아예 안만들도록 설정 -> 로그인해도 서버에 세션객체 저장X
         http.sessionManagement((session)->session
                 .sessionCreationPolicy(SessionCreationPolicy.STATELESS));
         return http.build();

src/main/java/com/waitit/capstone/global/security/jwt/LoginFilter.java

@@ -1,16 +1,14 @@
 package com.waitit.capstone.global.security.jwt;
 
-import com.waitit.capstone.domain.auth.dto.LoginRequest;
 import com.fasterxml.jackson.databind.ObjectMapper;
+import com.waitit.capstone.domain.auth.dto.LoginRequest;
+import com.waitit.capstone.domain.auth.dto.LoginResponseDto;
 import com.waitit.capstone.domain.auth.service.RefreshTokenService;
 import jakarta.servlet.FilterChain;
 import jakarta.servlet.ServletInputStream;
 import jakarta.servlet.http.Cookie;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
-import java.io.IOException;
-import java.nio.charset.StandardCharsets;
-import lombok.AllArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.http.HttpStatus;
 import org.springframework.security.authentication.AuthenticationManager;
@@ -20,22 +18,29 @@
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 import org.springframework.util.StreamUtils;
 
+import java.io.IOException;
+import java.nio.charset.StandardCharsets;
+
 @Slf4j
-@AllArgsConstructor
 public class LoginFilter extends UsernamePasswordAuthenticationFilter {
 
     private final AuthenticationManager authenticationManager;
     private final JWTUtil jwtUtil;
     private final RefreshTokenService refreshTokenService;
+    private final ObjectMapper objectMapper;
+
+    public LoginFilter(AuthenticationManager authenticationManager, JWTUtil jwtUtil, RefreshTokenService refreshTokenService, ObjectMapper objectMapper) {
+        this.authenticationManager = authenticationManager;
+        this.jwtUtil = jwtUtil;
+        this.refreshTokenService = refreshTokenService;
+        this.objectMapper = objectMapper;
+    }
 
     @Override
     public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response)
             throws AuthenticationException {
-        // 클라이언트 요청에서 username, password 추출
         LoginRequest loginRequest = new LoginRequest();
-
         try {
-            ObjectMapper objectMapper = new ObjectMapper();
             ServletInputStream inputStream = request.getInputStream();
             String messageBody = StreamUtils.copyToString(inputStream, StandardCharsets.UTF_8);
             loginRequest = objectMapper.readValue(messageBody, LoginRequest.class);
@@ -47,63 +52,57 @@ public Authentication attemptAuthentication(HttpServletRequest request, HttpServ
 
         String username = loginRequest.getUsername();
         String password = loginRequest.getPassword();
-        // 인증을 위해 토큰으로 변환
-        UsernamePasswordAuthenticationToken token =
-                new UsernamePasswordAuthenticationToken(username, password, null);
-
+        UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(username, password, null);
         return authenticationManager.authenticate(token);
     }
 
-    // 로그인 성공 시 실행하는 메소드 (여기서 JWT를 발급하면 됨)
     @Override
     protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response,
                                             FilterChain chain, Authentication authentication) throws IOException {
-        String username = authentication.getName();
+        String phoneNumber = authentication.getName();
         String role = authentication.getAuthorities().iterator().next().getAuthority();
-        String name = refreshTokenService.findMember(username);
+        String name = refreshTokenService.findMember(phoneNumber);
         long accessExpireMs = 600000L;
         long refreshExpireMs = 86400000L;
 
-        String access = jwtUtil.createJwt("access", username, role, accessExpireMs);
-        String refresh = jwtUtil.createJwt("refresh", username, role, refreshExpireMs);
-
-        // Refresh 토큰 저장
-        refreshTokenService.save(username, refresh, refreshExpireMs);
+        String access = jwtUtil.createJwt("access", phoneNumber, role, accessExpireMs);
+        String refresh = jwtUtil.createJwt("refresh", phoneNumber, role, refreshExpireMs);
 
-        // 클라이언트 타입 구분
-        String clientType = request.getHeader("X-Client-Type");
+        refreshTokenService.save(phoneNumber, refresh, refreshExpireMs);
 
-        // 공통: access token은 헤더에 설정 (REST 표준)
         response.setHeader("Authorization", "Bearer " + access);
+        response.setContentType("application/json");
+        response.setCharacterEncoding("UTF-8");
+
+        String clientType = request.getHeader("X-Client-Type");
+        LoginResponseDto loginResponse;
 
         if ("mobile".equalsIgnoreCase(clientType)) {
-            // 모바일: JSON 응답
-            String jsonResponse = "{\"message\": \"로그인에 성공했습니다.\", " +
-                    "\"username\": \"" + username + "\", " +
-                    "\"name\": \"" + name + "\", " +
-                    "\"role\": \"" + role + "\", " +
-                    "\"refresh\": \"" + refresh + "\"}";
-            response.setContentType("application/json");
-            response.setCharacterEncoding("UTF-8");
-            response.getWriter().write(jsonResponse);
+            loginResponse = LoginResponseDto.builder()
+                    .message("로그인에 성공했습니다.")
+                    .phoneNumber(phoneNumber)
+                    .name(name)
+                    .role(role)
+                    .refresh(refresh)
+                    .build();
         } else {
-            // 웹: HttpOnly 쿠키로 refresh 토큰 전달
             Cookie refreshCookie = jwtUtil.createCookie("refresh", refresh);
             refreshCookie.setSecure(true);
             refreshCookie.setPath("/");
             response.addCookie(refreshCookie);
-            String jsonResponse = "{\"message\": \"로그인에 성공했습니다.\", " +
-                    "\"username\": \"" + username + "\", " +
-                    "\"name\": \"" + name + "\", " +
-                    "\"role\": \"" + role + "\"}";
-            response.setContentType("application/json");
-            response.setCharacterEncoding("UTF-8");
-            response.getWriter().write(jsonResponse);
-            response.setStatus(HttpStatus.OK.value());
+
+            loginResponse = LoginResponseDto.builder()
+                    .message("로그인에 성공했습니다.")
+                    .phoneNumber(phoneNumber)
+                    .name(name)
+                    .role(role)
+                    .build();
         }
+
+        response.getWriter().write(objectMapper.writeValueAsString(loginResponse));
+        response.setStatus(HttpStatus.OK.value());
     }
 
-    // 로그인 실패 시 실행하는 메소드
     @Override
     protected void unsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response,
                                               AuthenticationException failed) throws IOException {