diff --git a/src/main/java/techcourse/myblog/web/Interceptor/AuthenticationInterceptor.java b/src/main/java/techcourse/myblog/web/Interceptor/AuthenticationInterceptor.java index 04cf10bdf..98ec4b9de 100644 --- a/src/main/java/techcourse/myblog/web/Interceptor/AuthenticationInterceptor.java +++ b/src/main/java/techcourse/myblog/web/Interceptor/AuthenticationInterceptor.java @@ -11,19 +11,57 @@ @Component public class AuthenticationInterceptor extends HandlerInterceptorAdapter { + @Override + public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { + boolean loggedIn = loggedIn(request); + + if (loggedIn && needLogout(request)) { + response.sendRedirect("/"); + return false; + } + + if (!loggedIn && needLogin(request)) { + response.sendRedirect("/login"); + return false; + } + return true; + } + + private boolean loggedIn(HttpServletRequest request) { + Optional sessionOpt = Optional.ofNullable(request.getSession()); + if (sessionOpt.isPresent()) { + return sessionOpt.get().getAttribute("user") != null; + } + return false; + } + + private boolean needLogout(HttpServletRequest request) { + String uri = request.getRequestURI(); + + return uri.equals("/signup") + || uri.equals("/login") + || (uri.equals("/users") && request.getMethod().equals("POST")); + } + + private boolean needLogin(HttpServletRequest request) { + String uri = request.getRequestURI(); + + return uri.startsWith("/mypage") + || request.getMethod().equals("DELETE") + || uri.equals("/logout"); + } + + @Override public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception { Optional sessionOpt = Optional.ofNullable(request.getSession()); sessionOpt.ifPresent(session -> { Object user = session.getAttribute("user"); - if (request.getRequestURI().equals("/logout") || user == null) { - return; + if (!request.getRequestURI().equals("/logout") && user != null) { + modelAndView.addObject("user", user); } - - modelAndView.addObject("user", user); } ); - } } diff --git a/src/main/java/techcourse/myblog/web/UserController.java b/src/main/java/techcourse/myblog/web/UserController.java index 6bfc9cd50..af24304d0 100644 --- a/src/main/java/techcourse/myblog/web/UserController.java +++ b/src/main/java/techcourse/myblog/web/UserController.java @@ -35,14 +35,9 @@ public UserController(UserRepository userRepository) { } @GetMapping("/signup") - public String createSignupForm(HttpSession session, - Model model, + public String createSignupForm(Model model, UserDto userDto, BindingResult bindingResult) { - if (session.getAttribute("user") != null) { - return "redirect:/"; - } - List errors = (List) model.asMap().get("errors"); if (errors != null) { errors.forEach(error -> bindingResult.addError(error)); @@ -51,13 +46,9 @@ public String createSignupForm(HttpSession session, } @PostMapping("/users") - public RedirectView createUser(HttpSession session, - @ModelAttribute("userDto") @Validated({Default.class, UserInfo.class}) UserDto userDto, + public RedirectView createUser(@ModelAttribute("userDto") @Validated({Default.class, UserInfo.class}) UserDto userDto, BindingResult bindingResult, RedirectAttributes redirectAttributes) { - if (session.getAttribute("user") != null) { - return new RedirectView("/"); - } if (bindingResult.hasErrors()) { redirectAttributes.addFlashAttribute("errors", bindingResult.getAllErrors()); @@ -79,12 +70,7 @@ public RedirectView createUser(HttpSession session, @GetMapping("/login") public String createLoginForm(Model model, UserDto userDto, - HttpSession session, BindingResult bindingResult) { - if (session.getAttribute("user") != null) { - return "redirect:/"; - } - List errors = (List) model.asMap().get("errors"); if (errors != null) { errors.forEach(error -> bindingResult.addError(error)); @@ -98,10 +84,6 @@ public RedirectView login(HttpSession session, @Validated(Default.class) UserDto userDto, BindingResult bindingResult, RedirectAttributes redirectAttributes) { - if (session.getAttribute("user") != null) { - return new RedirectView("/login"); - } - if (bindingResult.hasErrors()) { redirectAttributes.addFlashAttribute("errors", bindingResult.getAllErrors()); redirectAttributes.addFlashAttribute("userDto", userDto); @@ -139,23 +121,14 @@ public String userList(Model model) { } @GetMapping("/mypage") - public String myPage(Model model, HttpSession session) { - Object user = session.getAttribute("user"); - if (user == null) { - return "redirect:/"; - } + public String myPage() { return "mypage"; } @GetMapping("/mypage/edit") - public String createMyPageForm(HttpSession session, - Model model, + public String createMyPageForm(Model model, UserDto userDto, BindingResult bindingResult) { - User user = (User) session.getAttribute("user"); - if (user == null) { - return "redirect:/"; - } List errors = (List) model.asMap().get("errors"); if (errors != null) { @@ -166,14 +139,11 @@ public String createMyPageForm(HttpSession session, } @PutMapping("/mypage") - public RedirectView editUser(@Validated(UserInfo.class) UserDto userDto, - HttpSession session, + public RedirectView editUser(HttpSession session, + @Validated(UserInfo.class) UserDto userDto, BindingResult bindingResult, RedirectAttributes redirectAttributes) { User user = (User) session.getAttribute("user"); - if (user == null) { - return new RedirectView("/"); - } if (bindingResult.hasErrors()) { redirectAttributes.addFlashAttribute("errors", bindingResult.getAllErrors());