[fix] 일반 로그인 실패 문제 해결 (#385)

* #384 fix: 로그인 실패시 400 응답되도록 수정 * #384 test: 로그인 예외 케이스 실패 해결
fine-ants · Jun 19, 2024 · 770aecd · 770aecd
1 parent c7c634b
commit 770aecd
Show file tree

Hide file tree

Showing 5 changed files with 6 additions and 9 deletions.
diff --git a/src/main/java/codesquad/fineants/global/errors/errorcode/MemberErrorCode.java b/src/main/java/codesquad/fineants/global/errors/errorcode/MemberErrorCode.java
@@ -21,7 +21,7 @@ public enum MemberErrorCode implements ErrorCode {
 	NEW_PASSWORD_CONFIRM_FAIL(HttpStatus.BAD_REQUEST, "새 비밀번호와 확인 비밀번호가 같아야 합니다."),
 	IMAGE_SIZE_EXCEEDED(HttpStatus.BAD_REQUEST, "이미지 사이즈 제한을 초과했습니다."),
 	UNAUTHORIZED_MEMBER(HttpStatus.UNAUTHORIZED, "인증되지 않은 사용자입니다"),
-	LOGIN_FAIL(HttpStatus.UNAUTHORIZED, "로그인에 실패하였습니다."),
+	LOGIN_FAIL(HttpStatus.BAD_REQUEST, "로그인에 실패하였습니다."),
 	FORBIDDEN_MEMBER(HttpStatus.FORBIDDEN, "권한이 없습니다."),
 	NO_PROFILE_CHANGES(HttpStatus.BAD_REQUEST, "변경할 회원 정보가 없습니다"),
 	BAD_REQUEST_PROFILE_URL(HttpStatus.BAD_REQUEST, "회원의 프로필 URL과 요청 프로필 URL이 일치하지 않습니다");

diff --git a/src/main/java/codesquad/fineants/global/security/ajax/filter/AjaxLoginProcessingFilter.java b/src/main/java/codesquad/fineants/global/security/ajax/filter/AjaxLoginProcessingFilter.java
@@ -5,6 +5,7 @@
 import org.springframework.http.MediaType;
 import org.springframework.security.authentication.AbstractAuthenticationToken;
 import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
@@ -14,8 +15,6 @@
 import com.fasterxml.jackson.databind.ObjectMapper;
 
 import codesquad.fineants.domain.member.domain.dto.request.LoginRequest;
-import codesquad.fineants.global.errors.errorcode.MemberErrorCode;
-import codesquad.fineants.global.errors.exception.FineAntsException;
 import codesquad.fineants.global.security.ajax.token.AjaxAuthenticationToken;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
@@ -45,7 +44,7 @@ public Authentication attemptAuthentication(HttpServletRequest request, HttpServ
 		LoginRequest loginRequest = objectMapper.readValue(request.getReader(), LoginRequest.class);
 		log.debug("loginRequest : {}", loginRequest);
 		if (!StringUtils.hasText(loginRequest.getEmail()) || !StringUtils.hasText(loginRequest.getPassword())) {
-			throw new FineAntsException(MemberErrorCode.LOGIN_FAIL);
+			throw new BadCredentialsException("Invalid email or password");
 		}
 
 		AbstractAuthenticationToken authRequest = AjaxAuthenticationToken.unauthenticated(loginRequest.getEmail(),

diff --git a/...n/java/codesquad/fineants/global/security/ajax/handler/AjaxAuthenticationFailHandler.java b/...n/java/codesquad/fineants/global/security/ajax/handler/AjaxAuthenticationFailHandler.java
@@ -22,7 +22,6 @@ public class AjaxAuthenticationFailHandler implements AuthenticationFailureHandl
 	@Override
 	public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response,
 		AuthenticationException exception) throws IOException {
-
 		MemberErrorCode errorCode = MemberErrorCode.LOGIN_FAIL;
 		ApiResponse<String> body = ApiResponse.error(errorCode);
 		response.setStatus(errorCode.getHttpStatus().value());

diff --git a/...ain/java/codesquad/fineants/global/security/ajax/provider/AjaxAuthenticationProvider.java b/...ain/java/codesquad/fineants/global/security/ajax/provider/AjaxAuthenticationProvider.java
@@ -3,7 +3,6 @@
 import org.springframework.security.authentication.AuthenticationProvider;
 import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.core.Authentication;
-import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.crypto.password.PasswordEncoder;
 
@@ -19,7 +18,7 @@ public class AjaxAuthenticationProvider implements AuthenticationProvider {
 	private final PasswordEncoder passwordEncoder;
 
 	@Override
-	public Authentication authenticate(Authentication authentication) throws AuthenticationException {
+	public Authentication authenticate(Authentication authentication) {
 		String email = authentication.getName();
 		String password = (String)authentication.getCredentials();
 		MemberContext memberContext = (MemberContext)userDetailsService.loadUserByUsername(email);
@@ -28,7 +27,7 @@ public Authentication authenticate(Authentication authentication) throws Authent
 		log.debug("password : {}", password);
 		log.debug("memberContext : {}", memberContext);
 		if (!passwordEncoder.matches(password, memberContext.getMember().getPassword())) {
-			throw new BadCredentialsException("BadCredentialsException");
+			throw new BadCredentialsException("Invalid email or password");
 		}
 		return AjaxAuthenticationToken.authenticated(memberContext.getMember(), null, memberContext.getAuthorities());
 	}

diff --git a/src/test/java/codesquad/fineants/domain/member/controller/AuthenticationIntegrationTest.java b/src/test/java/codesquad/fineants/domain/member/controller/AuthenticationIntegrationTest.java
@@ -98,7 +98,7 @@ void login_whenInvalidUsernameAndPassword_then401() {
 			.then()
 			.log()
 			.body()
-			.statusCode(401);
+			.statusCode(400);
 	}
 
 	@DisplayName("사용자는 로그아웃한다")
-Original file line number
+Diff line change
@@ Expand Up / @@ -98,7 +98,7 @@ void login_whenInvalidUsernameAndPassword_then401() { @@
     			.then()
     			.log()
     			.body()
-    			.statusCode(401);
+    			.statusCode(400);
     	}
     	@DisplayName("사용자는 로그아웃한다")
@@ Expand Down @@