🐛 이중 로그인 방지

RetepMil · Dec 8, 2023 · 06b5df4 · 06b5df4
1 parent f08bfc2
commit 06b5df4
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 2 deletions.
diff --git a/src/main/kotlin/retepmil/personal/dailysteady/common/security/controller/AuthController.kt b/src/main/kotlin/retepmil/personal/dailysteady/common/security/controller/AuthController.kt
@@ -5,6 +5,7 @@ import jakarta.servlet.http.HttpServletResponse
 import jakarta.validation.Valid
 import org.slf4j.Logger
 import org.slf4j.LoggerFactory
+import org.springframework.security.core.Authentication
 import org.springframework.web.bind.annotation.*
 import retepmil.personal.dailysteady.common.dto.BaseResponseDto
 import retepmil.personal.dailysteady.common.dto.DataResponseDto
@@ -13,7 +14,6 @@ import retepmil.personal.dailysteady.members.dto.MemberCreateRequestDto
 import retepmil.personal.dailysteady.members.dto.MemberLoginRequestDto
 import retepmil.personal.dailysteady.members.dto.MemberLoginResponseDto
 import retepmil.personal.dailysteady.members.service.MemberService
-import java.util.*
 
 @RestController
 class AuthController(
@@ -34,9 +34,15 @@ class AuthController(
         @RequestBody @Valid requestDto: MemberLoginRequestDto,
         request: HttpServletRequest,
         response: HttpServletResponse,
-    ): DataResponseDto<MemberLoginResponseDto> {
+    ): DataResponseDto<*> {
         logger.debug("SecurityController -> signin 함수 진입 :: 파라미터 : {}", requestDto)
 
+        val authInfo = request.getAttribute("authentication") as Authentication?
+        if (authInfo != null) {
+            logger.debug("Already Logged In :: {}", authInfo)
+            return DataResponseDto(200, "이미 인증된 사용자")
+        }
+
         val responseDto = memberService.signin(requestDto)
 
         // 쿠키에 Access Token 주입

diff --git a/...in/kotlin/retepmil/personal/dailysteady/common/security/filter/JwtAuthenticationFilter.kt b/...in/kotlin/retepmil/personal/dailysteady/common/security/filter/JwtAuthenticationFilter.kt
@@ -29,6 +29,7 @@ class JwtAuthenticationFilter(
             JwtCode.ACCESS -> {
                 val authentication = jwtTokenProvider.getAuthentication(token)
                 SecurityContextHolder.getContext().authentication = authentication
+                request.setAttribute("authentication", authentication)
             }
             JwtCode.EXPIRED -> throw InvalidTokenException("토큰이 만료되었습니다")
             JwtCode.SECURITY_ERROR -> throw InvalidTokenException("토큰에 보안 관련 문제가 있습니다")