[COZY-438] feat : 스웨거 ui 접근전 파라미터에 key를 넣고 key 검증에 성공하면 브라우저 쿠키에 토큰을 넣어줍니다.

[genius00hwan]

⚒️develop의 최신 커밋을 pull 받았나요?

#️⃣ 작업 내용

스웨거 ui 접근전 파라미터에 key를 넣고 key 검증에 성공하면 브라우저 쿠키에 토큰을 넣어줍니다.

동작 확인

기능을 실행했을 때 정상 동작하는지 여부를 확인하고 스샷을 올려주세요

💬 리뷰 요구사항(선택)

리뷰어가 특별히 봐주었으면 하는 부분이 있다면 작성해주세요
고민사항도 적어주세요.

[github-actions]

리뷰해드려요~

TokenType.java - Review

• TokenType enumeration has been added with an additional value, 'ADMIN'.

AdminDetails.java - Review

• A new class, AdminDetails, has been added to the com.cozymate.cozymate_server.domain.auth.userdetails package. This class implements the UserDetails interface.

JwtFilter.java - Review

• The @order(1) annotation has been added to the JwtFilter class to ensure it is executed before other filters.
• A new method, isAdminOnlyUrl, has been added to check if the request URL is for admin-only access.
• The isAdminRequest method has been added to check if the request has an admin token.
• The getAdminTokenFromCookies method has been added to extract the admin token from the request cookies.
• The isNotAllowUnverified method has been updated to check if the request URL requires user verification.
• The isNotAllowTemporary method has been updated to check if the request URL requires a non-temporary token.
• The isNotAllowRefresh method has been updated to check if the request URL requires a non-refresh token.

JwtUtil.java - Review

• The @value("${admin-key}") annotation has been added to the ADMIN_KEY field to retrieve the admin key from the application properties.
• The isInvalidParameter method has been added to check if the input parameter is invalid.
• The generateAdminToken method has been added to generate an admin token.
• The isAdmin method has been added to check if the token is an admin token.

SecurityConfig.java - Review

• The SwaggerFilter class has been added to the import statement.
• The SecurityFilterChain has been updated to add the SwaggerFilter before the JwtFilter.

SwaggerFilter.java - Review

• A new class, SwaggerFilter, has been added to the com.cozymate.cozymate_server.global.utils package. This class implements the Filter interface and is used to add an admin token to the response cookies when accessing the Swagger UI.

Additional Improvement Suggestions:

• Consider adding a new method in JwtUtil to validate the admin token.
• Consider adding a new method in JwtFilter to check if the request has an admin token and if it is valid.
• Consider adding a new method in SecurityConfig to configure the admin token validation.
• Consider adding a new method in AdminDetails to set the admin role.
• Consider adding a new method in SwaggerFilter to validate the admin token before adding it to the response cookies.
• Consider adding a new method in AdminDetails to get the admin role.
• Consider adding a new method in SecurityConfig to configure the admin role.
• Consider adding a new method in AdminDetails to check if the user has the admin role.
• Consider adding a new method in SecurityConfig to configure the admin-only URLs.
• Consider adding a new method in JwtFilter to check if the request URL is an admin-only URL and if the user has the admin role.
• Consider adding a new method in SecurityConfig to configure the admin token expiration time.
• Consider adding a new method in JwtUtil to generate an admin token with the specified expiration time.
• Consider adding a new method in JwtFilter to check if the admin token is expired.
• Consider adding a new method in SecurityConfig to configure the admin token expiration time for the Swagger UI.
• Consider adding a new method in JwtUtil to generate an admin token with the specified expiration time for the Swagger UI.
• Consider adding a new method in JwtFilter to check if the admin token for the Swagger UI is expired.