분리의 단점을 제거하고 단일 앱으로 통합: 구조 변경: - TaxBaik.Admin → TaxBaik.Web/Components/Admin/ - Admin Services → TaxBaik.Web/Services/ - 포트: 5001 (기존 5002 제거) 경로: - 홈페이지: http://localhost:5001/taxbaik - 관리자: http://localhost:5001/taxbaik/admin 기술: - Razor Pages (Web) + Blazor Server (Admin) 통합 - 단일 Program.cs로 양쪽 모두 지원 - JWT 인증 유지 - MudBlazor UI 유지 장점: - 개발 복잡도 감소 (터미널 1개) - 배포 단순화 (앱 1개) - DB 마이그레이션 1회 실행 Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
This commit is contained in:
@@ -0,0 +1,96 @@
|
||||
using System.IdentityModel.Tokens.Jwt;
|
||||
using System.Security.Claims;
|
||||
using System.Text;
|
||||
using BCrypt.Net;
|
||||
using Microsoft.IdentityModel.Tokens;
|
||||
using TaxBaik.Domain.Entities;
|
||||
using TaxBaik.Domain.Interfaces;
|
||||
|
||||
namespace TaxBaik.Web.Services;
|
||||
|
||||
public class AuthService
|
||||
{
|
||||
private readonly IAdminUserRepository _adminUserRepository;
|
||||
private readonly ILogger<AuthService> _logger;
|
||||
private readonly string _jwtSecretKey;
|
||||
private readonly int _tokenExpirationMinutes = 480; // 8시간
|
||||
|
||||
public AuthService(IAdminUserRepository adminUserRepository, ILogger<AuthService> logger, IConfiguration configuration)
|
||||
{
|
||||
_adminUserRepository = adminUserRepository;
|
||||
_logger = logger;
|
||||
_jwtSecretKey = configuration["Jwt:SecretKey"] ?? throw new InvalidOperationException("Missing 'Jwt:SecretKey' configuration.");
|
||||
}
|
||||
|
||||
public async Task<string?> AuthenticateAndGenerateTokenAsync(string username, string password)
|
||||
{
|
||||
if (string.IsNullOrWhiteSpace(username) || string.IsNullOrWhiteSpace(password))
|
||||
{
|
||||
return null;
|
||||
}
|
||||
|
||||
var user = await _adminUserRepository.GetByUsernameAsync(username);
|
||||
if (user == null)
|
||||
{
|
||||
_logger.LogWarning("로그인 시도: 존재하지 않는 사용자 '{Username}'", username);
|
||||
return null;
|
||||
}
|
||||
|
||||
if (!BCrypt.Net.BCrypt.Verify(password, user.PasswordHash))
|
||||
{
|
||||
_logger.LogWarning("로그인 시도: 잘못된 비밀번호 '{Username}'", username);
|
||||
return null;
|
||||
}
|
||||
|
||||
_logger.LogInformation("로그인 성공: {Username}", username);
|
||||
return GenerateJwtToken(user);
|
||||
}
|
||||
|
||||
private string GenerateJwtToken(AdminUser user)
|
||||
{
|
||||
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtSecretKey));
|
||||
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
|
||||
|
||||
var claims = new[]
|
||||
{
|
||||
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
|
||||
new Claim(ClaimTypes.Name, user.Username),
|
||||
new Claim("username", user.Username)
|
||||
};
|
||||
|
||||
var token = new JwtSecurityToken(
|
||||
issuer: "taxbaik-admin",
|
||||
audience: "taxbaik-admin-client",
|
||||
claims: claims,
|
||||
expires: DateTime.UtcNow.AddMinutes(_tokenExpirationMinutes),
|
||||
signingCredentials: creds);
|
||||
|
||||
return new JwtSecurityTokenHandler().WriteToken(token);
|
||||
}
|
||||
|
||||
public ClaimsPrincipal? ValidateToken(string token)
|
||||
{
|
||||
try
|
||||
{
|
||||
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtSecretKey));
|
||||
var handler = new JwtSecurityTokenHandler();
|
||||
var principal = handler.ValidateToken(token, new TokenValidationParameters
|
||||
{
|
||||
ValidateIssuerSigningKey = true,
|
||||
IssuerSigningKey = key,
|
||||
ValidateIssuer = true,
|
||||
ValidIssuer = "taxbaik-admin",
|
||||
ValidateAudience = true,
|
||||
ValidAudience = "taxbaik-admin-client",
|
||||
ValidateLifetime = true,
|
||||
ClockSkew = TimeSpan.Zero
|
||||
}, out SecurityToken validatedToken);
|
||||
|
||||
return principal;
|
||||
}
|
||||
catch
|
||||
{
|
||||
return null;
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user