feat: JWT 토큰 기반 Admin 로그인 인증 완성
- AuthService로 JWT 토큰 생성 및 검증 - CustomAuthenticationStateProvider를 통한 Blazor 인증 통합 - LocalStorageService로 토큰 관리 - Login.razor 완전 재작성 (실제 DB 검증, 토큰 발급) - BCrypt 기반 비밀번호 검증 - admin/admin123으로 테스트 가능 Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
This commit is contained in:
@@ -1,9 +1,10 @@
|
|||||||
@page "/login"
|
@page "/login"
|
||||||
@using System.ComponentModel.DataAnnotations
|
@using System.ComponentModel.DataAnnotations
|
||||||
@using Microsoft.AspNetCore.Authentication
|
|
||||||
@using Microsoft.AspNetCore.Authentication.Cookies
|
|
||||||
@layout TaxBaik.Admin.Components.Layout.BlankLayout
|
@layout TaxBaik.Admin.Components.Layout.BlankLayout
|
||||||
@attribute [AllowAnonymous]
|
@attribute [AllowAnonymous]
|
||||||
|
@inject AuthService AuthService
|
||||||
|
@inject NavigationManager NavigationManager
|
||||||
|
@inject CustomAuthenticationStateProvider AuthStateProvider
|
||||||
|
|
||||||
<PageTitle>로그인</PageTitle>
|
<PageTitle>로그인</PageTitle>
|
||||||
|
|
||||||
@@ -24,7 +25,17 @@
|
|||||||
}
|
}
|
||||||
|
|
||||||
<MudButton Variant="Variant.Filled" Color="Color.Primary" FullWidth="true"
|
<MudButton Variant="Variant.Filled" Color="Color.Primary" FullWidth="true"
|
||||||
Size="Size.Large" OnClick="HandleLogin">로그인</MudButton>
|
Size="Size.Large" OnClick="HandleLogin" Disabled="isLoading">
|
||||||
|
@if (isLoading)
|
||||||
|
{
|
||||||
|
<MudProgressCircular Size="Size.Small" Indeterminate="true" Class="mr-2" />
|
||||||
|
<span>로그인 중...</span>
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
<span>로그인</span>
|
||||||
|
}
|
||||||
|
</MudButton>
|
||||||
</MudForm>
|
</MudForm>
|
||||||
</MudPaper>
|
</MudPaper>
|
||||||
</MudContainer>
|
</MudContainer>
|
||||||
@@ -32,30 +43,43 @@
|
|||||||
@code {
|
@code {
|
||||||
private MudForm form;
|
private MudForm form;
|
||||||
private bool isFormValid = false;
|
private bool isFormValid = false;
|
||||||
|
private bool isLoading = false;
|
||||||
private string errorMessage = "";
|
private string errorMessage = "";
|
||||||
|
|
||||||
private LoginModel model = new();
|
private LoginModel model = new();
|
||||||
|
|
||||||
private async Task HandleLogin()
|
private async Task HandleLogin()
|
||||||
{
|
{
|
||||||
// 기본 사용자명: admin / 비밀번호: admin123
|
if (isLoading)
|
||||||
if (model.Username == "admin" && model.Password == "admin123")
|
return;
|
||||||
|
|
||||||
|
isLoading = true;
|
||||||
|
errorMessage = "";
|
||||||
|
|
||||||
|
try
|
||||||
{
|
{
|
||||||
// 임시: 대시보드로 리다이렉트 (향후 실제 쿠키 인증으로 개선)
|
var token = await AuthService.AuthenticateAndGenerateTokenAsync(model.Username, model.Password);
|
||||||
NavigationManager.NavigateTo("/taxbaik/admin/dashboard", forceLoad: true);
|
|
||||||
}
|
if (token == null)
|
||||||
else
|
|
||||||
{
|
{
|
||||||
errorMessage = "사용자명 또는 비밀번호가 올바르지 않습니다.";
|
errorMessage = "사용자명 또는 비밀번호가 올바르지 않습니다.";
|
||||||
}
|
isLoading = false;
|
||||||
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
[Inject]
|
await AuthStateProvider.LoginAsync(token);
|
||||||
private NavigationManager NavigationManager { get; set; }
|
NavigationManager.NavigateTo("/taxbaik/admin/dashboard", forceLoad: false);
|
||||||
|
}
|
||||||
|
catch (Exception ex)
|
||||||
|
{
|
||||||
|
errorMessage = "로그인 중 오류가 발생했습니다.";
|
||||||
|
isLoading = false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
private class LoginModel
|
private class LoginModel
|
||||||
{
|
{
|
||||||
public string Username { get; set; }
|
public string Username { get; set; } = "";
|
||||||
public string Password { get; set; }
|
public string Password { get; set; } = "";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,8 +1,10 @@
|
|||||||
@using Microsoft.AspNetCore.Components.Routing
|
@using Microsoft.AspNetCore.Components.Routing
|
||||||
|
@using Microsoft.AspNetCore.Components.Authorization
|
||||||
|
|
||||||
|
<CascadingAuthenticationState>
|
||||||
<Router AppAssembly="typeof(Program).Assembly">
|
<Router AppAssembly="typeof(Program).Assembly">
|
||||||
<Found Context="routeData">
|
<Found Context="routeData">
|
||||||
<RouteView RouteData="routeData" DefaultLayout="typeof(MainLayout)" />
|
<AuthorizeRouteView RouteData="routeData" DefaultLayout="typeof(MainLayout)" />
|
||||||
<FocusOnNavigate RouteData="routeData" Selector="h1" />
|
<FocusOnNavigate RouteData="routeData" Selector="h1" />
|
||||||
</Found>
|
</Found>
|
||||||
<NotFound>
|
<NotFound>
|
||||||
@@ -12,3 +14,4 @@
|
|||||||
</LayoutView>
|
</LayoutView>
|
||||||
</NotFound>
|
</NotFound>
|
||||||
</Router>
|
</Router>
|
||||||
|
</CascadingAuthenticationState>
|
||||||
|
|||||||
@@ -7,3 +7,5 @@
|
|||||||
@using Microsoft.AspNetCore.Components.Authorization
|
@using Microsoft.AspNetCore.Components.Authorization
|
||||||
@using Microsoft.AspNetCore.Authorization
|
@using Microsoft.AspNetCore.Authorization
|
||||||
@using MudBlazor
|
@using MudBlazor
|
||||||
|
@using TaxBaik.Admin.Services
|
||||||
|
@attribute [Authorize]
|
||||||
|
|||||||
@@ -1,18 +1,18 @@
|
|||||||
using System.Text.Encodings.Web;
|
using System.Text.Encodings.Web;
|
||||||
using System.Text.Unicode;
|
using System.Text.Unicode;
|
||||||
using Microsoft.AspNetCore.Authentication.Cookies;
|
using Microsoft.AspNetCore.Components.Authorization;
|
||||||
using MudBlazor.Services;
|
using MudBlazor.Services;
|
||||||
|
using TaxBaik.Admin.Services;
|
||||||
using TaxBaik.Application;
|
using TaxBaik.Application;
|
||||||
using TaxBaik.Infrastructure;
|
using TaxBaik.Infrastructure;
|
||||||
|
|
||||||
var builder = WebApplication.CreateBuilder(args);
|
var builder = WebApplication.CreateBuilder(args);
|
||||||
|
|
||||||
builder.Services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
|
builder.Services.AddScoped<AuthService>();
|
||||||
.AddCookie(opts => {
|
builder.Services.AddScoped<CustomAuthenticationStateProvider>();
|
||||||
opts.LoginPath = "/login";
|
builder.Services.AddScoped<AuthenticationStateProvider>(sp => sp.GetRequiredService<CustomAuthenticationStateProvider>());
|
||||||
opts.ExpireTimeSpan = TimeSpan.FromHours(8);
|
builder.Services.AddScoped<ILocalStorageService, LocalStorageService>();
|
||||||
opts.Cookie.SameSite = SameSiteMode.Lax;
|
builder.Services.AddCascadingAuthenticationState();
|
||||||
});
|
|
||||||
builder.Services.AddAuthorizationCore();
|
builder.Services.AddAuthorizationCore();
|
||||||
|
|
||||||
builder.Services.AddRazorComponents()
|
builder.Services.AddRazorComponents()
|
||||||
|
|||||||
@@ -0,0 +1,96 @@
|
|||||||
|
using System.IdentityModel.Tokens.Jwt;
|
||||||
|
using System.Security.Claims;
|
||||||
|
using System.Text;
|
||||||
|
using BCrypt.Net;
|
||||||
|
using Microsoft.IdentityModel.Tokens;
|
||||||
|
using TaxBaik.Domain.Entities;
|
||||||
|
using TaxBaik.Domain.Interfaces;
|
||||||
|
|
||||||
|
namespace TaxBaik.Admin.Services;
|
||||||
|
|
||||||
|
public class AuthService
|
||||||
|
{
|
||||||
|
private readonly IAdminUserRepository _adminUserRepository;
|
||||||
|
private readonly ILogger<AuthService> _logger;
|
||||||
|
private readonly string _jwtSecretKey;
|
||||||
|
private readonly int _tokenExpirationMinutes = 480; // 8시간
|
||||||
|
|
||||||
|
public AuthService(IAdminUserRepository adminUserRepository, ILogger<AuthService> logger, IConfiguration configuration)
|
||||||
|
{
|
||||||
|
_adminUserRepository = adminUserRepository;
|
||||||
|
_logger = logger;
|
||||||
|
_jwtSecretKey = configuration["Jwt:SecretKey"] ?? throw new InvalidOperationException("Missing 'Jwt:SecretKey' configuration.");
|
||||||
|
}
|
||||||
|
|
||||||
|
public async Task<string?> AuthenticateAndGenerateTokenAsync(string username, string password)
|
||||||
|
{
|
||||||
|
if (string.IsNullOrWhiteSpace(username) || string.IsNullOrWhiteSpace(password))
|
||||||
|
{
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
var user = await _adminUserRepository.GetByUsernameAsync(username);
|
||||||
|
if (user == null)
|
||||||
|
{
|
||||||
|
_logger.LogWarning("로그인 시도: 존재하지 않는 사용자 '{Username}'", username);
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!BCrypt.Net.BCrypt.Verify(password, user.PasswordHash))
|
||||||
|
{
|
||||||
|
_logger.LogWarning("로그인 시도: 잘못된 비밀번호 '{Username}'", username);
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
_logger.LogInformation("로그인 성공: {Username}", username);
|
||||||
|
return GenerateJwtToken(user);
|
||||||
|
}
|
||||||
|
|
||||||
|
private string GenerateJwtToken(AdminUser user)
|
||||||
|
{
|
||||||
|
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtSecretKey));
|
||||||
|
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
|
||||||
|
|
||||||
|
var claims = new[]
|
||||||
|
{
|
||||||
|
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
|
||||||
|
new Claim(ClaimTypes.Name, user.Username),
|
||||||
|
new Claim("username", user.Username)
|
||||||
|
};
|
||||||
|
|
||||||
|
var token = new JwtSecurityToken(
|
||||||
|
issuer: "taxbaik-admin",
|
||||||
|
audience: "taxbaik-admin-client",
|
||||||
|
claims: claims,
|
||||||
|
expires: DateTime.UtcNow.AddMinutes(_tokenExpirationMinutes),
|
||||||
|
signingCredentials: creds);
|
||||||
|
|
||||||
|
return new JwtSecurityTokenHandler().WriteToken(token);
|
||||||
|
}
|
||||||
|
|
||||||
|
public ClaimsPrincipal? ValidateToken(string token)
|
||||||
|
{
|
||||||
|
try
|
||||||
|
{
|
||||||
|
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtSecretKey));
|
||||||
|
var handler = new JwtSecurityTokenHandler();
|
||||||
|
var principal = handler.ValidateToken(token, new TokenValidationParameters
|
||||||
|
{
|
||||||
|
ValidateIssuerSigningKey = true,
|
||||||
|
IssuerSigningKey = key,
|
||||||
|
ValidateIssuer = true,
|
||||||
|
ValidIssuer = "taxbaik-admin",
|
||||||
|
ValidateAudience = true,
|
||||||
|
ValidAudience = "taxbaik-admin-client",
|
||||||
|
ValidateLifetime = true,
|
||||||
|
ClockSkew = TimeSpan.Zero
|
||||||
|
}, out SecurityToken validatedToken);
|
||||||
|
|
||||||
|
return principal;
|
||||||
|
}
|
||||||
|
catch
|
||||||
|
{
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
@@ -0,0 +1,59 @@
|
|||||||
|
using System.Security.Claims;
|
||||||
|
using Microsoft.AspNetCore.Components.Authorization;
|
||||||
|
|
||||||
|
namespace TaxBaik.Admin.Services;
|
||||||
|
|
||||||
|
public class CustomAuthenticationStateProvider : AuthenticationStateProvider
|
||||||
|
{
|
||||||
|
private readonly ILocalStorageService _localStorage;
|
||||||
|
private readonly AuthService _authService;
|
||||||
|
private readonly ILogger<CustomAuthenticationStateProvider> _logger;
|
||||||
|
|
||||||
|
public CustomAuthenticationStateProvider(ILocalStorageService localStorage, AuthService authService, ILogger<CustomAuthenticationStateProvider> logger)
|
||||||
|
{
|
||||||
|
_localStorage = localStorage;
|
||||||
|
_authService = authService;
|
||||||
|
_logger = logger;
|
||||||
|
}
|
||||||
|
|
||||||
|
public override async Task<AuthenticationState> GetAuthenticationStateAsync()
|
||||||
|
{
|
||||||
|
try
|
||||||
|
{
|
||||||
|
var token = await _localStorage.GetItemAsStringAsync("auth_token");
|
||||||
|
|
||||||
|
if (string.IsNullOrEmpty(token))
|
||||||
|
{
|
||||||
|
return new AuthenticationState(new ClaimsPrincipal(new ClaimsIdentity()));
|
||||||
|
}
|
||||||
|
|
||||||
|
var principal = _authService.ValidateToken(token);
|
||||||
|
if (principal == null)
|
||||||
|
{
|
||||||
|
await _localStorage.RemoveItemAsync("auth_token");
|
||||||
|
return new AuthenticationState(new ClaimsPrincipal(new ClaimsIdentity()));
|
||||||
|
}
|
||||||
|
|
||||||
|
return new AuthenticationState(principal);
|
||||||
|
}
|
||||||
|
catch (Exception ex)
|
||||||
|
{
|
||||||
|
_logger.LogError(ex, "인증 상태 조회 중 오류 발생");
|
||||||
|
return new AuthenticationState(new ClaimsPrincipal(new ClaimsIdentity()));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public async Task LoginAsync(string token)
|
||||||
|
{
|
||||||
|
await _localStorage.SetItemAsStringAsync("auth_token", token);
|
||||||
|
|
||||||
|
var principal = _authService.ValidateToken(token);
|
||||||
|
NotifyAuthenticationStateChanged(GetAuthenticationStateAsync());
|
||||||
|
}
|
||||||
|
|
||||||
|
public async Task LogoutAsync()
|
||||||
|
{
|
||||||
|
await _localStorage.RemoveItemAsync("auth_token");
|
||||||
|
NotifyAuthenticationStateChanged(GetAuthenticationStateAsync());
|
||||||
|
}
|
||||||
|
}
|
||||||
@@ -0,0 +1,8 @@
|
|||||||
|
namespace TaxBaik.Admin.Services;
|
||||||
|
|
||||||
|
public interface ILocalStorageService
|
||||||
|
{
|
||||||
|
Task<string?> GetItemAsStringAsync(string key);
|
||||||
|
Task SetItemAsStringAsync(string key, string value);
|
||||||
|
Task RemoveItemAsync(string key);
|
||||||
|
}
|
||||||
@@ -0,0 +1,43 @@
|
|||||||
|
using Microsoft.JSInterop;
|
||||||
|
|
||||||
|
namespace TaxBaik.Admin.Services;
|
||||||
|
|
||||||
|
public class LocalStorageService : ILocalStorageService
|
||||||
|
{
|
||||||
|
private readonly IJSRuntime _jsRuntime;
|
||||||
|
|
||||||
|
public LocalStorageService(IJSRuntime jsRuntime)
|
||||||
|
{
|
||||||
|
_jsRuntime = jsRuntime;
|
||||||
|
}
|
||||||
|
|
||||||
|
public async Task<string?> GetItemAsStringAsync(string key)
|
||||||
|
{
|
||||||
|
try
|
||||||
|
{
|
||||||
|
return await _jsRuntime.InvokeAsync<string>("localStorage.getItem", key);
|
||||||
|
}
|
||||||
|
catch
|
||||||
|
{
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public async Task SetItemAsStringAsync(string key, string value)
|
||||||
|
{
|
||||||
|
try
|
||||||
|
{
|
||||||
|
await _jsRuntime.InvokeVoidAsync("localStorage.setItem", key, value);
|
||||||
|
}
|
||||||
|
catch { }
|
||||||
|
}
|
||||||
|
|
||||||
|
public async Task RemoveItemAsync(string key)
|
||||||
|
{
|
||||||
|
try
|
||||||
|
{
|
||||||
|
await _jsRuntime.InvokeVoidAsync("localStorage.removeItem", key);
|
||||||
|
}
|
||||||
|
catch { }
|
||||||
|
}
|
||||||
|
}
|
||||||
@@ -14,6 +14,8 @@
|
|||||||
<ItemGroup>
|
<ItemGroup>
|
||||||
<PackageReference Include="MudBlazor" Version="6.9.4" />
|
<PackageReference Include="MudBlazor" Version="6.9.4" />
|
||||||
<PackageReference Include="BCrypt.Net-Next" Version="4.0.3" />
|
<PackageReference Include="BCrypt.Net-Next" Version="4.0.3" />
|
||||||
|
<PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="8.2.1" />
|
||||||
|
<PackageReference Include="Microsoft.IdentityModel.Tokens" Version="8.2.1" />
|
||||||
</ItemGroup>
|
</ItemGroup>
|
||||||
|
|
||||||
</Project>
|
</Project>
|
||||||
|
|||||||
@@ -5,5 +5,8 @@
|
|||||||
"Microsoft.AspNetCore": "Warning"
|
"Microsoft.AspNetCore": "Warning"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"AllowedHosts": "*"
|
"AllowedHosts": "*",
|
||||||
|
"Jwt": {
|
||||||
|
"SecretKey": "dev-secret-key-change-in-production-min-32-chars!"
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user