[✨] API Header 점검하는 로직 추가 중 3

2025-03-19 12:40:05 +09:00 · 2025-03-19 12:40:05 +09:00 · 6914bba007
commit 6914bba007
parent 090e03c6b3
4 changed files with 25 additions and 67 deletions
--- a/Program.cs
+++ b/Program.cs
@ -115,6 +115,7 @@ builder.Services.AddControllers();
 // 여기다가 API 있는 컨트롤러들 AddScoped 하면 되는건가?
 builder.Services.AddScoped<AcaMate.Common.Token.JwtTokenService>();
 builder.Services.AddScoped<IRepositoryService, AcaMate.V1.Services.RepositoryService>();
 builder.Services.AddScoped<IHeaderConfig, HeaderConfigRepository>();
 // builder.Services.AddScoped<UserService>(); //
 // builder.Services.AddScoped<UserController>();
@ -156,7 +157,7 @@ builder.Services.AddScoped<IHeaderConfig, HeaderConfigRepository>();
 // 로컬 테스트 위한 부분 (올릴때는 꺼두기)
-builder.WebHost.UseUrls("http://0.0.0.0:5144");
+// builder.WebHost.UseUrls("http://0.0.0.0:5144");
 ///// ===== builder 설정 부 ===== /////
@ -176,13 +177,10 @@ else
 }
 // 로컬 테스트 위한 부분 (올릴떄는 켜두기)
-// app.UseHttpsRedirection();
+app.UseHttpsRedirection();
 // 헤더 미들웨어 부분
-app.UseMiddleware<APIHeaderMiddleware>(new string[] { "X-MyHeader1", "X-MyHeader2", "X-MyHeader3" });
+app.UseMiddleware<APIHeaderMiddleware>((object)new string[] { "iOS_AM_Connect_Key", "And_AM_Connect_Key", "Web_AM_Connect_Key" });
 // 이부분 봐야 합니다.
 // app.UseMiddleware<CustomHeaderMiddleware>("X-MyHeader");
--- a/Program/Common/Auth/APIHeaderFilter.cs
+++ b/Program/Common/Auth/APIHeaderFilter.cs
@ -1,27 +0,0 @@
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Mvc.Filters;
 namespace AcaMate.Common.Token;
 public class APIHeaderFilter : ActionFilterAttribute
 {
    private readonly string _headerName;
    public APIHeaderFilter(string headerName)
    {
        _headerName = headerName;
    }
    public override void OnActionExecuted(ActionExecutedContext context)
    {
        if (!context.HttpContext.Request.Headers.TryGetValue(_headerName, out var headerValues) ||
            string.IsNullOrWhiteSpace(headerValues))
        {
            context.Result = new BadRequestObjectResult($"Missing or empty header: {_headerName}");
        }
        base.OnActionExecuted(context);
    }
 }
--- a/Program/Common/Auth/APIHeaderMiddleware.cs
+++ b/Program/Common/Auth/APIHeaderMiddleware.cs
@ -4,64 +4,66 @@ using Microsoft.AspNetCore.Http;
 using Microsoft.EntityFrameworkCore;
 namespace AcaMate.Common.Token;
 public interface IHeaderConfig
-{ 
+{
    Task<string> GetExpectedHeaderValueAsync(string headerName);
 }
 /// <summary>
 /// DB에서 헤더 키값 찾아서 그 밸류 값 빼오기 위해서 사용
 /// </summary>
 public class HeaderConfigRepository : IHeaderConfig
 {
    private readonly AppDbContext _dbContext;
-    
+
    public HeaderConfigRepository(AppDbContext dbContext)
    {
        _dbContext = dbContext;
    }
-    
+
    public async Task<string> GetExpectedHeaderValueAsync(string headerName)
    {
-        // 예를 들어, HeaderConfig 테이블에 헤더 이름과 기대 값이 저장되어 있다고 가정합니다.
+        var config = await _dbContext.APIHeader
-        var config = await _dbContext.APIHeader.
+            .FirstOrDefaultAsync(h => h.h_key == headerName);
            FirstOrDefaultAsync(h => h.h_key == headerName);
        return config?.h_value ?? string.Empty;
    }
 }
 public class APIHeaderMiddleware
 {
    private readonly RequestDelegate _next;
    private readonly string[] _headerNames;
-    private readonly IHeaderConfig _headerConfig;
+    // private readonly IHeaderConfig _headerConfig;
-    public APIHeaderMiddleware(RequestDelegate next, string[] headerNames, IHeaderConfig headerConfig)
+    public APIHeaderMiddleware(RequestDelegate next, string[] headerNames)//, IHeaderConfig headerConfig)
    {
        _next = next;
        _headerNames = headerNames;
        _headerConfig = headerConfig;
    }
    public async Task Invoke(HttpContext context)
    {
        // Scoped 사용해서 값 가져오는 곳임
        var headerConfig = context.RequestServices.GetRequiredService<IHeaderConfig>();
        bool valid = false;
        foreach (var header in _headerNames)
        {
-
+            /// context.Request.Headers.TryGetValue(header, out var headerValue)
-            if (!context.Request.Headers.TryGetValue(header, out var headerValue) &&
+            /// header 를 찾는데 header
            if (context.Request.Headers.TryGetValue(header, out var headerValue) &&
                !string.IsNullOrWhiteSpace(headerValue))
                // if (!context.Request.Headers.ContainsKey(_headerName) || string.IsNullOrWhiteSpace(context.Request.Headers[_headerName]))
            {
-                var expectedValue = await _headerConfig.GetExpectedHeaderValueAsync(header);
+                var dbValue = await headerConfig.GetExpectedHeaderValueAsync(header);
-                if (headerValue == expectedValue)
+                if (headerValue == dbValue)
                {
                    valid = true;
                    break;
                }
                // context.Response.StatusCode = StatusCodes.Status400BadRequest;
                // await context.Response.WriteAsync($"Missing or empty header: {headerName}");
                // return;
            }
        }
@ -71,14 +73,7 @@ public class APIHeaderMiddleware
            await context.Response.WriteAsync($"Invalid header value");
            return;
        }
-        // if (headerValue != expectedValue)
+        
        //     {
        //         context.Response.StatusCode = StatusCodes.Status401Unauthorized;
        //         await context.Response.WriteAsync($"Invalid header value");
        //         return;
        //     }
        // 
        // }
        await _next(context);
    }
 }
--- a/Program/Common/JWTToken/JwtTokenService.cs
+++ b/Program/Common/JWTToken/JwtTokenService.cs
@ -105,13 +105,5 @@ public class JwtTokenService
            _logger.LogError($"엑세스 토큰 오류: {ex.Message}");
            return null;
        }
    }
 }