JWT 토큰 적용

[leebo155]

JWT

간단한 JWT 토큰과 장고 기본 유저 DB모델을 사용하여 구현했습니다.

회원가입

POST http://localhost/user/signup

• Request Body

  {
  "username": "bohlee",
  "password": "bohlee///",
  "email": "bohlee@student.42seoul.kr"
  }

• Success Response: 201

  {
  "username": "bohlee",
  "email": "bohlee@student.42seoul.kr"
  }

• Fail Response: 400 요청 데이터가 없는 경우

  {
   "username": [
      "This field is required."
  ],
  "password": [
      "This field is required."
  ],
  "email": [
      "This field is required."
  ]
  }

• Fail Response: 500 파이선 코드의 문제, 현재 유효성검사를 커스터마이징 하지 않아 예외처리가 발생한 경우

로그인

POST http://localhost/user/login

• Request Body

  {
  "username": "bohlee",
  "password": "bohlee///"
  }

• Success Response: 200

  {
  "refresh": "eyJhbGciOiJIUzI1NiIsInR...8UyLHd71Hco",
  "access": "eyJhbGciOiJIUzUtwT7Un..OgjqrMLNvkpg"
  }

• Fail Response: 400 요청 데이터가 없는 경우

  {
  "username": [
      "This field is required."
  ],
  "password": [
      "This field is required."
  ]
  }

• Fail Response: 401 아이디가 없거나 비밀번호가 틀린 경우

  {
  "detail": "No active account found with the given credentials"
  }

토큰 재발급

POST http://localhost/user/refresh

• Request Body

  {
  "refresh": "[REFRESH_TOKEN]"
  }

• Success Response: 200

  {
  "refresh": "eyJhbGciOiJIUzI1NiIsInR...8UyLHd71Hco",
  "access": "eyJhbGciOiJIUzUtwT7Un..OgjqrMLNvkpg"
  }

• Fail Response: 400 요청 데이터가 없는 경우

  {
  "refresh": [
      "This field is required."
  ]
  }

• Fail Response: 401 토큰이 잘못된 경우

  {
  "detail": "Token is invalid or expired",
  "code": "token_not_valid"
  }

토큰을 이미 한번 재발급 받은 경우

{
    "detail": "Token is blacklisted",
    "code": "token_not_valid"
}

로그인(엑세스 토큰) 확인

GET http://localhost/user/check

• Request Header

  Authorization: Bearer [ACCESS_TOKEN]

• Success Response: 200

  {
  "message": "This is a protected view."
  }

• Fail Response: 401 인증헤더가 없는 경우

  {
  "detail": "Authentication credentials were not provided."
  }

토큰이 만료되었거나 변조된 경우

{
    "detail": "Given token not valid for any token type",
    "code": "token_not_valid",
    "messages": [
        {
            "token_class": "AccessToken",
            "token_type": "access",
            "message": "Token is invalid or expired"
        }
    ]
}

[leebo155]

JWT 토큰이 이제 쿠키로 전달됩니다.

로그인

POST http://localhost/user/login/

• Request

  {
  "username": "bohlee",
  "password": "bohlee///",
  "email": "bohlee@student.42seoul.kr"
  }

• Response

  
  Set-Cookie: refresh=[REFRESH_TOKEN]; expires=Wed, 00 Sep 2024 00:00:02 GMT; HttpOnly; Max-Age=86400; Path=/; Secure
  Set-Cookie: access=[ACCESS_TOKEN]; expires=Tue, 00 Sep 2024 00:00:00 GMT; HttpOnly; Max-Age=1800; Path=/; Secure

{ "detail":"Login successful" }

## 재발급

POST http://localhost/user/refresh/

* Request
```http
{
    "refresh": "[REFRESH_TOKEN]"
}

• Response

  
  Set-Cookie: refresh=[REFRESH_TOKEN]; expires=Wed, 00 Sep 2024 00:00:02 GMT; HttpOnly; Max-Age=86400; Path=/; Secure
  Set-Cookie: access=[ACCESS_TOKEN]; expires=Tue, 00 Sep 2024 00:00:00 GMT; HttpOnly; Max-Age=1800; Path=/; Secure

{ "detail": "Refresh successful" }

## 로그아웃

POST http://localhost/user/logout/

* Request
```http
Authorization: Bearer [ACCESS_TOKEN]

{
    "refresh": "[REFRESH_TOKEN]"
}

• Response

  
  Set-Cookie: refresh=""; expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/
  Set-Cookie: access=""; expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/

{ "detail": "Logout successful" }