게시물 등록 및 토큰검증 후 등록 추가

blog/admin.py

@@ -0,0 +1,3 @@
+from django.contrib import admin
+
+# Register your models here.

blog/apps.py

@@ -0,0 +1,6 @@
+from django.apps import AppConfig
+
+
+class BlogConfig(AppConfig):
+    default_auto_field = 'django.db.models.BigAutoField'
+    name = 'blog'

blog/authentication.py

@@ -0,0 +1,14 @@
+from rest_framework_simplejwt.authentication import JWTAuthentication
+from rest_framework_simplejwt.exceptions import InvalidToken
+
+class StatelessUser:
+    def __init__(self, username):
+        self.username = username
+        self.is_authenticated = True
+
+class StatelessJWTAuthentication(JWTAuthentication):
+    def get_user(self, validated_token):
+        name = validated_token.get("name")
+        if not name:
+            raise InvalidToken("Token에 'name' 항목이 없습니다.")
+        return StatelessUser(username=name)

blog/migrations/0001_initial.py

@@ -0,0 +1,24 @@
+# Generated by Django 4.2.14 on 2025-04-22 08:27
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    initial = True
+
+    dependencies = [
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='Post',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('title', models.CharField(max_length=255)),
+                ('content', models.TextField()),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('author_name', models.CharField(max_length=150)),
+            ],
+        ),
+    ]

blog/models.py

@@ -0,0 +1,12 @@
+from django.db import models
+from django.conf import settings
+from django.contrib.auth.models import User 
+
+class Post(models.Model):
+    title = models.CharField(max_length=255)
+    content = models.TextField()
+    created_at = models.DateTimeField(auto_now_add=True)
+    author_name = models.CharField(max_length=150)
+
+    def __str__(self):
+        return self.title

blog/serializers.py

@@ -0,0 +1,10 @@
+# blog/serializers.py
+
+from rest_framework import serializers
+from .models import Post
+
+class PostSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = Post
+        fields = ['id', 'title', 'content', 'author_name', 'created_at']
+        read_only_fields = ['author_name', 'created_at']

blog/tests.py

@@ -0,0 +1,3 @@
+from django.test import TestCase
+
+# Create your tests here.

blog/urls.py

@@ -0,0 +1,8 @@
+# blog/urls.py
+
+from django.urls import path
+from .views import PostListCreateView
+
+urlpatterns = [
+    path('posts/', PostListCreateView.as_view(), name='post-list-create'),
+]

blog/utils.py

@@ -0,0 +1,13 @@
+import requests
+from rest_framework.exceptions import AuthenticationFailed
+
+def verify_token_with_auth_server(token: str):
+    # url = "http://192.168.0.202:8000/api/auth/verify/"
+    url = settings.AUTH_VERIFY_URL  # ✅ .env에서 설정한 값 사용
+    headers = {"Content-Type": "application/json"}
+    try:
+        response = requests.post(url, json={"token": token}, headers=headers, timeout=3)
+        if response.status_code != 200:
+            raise AuthenticationFailed("유효하지 않은 토큰입니다 (auth 서버 응답 오류)")
+    except requests.exceptions.RequestException as e:
+        raise AuthenticationFailed(f"auth 서버 통신 실패: {str(e)}")

blog/views.py

@@ -0,0 +1,18 @@
+# blog/views.py
+
+from rest_framework import generics, permissions
+from .models import Post
+from .serializers import PostSerializer
+from .utils import verify_token_with_auth_server  # ✅ 추가
+
+class PostListCreateView(generics.ListCreateAPIView):
+    queryset = Post.objects.all().order_by('-created_at')
+    serializer_class = PostSerializer
+    permission_classes = [permissions.IsAuthenticated]
+
+    def perform_create(self, serializer):
+        # ✅ 토큰 추출 및 유효성 2차 검증
+        token = self.request.headers.get("Authorization", "").replace("Bearer ", "")
+        verify_token_with_auth_server(token)
+
+        serializer.save(author_name=self.request.user.username)