0

I'm a beginner working on a team project and currently creating a "board" page in React + Spring Boot.

I'm really confused because I keep getting a 401 Unauthorized error when submitting a POST request to create a board with multipart/form-data.

  • If I include a file, everything works fine.
  • If I submit without a file, I get 401 INVALID_ACCESS_TOKEN from the backend.

I'm new to both Spring Security and like everything, and I'm working in a team, so I want to make this work properly for all cases.

Has anyone faced a similar issue or can explain why a multipart request without files might cause a JWT to fail authentication?

controller:

@PostMapping("/create")
public ResponseEntity<?> createBoard(
            @PathVariable("crewId") Long crewId,
            @RequestPart("title") String title,
            @RequestPart("content") String content,
            @RequestParam(value = "crewBoardFile", required = false) List<MultipartFile> crewBoardFile,
            @AuthenticationPrincipal MyUserDetails userDetails
) throws IOException {
    CrewBoardDto crewBoardDto = new CrewBoardDto();
    crewBoardDto.setTitle(title);
    crewBoardDto.setContent(content);
    crewBoardDto.setCrewBoardFile(crewBoardFile);

    Long loginUserId = userDetails.getMemberId();
    CrewBoardDto createBoard = crewBoardService.createBoard(crewId, crewBoardDto, loginUserId, crewBoardFile);

    return ResponseEntity.ok(createBoard);
}

service:

 @Override
public CrewBoardDto createBoard(Long crewId, CrewBoardDto crewBoardDto, Long loginUserId, List<MultipartFile> crewBoardFile) throws IOException {
    CrewEntity crewEntity = crewRepository.findById(crewId)
            .orElseThrow(() -> new IllegalArgumentException("x"));

    MemberEntity memberEntity = memberRepository.findById(loginUserId)
            .orElseThrow(() -> new IllegalArgumentException("x"));

    crewRepository.findByIdAndCrewMemberEntities_MemberEntity_Id(crewId, loginUserId)
            .orElseThrow(() -> new IllegalArgumentException("x"));

    crewBoardDto.setMemberId(memberEntity.getId());
    crewBoardDto.setCrewId(crewId);

    CrewBoardEntity crewBoardEntity = CrewBoardEntity.toCrewBoardEntity(crewBoardDto);
    
    CrewBoardEntity savedBoard = null;

    crewBoardFile = crewBoardDto.getCrewBoardFile();
    
    if (crewBoardFile == null || crewBoardFile.isEmpty() || crewBoardFile.get(0).isEmpty()) {
        savedBoard = crewBoardRepository.save(crewBoardEntity);            
    } else {
        List<CrewBoardImageEntity> savedImages = new ArrayList<>();
        // for (MultipartFile file : crewBoardDto.getCrewBoardFile()) {
            //     if (file != null && !file.isEmpty()) {
                //         String originalFileName = file.getOriginalFilename();
                
                //         String newFileName = awsS3Service.uploadFile(file);
                
                //         CrewBoardImageEntity boardImageEntity = CrewBoardImageEntity.toCrewBoardImageEntity(crewBoardEntity2, originalFileName, newFileName);
                
                //         crewBoardImageRepository.save(boardImageEntity);
                //         crewBoardRepository.save(crewBoardEntity);
                //     }
        // }
        for (MultipartFile boardFile : crewBoardFile) {
            if (boardFile != null && !boardFile.isEmpty()) {
                UUID uuid = UUID.randomUUID();
                String originalFileName = boardFile.getOriginalFilename();
                String newFileName = uuid + "_" + originalFileName;

                String filePath = "E:/full/upload/" + newFileName;
                File file = new File(filePath);

                boardFile.transferTo(file);
                
                CrewBoardImageEntity boardImageEntity = CrewBoardImageEntity.toCrewBoardImageEntity(crewBoardEntity, originalFileName, newFileName);
                CrewBoardImageEntity savedImage = crewBoardImageRepository.save(boardImageEntity);
                savedImages.add(savedImage);
            }
        }
        crewBoardEntity.setCrewBoardImageEntities(savedImages);
        savedBoard = crewBoardRepository.save(crewBoardEntity);            

    }
    return CrewBoardDto.toDto(savedBoard);
}

react:

react

Improve this question
New contributor
유연준 is a new contributor to this site. Take care in asking for clarification, commenting, and answering. Check out our Code of Conduct.
3
  • 1
    Welcome to Stackoverflow!, Please edit your question and add the code in code blocks instead of code screenshots. Find these resources to improve your question: stackoverflow.com/help/minimal-reproducible-example and stackoverflow.com/help/how-to-ask Commented 2 days ago
  • Please provide enough code so others can better understand or reproduce the problem. Commented 2 days ago
  • enable debug logs or trace logs and edit your question to include your logs in full, also you have posted nothing of your security configuration, so we have no idea. Good luck Commented 9 hours ago
Related questions
0
401 Unauthorized error: Bad credentials when using @PreAuthorize
1
spring security authorization error 401 unauthorized
0
Unauthorized Error 401 to Existing Endpoint, No Error thrown in Server Log
Load 3 more related questions Show fewer related questions

0

Reset to default

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.