diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..c2065bc
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,37 @@
+HELP.md
+.gradle
+build/
+!gradle/wrapper/gradle-wrapper.jar
+!**/src/main/**/build/
+!**/src/test/**/build/
+
+### STS ###
+.apt_generated
+.classpath
+.factorypath
+.project
+.settings
+.springBeans
+.sts4-cache
+bin/
+!**/src/main/**/bin/
+!**/src/test/**/bin/
+
+### IntelliJ IDEA ###
+.idea
+*.iws
+*.iml
+*.ipr
+out/
+!**/src/main/**/out/
+!**/src/test/**/out/
+
+### NetBeans ###
+/nbproject/private/
+/nbbuild/
+/dist/
+/nbdist/
+/.nb-gradle/
+
+### VS Code ###
+.vscode/
diff --git a/.jpb/persistence-units.xml b/.jpb/persistence-units.xml
new file mode 100644
index 0000000..acbdf85
--- /dev/null
+++ b/.jpb/persistence-units.xml
@@ -0,0 +1,12 @@
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/build.gradle b/build.gradle
index ebb643f..570ab26 100644
--- a/build.gradle
+++ b/build.gradle
@@ -19,16 +19,16 @@ repositories {
}
dependencies {
- compileOnly 'org.projectlombok:lombok'
- annotationProcessor 'org.projectlombok:lombok'
- developmentOnly 'org.springframework.boot:spring-boot-devtools'
- implementation 'org.springframework.boot:spring-boot-starter-web'
- implementation 'org.springframework.boot:spring-boot-starter-thymeleaf'
- implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
+ compileOnly 'org.projectlombok:lombok:1.18.22'
+ annotationProcessor 'org.projectlombok:lombok:1.18.22'
+ developmentOnly 'org.springframework.boot:spring-boot-devtools:2.5.6'
+ implementation 'org.springframework.boot:spring-boot-starter-web:2.5.6'
+ implementation 'org.springframework.boot:spring-boot-starter-thymeleaf:2.5.6'
+ implementation 'org.springframework.boot:spring-boot-starter-data-jpa:2.5.6'
- implementation 'org.springframework.boot:spring-boot-starter-security'
- implementation 'org.thymeleaf.extras:thymeleaf-extras-springsecurity5'
- implementation 'io.jsonwebtoken:jjwt:0.9.1'
+ implementation 'org.springframework.boot:spring-boot-starter-security:2.5.6'
+ implementation 'org.thymeleaf.extras:thymeleaf-extras-springsecurity5:3.0.4.RELEASE'
+ // implementation 'io.jsonwebtoken:jjwt:0.9.1'
implementation group: 'org.mariadb.jdbc', name: 'mariadb-java-client', version: '2.7.0'
implementation 'org.bgee.log4jdbc-log4j2:log4jdbc-log4j2-jdbc4.1:1.16'
@@ -36,8 +36,8 @@ dependencies {
// implementation group: 'org.webjars', name: 'bootstrap', version: '5.1.3'
// implementation group: 'org.webjars', name: 'popper.js', version: '2.9.3'
- testImplementation 'org.springframework.boot:spring-boot-starter-test'
- testImplementation 'org.springframework.security:spring-security-test'
+ testImplementation 'org.springframework.boot:spring-boot-starter-test:2.5.6'
+ testImplementation 'org.springframework.security:spring-security-test:5.5.1'
}
test {
diff --git a/src/main/java/com/dbnt/kcgfilemanager/config/WebSecurityConfig.java b/src/main/java/com/dbnt/kcgfilemanager/config/WebSecurityConfig.java
index 617ebf0..72eef7c 100644
--- a/src/main/java/com/dbnt/kcgfilemanager/config/WebSecurityConfig.java
+++ b/src/main/java/com/dbnt/kcgfilemanager/config/WebSecurityConfig.java
@@ -5,6 +5,8 @@ import lombok.RequiredArgsConstructor;
import org.springframework.boot.autoconfigure.security.servlet.PathRequest;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.BeanIds;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
@@ -13,7 +15,7 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.crypto.password.Pbkdf2PasswordEncoder;
-import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
@RequiredArgsConstructor
@EnableWebSecurity
@@ -26,39 +28,20 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
public PasswordEncoder passwordEncoder(){
return new Pbkdf2PasswordEncoder();
}
-
@Override
- public void configure(WebSecurity web){
- web.ignoring().requestMatchers(PathRequest.toStaticResources().atCommonLocations());
+ protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+ auth.userDetailsService(userInfoService);
}
-
+ @Bean(name = BeanIds.AUTHENTICATION_MANAGER)
@Override
- protected void configure(HttpSecurity http) throws Exception{
- http.csrf().disable().authorizeRequests()
- .anyRequest().permitAll()
- .and()
- .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
- .and()
- .formLogin().disable();
-// http.authorizeRequests()
-// .antMatchers("/login", "/signup", "/user").permitAll()
-// .anyRequest().authenticated() // 나머지 요청들은 권한의 종류에 상관 없이 권한이 있어야 접근 가능
-// .and()
-// .formLogin()
-// .loginPage("/login")
-// .defaultSuccessUrl("/")
-// .and()
-// .logout()
-// .logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
-// .logoutSuccessUrl("/login")
-// .invalidateHttpSession(true)
-// .and()
-// .exceptionHandling();
-
+ public AuthenticationManager authenticationManagerBean() throws Exception {
+ return super.authenticationManagerBean();
+ }
+ @Override
+ protected void configure(HttpSecurity http) throws Exception {
+ http.csrf().disable().authorizeRequests().antMatchers("/authenticate")
+ .permitAll().anyRequest().authenticated()
+ .and().exceptionHandling().and().sessionManagement()
+ .sessionCreationPolicy(SessionCreationPolicy.STATELESS);
}
-
-// @Override
-// protected void configure(AuthenticationManagerBuilder auth) throws Exception{
-// auth.userDetailsService(userInfoService).passwordEncoder(passwordEncoder());
-// }
}
diff --git a/src/main/java/com/dbnt/kcgfilemanager/userInfo/UserInfo.java b/src/main/java/com/dbnt/kcgfilemanager/userInfo/UserInfo.java
index 0923de6..474014e 100644
--- a/src/main/java/com/dbnt/kcgfilemanager/userInfo/UserInfo.java
+++ b/src/main/java/com/dbnt/kcgfilemanager/userInfo/UserInfo.java
@@ -1,24 +1,29 @@
package com.dbnt.kcgfilemanager.userInfo;
-import lombok.Getter;
+import lombok.AllArgsConstructor;
+import lombok.Data;
import lombok.NoArgsConstructor;
-import lombok.Setter;
-import org.springframework.data.annotation.Id;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
+import javax.persistence.*;
import java.util.Collection;
import java.util.Date;
import java.util.HashSet;
import java.util.Set;
-@Getter
-@Setter
+@Data
+@AllArgsConstructor
@NoArgsConstructor
-public class UserInfo implements UserDetails {
+@Entity
+@Table(name = "USER_INFO")
+public class UserInfo{
@Id
- private int userSeq;
+ @GeneratedValue(strategy = GenerationType.SEQUENCE)
+ @Column(name = "user_seq", nullable = false)
+ private Integer userSeq;
+
private String userId;
private String password;
private String name;
@@ -27,42 +32,12 @@ public class UserInfo implements UserDetails {
private String userRole;
private Date createDate;
- @Override
- public Collection getAuthorities() {
- Set roles = new HashSet<>();
- for (String role : userRole.split(",")) {
- roles.add(new SimpleGrantedAuthority(role));
- }
- return roles;
+ public Integer getUserSeq() {
+ return userSeq;
}
- @Override
- public String getPassword() {
- return password;
+ public void setUserSeq(Integer userSeq) {
+ this.userSeq = userSeq;
}
- @Override
- public String getUsername() {
- return userId;
- }
-
- @Override
- public boolean isAccountNonExpired() {
- return true;
- }
-
- @Override
- public boolean isAccountNonLocked() {
- return true;
- }
-
- @Override
- public boolean isCredentialsNonExpired() {
- return true;
- }
-
- @Override
- public boolean isEnabled() {
- return true;
- }
}
diff --git a/src/main/java/com/dbnt/kcgfilemanager/userInfo/repository/UserInfoRepository.java b/src/main/java/com/dbnt/kcgfilemanager/userInfo/repository/UserInfoRepository.java
index a1466cf..060698d 100644
--- a/src/main/java/com/dbnt/kcgfilemanager/userInfo/repository/UserInfoRepository.java
+++ b/src/main/java/com/dbnt/kcgfilemanager/userInfo/repository/UserInfoRepository.java
@@ -1,11 +1,11 @@
package com.dbnt.kcgfilemanager.userInfo.repository;
import com.dbnt.kcgfilemanager.userInfo.UserInfo;
-import org.springframework.data.repository.CrudRepository;
+import org.springframework.data.jpa.repository.JpaRepository;
import java.util.Optional;
-public interface UserInfoRepository extends CrudRepository {
+public interface UserInfoRepository extends JpaRepository {
Optional findByUserId(String userId);
}
diff --git a/src/main/java/com/dbnt/kcgfilemanager/userInfo/service/UserInfoService.java b/src/main/java/com/dbnt/kcgfilemanager/userInfo/service/UserInfoService.java
index 68b4e6e..e301ff5 100644
--- a/src/main/java/com/dbnt/kcgfilemanager/userInfo/service/UserInfoService.java
+++ b/src/main/java/com/dbnt/kcgfilemanager/userInfo/service/UserInfoService.java
@@ -3,12 +3,16 @@ package com.dbnt.kcgfilemanager.userInfo.service;
import com.dbnt.kcgfilemanager.userInfo.UserInfo;
import com.dbnt.kcgfilemanager.userInfo.repository.UserInfoRepository;
import lombok.RequiredArgsConstructor;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.password.Pbkdf2PasswordEncoder;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
+import java.util.ArrayList;
+
@Service
@RequiredArgsConstructor
public class UserInfoService implements UserDetailsService {
@@ -23,7 +27,8 @@ public class UserInfoService implements UserDetailsService {
}
@Override
- public UserInfo loadUserByUsername(String userId) throws UsernameNotFoundException {
- return userInfoRepository.findByUserId(userId).orElseThrow(()->new UsernameNotFoundException(userId));
+ public UserDetails loadUserByUsername(String userId) throws UsernameNotFoundException {
+ UserInfo userInfo = userInfoRepository.findByUserId(userId).orElseThrow(()->new UsernameNotFoundException(userId));
+ return new User(userInfo.getUserId(), userInfo.getPassword(), new ArrayList<>());
}
}
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index eacdbd9..004ac8f 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -1,3 +1,5 @@
+spring.jpa.show-sql=true
+spring.jpa.generate-ddl=false
spring.datasource.driverClassName=net.sf.log4jdbc.sql.jdbcapi.DriverSpy
spring.datasource.url=jdbc:log4jdbc:mariadb://106.247.244.146:57306/kcg_fm?characterEncoding=UTF-8&serverTimezone=UTC