UserMapperTest.java
@Test
void testPasswordEncoder() {
String plainPW = "1234";
String encodedPW = new BCryptPasswordEncoder().encode(plainPW);
System.out.println(encodedPW);
}
$2a$10$mniOpY/L2NF7aDPgRDZDL.dgnFLy.Tza9oT7ELPu2sHaApsQD0XfS
SecurityConfig.java (@Bean 추가)
@Bean
public PasswordEncoder bCryptPasswordEncoder() {
return new BCryptPasswordEncoder();
}
UserMapperTest.java
@Autowired
private PasswordEncoder passwordEncoder;
@Test
void testPasswordEncoder() {
String plainPW = "1234";
String encodedPW = passwordEncoder.encode(plainPW);
System.out.println(encodedPW);
}
SecurityConfig.java
@Bean
public UserVO userVO() {
UserVO vo = new UserVO();
vo.setPassword("메롱");
vo.setUsername("메롱");
return vo;
}
UserMapper.java
@Test
void testPasswordEncoder() {
System.out.println(userVO);
@Test
void testPasswordEncoder() {
String plainPW = "1234";
String encodedPW = passwordEncoder.encode(plainPW);
System.out.println("plain : " + plainPW + " / encoded : " + encodedPW);
System.out.println(passwordEncoder.matches(plainPW, encodedPW));
}
plain : 1234 / encoded : $2a$10$PqMRd968AEIEgrOwoE72fe91gKlVx5XsBcfW4jh05yrmA3/.r6RH6
true
(사이트 간의 위조 요청)
SecurityConfig.java
login.jsp
form:form을 form으로 수정
주석 처리 되어 있던 csrf 내용 주석 풀기
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}" />
localhost:8282 접속 후 유저 홈에 접속하여 로그인 시도하면 접속 가능