1.dependency add
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
<version>3.1.11</version>
</dependency>2. SecurityConfig.java
- filterChain
- passwordEncoder
@Slf4j
@Configuration
@EnableWebSecurity
public class SecurityCofig {
@Bean
public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {
httpSecurity
.csrf((csrfConfig) -> csrfConfig.disable())
.headers((headerConfig) -> headerConfig.frameOptions(frameOptionsConfig -> frameOptionsConfig.disable()))
.authorizeHttpRequests((authoziedRequest)->authoziedRequest
.requestMatchers("/main.page").permitAll()
.requestMatchers( "/login/**").permitAll()
.requestMatchers( "/logout/**").permitAll()
.requestMatchers("/home/**").permitAll()
.requestMatchers("/member/**").hasRole("ADMIN")
.anyRequest().authenticated()
)
.formLogin(formLogin -> formLogin
.loginPage("/login/login.page")
.loginProcessingUrl("/login/loginProc.do")
.usernameParameter("user_id")
.passwordParameter("user_pwd")
.defaultSuccessUrl("/member/member.page")
.permitAll()
)
.logout(logout->logout
.logoutUrl("/logout/logout.do")
.logoutSuccessUrl("/login/login.page?logout=true")
.invalidateHttpSession(true)
.deleteCookies("JSESSIONID")
);
return httpSecurity.build();
}
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
}
3. UserDetailsService.java
@Slf4j
@Component
public class MyUserDetailService implements UserDetailsService {
@Autowired
PasswordEncoder passwordEncoder;
@Override
public UserDetails loadUserByUsername(String insertedUserId) throws UsernameNotFoundException {
log.debug("userDetails()................insertedUserId=" + insertedUserId);
log.debug("PasswordEncoder()................");
String result = passwordEncoder.encode("222");
log.debug("PasswordEncoder():result=" + result);
return User.builder()
.username("111")
.password(result)
.roles("ADMIN")
.build();
}
}
4. 회원가입 (User Register )
public static Member createUser(String userId, String pw, PasswordEncoder passwordEncoder) {
return new Member(userId, passwordEncoder.encode(pw), "USER");
}
@Slf4j
@RestController
public class LoginController {
@Autowired
PasswordEncoder passwordEncoder;
@RequestMapping(value = "/login/register.do", method = RequestMethod.POST)
public String register(@RequestParam("user_id") String user_id, @RequestParam("user_pwd") String user_pwd, @RequestParam("user_name") String user_name) {
log.debug("register()..........");
//
log.debug("user_id=" + user_id);
log.debug("user_name=" + user_name);
log.debug("user_pwd=" + user_pwd);
log.debug("ENC_user_pwd=" + passwordEncoder.encode(user_pwd));
return "OK";
}
}
IT를 쉽게 이해해 보아요~😄