From 009ae7c98597cc712e1a9f7e87296c3cf71e5595 Mon Sep 17 00:00:00 2001 From: hwangsea <134906042+hwangsea@users.noreply.github.com> Date: Sat, 9 Nov 2024 00:44:27 +0900 Subject: [PATCH 01/13] =?UTF-8?q?=EA=B0=95=EC=9D=98=203,5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .gitignore | Bin 444 -> 515 bytes build.gradle | 7 +++ .../springhw4/config/SecurityConfig.java | 44 ++++++++++++++++++ .../springhw4/controller/AdminController.java | 17 +++++++ .../springhw4/controller/MainController.java | 16 +++++++ .../example/springhw4/entity/UserEntity.java | 24 ++++++++++ .../springhw4/repository/UserRepository.java | 9 ++++ src/main/resources/application.yml | 6 +-- 8 files changed, 120 insertions(+), 3 deletions(-) create mode 100644 src/main/java/com/example/springhw4/config/SecurityConfig.java create mode 100644 src/main/java/com/example/springhw4/controller/AdminController.java create mode 100644 src/main/java/com/example/springhw4/controller/MainController.java create mode 100644 src/main/java/com/example/springhw4/entity/UserEntity.java create mode 100644 src/main/java/com/example/springhw4/repository/UserRepository.java diff --git a/.gitignore b/.gitignore index c2065bc26202b2d072aca3efc3d1c2efad3afcbf..2f8aee8b1b429dfc93b5d5e38051937625bf1733 100644 GIT binary patch literal 515 zcmZvZO=`n15QViC=ngL48DedEf&K)VQc5AE+cJ?SiGnN(X_AoJcWlX_f#Ai=`>^!h zjNXvw5vL*(um!B2|P ztJMnJlHQYpVw3R1x&c0Wx*X2_QX*&cZo7SG$g-h?I5_taMNOx>*>1>l} zw)sSwQfCM4H)TA{1D$vmd?~|uo4T{S#tF?`>o<$?K1$|0f7aE@&|wLEN`?g=0ulIg U!U`im5Z6I?(Ta=cnJOX0A2d>rIRF3v literal 444 zcmZXR-D<-y42AFY6e+n2#J<@J?5D7fF$NjC9g3}`E{-${x7_AU&5vP8}Wj?NygS7*}5}roh)k(R-r=Qu0K#vKfCI2vQ!{X*@)Kg3-~dIEdT%j diff --git a/build.gradle b/build.gradle index d6dd785..8bf8843 100644 --- a/build.gradle +++ b/build.gradle @@ -25,11 +25,18 @@ repositories { dependencies { implementation 'org.springframework.boot:spring-boot-starter-data-jpa' + implementation 'org.springframework.boot:spring-boot-starter-security' implementation 'org.springframework.boot:spring-boot-starter-web' compileOnly 'org.projectlombok:lombok' runtimeOnly 'com.mysql:mysql-connector-j' + + implementation 'io.jsonwebtoken:jjwt-api:0.12.3' + implementation 'io.jsonwebtoken:jjwt-impl:0.12.3' + implementation 'io.jsonwebtoken:jjwt-jackson:0.12.3' + annotationProcessor 'org.projectlombok:lombok' testImplementation 'org.springframework.boot:spring-boot-starter-test' + testImplementation 'org.springframework.security:spring-security-test' testRuntimeOnly 'org.junit.platform:junit-platform-launcher' } diff --git a/src/main/java/com/example/springhw4/config/SecurityConfig.java b/src/main/java/com/example/springhw4/config/SecurityConfig.java new file mode 100644 index 0000000..78dbf5c --- /dev/null +++ b/src/main/java/com/example/springhw4/config/SecurityConfig.java @@ -0,0 +1,44 @@ +package com.example.springhw4.config; + +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.http.SessionCreationPolicy; +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; +import org.springframework.security.web.SecurityFilterChain; + +@Configuration +@EnableWebSecurity +public class SecurityConfig { + + @Bean + public BCryptPasswordEncoder bCryptPasswordEncoder() { + + return new BCryptPasswordEncoder(); + } + + @Bean + public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { + + http + .csrf((auth) -> auth.disable()); + + http + .formLogin((auth) -> auth.disable()); + + http + .httpBasic((auth) -> auth.disable()); + + http + .authorizeHttpRequests((auth) -> auth + .requestMatchers("/login", "/", "/join").permitAll() + .anyRequest().authenticated()); + + http + .sessionManagement((session) -> session + .sessionCreationPolicy(SessionCreationPolicy.STATELESS)); + + return http.build(); + } +} \ No newline at end of file diff --git a/src/main/java/com/example/springhw4/controller/AdminController.java b/src/main/java/com/example/springhw4/controller/AdminController.java new file mode 100644 index 0000000..0544810 --- /dev/null +++ b/src/main/java/com/example/springhw4/controller/AdminController.java @@ -0,0 +1,17 @@ +package com.example.springhw4.controller; + +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.ResponseBody; + +@Controller +@ResponseBody +public class AdminController { + + @GetMapping("/admin") + public String adminP(){ + + return "admin Controller"; + } + +} diff --git a/src/main/java/com/example/springhw4/controller/MainController.java b/src/main/java/com/example/springhw4/controller/MainController.java new file mode 100644 index 0000000..d5fdec9 --- /dev/null +++ b/src/main/java/com/example/springhw4/controller/MainController.java @@ -0,0 +1,16 @@ +package com.example.springhw4.controller; + +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.ResponseBody; + +@Controller +@ResponseBody +public class MainController{ + + @GetMapping("/") + public String mainP(){ + + return "Main Controller"; + } +} diff --git a/src/main/java/com/example/springhw4/entity/UserEntity.java b/src/main/java/com/example/springhw4/entity/UserEntity.java new file mode 100644 index 0000000..34fab55 --- /dev/null +++ b/src/main/java/com/example/springhw4/entity/UserEntity.java @@ -0,0 +1,24 @@ +package com.example.springhw4.entity; + +import jakarta.persistence.Entity; +import jakarta.persistence.GeneratedValue; +import jakarta.persistence.GenerationType; +import jakarta.persistence.Id; +import lombok.Getter; +import lombok.Setter; + +@Entity +@Getter +@Setter +public class UserEntity { + + @Id + @GeneratedValue(strategy = GenerationType.IDENTITY) + private int id; + + private String username; + + private String password; + + private String role; +} diff --git a/src/main/java/com/example/springhw4/repository/UserRepository.java b/src/main/java/com/example/springhw4/repository/UserRepository.java new file mode 100644 index 0000000..98d2e95 --- /dev/null +++ b/src/main/java/com/example/springhw4/repository/UserRepository.java @@ -0,0 +1,9 @@ +package com.example.springhw4.repository; + +import com.example.springhw4.entity.UserEntity; +import org.springframework.data.jpa.repository.JpaRepository; + +public interface UserRepository extends JpaRepository { + + +} diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml index 9b78d0c..cde488e 100644 --- a/src/main/resources/application.yml +++ b/src/main/resources/application.yml @@ -1,8 +1,8 @@ spring: datasource: - url: jdbc:mysql://localhost:3306/your_database_name?useSSL=false&serverTimezone=UTC&characterEncoding=UTF-8 - username: your_username - password: your_password + url: jdbc:mysql://localhost:3306/jwt_test_db?useSSL=false&serverTimezone=UTC&characterEncoding=UTF-8 + username: root + password: Gofla452! driver-class-name: com.mysql.cj.jdbc.Driver jpa: From fbec3b701160645d1024a314acbdf586a7be0bd6 Mon Sep 17 00:00:00 2001 From: hwangsea <134906042+hwangsea@users.noreply.github.com> Date: Sat, 9 Nov 2024 01:13:08 +0900 Subject: [PATCH 02/13] =?UTF-8?q?=EA=B0=95=EC=9D=98=206?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../springhw4/controller/JoinController.java | 28 +++++++++++++ .../com/example/springhw4/dto/JoinDTO.java | 12 ++++++ .../springhw4/repository/UserRepository.java | 4 +- .../springhw4/service/JoinService.java | 41 +++++++++++++++++++ 4 files changed, 83 insertions(+), 2 deletions(-) create mode 100644 src/main/java/com/example/springhw4/controller/JoinController.java create mode 100644 src/main/java/com/example/springhw4/dto/JoinDTO.java create mode 100644 src/main/java/com/example/springhw4/service/JoinService.java diff --git a/src/main/java/com/example/springhw4/controller/JoinController.java b/src/main/java/com/example/springhw4/controller/JoinController.java new file mode 100644 index 0000000..e52afa7 --- /dev/null +++ b/src/main/java/com/example/springhw4/controller/JoinController.java @@ -0,0 +1,28 @@ +package com.example.springhw4.controller; + +import com.example.springhw4.dto.JoinDTO; +import com.example.springhw4.service.JoinService; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.ResponseBody; + +@Controller +@ResponseBody +public class JoinController { + + private final JoinService joinService; + + public JoinController(JoinService joinService) { + + this.joinService = joinService; + } + + @PostMapping("/join") + public String joinProcess(JoinDTO joinDTO) { + + System.out.println(joinDTO.getUsername()); + joinService.joinProcess(joinDTO); + + return "ok"; + } +} \ No newline at end of file diff --git a/src/main/java/com/example/springhw4/dto/JoinDTO.java b/src/main/java/com/example/springhw4/dto/JoinDTO.java new file mode 100644 index 0000000..858e400 --- /dev/null +++ b/src/main/java/com/example/springhw4/dto/JoinDTO.java @@ -0,0 +1,12 @@ +package com.example.springhw4.dto; + +import lombok.Getter; +import lombok.Setter; + +@Setter +@Getter +public class JoinDTO { + + private String username; + private String password; +} \ No newline at end of file diff --git a/src/main/java/com/example/springhw4/repository/UserRepository.java b/src/main/java/com/example/springhw4/repository/UserRepository.java index 98d2e95..4db94e0 100644 --- a/src/main/java/com/example/springhw4/repository/UserRepository.java +++ b/src/main/java/com/example/springhw4/repository/UserRepository.java @@ -5,5 +5,5 @@ public interface UserRepository extends JpaRepository { - -} + Boolean existsByUsername(String username); +} \ No newline at end of file diff --git a/src/main/java/com/example/springhw4/service/JoinService.java b/src/main/java/com/example/springhw4/service/JoinService.java new file mode 100644 index 0000000..3a53bb0 --- /dev/null +++ b/src/main/java/com/example/springhw4/service/JoinService.java @@ -0,0 +1,41 @@ +package com.example.springhw4.service; + +import com.example.springhw4.dto.JoinDTO; +import com.example.springhw4.entity.UserEntity; +import com.example.springhw4.repository.UserRepository; +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; +import org.springframework.stereotype.Service; + +@Service +public class JoinService { + + private final UserRepository userRepository; + private final BCryptPasswordEncoder bCryptPasswordEncoder; + + public JoinService(UserRepository userRepository, BCryptPasswordEncoder bCryptPasswordEncoder) { + + this.userRepository = userRepository; + this.bCryptPasswordEncoder = bCryptPasswordEncoder; + } + + public void joinProcess(JoinDTO joinDTO) { + + String username = joinDTO.getUsername(); + String password = joinDTO.getPassword(); + + Boolean isExist = userRepository.existsByUsername(username); + + if (isExist) { + + return; + } + + UserEntity data = new UserEntity(); + + data.setUsername(username); + data.setPassword(bCryptPasswordEncoder.encode(password)); + data.setRole("ROLE_ADMIN"); + + userRepository.save(data); + } +} From f1fb889234396e17fdd312d5df89bad53d0c2ae9 Mon Sep 17 00:00:00 2001 From: hwangsea <134906042+hwangsea@users.noreply.github.com> Date: Sat, 9 Nov 2024 02:08:18 +0900 Subject: [PATCH 03/13] =?UTF-8?q?=EA=B0=95=EC=9D=98=207?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/main/java/com/example/springhw4/jwt/LoginFilter.java | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 src/main/java/com/example/springhw4/jwt/LoginFilter.java diff --git a/src/main/java/com/example/springhw4/jwt/LoginFilter.java b/src/main/java/com/example/springhw4/jwt/LoginFilter.java new file mode 100644 index 0000000..74dfdbe --- /dev/null +++ b/src/main/java/com/example/springhw4/jwt/LoginFilter.java @@ -0,0 +1,4 @@ +package com.example.springhw4.jwt; + +public class LoginFilter { +} From 92c66098b82fc343356290a65a306700420fc1e0 Mon Sep 17 00:00:00 2001 From: hwangsea <134906042+hwangsea@users.noreply.github.com> Date: Sat, 9 Nov 2024 02:20:03 +0900 Subject: [PATCH 04/13] =?UTF-8?q?=EA=B0=95=EC=9D=98=208?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../springhw4/dto/CustomUserDetails.java | 4 +++ .../service/CustomUserDetailsService.java | 36 +++++++++++++++++++ 2 files changed, 40 insertions(+) create mode 100644 src/main/java/com/example/springhw4/dto/CustomUserDetails.java create mode 100644 src/main/java/com/example/springhw4/service/CustomUserDetailsService.java diff --git a/src/main/java/com/example/springhw4/dto/CustomUserDetails.java b/src/main/java/com/example/springhw4/dto/CustomUserDetails.java new file mode 100644 index 0000000..a8d9784 --- /dev/null +++ b/src/main/java/com/example/springhw4/dto/CustomUserDetails.java @@ -0,0 +1,4 @@ +package com.example.springhw4.dto; + +public class CustomUserDetails { +} diff --git a/src/main/java/com/example/springhw4/service/CustomUserDetailsService.java b/src/main/java/com/example/springhw4/service/CustomUserDetailsService.java new file mode 100644 index 0000000..2a6a0a7 --- /dev/null +++ b/src/main/java/com/example/springhw4/service/CustomUserDetailsService.java @@ -0,0 +1,36 @@ +package com.example.springhw4.service; + +import com.example.springhw4.dto.CustomUserDetails; +import com.example.springhw4.entity.UserEntity; +import com.example.springhw4.repository.UserRepository; +import org.springframework.security.core.userdetails.UserDetails; +import org.springframework.security.core.userdetails.UserDetailsService; +import org.springframework.security.core.userdetails.UsernameNotFoundException; +import org.springframework.stereotype.Service; + +@Service +public class CustomUserDetailsService implements UserDetailsService { + + private final UserRepository userRepository; + + public CustomUserDetailsService(UserRepository userRepository) { + + this.userRepository = userRepository; + } + + @Override + public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { + + //DB에서 조회 + UserEntity userData = userRepository.findByUsername(username); + + if (userData != null) { + + //UserDetails에 담아서 return하면 AutneticationManager가 검증 함 + return new CustomUserDetails(userData); + } + + return null; + } +} +} \ No newline at end of file From a2cd4035ca3f198f4ff5697e91bf49bb1301f2a2 Mon Sep 17 00:00:00 2001 From: hwangsea <134906042+hwangsea@users.noreply.github.com> Date: Sat, 9 Nov 2024 02:45:24 +0900 Subject: [PATCH 05/13] =?UTF-8?q?=EA=B0=95=EC=9D=98=208?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../springhw4/config/SecurityConfig.java | 25 +++++++ .../springhw4/dto/CustomUserDetails.java | 71 ++++++++++++++++++- .../example/springhw4/jwt/LoginFilter.java | 49 ++++++++++++- .../springhw4/repository/UserRepository.java | 3 + .../service/CustomUserDetailsService.java | 1 - src/main/resources/application.yml | 2 +- 6 files changed, 146 insertions(+), 5 deletions(-) diff --git a/src/main/java/com/example/springhw4/config/SecurityConfig.java b/src/main/java/com/example/springhw4/config/SecurityConfig.java index 78dbf5c..1aea8e5 100644 --- a/src/main/java/com/example/springhw4/config/SecurityConfig.java +++ b/src/main/java/com/example/springhw4/config/SecurityConfig.java @@ -1,17 +1,37 @@ package com.example.springhw4.config; +import com.example.springhw4.jwt.LoginFilter; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; +import org.springframework.security.authentication.AuthenticationManager; +import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.web.SecurityFilterChain; +import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; + @Configuration @EnableWebSecurity public class SecurityConfig { + //AuthenticationManager가 인자로 받을 AuthenticationConfiguraion 객체 생성자 주입 + private final AuthenticationConfiguration authenticationConfiguration; + + public SecurityConfig(AuthenticationConfiguration authenticationConfiguration) { + + this.authenticationConfiguration = authenticationConfiguration; + } + + //AuthenticationManager Bean 등록 + @Bean + public AuthenticationManager authenticationManager(AuthenticationConfiguration configuration) throws Exception { + + return configuration.getAuthenticationManager(); + } + @Bean public BCryptPasswordEncoder bCryptPasswordEncoder() { @@ -21,6 +41,7 @@ public BCryptPasswordEncoder bCryptPasswordEncoder() { @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { + http .csrf((auth) -> auth.disable()); @@ -35,6 +56,10 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { .requestMatchers("/login", "/", "/join").permitAll() .anyRequest().authenticated()); +//필터 추가 LoginFilter()는 인자를 받음 (AuthenticationManager() 메소드에 authenticationConfiguration 객체를 넣어야 함) 따라서 등록 필요 + http + .addFilterAt(new LoginFilter(authenticationManager(authenticationConfiguration)), UsernamePasswordAuthenticationFilter.class); + http .sessionManagement((session) -> session .sessionCreationPolicy(SessionCreationPolicy.STATELESS)); diff --git a/src/main/java/com/example/springhw4/dto/CustomUserDetails.java b/src/main/java/com/example/springhw4/dto/CustomUserDetails.java index a8d9784..7e8c55d 100644 --- a/src/main/java/com/example/springhw4/dto/CustomUserDetails.java +++ b/src/main/java/com/example/springhw4/dto/CustomUserDetails.java @@ -1,4 +1,73 @@ package com.example.springhw4.dto; -public class CustomUserDetails { +import com.example.springhw4.entity.UserEntity; +import org.springframework.security.core.GrantedAuthority; +import org.springframework.security.core.userdetails.UserDetails; + +import java.util.ArrayList; +import java.util.Collection; +import java.util.List; + +public class CustomUserDetails implements UserDetails { + + private final UserEntity userEntity; + + public CustomUserDetails(UserEntity userEntity) { + + this.userEntity = userEntity; + } + + + @Override + public Collection getAuthorities() { + + Collection collection = new ArrayList<>(); + + collection.add(new GrantedAuthority() { + + @Override + public String getAuthority() { + + return userEntity.getRole(); + } + }); + + return collection; + } + + @Override + public String getPassword() { + + return userEntity.getPassword(); + } + + @Override + public String getUsername() { + + return userEntity.getUsername(); + } + + @Override + public boolean isAccountNonExpired() { + + return true; + } + + @Override + public boolean isAccountNonLocked() { + + return true; + } + + @Override + public boolean isCredentialsNonExpired() { + + return true; + } + + @Override + public boolean isEnabled() { + + return true; + } } diff --git a/src/main/java/com/example/springhw4/jwt/LoginFilter.java b/src/main/java/com/example/springhw4/jwt/LoginFilter.java index 74dfdbe..579be74 100644 --- a/src/main/java/com/example/springhw4/jwt/LoginFilter.java +++ b/src/main/java/com/example/springhw4/jwt/LoginFilter.java @@ -1,4 +1,49 @@ package com.example.springhw4.jwt; -public class LoginFilter { -} +import jakarta.servlet.FilterChain; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import jdk.swing.interop.SwingInterOpUtils; +import org.springframework.security.authentication.AuthenticationManager; +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.AuthenticationException; +import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; + +public class LoginFilter extends UsernamePasswordAuthenticationFilter { + + private final AuthenticationManager authenticationManager; + + public LoginFilter(AuthenticationManager authenticationManager) { + + this.authenticationManager = authenticationManager; + } + + @Override + public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException { + + //클라이언트 요청에서 username, password 추출 + String username = obtainUsername(request); + String password = obtainPassword(request); + + //System.out.println(username); + + //스프링 시큐리티에서 username과 password를 검증하기 위해서는 token에 담아야 함 + UsernamePasswordAuthenticationToken authToken = new UsernamePasswordAuthenticationToken(username, password, null); + + //token에 담은 검증을 위한 AuthenticationManager로 전달 + return authenticationManager.authenticate(authToken); + } + + //로그인 성공시 실행하는 메소드 (여기서 JWT를 발급하면 됨) + @Override + protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain, Authentication authentication) { + + } + + //로그인 실패시 실행하는 메소드 + @Override + protected void unsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response, AuthenticationException failed) { + + } +} \ No newline at end of file diff --git a/src/main/java/com/example/springhw4/repository/UserRepository.java b/src/main/java/com/example/springhw4/repository/UserRepository.java index 4db94e0..0e07007 100644 --- a/src/main/java/com/example/springhw4/repository/UserRepository.java +++ b/src/main/java/com/example/springhw4/repository/UserRepository.java @@ -6,4 +6,7 @@ public interface UserRepository extends JpaRepository { Boolean existsByUsername(String username); + + //username을 받아 DB 테이블에서 회원을 조회하는 메소드 작성 + UserEntity findByUsername(String username); } \ No newline at end of file diff --git a/src/main/java/com/example/springhw4/service/CustomUserDetailsService.java b/src/main/java/com/example/springhw4/service/CustomUserDetailsService.java index 2a6a0a7..f4d1492 100644 --- a/src/main/java/com/example/springhw4/service/CustomUserDetailsService.java +++ b/src/main/java/com/example/springhw4/service/CustomUserDetailsService.java @@ -33,4 +33,3 @@ public UserDetails loadUserByUsername(String username) throws UsernameNotFoundEx return null; } } -} \ No newline at end of file diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml index cde488e..4b4bab8 100644 --- a/src/main/resources/application.yml +++ b/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: jpa: hibernate: - ddl-auto: create + ddl-auto: none show-sql: true properties: hibernate: From 34ba3c8fd919daab07923b140272094772be65d4 Mon Sep 17 00:00:00 2001 From: hwangsea <134906042+hwangsea@users.noreply.github.com> Date: Sat, 9 Nov 2024 02:50:28 +0900 Subject: [PATCH 06/13] =?UTF-8?q?=EA=B0=95=EC=9D=98=209?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../com/example/springhw4/jwt/JWTUtil.java | 48 +++++++++++++++++++ src/main/resources/application.yml | 5 +- 2 files changed, 52 insertions(+), 1 deletion(-) create mode 100644 src/main/java/com/example/springhw4/jwt/JWTUtil.java diff --git a/src/main/java/com/example/springhw4/jwt/JWTUtil.java b/src/main/java/com/example/springhw4/jwt/JWTUtil.java new file mode 100644 index 0000000..c48ae3e --- /dev/null +++ b/src/main/java/com/example/springhw4/jwt/JWTUtil.java @@ -0,0 +1,48 @@ +package com.example.springhw4.jwt; + +import io.jsonwebtoken.Jwts; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.stereotype.Component; + +import javax.crypto.SecretKey; +import javax.crypto.spec.SecretKeySpec; +import java.nio.charset.StandardCharsets; +import java.util.Date; + +@Component +public class JWTUtil { + + private SecretKey secretKey; + + public JWTUtil(@Value("${spring.jwt.secret}")String secret) { + + + secretKey = new SecretKeySpec(secret.getBytes(StandardCharsets.UTF_8), Jwts.SIG.HS256.key().build().getAlgorithm()); + } + + public String getUsername(String token) { + + return Jwts.parser().verifyWith(secretKey).build().parseSignedClaims(token).getPayload().get("username", String.class); + } + + public String getRole(String token) { + + return Jwts.parser().verifyWith(secretKey).build().parseSignedClaims(token).getPayload().get("role", String.class); + } + + public Boolean isExpired(String token) { + + return Jwts.parser().verifyWith(secretKey).build().parseSignedClaims(token).getPayload().getExpiration().before(new Date()); + } + + public String createJwt(String username, String role, Long expiredMs) { + + return Jwts.builder() + .claim("username", username) + .claim("role", role) + .issuedAt(new Date(System.currentTimeMillis())) + .expiration(new Date(System.currentTimeMillis() + expiredMs)) + .signWith(secretKey) + .compact(); + } +} \ No newline at end of file diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml index 4b4bab8..2639f38 100644 --- a/src/main/resources/application.yml +++ b/src/main/resources/application.yml @@ -12,4 +12,7 @@ spring: properties: hibernate: format_sql: true - dialect: org.hibernate.dialect.MySQL8Dialect \ No newline at end of file + dialect: org.hibernate.dialect.MySQL8Dialect + + jwt: + secret: vmfhaltmskdlstkfkdgodyroqkfwkdbalroqkfwkdbalaaaaaaaaaaaaaaaabbbbb From a4803a442a4712ea589d9257c2061ff0e63b6652 Mon Sep 17 00:00:00 2001 From: hwangsea <134906042+hwangsea@users.noreply.github.com> Date: Sat, 9 Nov 2024 03:01:45 +0900 Subject: [PATCH 07/13] =?UTF-8?q?=EA=B0=95=EC=9D=98=2010?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../springhw4/config/SecurityConfig.java | 12 ++++---- .../example/springhw4/jwt/LoginFilter.java | 28 +++++++++++++++++-- 2 files changed, 32 insertions(+), 8 deletions(-) diff --git a/src/main/java/com/example/springhw4/config/SecurityConfig.java b/src/main/java/com/example/springhw4/config/SecurityConfig.java index 1aea8e5..b853e6d 100644 --- a/src/main/java/com/example/springhw4/config/SecurityConfig.java +++ b/src/main/java/com/example/springhw4/config/SecurityConfig.java @@ -1,5 +1,6 @@ package com.example.springhw4.config; +import com.example.springhw4.jwt.JWTUtil; import com.example.springhw4.jwt.LoginFilter; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; @@ -17,15 +18,16 @@ @EnableWebSecurity public class SecurityConfig { - //AuthenticationManager가 인자로 받을 AuthenticationConfiguraion 객체 생성자 주입 private final AuthenticationConfiguration authenticationConfiguration; + //JWTUtil 주입 + private final JWTUtil jwtUtil; - public SecurityConfig(AuthenticationConfiguration authenticationConfiguration) { + public SecurityConfig(AuthenticationConfiguration authenticationConfiguration, JWTUtil jwtUtil) { this.authenticationConfiguration = authenticationConfiguration; + this.jwtUtil = jwtUtil; } - //AuthenticationManager Bean 등록 @Bean public AuthenticationManager authenticationManager(AuthenticationConfiguration configuration) throws Exception { @@ -56,9 +58,9 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { .requestMatchers("/login", "/", "/join").permitAll() .anyRequest().authenticated()); -//필터 추가 LoginFilter()는 인자를 받음 (AuthenticationManager() 메소드에 authenticationConfiguration 객체를 넣어야 함) 따라서 등록 필요 + //AuthenticationManager()와 JWTUtil 인수 전달 http - .addFilterAt(new LoginFilter(authenticationManager(authenticationConfiguration)), UsernamePasswordAuthenticationFilter.class); + .addFilterAt(new LoginFilter(authenticationManager(authenticationConfiguration), jwtUtil), UsernamePasswordAuthenticationFilter.class); http .sessionManagement((session) -> session diff --git a/src/main/java/com/example/springhw4/jwt/LoginFilter.java b/src/main/java/com/example/springhw4/jwt/LoginFilter.java index 579be74..e4c1ad2 100644 --- a/src/main/java/com/example/springhw4/jwt/LoginFilter.java +++ b/src/main/java/com/example/springhw4/jwt/LoginFilter.java @@ -1,5 +1,6 @@ package com.example.springhw4.jwt; +import com.example.springhw4.dto.CustomUserDetails; import jakarta.servlet.FilterChain; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; @@ -8,15 +9,22 @@ import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; +import org.springframework.security.core.GrantedAuthority; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; +import java.util.Collection; +import java.util.Iterator; + public class LoginFilter extends UsernamePasswordAuthenticationFilter { private final AuthenticationManager authenticationManager; + //JWTUtil 주입 + private final JWTUtil jwtUtil; - public LoginFilter(AuthenticationManager authenticationManager) { + public LoginFilter(AuthenticationManager authenticationManager, JWTUtil jwtUtil) { this.authenticationManager = authenticationManager; + this.jwtUtil = jwtUtil; } @Override @@ -26,8 +34,6 @@ public Authentication attemptAuthentication(HttpServletRequest request, HttpServ String username = obtainUsername(request); String password = obtainPassword(request); - //System.out.println(username); - //스프링 시큐리티에서 username과 password를 검증하기 위해서는 token에 담아야 함 UsernamePasswordAuthenticationToken authToken = new UsernamePasswordAuthenticationToken(username, password, null); @@ -39,11 +45,27 @@ public Authentication attemptAuthentication(HttpServletRequest request, HttpServ @Override protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain, Authentication authentication) { + //UserDetailsS + CustomUserDetails customUserDetails = (CustomUserDetails) authentication.getPrincipal(); + + String username = customUserDetails.getUsername(); + + Collection authorities = authentication.getAuthorities(); + Iterator iterator = authorities.iterator(); + GrantedAuthority auth = iterator.next(); + + String role = auth.getAuthority(); + + String token = jwtUtil.createJwt(username, role, 60*60*10L); + + response.addHeader("Authorization", "Bearer " + token); } //로그인 실패시 실행하는 메소드 @Override protected void unsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response, AuthenticationException failed) { + //로그인 실패시 401 응답 코드 반환 + response.setStatus(401); } } \ No newline at end of file From 4aa6d1599da8db8ead58d69e696438b54613cf36 Mon Sep 17 00:00:00 2001 From: hwangsea <134906042+hwangsea@users.noreply.github.com> Date: Sat, 9 Nov 2024 05:28:06 +0900 Subject: [PATCH 08/13] =?UTF-8?q?=EA=B0=95=EC=9D=98=2011?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/main/java/com/example/springhw4/jwt/JWTFilter.java | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 src/main/java/com/example/springhw4/jwt/JWTFilter.java diff --git a/src/main/java/com/example/springhw4/jwt/JWTFilter.java b/src/main/java/com/example/springhw4/jwt/JWTFilter.java new file mode 100644 index 0000000..3992ef8 --- /dev/null +++ b/src/main/java/com/example/springhw4/jwt/JWTFilter.java @@ -0,0 +1,4 @@ +package com.example.springhw4.jwt; + +public class JWTFilter { +} From 0969b4b30011abceeefeaedc2d4147d01810a9e5 Mon Sep 17 00:00:00 2001 From: hwangsea <134906042+hwangsea@users.noreply.github.com> Date: Sat, 9 Nov 2024 13:38:30 +0900 Subject: [PATCH 09/13] =?UTF-8?q?=EA=B0=95=EC=9D=98=2012?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../springhw4/config/SecurityConfig.java | 6 +- .../springhw4/controller/MainController.java | 21 +++++- .../com/example/springhw4/jwt/JWTFilter.java | 74 ++++++++++++++++++- .../example/springhw4/jwt/LoginFilter.java | 3 +- 4 files changed, 97 insertions(+), 7 deletions(-) diff --git a/src/main/java/com/example/springhw4/config/SecurityConfig.java b/src/main/java/com/example/springhw4/config/SecurityConfig.java index b853e6d..9b4f6ce 100644 --- a/src/main/java/com/example/springhw4/config/SecurityConfig.java +++ b/src/main/java/com/example/springhw4/config/SecurityConfig.java @@ -1,5 +1,6 @@ package com.example.springhw4.config; +import com.example.springhw4.jwt.JWTFilter; import com.example.springhw4.jwt.JWTUtil; import com.example.springhw4.jwt.LoginFilter; import org.springframework.context.annotation.Bean; @@ -58,7 +59,10 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { .requestMatchers("/login", "/", "/join").permitAll() .anyRequest().authenticated()); - //AuthenticationManager()와 JWTUtil 인수 전달 + //JWTFilter 등록 + http + .addFilterBefore(new JWTFilter(jwtUtil), LoginFilter.class); + http .addFilterAt(new LoginFilter(authenticationManager(authenticationConfiguration), jwtUtil), UsernamePasswordAuthenticationFilter.class); diff --git a/src/main/java/com/example/springhw4/controller/MainController.java b/src/main/java/com/example/springhw4/controller/MainController.java index d5fdec9..bf7101f 100644 --- a/src/main/java/com/example/springhw4/controller/MainController.java +++ b/src/main/java/com/example/springhw4/controller/MainController.java @@ -1,16 +1,31 @@ package com.example.springhw4.controller; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.GrantedAuthority; +import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.ResponseBody; +import java.util.Collection; +import java.util.Iterator; + @Controller @ResponseBody -public class MainController{ +public class MainController { @GetMapping("/") - public String mainP(){ + public String mainP() { + + String name = SecurityContextHolder.getContext().getAuthentication().getName(); + + Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); + + Collection authorities = authentication.getAuthorities(); + Iterator iter = authorities.iterator(); + GrantedAuthority auth = iter.next(); + String role = auth.getAuthority(); - return "Main Controller"; + return "Main Controller : "+name+role; } } diff --git a/src/main/java/com/example/springhw4/jwt/JWTFilter.java b/src/main/java/com/example/springhw4/jwt/JWTFilter.java index 3992ef8..010eea6 100644 --- a/src/main/java/com/example/springhw4/jwt/JWTFilter.java +++ b/src/main/java/com/example/springhw4/jwt/JWTFilter.java @@ -1,4 +1,74 @@ package com.example.springhw4.jwt; -public class JWTFilter { -} +import com.example.springhw4.dto.CustomUserDetails; +import com.example.springhw4.entity.UserEntity; +import jakarta.servlet.FilterChain; +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.web.filter.OncePerRequestFilter; + +import java.io.IOException; + +public class JWTFilter extends OncePerRequestFilter { + + private final JWTUtil jwtUtil; + + public JWTFilter(JWTUtil jwtUtil) { + + this.jwtUtil = jwtUtil; + } + + @Override + protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { + //request에서 Authorization 헤더를 찾음 + String authorization= request.getHeader("Authorization"); + + //Authorization 헤더 검증 + if (authorization == null || !authorization.startsWith("Bearer ")) { + + System.out.println("token null"); + filterChain.doFilter(request, response); + + //조건이 해당되면 메소드 종료 (필수) + return; + } + + System.out.println("authorization now"); + //Bearer 부분 제거 후 순수 토큰만 획득 + String token = authorization.split(" ")[1]; + + //토큰 소멸 시간 검증 + if (jwtUtil.isExpired(token)) { + + System.out.println("token expired"); + filterChain.doFilter(request, response); + + //조건이 해당되면 메소드 종료 (필수) + return; + } + + //토큰에서 username과 role 획득 + String username = jwtUtil.getUsername(token); + String role = jwtUtil.getRole(token); + + //userEntity를 생성하여 값 set + UserEntity userEntity = new UserEntity(); + userEntity.setUsername(username); + userEntity.setPassword("temppassword"); + userEntity.setRole(role); + + //UserDetails에 회원 정보 객체 담기 + CustomUserDetails customUserDetails = new CustomUserDetails(userEntity); + + //스프링 시큐리티 인증 토큰 생성 + Authentication authToken = new UsernamePasswordAuthenticationToken(customUserDetails, null, customUserDetails.getAuthorities()); + //세션에 사용자 등록 + SecurityContextHolder.getContext().setAuthentication(authToken); + + filterChain.doFilter(request, response); + } +} \ No newline at end of file diff --git a/src/main/java/com/example/springhw4/jwt/LoginFilter.java b/src/main/java/com/example/springhw4/jwt/LoginFilter.java index e4c1ad2..c7d3aa6 100644 --- a/src/main/java/com/example/springhw4/jwt/LoginFilter.java +++ b/src/main/java/com/example/springhw4/jwt/LoginFilter.java @@ -56,7 +56,8 @@ protected void successfulAuthentication(HttpServletRequest request, HttpServletR String role = auth.getAuthority(); - String token = jwtUtil.createJwt(username, role, 60*60*10L); + //10시간 설정 + String token = jwtUtil.createJwt(username, role, 60*60*1000L); response.addHeader("Authorization", "Bearer " + token); } From 46e37efd1c5a79b619f21599891d7107cf5d817d Mon Sep 17 00:00:00 2001 From: hwangsea <134906042+hwangsea@users.noreply.github.com> Date: Sat, 9 Nov 2024 13:47:28 +0900 Subject: [PATCH 10/13] =?UTF-8?q?=EA=B0=95=EC=9D=98=2013?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../springhw4/config/CorsMvcConfig.java | 16 +++++++++++++ .../springhw4/config/SecurityConfig.java | 24 +++++++++++++++++++ 2 files changed, 40 insertions(+) create mode 100644 src/main/java/com/example/springhw4/config/CorsMvcConfig.java diff --git a/src/main/java/com/example/springhw4/config/CorsMvcConfig.java b/src/main/java/com/example/springhw4/config/CorsMvcConfig.java new file mode 100644 index 0000000..30c0d32 --- /dev/null +++ b/src/main/java/com/example/springhw4/config/CorsMvcConfig.java @@ -0,0 +1,16 @@ +package com.example.springhw4.config; + +import org.springframework.context.annotation.Configuration; +import org.springframework.web.servlet.config.annotation.CorsRegistry; +import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; + +@Configuration +public class CorsMvcConfig implements WebMvcConfigurer { + + @Override + public void addCorsMappings(CorsRegistry corsRegistry) { + + corsRegistry.addMapping("/**") + .allowedOrigins("http://localhost:3000"); + } +} \ No newline at end of file diff --git a/src/main/java/com/example/springhw4/config/SecurityConfig.java b/src/main/java/com/example/springhw4/config/SecurityConfig.java index 9b4f6ce..65326f3 100644 --- a/src/main/java/com/example/springhw4/config/SecurityConfig.java +++ b/src/main/java/com/example/springhw4/config/SecurityConfig.java @@ -3,6 +3,7 @@ import com.example.springhw4.jwt.JWTFilter; import com.example.springhw4.jwt.JWTUtil; import com.example.springhw4.jwt.LoginFilter; +import jakarta.servlet.http.HttpServletRequest; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.authentication.AuthenticationManager; @@ -13,6 +14,10 @@ import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; +import org.springframework.web.cors.CorsConfiguration; +import org.springframework.web.cors.CorsConfigurationSource; + +import java.util.Collections; @Configuration @@ -44,6 +49,25 @@ public BCryptPasswordEncoder bCryptPasswordEncoder() { @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { + http + .cors((corsCustomizer -> corsCustomizer.configurationSource(new CorsConfigurationSource() { + + @Override + public CorsConfiguration getCorsConfiguration(HttpServletRequest request) { + + CorsConfiguration configuration = new CorsConfiguration(); + + configuration.setAllowedOrigins(Collections.singletonList("http://localhost:3000")); + configuration.setAllowedMethods(Collections.singletonList("*")); + configuration.setAllowCredentials(true); + configuration.setAllowedHeaders(Collections.singletonList("*")); + configuration.setMaxAge(3600L); + + configuration.setExposedHeaders(Collections.singletonList("Authorization")); + + return configuration; + } + }))); http .csrf((auth) -> auth.disable()); From 462efc4836217fd45973cf503fdb1025682493c6 Mon Sep 17 00:00:00 2001 From: hwangsea <134906042+hwangsea@users.noreply.github.com> Date: Sat, 9 Nov 2024 14:00:37 +0900 Subject: [PATCH 11/13] Remove application.yml from tracking and update .gitignore --- src/main/resources/application.yml | 18 ------------------ 1 file changed, 18 deletions(-) delete mode 100644 src/main/resources/application.yml diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml deleted file mode 100644 index 2639f38..0000000 --- a/src/main/resources/application.yml +++ /dev/null @@ -1,18 +0,0 @@ -spring: - datasource: - url: jdbc:mysql://localhost:3306/jwt_test_db?useSSL=false&serverTimezone=UTC&characterEncoding=UTF-8 - username: root - password: Gofla452! - driver-class-name: com.mysql.cj.jdbc.Driver - - jpa: - hibernate: - ddl-auto: none - show-sql: true - properties: - hibernate: - format_sql: true - dialect: org.hibernate.dialect.MySQL8Dialect - - jwt: - secret: vmfhaltmskdlstkfkdgodyroqkfwkdbalroqkfwkdbalaaaaaaaaaaaaaaaabbbbb From 477a5a751653d4b6879fec117025878bdc7b8fa4 Mon Sep 17 00:00:00 2001 From: hwangsea <134906042+hwangsea@users.noreply.github.com> Date: Wed, 13 Nov 2024 00:55:11 +0900 Subject: [PATCH 12/13] ex6 --- build.gradle | 4 ++ .../springhw4/config/SecurityConfig.java | 2 +- .../springhw4/config/SwaggerConfig.java | 38 +++++++++++++++++++ .../springhw4/controller/PostController.java | 17 +++++++++ .../com/example/springhw4/dto/PostDto.java | 16 ++++++++ .../com/example/springhw4/entity/Post.java | 23 +++++++++++ .../springhw4/repository/PostRepository.java | 11 ++++++ .../springhw4/service/PostService.java | 8 ++++ src/main/resources/application.yml | 26 +++++++++++++ 9 files changed, 144 insertions(+), 1 deletion(-) create mode 100644 src/main/java/com/example/springhw4/config/SwaggerConfig.java create mode 100644 src/main/java/com/example/springhw4/controller/PostController.java create mode 100644 src/main/java/com/example/springhw4/dto/PostDto.java create mode 100644 src/main/java/com/example/springhw4/entity/Post.java create mode 100644 src/main/java/com/example/springhw4/repository/PostRepository.java create mode 100644 src/main/java/com/example/springhw4/service/PostService.java create mode 100644 src/main/resources/application.yml diff --git a/build.gradle b/build.gradle index 8bf8843..dbf9922 100644 --- a/build.gradle +++ b/build.gradle @@ -30,6 +30,10 @@ dependencies { compileOnly 'org.projectlombok:lombok' runtimeOnly 'com.mysql:mysql-connector-j' + // swagger + implementation 'org.springdoc:springdoc-openapi-starter-webmvc-ui:2.3.0' + + implementation 'io.jsonwebtoken:jjwt-api:0.12.3' implementation 'io.jsonwebtoken:jjwt-impl:0.12.3' implementation 'io.jsonwebtoken:jjwt-jackson:0.12.3' diff --git a/src/main/java/com/example/springhw4/config/SecurityConfig.java b/src/main/java/com/example/springhw4/config/SecurityConfig.java index 65326f3..660c462 100644 --- a/src/main/java/com/example/springhw4/config/SecurityConfig.java +++ b/src/main/java/com/example/springhw4/config/SecurityConfig.java @@ -80,7 +80,7 @@ public CorsConfiguration getCorsConfiguration(HttpServletRequest request) { http .authorizeHttpRequests((auth) -> auth - .requestMatchers("/login", "/", "/join").permitAll() + .requestMatchers("/login", "/", "/join","/docs/**","/v3/**").permitAll() .anyRequest().authenticated()); //JWTFilter 등록 diff --git a/src/main/java/com/example/springhw4/config/SwaggerConfig.java b/src/main/java/com/example/springhw4/config/SwaggerConfig.java new file mode 100644 index 0000000..3d6b0b1 --- /dev/null +++ b/src/main/java/com/example/springhw4/config/SwaggerConfig.java @@ -0,0 +1,38 @@ +package com.example.springhw4.config; + +import io.swagger.v3.oas.models.Components; +import io.swagger.v3.oas.models.OpenAPI; +import io.swagger.v3.oas.models.security.SecurityRequirement; +import io.swagger.v3.oas.models.security.SecurityScheme; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; + + +import java.util.List; + +@Configuration +public class SwaggerConfig { + + @Bean + public OpenAPI openAPI() { + SecurityScheme apiKey = new SecurityScheme() + .type(SecurityScheme.Type.HTTP) + .in(SecurityScheme.In.HEADER) + .name("Authorization") + .scheme("bearer") + .bearerFormat("JWT"); + + SecurityRequirement securityRequirement = new SecurityRequirement() + .addList("Bearer Token"); + + return new OpenAPI() + .components(new Components().addSecuritySchemes("Bearer Token", apiKey)) + .addSecurityItem(securityRequirement) + .servers(List.of( + new io.swagger.v3.oas.models.servers.Server() + .url("http://localhost:8080") + .description("로컬 서버") + ) + ); + } +} \ No newline at end of file diff --git a/src/main/java/com/example/springhw4/controller/PostController.java b/src/main/java/com/example/springhw4/controller/PostController.java new file mode 100644 index 0000000..f1cd77e --- /dev/null +++ b/src/main/java/com/example/springhw4/controller/PostController.java @@ -0,0 +1,17 @@ +package com.example.springhw4.controller; + +import com.example.springhw4.dto.PostDto; +import lombok.Getter; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.RestController; + +@RestController +public class PostController { + + @GetMapping("/post") + public String createpost() { + return SecurityContextHolder.getContext().getAuthentication().getName(); + } + +} diff --git a/src/main/java/com/example/springhw4/dto/PostDto.java b/src/main/java/com/example/springhw4/dto/PostDto.java new file mode 100644 index 0000000..25f484f --- /dev/null +++ b/src/main/java/com/example/springhw4/dto/PostDto.java @@ -0,0 +1,16 @@ +package com.example.springhw4.dto; + +import lombok.Builder; +import lombok.Getter; +import lombok.Setter; + +@Builder +@Getter +@Setter +public class PostDto { + + private String title; + + private String content; + +} diff --git a/src/main/java/com/example/springhw4/entity/Post.java b/src/main/java/com/example/springhw4/entity/Post.java new file mode 100644 index 0000000..3201d0f --- /dev/null +++ b/src/main/java/com/example/springhw4/entity/Post.java @@ -0,0 +1,23 @@ +package com.example.springhw4.entity; + +import jakarta.persistence.*; +import lombok.*; + +@Entity +@Builder +@Getter +@NoArgsConstructor +@AllArgsConstructor +public class Post { + + @Id + @GeneratedValue(strategy = GenerationType.AUTO) + private Long id; + + @ManyToOne + private UserEntity userEntity; + + private String title; + private String content; + +} diff --git a/src/main/java/com/example/springhw4/repository/PostRepository.java b/src/main/java/com/example/springhw4/repository/PostRepository.java new file mode 100644 index 0000000..4410481 --- /dev/null +++ b/src/main/java/com/example/springhw4/repository/PostRepository.java @@ -0,0 +1,11 @@ +package com.example.springhw4.repository; + +import com.example.springhw4.entity.Post; +import org.springframework.data.jpa.repository.JpaRepository; +import org.springframework.stereotype.Repository; +import org.springframework.web.bind.annotation.ResponseBody; + +@Repository +public interface PostRepository extends JpaRepository { + +} diff --git a/src/main/java/com/example/springhw4/service/PostService.java b/src/main/java/com/example/springhw4/service/PostService.java new file mode 100644 index 0000000..206d2e0 --- /dev/null +++ b/src/main/java/com/example/springhw4/service/PostService.java @@ -0,0 +1,8 @@ +package com.example.springhw4.service; + +import org.springframework.stereotype.Service; + +@Service +public class PostService { + +} diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml new file mode 100644 index 0000000..a2dcc80 --- /dev/null +++ b/src/main/resources/application.yml @@ -0,0 +1,26 @@ +spring: + datasource: + url: jdbc:mysql://localhost:3306/demo?useSSL=false&serverTimezone=UTC&characterEncoding=UTF-8 + username: root + password: Gofla452! + driver-class-name: com.mysql.cj.jdbc.Driver + + jpa: + hibernate: + ddl-auto: update + show-sql: true + properties: + hibernate: + format_sql: true + dialect: org.hibernate.dialect.MySQL8Dialect + + jwt: + secret: vmfhaltmskdlstkfkdgodyroqkfwkdbalroqkfwkdbalaaaaaaaaaaaaaaaabbbbb + +springdoc: + api-docs: + enabled: true + path: /v3/api-docs + swagger-ui: + enabled: true + path: /docs/index.html \ No newline at end of file From 479f1427cd2736868a0689d7294e5140ce8d2577 Mon Sep 17 00:00:00 2001 From: HyerimH <134906042+HyerimH@users.noreply.github.com> Date: Wed, 13 Nov 2024 01:07:06 +0900 Subject: [PATCH 13/13] Update application.yml --- src/main/resources/application.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml index a2dcc80..6b904d4 100644 --- a/src/main/resources/application.yml +++ b/src/main/resources/application.yml @@ -1,8 +1,8 @@ spring: datasource: url: jdbc:mysql://localhost:3306/demo?useSSL=false&serverTimezone=UTC&characterEncoding=UTF-8 - username: root - password: Gofla452! + username: your_username + password: your_password driver-class-name: com.mysql.cj.jdbc.Driver jpa: @@ -23,4 +23,4 @@ springdoc: path: /v3/api-docs swagger-ui: enabled: true - path: /docs/index.html \ No newline at end of file + path: /docs/index.html