enan501 · Kimgeunwook · Jan 27, 2021 · Jan 28, 2021
diff --git a/README.md b/README.md
@@ -250,7 +250,7 @@
 </details>
 
 <details markdown="1">
-<summary>day3: 2020-12-26(토)</summary>
+<summary>day4: 2020-12-26(토)</summary>
 <ul>
     <li>진행 사항</><br>
     1. 학습 내용 (<a href="https://github.com/enan501/springStudy/wiki/Season-2-Day-4-(2020.12.26)">자세히</a>)

diff --git a/build.gradle b/build.gradle
@@ -15,6 +15,20 @@ repositories {
 dependencies {
 	implementation 'org.springframework.boot:spring-boot-starter-web'
 	testImplementation 'org.springframework.boot:spring-boot-starter-test'
+	implementation 'org.mariadb.jdbc:mariadb-java-client'
+	implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
+
+	implementation 'org.springframework.boot:spring-boot-starter-security'
+
+	implementation 'org.springframework.boot:spring-boot-starter-web'
+
+	compileOnly 'org.projectlombok:lombok'
+	annotationProcessor 'org.projectlombok:lombok'
+
+	testImplementation('org.springframework.boot:spring-boot-starter-test') {
+		exclude group: 'org.junit.vintage', module: 'junit-vintage-engine'
+	}
+	testImplementation 'org.springframework.security:spring-security-test'
 }
 
 test {

diff --git a/src/main/java/com/backdev/happy/wblserver/SecurityApplication.java b/src/main/java/com/backdev/happy/wblserver/SecurityApplication.java
@@ -0,0 +1,20 @@
+package com.backdev.happy.wblserver;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.builder.SpringApplicationBuilder;
+import org.springframework.boot.web.servlet.support.SpringBootServletInitializer;
+
+@SpringBootApplication
+public class SecurityApplication extends SpringBootServletInitializer {
+
+    @Override
+    protected SpringApplicationBuilder configure(SpringApplicationBuilder builder){
+        return builder.sources(SecurityApplication.class);
+    }
+
+    public static void main(String[] args) {
+        SpringApplication.run(SecurityApplication.class, args);
+    }
+
+}
diff --git a/src/main/java/com/backdev/happy/wblserver/app/common/model/CommonVO.java b/src/main/java/com/backdev/happy/wblserver/app/common/model/CommonVO.java
@@ -0,0 +1,34 @@
+package com.backdev.happy.wblserver.app.common.model;
+
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+import org.hibernate.annotations.CreationTimestamp;
+import org.hibernate.annotations.UpdateTimestamp;
+
+import javax.persistence.*;
+import java.io.Serializable;
+import java.time.LocalDateTime;
+
+@MappedSuperclass
+@Getter
+@NoArgsConstructor
+public abstract class CommonVO implements Serializable {
+
+    @Id
+    @GeneratedValue(strategy = GenerationType.IDENTITY)
+    @Column(name = "id", nullable = false)
+    private Long id;                                        // 고유번호
+
+    @CreationTimestamp
+    @Column(nullable = false, length = 20, updatable = false)
+    private LocalDateTime createdAt;                        // 등록 일자
+
+    @UpdateTimestamp
+    @Column(length = 20)
+    private LocalDateTime updatedAt;                        // 수정 일자
+
+    @Setter
+    @Column(nullable = false, columnDefinition = "BOOLEAN DEFAULT true")
+    private Boolean isEnable = true;                        // 사용 여부
+}
diff --git a/src/main/java/com/backdev/happy/wblserver/app/home/HomeController.java b/src/main/java/com/backdev/happy/wblserver/app/home/HomeController.java
@@ -0,0 +1,23 @@
+package com.backdev.happy.wblserver.app.home;
+
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.GetMapping;
+
+@Controller
+public class HomeController {
+
+    @GetMapping(value = "/index")
+    public String index(){
+        return "home/index";
+    }
+
+    @GetMapping(value = "/about")
+    public String about(){
+        return "home/about";
+    }
+
+    @GetMapping(value = "/admin")
+    public String admin(){
+        return "home/admin";
+    }
+}
diff --git a/src/main/java/com/backdev/happy/wblserver/app/user/controller/UserController.java b/src/main/java/com/backdev/happy/wblserver/app/user/controller/UserController.java
@@ -0,0 +1,71 @@
+package com.backdev.happy.wblserver.app.user.controller;
+
+import com.backdev.happy.wblserver.app.user.model.UserVO;
+import com.backdev.happy.wblserver.app.user.service.UserService;
+import com.backdev.happy.wblserver.enums.role.UserRole;
+import lombok.NonNull;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.log4j.Log4j2;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.*;
+import org.springframework.web.servlet.mvc.support.RedirectAttributes;
+
+import javax.annotation.Resource;
+import javax.servlet.http.HttpServletRequest;
+
+@RequiredArgsConstructor
+@Controller
+@RequestMapping(value = "/user")
+@Log4j2
+public class UserController {
+
+    @Resource(name = "userService")
+    private UserService userService;
+
+    @NonNull
+    private BCryptPasswordEncoder passwordEncoder;
+
+    @GetMapping(value = "/loginView")
+    public String loginView(){
+        return "user/login";
+    }
+
+
+    @PostMapping(value = "/login")
+    public String login(HttpServletRequest request, RedirectAttributes redirectAttributes, @ModelAttribute UserVO userVO){
+        log.error("@@@");
+        log.info("ㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋ");
+        log.info(userVO.getUserEmail());
+        log.info(userVO.getUserPw());
+        String userPw = userVO.getUserPw();
+        userVO = userService.findUserByUserEmail(userVO.getUserEmail());
+        if(userVO == null || !passwordEncoder.matches(userPw, userVO.getUserPw())){
+            redirectAttributes.addFlashAttribute("rsMsg", "아이디 또는 비밀번호가 잘못되었습니다.");
+            return "redirect:/user/loginView";
+        }
+
+        request.getSession().setAttribute("userVO", userVO);
+        return "redirect:/index";
+    }
+
+
+    @GetMapping(value = "/init")
+    public String createAdmin(@ModelAttribute UserVO userVO){
+        userVO.setUserEmail("user@naver.com");
+        userVO.setUserPw(passwordEncoder.encode("test"));
+        userVO.setRole(UserRole.USER);
+        if(userService.createUser(userVO) == null){
+            log.error("Create Admin Error");
+        }
+
+        userVO.setUserEmail("admin@naver.com");
+        userVO.setUserPw(passwordEncoder.encode("test"));
+        userVO.setRole(UserRole.ADMIN);
+        if(userService.createUser(userVO) == null){
+            log.error("Create Admin Error");
+        }
+        return "redirect:/index";
+    }
+
+}
diff --git a/src/main/java/com/backdev/happy/wblserver/app/user/model/UserDetailsVO.java b/src/main/java/com/backdev/happy/wblserver/app/user/model/UserDetailsVO.java
@@ -0,0 +1,53 @@
+package com.backdev.happy.wblserver.app.user.model;
+
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.experimental.Delegate;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+
+import java.util.Collection;
+
+@AllArgsConstructor
+@Getter
+public class UserDetailsVO implements UserDetails {
+
+    @Delegate
+    private UserVO userVO;
+    private Collection<? extends GrantedAuthority> authorities;
+
+    @Override
+    public Collection<? extends GrantedAuthority> getAuthorities() {
+        return authorities;
+    }
+
+    @Override
+    public String getPassword() {
+        return userVO.getUserPw();
+    }
+
+    @Override
+    public String getUsername() {
+        return userVO.getUserEmail();
+    }
+
+    @Override
+    public boolean isAccountNonExpired() {
+        return userVO.getIsEnable();
+    }
+
+    @Override
+    public boolean isAccountNonLocked() {
+        return userVO.getIsEnable();
+    }
+
+    @Override
+    public boolean isCredentialsNonExpired() {
+        return userVO.getIsEnable();
+    }
+
+    @Override
+    public boolean isEnabled() {
+        return userVO.getIsEnable();
+    }
+}
diff --git a/src/main/java/com/backdev/happy/wblserver/app/user/model/UserVO.java b/src/main/java/com/backdev/happy/wblserver/app/user/model/UserVO.java
@@ -0,0 +1,36 @@
+package com.backdev.happy.wblserver.app.user.model;
+
+
+import com.backdev.happy.wblserver.app.common.model.CommonVO;
+import com.backdev.happy.wblserver.enums.role.UserRole;
+import lombok.*;
+
+import javax.persistence.*;
+import java.io.Serializable;
+
+@NoArgsConstructor
+@Entity
+@Table(name = "users")
+@Getter
+public class UserVO extends CommonVO implements Serializable {
+
+    @Setter
+    @Column(nullable = false, unique = true, length = 50)
+    private String userEmail;
+
+    @Setter
+    @Column(nullable = false)
+    private String userPw;
+
+    @Setter
+    @Column(nullable = false, length = 50)
+    @Enumerated(EnumType.STRING)
+    private UserRole role;
+
+    @Builder
+    public UserVO(String userEmail, String userPw){
+        this.userEmail = userEmail;
+        this.userPw = userPw;
+    }
+
+}
diff --git a/src/main/java/com/backdev/happy/wblserver/app/user/repository/UserRepository.java b/src/main/java/com/backdev/happy/wblserver/app/user/repository/UserRepository.java
@@ -0,0 +1,16 @@
+package com.backdev.happy.wblserver.app.user.repository;
+
+
+import com.backdev.happy.wblserver.app.user.model.UserVO;
+import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.stereotype.Repository;
+
+import java.util.Optional;
+
+@Repository
+public interface UserRepository extends JpaRepository <UserVO, Long> {
+
+    UserVO findByUserEmailAndUserPw(String userId, String userPw);
+
+    Optional<UserVO> findByUserEmail(String userEmail);
+}
diff --git a/src/main/java/com/backdev/happy/wblserver/app/user/service/UserDetailsServiceImpl.java b/src/main/java/com/backdev/happy/wblserver/app/user/service/UserDetailsServiceImpl.java
@@ -0,0 +1,23 @@
+package com.backdev.happy.wblserver.app.user.service;
+
+import com.backdev.happy.wblserver.app.user.model.UserDetailsVO;
+import com.backdev.happy.wblserver.app.user.repository.UserRepository;
+import com.backdev.happy.wblserver.exception.UserNotFoundException;
+import lombok.AllArgsConstructor;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.stereotype.Service;
+
+import java.util.Collections;
+
+@AllArgsConstructor
+@Service("userDetailsService")
+public class UserDetailsServiceImpl implements UserDetailsService {
+
+    private UserRepository userRepository;
+
+    @Override
+    public UserDetailsVO loadUserByUsername(String userEmail) {
+        return userRepository.findByUserEmail(userEmail).map(u -> new UserDetailsVO(u, Collections.singleton(new SimpleGrantedAuthority(u.getRole().getValue())))).orElseThrow(() -> new UserNotFoundException(userEmail));
+    }
+}
diff --git a/src/main/java/com/backdev/happy/wblserver/app/user/service/UserService.java b/src/main/java/com/backdev/happy/wblserver/app/user/service/UserService.java
@@ -0,0 +1,14 @@
+package com.backdev.happy.wblserver.app.user.service;
+
+
+import com.backdev.happy.wblserver.app.user.model.UserVO;
+
+public interface UserService {
+
+    UserVO login(UserVO userVO);
+
+    UserVO createUser(UserVO userVO);
+
+    UserVO findUserByUserEmail(String userEmail);
+
+}
diff --git a/src/main/java/com/backdev/happy/wblserver/app/user/service/UserServiceImpl.java b/src/main/java/com/backdev/happy/wblserver/app/user/service/UserServiceImpl.java
@@ -0,0 +1,31 @@
+package com.backdev.happy.wblserver.app.user.service;
+
+
+import com.backdev.happy.wblserver.app.user.model.UserVO;
+import com.backdev.happy.wblserver.app.user.repository.UserRepository;
+import lombok.NonNull;
+import lombok.RequiredArgsConstructor;
+import org.springframework.stereotype.Service;
+
+@RequiredArgsConstructor
+@Service("userService")
+public class UserServiceImpl implements UserService {
+
+    @NonNull
+    private UserRepository userRepository;
+
+    @Override
+    public UserVO login(UserVO userVO) {
+        return userRepository.findByUserEmailAndUserPw(userVO.getUserEmail(), userVO.getUserPw());
+    }
+
+    @Override
+    public UserVO createUser(UserVO userVO) {
+        return userRepository.save(userVO);
+    }
+
+    @Override
+    public UserVO findUserByUserEmail(String userEmail) {
+        return userRepository.findByUserEmail(userEmail).get();
+    }
+}
diff --git a/src/main/java/com/backdev/happy/wblserver/config/filter/HeaderFilter.java b/src/main/java/com/backdev/happy/wblserver/config/filter/HeaderFilter.java
@@ -0,0 +1,27 @@
+package com.backdev.happy.wblserver.config.filter;
+
+import lombok.extern.log4j.Log4j2;
+
+import javax.servlet.*;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+@Log4j2
+public class HeaderFilter implements Filter {
+
+    @Override
+    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
+        HttpServletResponse res = (HttpServletResponse) response;
+        res.setHeader("Access-Control-Allow-Origin", "*");
+        res.setHeader("Access-Control-Allow-Methods", "GET, POST");
+        res.setHeader("Access-Control-Max-Age", "3600");
+        res.setHeader(
+                "Access-Control-Allow-Headers",
+                "X-Requested-With, Content-Type, Authorization, X-XSRF-token"
+        );
+        res.setHeader("Access-Control-Allow-Credentials", "false");
+
+        chain.doFilter(request, response);
+    }
+
+}