diff --git a/spring-security/src/main/java/com/spring/security1/config/SecurityConfig.java b/spring-security/src/main/java/com/spring/security1/config/SecurityConfig.java index 1d0d2849..5fba44af 100644 --- a/spring-security/src/main/java/com/spring/security1/config/SecurityConfig.java +++ b/spring-security/src/main/java/com/spring/security1/config/SecurityConfig.java @@ -1,14 +1,22 @@ package com.spring.security1.config; +import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; @Configuration @EnableWebSecurity // 스프링 시큐리티 필터(SecurityConfig)가 스프링 필터 체인에 등록 public class SecurityConfig extends WebSecurityConfigurerAdapter { + @Bean + public BCryptPasswordEncoder encodePwd() { + return new BCryptPasswordEncoder(); + } + + @Override protected void configure(HttpSecurity http) throws Exception { http.csrf().disable(); @@ -19,7 +27,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { .anyRequest().permitAll() .and() .formLogin() - .loginPage("/login"); + .loginPage("/loginForm"); } } diff --git a/spring-security/src/main/java/com/spring/security1/controller/IndexController.java b/spring-security/src/main/java/com/spring/security1/controller/IndexController.java index 18ee8a43..162a3511 100644 --- a/spring-security/src/main/java/com/spring/security1/controller/IndexController.java +++ b/spring-security/src/main/java/com/spring/security1/controller/IndexController.java @@ -1,12 +1,20 @@ package com.spring.security1.controller; +import com.spring.security1.model.User; +import com.spring.security1.repository.UserRepository; +import lombok.RequiredArgsConstructor; +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.ResponseBody; @Controller +@RequiredArgsConstructor public class IndexController { + private final UserRepository userRepository; + private final BCryptPasswordEncoder bCryptPasswordEncoder; @GetMapping({"", "/"}) public String index() { @@ -33,22 +41,26 @@ public class IndexController { return "manager"; } - @ResponseBody - @GetMapping("/login") - public String login() { - return "login"; + @GetMapping("/loginForm") + public String loginForm() { + return "loginForm"; } - - @ResponseBody - @GetMapping("/join") - public String join() { - return "join"; + @GetMapping("/joinForm") + public String joinForm() { + return "joinForm"; } - @ResponseBody - @GetMapping("/joinProc") - public String joinProc() { - return "회원가입 완료!"; + @PostMapping("/join") + public String join(User user) { + System.out.println(user); + user.setRole("ROLE_USER"); + // 패스워드가 암호화 되지 않으면 시큐리티로 로그인 할 수 없음. + String rawPassword = user.getPassword(); + String encPassword = bCryptPasswordEncoder.encode(rawPassword); + user.setPassword(encPassword); + userRepository.save(user); + return "redirect:/loginForm"; } + } diff --git a/spring-security/src/main/java/com/spring/security1/model/User.java b/spring-security/src/main/java/com/spring/security1/model/User.java new file mode 100644 index 00000000..97faffee --- /dev/null +++ b/spring-security/src/main/java/com/spring/security1/model/User.java @@ -0,0 +1,30 @@ +package com.spring.security1.model; + + +import lombok.AllArgsConstructor; +import lombok.Data; +import lombok.NoArgsConstructor; +import org.hibernate.annotations.CreationTimestamp; + +import javax.persistence.Entity; +import javax.persistence.GeneratedValue; +import javax.persistence.GenerationType; +import javax.persistence.Id; +import java.sql.Timestamp; + +@Entity +@Data +@AllArgsConstructor +@NoArgsConstructor +public class User { + @Id + @GeneratedValue(strategy = GenerationType.IDENTITY) + private int id; + private String username; + private String password; + private String email; + private String role; // ROLE_USER, ROLE_ADMIN + + @CreationTimestamp + private Timestamp createDate; +} diff --git a/spring-security/src/main/java/com/spring/security1/repository/UserRepository.java b/spring-security/src/main/java/com/spring/security1/repository/UserRepository.java new file mode 100644 index 00000000..f81928f2 --- /dev/null +++ b/spring-security/src/main/java/com/spring/security1/repository/UserRepository.java @@ -0,0 +1,11 @@ +package com.spring.security1.repository; + +import com.spring.security1.model.User; +import org.springframework.data.jpa.repository.JpaRepository; +import org.springframework.stereotype.Repository; + +// CRUD 함수를 JpaRepository가 들고 있음. +// JpaRepository를 상속 했기 때문에 @Repository 어노테이션이 없어도 IoC된다. +@Repository +public interface UserRepository extends JpaRepository { +} diff --git a/spring-security/src/main/resources/templates/joinForm.html b/spring-security/src/main/resources/templates/joinForm.html new file mode 100644 index 00000000..e9db90c3 --- /dev/null +++ b/spring-security/src/main/resources/templates/joinForm.html @@ -0,0 +1,17 @@ + + + + + 회원가입 페이지 + + +

회원가입 페이지

+
+
+
+
+
+ +
+ + \ No newline at end of file diff --git a/spring-security/src/main/resources/templates/loginForm.html b/spring-security/src/main/resources/templates/loginForm.html new file mode 100644 index 00000000..5af3ae35 --- /dev/null +++ b/spring-security/src/main/resources/templates/loginForm.html @@ -0,0 +1,17 @@ + + + + + 로그인 페이지 + + +

로그인 페이지

+
+
+
+
+ +
+ 회원가입을 아직 하지 않으셨나요? + + \ No newline at end of file