diff --git a/simple_sns/build.gradle b/simple_sns/build.gradle index 5b7132d5..a9cdd81e 100644 --- a/simple_sns/build.gradle +++ b/simple_sns/build.gradle @@ -21,7 +21,7 @@ repositories { dependencies { implementation 'org.springframework.boot:spring-boot-starter-data-jpa' -// implementation 'org.springframework.boot:spring-boot-starter-security' + implementation 'org.springframework.boot:spring-boot-starter-security' implementation 'org.springframework.boot:spring-boot-starter-web' compileOnly 'org.projectlombok:lombok' runtimeOnly 'org.postgresql:postgresql' diff --git a/simple_sns/src/main/java/com/example/sns/config/AuthenticationConfig.java b/simple_sns/src/main/java/com/example/sns/config/AuthenticationConfig.java new file mode 100644 index 00000000..4d56be14 --- /dev/null +++ b/simple_sns/src/main/java/com/example/sns/config/AuthenticationConfig.java @@ -0,0 +1,28 @@ +package com.example.sns.config; + +import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; +import org.springframework.security.config.http.SessionCreationPolicy; + +@Configuration +@EnableWebSecurity +public class AuthenticationConfig extends WebSecurityConfigurerAdapter { + + @Override + protected void configure(HttpSecurity http) throws Exception { + http.csrf().disable() + .authorizeRequests() + .antMatchers("/api/*/users/join", "/api/*/users/login").permitAll() + .antMatchers("/api/**").authenticated() + .and() + .sessionManagement() + .sessionCreationPolicy(SessionCreationPolicy.STATELESS) + .and() + // TODO +// .exceptionHandling() +// .authenticationEntryPoint() + ; + } +} diff --git a/simple_sns/src/main/java/com/example/sns/config/SecurityConfig.java b/simple_sns/src/main/java/com/example/sns/config/SecurityConfig.java new file mode 100644 index 00000000..6afb46d3 --- /dev/null +++ b/simple_sns/src/main/java/com/example/sns/config/SecurityConfig.java @@ -0,0 +1,14 @@ +package com.example.sns.config; + +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; + +@Configuration +public class SecurityConfig { + + @Bean + public BCryptPasswordEncoder passwordEncoder() { + return new BCryptPasswordEncoder(); + } +} diff --git a/simple_sns/src/main/java/com/example/sns/service/UserService.java b/simple_sns/src/main/java/com/example/sns/service/UserService.java index 41aea845..65fd14d0 100644 --- a/simple_sns/src/main/java/com/example/sns/service/UserService.java +++ b/simple_sns/src/main/java/com/example/sns/service/UserService.java @@ -6,15 +6,15 @@ import com.example.sns.model.User; import com.example.sns.model.entity.UserEntity; import com.example.sns.repository.UserEntityRepository; import lombok.RequiredArgsConstructor; +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.stereotype.Service; -import java.util.Optional; - @Service @RequiredArgsConstructor public class UserService { private final UserEntityRepository userEntityRepository; + private final BCryptPasswordEncoder encoder; public User join(String username, String password){ @@ -24,7 +24,7 @@ public class UserService { }); // 회원가입 진행 - UserEntity userEntity = userEntityRepository.save(UserEntity.of(username, password)); + UserEntity userEntity = userEntityRepository.save(UserEntity.of(username, encoder.encode(password))); return User.fromEntity(userEntity); }