User Service Security 모듈 추가

2022-04-20 23:08:42 +09:00
parent a1eb8e89a5
commit 85db725a71
9 changed files with 42 additions and 29 deletions
--- a/gateway/src/main/resources/application.yml
+++ b/gateway/src/main/resources/application.yml
@@ -2,6 +2,8 @@ server:
  port: 8000

 eureka:
+  instance:
+    instanceId: ${spring.application.name}:${spring.application.instance_id:${random.value}}
  client:
    register-with-eureka: true
    fetch-registry: true
@@ -20,6 +22,10 @@ spring:
            showPreLogger: true
            showPostLogger: true
      routes:
+        - id: user-service
+          uri: lb://USER-SERVICE
+          predicates:
+            - Path=/user-service/**
        - id: test-server-1
          uri: lb://TEST-SERVER-1
          predicates:
--- a/src/main/java/com/roy/springcloud/SpringCloudApplication.java
+++ b/src/main/java/com/roy/springcloud/SpringCloudApplication.java
@@ -1,13 +0,0 @@
-package com.roy.springcloud;
-
-import org.springframework.boot.SpringApplication;
-import org.springframework.boot.autoconfigure.SpringBootApplication;
-
-@SpringBootApplication
-public class SpringCloudApplication {
-
-	public static void main(String[] args) {
-		SpringApplication.run(SpringCloudApplication.class, args);
-	}
-
-}
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -1 +0,0 @@
-
--- a/src/test/java/com/roy/springcloud/SpringCloudApplicationTests.java
+++ b/src/test/java/com/roy/springcloud/SpringCloudApplicationTests.java
@@ -1,13 +0,0 @@
-package com.roy.springcloud;
-
-import org.junit.jupiter.api.Test;
-import org.springframework.boot.test.context.SpringBootTest;
-
-@SpringBootTest
-class SpringCloudApplicationTests {
-
-	@Test
-	void contextLoads() {
-	}
-
-}
--- a/user-service/build.gradle
+++ b/user-service/build.gradle
@@ -6,6 +6,7 @@ dependencies {
    implementation(project(":util"))

    implementation 'org.springframework.boot:spring-boot-starter-web'
+    implementation 'org.springframework.boot:spring-boot-starter-security'
    implementation 'org.springframework.boot:spring-boot-starter-validation'
    implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
    implementation 'org.springframework.cloud:spring-cloud-starter-netflix-eureka-client'
--- a/user-service/src/main/java/com/roy/springcloud/userservice/config/PasswordEncoder.java
+++ b/user-service/src/main/java/com/roy/springcloud/userservice/config/PasswordEncoder.java
@@ -0,0 +1,13 @@
+package com.roy.springcloud.userservice.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+
+@Configuration
+public class PasswordEncoder {
+    @Bean
+    public BCryptPasswordEncoder bCryptPasswordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
+}
--- a/user-service/src/main/java/com/roy/springcloud/userservice/controller/UserController.java
+++ b/user-service/src/main/java/com/roy/springcloud/userservice/controller/UserController.java
@@ -13,7 +13,7 @@ import org.springframework.web.bind.annotation.*;
 import static com.roy.springcloud.util.mapper.MapperUtil.toObject;

@RestController
-@RequestMapping("/")
+@RequestMapping("/user-service")
@RequiredArgsConstructor
 public class UserController {
    private final Environment environment;
--- a/user-service/src/main/java/com/roy/springcloud/userservice/security/WebSecurity.java
+++ b/user-service/src/main/java/com/roy/springcloud/userservice/security/WebSecurity.java
@@ -0,0 +1,18 @@
+package com.roy.springcloud.userservice.security;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+
+@Configuration
+@EnableWebSecurity
+public class WebSecurity extends WebSecurityConfigurerAdapter {
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http.csrf().disable();
+        http.authorizeHttpRequests().antMatchers("/users/**").permitAll();
+        http.headers().frameOptions().disable();
+    }
+}
--- a/user-service/src/main/java/com/roy/springcloud/userservice/service/impl/UserServiceImpl.java
+++ b/user-service/src/main/java/com/roy/springcloud/userservice/service/impl/UserServiceImpl.java
@@ -6,6 +6,7 @@ import com.roy.springcloud.userservice.repository.UserRepository;
 import com.roy.springcloud.userservice.service.UserService;
 import com.roy.springcloud.util.mapper.MapperUtil;
 import lombok.RequiredArgsConstructor;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.stereotype.Service;

 import java.util.UUID;
@@ -14,12 +15,13 @@ import java.util.UUID;
@RequiredArgsConstructor
 public class UserServiceImpl implements UserService {
    private final UserRepository userRepository;
+    private final BCryptPasswordEncoder passwordEncoder;

    @Override
    public UserDto createUser(UserDto userDto) {
        userDto.setUserId(UUID.randomUUID().toString());
        User user = MapperUtil.toObject(userDto, User.class);
-        user.setEncryptedPassword("encrypted_password");
+        user.setEncryptedPassword(passwordEncoder.encode(userDto.getPassword()));
        userRepository.save(user);
        return userDto;
    }