🌞[INIT]-#3-SecurityConfig 생성 및 설정

## 개요 - 내용을 적어주세요. ## 작업사항 - 내용을 적어주세요. ## 변경로직 - 내용을 적어주세요. #### 테스트인 경우 이하 내용 작성 #### # 테스트 내용 (한 줄 72자 내) *어떤것을 테스트했고, 테스트 성공 여부 작성* #### (이상) #### # CREATE _ yellow 🌞[INIT] : 초기 생성 🔥[FEAT] : 새 기능 구현 📁[LIB] : 라이브러리 추가 # MODIFY _ white 📈[UPDATE] : 코드 수정 및 향상 (오류 수정과 다르다) 🔧[FIX] : 버그 및 오류 수정, 해결 💨[MOVE] : 프로젝트 내 파일 주소 변경 시 (* 모든 팀원과 상의 후 높은 브랜치에서 진행) 🖍[RENAME] : 프로젝트 내 파일 명 변경 시 (* 모든 팀원과 상의 후 높은 브랜치에서 진행) 🌪️[REF]: 코드 리팩토링 (코드 전면 수정 시, 모든 팀원과 상의 후 브랜치 충돌에 주의해서 진행) # REMOVE _ black 🌚[CLEAR] : 코드 삭제 🚥[TIDY] : 중복되는 코드, 기능과 관련없는 코드 등 정리 💣[REMOVE] : 파일 삭제 (* 모든 팀원과 상의 후 높은 브랜치에서 진행) # TEST 📖[TEST] : 테스트 코드 생성 # GIT 🔀[MERGE] : 기타 브랜치 머지 # ELSE ⚠️[EMG] : 긴급한 작업 수행 📜[DOCS] : 문서 작업 (README, RESTDOCS 등, 프로젝트 스코프에 맞는 브랜치에서 진행)
CodingWasabi · Dec 22, 2021 · 4b40eeb · 4b40eeb
1 parent 7b85d19
commit 4b40eeb
Show file tree

Hide file tree

Showing 9 changed files with 153 additions and 4 deletions.
diff --git a/.gradle/7.3.2/executionHistory/executionHistory.lock b/.gradle/7.3.2/executionHistory/executionHistory.lock
diff --git a/.gradle/7.3.2/fileHashes/fileHashes.lock b/.gradle/7.3.2/fileHashes/fileHashes.lock
diff --git a/.gradle/buildOutputCleanup/buildOutputCleanup.lock b/.gradle/buildOutputCleanup/buildOutputCleanup.lock
diff --git a/src/main/java/com/codingwasabi/trti/config/auth/security/MemberAdaptor.java b/src/main/java/com/codingwasabi/trti/config/auth/security/MemberAdaptor.java
@@ -0,0 +1,57 @@
+package com.codingwasabi.trti.config.auth.security;
+
+import com.codingwasabi.trti.domain.member.model.entity.Member;
+import lombok.Getter;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+
+import java.util.ArrayList;
+import java.util.Collection;
+
+public class MemberAdaptor implements UserDetails {
+
+    @Getter
+    public final Member member;
+
+    public MemberAdaptor(Member member) {
+        this.member = member;
+    }
+
+    @Override
+    public Collection<? extends GrantedAuthority> getAuthorities() {
+        Collection<GrantedAuthority> authorities = new ArrayList<>();
+        authorities.add(new SimpleGrantedAuthority(member.getAuthority().getRole()));
+        return authorities;
+    }
+
+    @Override
+    public String getPassword() {
+        return null;
+    }
+
+    @Override
+    public String getUsername() {
+        return member.getEmail();
+    }
+
+    @Override
+    public boolean isAccountNonExpired() {
+        return true;
+    }
+
+    @Override
+    public boolean isAccountNonLocked() {
+        return true;
+    }
+
+    @Override
+    public boolean isCredentialsNonExpired() {
+        return true;
+    }
+
+    @Override
+    public boolean isEnabled() {
+        return true;
+    }
+}
diff --git a/src/main/java/com/codingwasabi/trti/config/auth/security/MemberDetailsServiceImpl.java b/src/main/java/com/codingwasabi/trti/config/auth/security/MemberDetailsServiceImpl.java
@@ -0,0 +1,24 @@
+package com.codingwasabi.trti.config.auth.security;
+
+import com.codingwasabi.trti.domain.member.model.entity.Member;
+import com.codingwasabi.trti.domain.member.repository.MemberRepository;
+import lombok.RequiredArgsConstructor;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.stereotype.Service;
+
+@Service
+@RequiredArgsConstructor
+public class MemberDetailsServiceImpl implements UserDetailsService {
+    private final MemberRepository memberRepository;
+
+    @Override
+    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
+        // Error code 추가 예정
+        Member member = memberRepository.findByEmail(username)
+                .orElseThrow(() -> new IllegalArgumentException("ERROR"));
+
+        return new MemberAdaptor(member);
+    }
+}
diff --git a/src/main/java/com/codingwasabi/trti/config/auth/security/SecurityConfig.java b/src/main/java/com/codingwasabi/trti/config/auth/security/SecurityConfig.java
@@ -0,0 +1,36 @@
+package com.codingwasabi.trti.config.auth.security;
+
+import lombok.RequiredArgsConstructor;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.config.http.SessionCreationPolicy;
+
+@Configuration
+@EnableWebSecurity
+@RequiredArgsConstructor
+public class SecurityConfig extends WebSecurityConfigurerAdapter {
+    private final String[] AUTHENTICATED_URI_LIST = {
+            ""
+    };
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http
+                .httpBasic().disable()
+                .csrf().disable()
+                .cors()
+                .and()
+                .exceptionHandling()
+                //.authenticationEntryPoint(jwtEntryPoint)
+                .and()
+                .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
+                .and()
+                .authorizeRequests()
+
+                // 일단 다 허용
+                .anyRequest().permitAll()
+                ;
+    }
+}
diff --git a/src/main/java/com/codingwasabi/trti/domain/member/model/entity/Member.java b/src/main/java/com/codingwasabi/trti/domain/member/model/entity/Member.java
@@ -1,17 +1,17 @@
 package com.codingwasabi.trti.domain.member.model.entity;
 
 import com.codingwasabi.trti.domain.common.Period;
+import com.codingwasabi.trti.domain.member.model.enumValue.Authority;
 import com.codingwasabi.trti.domain.member.model.enumValue.Gender;
 import lombok.AllArgsConstructor;
 import lombok.Builder;
+import lombok.Getter;
 import lombok.NoArgsConstructor;
 
-import javax.persistence.Entity;
-import javax.persistence.GeneratedValue;
-import javax.persistence.GenerationType;
-import javax.persistence.Id;
+import javax.persistence.*;
 
 @Entity
+@Getter
 @Builder
 @NoArgsConstructor
 @AllArgsConstructor
@@ -31,4 +31,13 @@ public class Member extends Period {
     private String ageRange;
 
     private String imagePath;
+
+    @Column
+    @Builder.Default
+    @Enumerated(EnumType.STRING)
+    private Authority authority = Authority.USER;
+
+    public Authority getAuthority() {
+        return authority;
+    }
 }
diff --git a/src/main/java/com/codingwasabi/trti/domain/member/model/enumValue/Authority.java b/src/main/java/com/codingwasabi/trti/domain/member/model/enumValue/Authority.java
@@ -0,0 +1,13 @@
+package com.codingwasabi.trti.domain.member.model.enumValue;
+
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+
+@Getter
+@AllArgsConstructor
+public enum Authority {
+    USER("ROLE_USER"),
+    ADMIN("ROLE_ADMIN");
+
+    private String role;
+}
diff --git a/src/main/java/com/codingwasabi/trti/domain/member/repository/MemberRepository.java b/src/main/java/com/codingwasabi/trti/domain/member/repository/MemberRepository.java
@@ -0,0 +1,10 @@
+package com.codingwasabi.trti.domain.member.repository;
+
+import com.codingwasabi.trti.domain.member.model.entity.Member;
+import org.springframework.data.jpa.repository.JpaRepository;
+
+import java.util.Optional;
+
+public interface MemberRepository extends JpaRepository<Member, Long> {
+    Optional<Member> findByEmail(String username);
+}