SecurityConfig
package com.demo.t1.config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter{
@Bean
public BCryptPasswordEncoder encoder() {
return new BCryptPasswordEncoder();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable();
http.authorizeHttpRequests()
.antMatchers("/","/auth/**","/css/**","/js/**","/css/**","/image/**")
.permitAll()
.anyRequest()
.authenticated()
.and()
.formLogin()
.loginPage("/auth/login_form")
.loginProcessingUrl("/auth/loginProc")
.defaultSuccessUrl("/");
}
}
UserApiController
package com.demo.t1.api;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RestController;
import com.demo.t1.dto.ResponseDto;
import com.demo.t1.dto.User;
import com.demo.t1.service.UserService;
@RestController
public class UserApiController {
@Autowired
private UserService userService;
@PostMapping("/auth/joinProc")
ResponseDto<Integer> save(@RequestBody User user) {
System.err.println("회원가입 api");
int result = userService.saveUser(user);
return new ResponseDto<Integer>(HttpStatus.OK, result);
}
}
UserController
@GetMapping("/auth/join_form")
public String joinForm() {
return "/user/join_form";
UserService
package com.demo.t1.service;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import com.demo.t1.dto.User;
import com.demo.t1.model.RoleType;
import com.demo.t1.repository.UserRepository;
@Service
public class UserService {
@Autowired
private UserRepository userRepository;
@Autowired
private BCryptPasswordEncoder encoder;
@Transactional
public int saveUser(User user) {
try {
String rawPassword = user.getPassword();
String encPassword = encoder.encode(rawPassword);
user.setPassword(encPassword);
user.setRole(RoleType.USER);
userRepository.save(user);
return 1;
} catch (Exception e) {
e.printStackTrace();
}
return -1;
}
}user.js
let index = {
init: function() {
$("#btn--save").bind("click", () =>{
this.save();
});
},
save: function() {
let data = {
username: $("#username").val(),
password: $("#password").val(),
email: $("#email").val()
}
$.ajax({
type: "POST",
url: "/auth/joinProc",
data: JSON.stringify(data), // http 메세지 body 영역에 들어감
contentType: "application/json; charset=utf-8", // 보낼때 데이터 타입
dataType: "json" // 응답이 왔을 때 MIME TYPE 지정 JSON --> javascript Object 자동 변환
}).done(function(data, textStatus, xhr) {
if(data.status == "OK") {
alert("회원가입 완료");
location.href = "/";
}
}).fail(function(error) {
alert("회원가입 실패 : " + error.responseJSON.message);
});
}
}
index.init();
'개발일지 > 스프링' 카테고리의 다른 글
| 아이디, 비밀번호 찾기 기능 (0) | 2023.01.08 |
|---|---|
| spring boot 로그인 기능 (form태그 로그인하기) (0) | 2022.12.20 |
| csrf적용한 로그인(아웃), 회원가입,댓글(작,삭),게시글(작,수,삭),회원정보(수정) (1) | 2022.12.20 |
| spring boot 댓글 삭제기능 (0) | 2022.12.19 |
| XSS 예방 (1) | 2022.12.19 |
댓글