From 1281ac827e81dd576b0786cec9081be2a676004d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=EA=B0=95=EC=A7=80=EB=AF=BC?= Date: Sun, 15 Dec 2024 12:47:19 +0900 Subject: [PATCH 1/2] =?UTF-8?q?Feat:=20=EB=A1=9C=EA=B7=B8=EC=9D=B8=20?= =?UTF-8?q?=EB=A1=9C=EC=A7=81=20=EA=B5=AC=ED=98=84?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - LoginFilter: 클라이언트가 보낸 아이디와 비밀번호 받음 - CustomUserDetailsService: 사용자 정보 조회 - CustomUserDetails: 사용자 정보 포맷 Related to: #20 --- .../.idea/modules/refrigerator.main.iml | 15 ----- .../refrigerator/config/SecurityConfig.java | 20 ++++++ .../dto/user/CustomUserDetails.java | 61 +++++++++++++++++++ .../moja/refrigerator/jwt/LoginFilter.java | 43 +++++++++++++ .../repository/user/UserRepository.java | 4 +- .../user/CustomUserDetailsService.java | 27 ++++++++ .../service/user/UserServiceImpl.java | 1 + 7 files changed, 154 insertions(+), 17 deletions(-) create mode 100644 refrigerator/src/main/java/moja/refrigerator/dto/user/CustomUserDetails.java create mode 100644 refrigerator/src/main/java/moja/refrigerator/jwt/LoginFilter.java create mode 100644 refrigerator/src/main/java/moja/refrigerator/service/user/CustomUserDetailsService.java diff --git a/refrigerator/.idea/modules/refrigerator.main.iml b/refrigerator/.idea/modules/refrigerator.main.iml index 397c268..afc1871 100644 --- a/refrigerator/.idea/modules/refrigerator.main.iml +++ b/refrigerator/.idea/modules/refrigerator.main.iml @@ -4,20 +4,5 @@ - - - - - - - - - - - - - - - \ No newline at end of file diff --git a/refrigerator/src/main/java/moja/refrigerator/config/SecurityConfig.java b/refrigerator/src/main/java/moja/refrigerator/config/SecurityConfig.java index 948026c..90cf817 100644 --- a/refrigerator/src/main/java/moja/refrigerator/config/SecurityConfig.java +++ b/refrigerator/src/main/java/moja/refrigerator/config/SecurityConfig.java @@ -1,22 +1,39 @@ package moja.refrigerator.config; +import moja.refrigerator.jwt.LoginFilter; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; +import org.springframework.security.authentication.AuthenticationManager; +import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.web.SecurityFilterChain; +import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; @Configuration @EnableWebSecurity public class SecurityConfig { + //bAuthenticationManager가 인자로 받을 AuthenticationConfiguraion 객체 생성자 주입 + private final AuthenticationConfiguration authenticationConfiguration; + + public SecurityConfig(AuthenticationConfiguration authenticationConfiguration) { + this.authenticationConfiguration = authenticationConfiguration; + } + @Bean // 비밀번호 암호화를 위한 인코더 public BCryptPasswordEncoder bCryptPasswordEncoder() { return new BCryptPasswordEncoder(); } + //AuthenticationManager Bean 등록 + @Bean + public AuthenticationManager authenticationManager(AuthenticationConfiguration configuration) throws Exception { + return configuration.getAuthenticationManager(); + } + @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // csrf 보안 비활성화 @@ -38,6 +55,9 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { .requestMatchers("/admin").hasRole("ADMIN") // admin 경로는 ADMIN 역할을 가진 사용자만 .anyRequest().authenticated()); // 나머지는 인증된 사용자만 + http + .addFilterAt(new LoginFilter(authenticationManager(authenticationConfiguration)), UsernamePasswordAuthenticationFilter.class); + // 세션 관리 설정 http .sessionManagement((session) -> session diff --git a/refrigerator/src/main/java/moja/refrigerator/dto/user/CustomUserDetails.java b/refrigerator/src/main/java/moja/refrigerator/dto/user/CustomUserDetails.java new file mode 100644 index 0000000..2a9b277 --- /dev/null +++ b/refrigerator/src/main/java/moja/refrigerator/dto/user/CustomUserDetails.java @@ -0,0 +1,61 @@ +package moja.refrigerator.dto.user; + +import moja.refrigerator.aggregate.user.User; +import org.springframework.security.core.GrantedAuthority; +import org.springframework.security.core.userdetails.UserDetails; + +import java.util.ArrayList; +import java.util.Collection; + +public class CustomUserDetails implements UserDetails { + private final User user; + + public CustomUserDetails(User user) { + this.user = user; + } + + @Override + public Collection getAuthorities() { + + Collection collection = new ArrayList<>(); + + collection.add(new GrantedAuthority() { + + @Override + public String getAuthority() { + return user.getRole(); + } + }); + return collection; + } + + @Override + public String getPassword() { + return user.getPassword(); + } + + @Override + public String getUsername() { + return user.getUsername(); + } + + @Override + public boolean isAccountNonExpired() { + return true; + } + + @Override + public boolean isAccountNonLocked() { + return true; + } + + @Override + public boolean isCredentialsNonExpired() { + return true; + } + + @Override + public boolean isEnabled() { + return true; + } +} diff --git a/refrigerator/src/main/java/moja/refrigerator/jwt/LoginFilter.java b/refrigerator/src/main/java/moja/refrigerator/jwt/LoginFilter.java new file mode 100644 index 0000000..1f98f69 --- /dev/null +++ b/refrigerator/src/main/java/moja/refrigerator/jwt/LoginFilter.java @@ -0,0 +1,43 @@ +package moja.refrigerator.jwt; + +import jakarta.servlet.FilterChain; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import org.springframework.security.authentication.AuthenticationManager; +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.AuthenticationException; +import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; + +public class LoginFilter extends UsernamePasswordAuthenticationFilter { + private final AuthenticationManager authenticationManager; + + public LoginFilter(AuthenticationManager authenticationManager) { + this.authenticationManager = authenticationManager; + } + + @Override + public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException { + // 클라이언트 요청에서 username, password 추출 + String username = obtainUsername(request); + String password = obtainPassword(request); + + //스프링 시큐리티에서 username과 password를 검증하기 위해서는 token에 담아야 함 + UsernamePasswordAuthenticationToken authToken = new UsernamePasswordAuthenticationToken(username, password, null); + + //token에 담은 검증을 위한 AuthenticationManager로 전달 + return authenticationManager.authenticate(authToken); + } + + //로그인 성공시 실행하는 메소드 (여기서 JWT를 발급하면 됨) + @Override + protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain, Authentication authentication) { + + } + + //로그인 실패시 실행하는 메소드 + @Override + protected void unsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response, AuthenticationException failed) { + + } +} diff --git a/refrigerator/src/main/java/moja/refrigerator/repository/user/UserRepository.java b/refrigerator/src/main/java/moja/refrigerator/repository/user/UserRepository.java index 80f3056..b3b44c0 100644 --- a/refrigerator/src/main/java/moja/refrigerator/repository/user/UserRepository.java +++ b/refrigerator/src/main/java/moja/refrigerator/repository/user/UserRepository.java @@ -8,9 +8,9 @@ @Repository public interface UserRepository extends JpaRepository { - boolean existsByUserId(String userId); + boolean existsByUserId(String userId); boolean existsByUserEmail(String userEmail); boolean existsByUserNickname(String userNickname); Optional findByUserPk(long userPk); - + Optional findByUserId(String userId); } diff --git a/refrigerator/src/main/java/moja/refrigerator/service/user/CustomUserDetailsService.java b/refrigerator/src/main/java/moja/refrigerator/service/user/CustomUserDetailsService.java new file mode 100644 index 0000000..4c3ef4b --- /dev/null +++ b/refrigerator/src/main/java/moja/refrigerator/service/user/CustomUserDetailsService.java @@ -0,0 +1,27 @@ +package moja.refrigerator.service.user; + +import moja.refrigerator.aggregate.user.User; +import moja.refrigerator.dto.user.CustomUserDetails; +import moja.refrigerator.repository.user.UserRepository; +import org.springframework.security.core.userdetails.UserDetails; +import org.springframework.security.core.userdetails.UserDetailsService; +import org.springframework.security.core.userdetails.UsernameNotFoundException; +import org.springframework.stereotype.Service; +import org.springframework.transaction.annotation.Transactional; + +@Service +public class CustomUserDetailsService implements UserDetailsService { + private final UserRepository userRepository; + + public CustomUserDetailsService(UserRepository userRepository) { + this.userRepository = userRepository; + } + + @Override + @Transactional + public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { + User userData = userRepository.findByUserId(username) + .orElseThrow(() -> new UsernameNotFoundException("사용자를 찾을 수 없습니다: " + username)); + return new CustomUserDetails(userData); + } +} diff --git a/refrigerator/src/main/java/moja/refrigerator/service/user/UserServiceImpl.java b/refrigerator/src/main/java/moja/refrigerator/service/user/UserServiceImpl.java index b52fd64..64388bf 100644 --- a/refrigerator/src/main/java/moja/refrigerator/service/user/UserServiceImpl.java +++ b/refrigerator/src/main/java/moja/refrigerator/service/user/UserServiceImpl.java @@ -39,6 +39,7 @@ public void createUser(UserCreateRequest request) { userRepository.save(user); } + private void checkDuplicateUser(UserCreateRequest request) { List errors = new ArrayList<>(); if (userRepository.existsByUserId(request.getUserId())) { From 2cbfd91a287fc54f4b1fc8b9dc07566011625c2d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=EA=B0=95=EC=A7=80=EB=AF=BC?= Date: Sun, 15 Dec 2024 21:49:43 +0900 Subject: [PATCH 2/2] =?UTF-8?q?Feat:=20JWT=20=ED=86=A0=ED=81=B0=20?= =?UTF-8?q?=EA=B8=B0=EB=B0=98=20=EC=9D=B8=EC=A6=9D=20=EA=B5=AC=ED=98=84?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - JWTUtil: 토큰 생성 및 검증 기능 구현 - LoginFilter: 로그인 성공 시 JWT 토큰 발급 - JWTFilter: 요청 시 JWT 토큰 검증 및 인증 처리 Resolves: #20 --- .../refrigerator/aggregate/user/User.java | 6 +- .../refrigerator/config/SecurityConfig.java | 20 ++++-- .../controller/user/UserController.java | 9 +-- .../dto/user/CustomUserDetails.java | 14 +--- .../java/moja/refrigerator/jwt/JWTFilter.java | 64 +++++++++++++++++++ .../java/moja/refrigerator/jwt/JWTUtil.java | 46 +++++++++++++ .../moja/refrigerator/jwt/LoginFilter.java | 32 ++++++++-- .../user/CustomUserDetailsService.java | 4 +- .../service/user/UserServiceImpl.java | 1 + 9 files changed, 163 insertions(+), 33 deletions(-) create mode 100644 refrigerator/src/main/java/moja/refrigerator/jwt/JWTFilter.java create mode 100644 refrigerator/src/main/java/moja/refrigerator/jwt/JWTUtil.java diff --git a/refrigerator/src/main/java/moja/refrigerator/aggregate/user/User.java b/refrigerator/src/main/java/moja/refrigerator/aggregate/user/User.java index c10c057..03eb039 100644 --- a/refrigerator/src/main/java/moja/refrigerator/aggregate/user/User.java +++ b/refrigerator/src/main/java/moja/refrigerator/aggregate/user/User.java @@ -31,8 +31,6 @@ public class User { @CreationTimestamp private LocalDate joinDate; -// @Column(name = "leave_date") -// private LocalDate leaveDate; - - + @Column(name = "user_role") + private String userRole = "ROLE_USER"; } diff --git a/refrigerator/src/main/java/moja/refrigerator/config/SecurityConfig.java b/refrigerator/src/main/java/moja/refrigerator/config/SecurityConfig.java index 90cf817..462533f 100644 --- a/refrigerator/src/main/java/moja/refrigerator/config/SecurityConfig.java +++ b/refrigerator/src/main/java/moja/refrigerator/config/SecurityConfig.java @@ -1,5 +1,7 @@ package moja.refrigerator.config; +import moja.refrigerator.jwt.JWTFilter; +import moja.refrigerator.jwt.JWTUtil; import moja.refrigerator.jwt.LoginFilter; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; @@ -15,11 +17,14 @@ @Configuration @EnableWebSecurity public class SecurityConfig { - //bAuthenticationManager가 인자로 받을 AuthenticationConfiguraion 객체 생성자 주입 + // AuthenticationManager가 인자로 받을 AuthenticationConfiguraion 객체 생성자 주입 private final AuthenticationConfiguration authenticationConfiguration; + // JWTUtil 주입 + private final JWTUtil jwtUtil; - public SecurityConfig(AuthenticationConfiguration authenticationConfiguration) { + public SecurityConfig(AuthenticationConfiguration authenticationConfiguration, JWTUtil jwtUtil) { this.authenticationConfiguration = authenticationConfiguration; + this.jwtUtil = jwtUtil; } @Bean @@ -28,7 +33,7 @@ public BCryptPasswordEncoder bCryptPasswordEncoder() { return new BCryptPasswordEncoder(); } - //AuthenticationManager Bean 등록 + // AuthenticationManager Bean 등록 @Bean public AuthenticationManager authenticationManager(AuthenticationConfiguration configuration) throws Exception { return configuration.getAuthenticationManager(); @@ -55,14 +60,17 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { .requestMatchers("/admin").hasRole("ADMIN") // admin 경로는 ADMIN 역할을 가진 사용자만 .anyRequest().authenticated()); // 나머지는 인증된 사용자만 - http - .addFilterAt(new LoginFilter(authenticationManager(authenticationConfiguration)), UsernamePasswordAuthenticationFilter.class); - // 세션 관리 설정 http .sessionManagement((session) -> session .sessionCreationPolicy(SessionCreationPolicy.STATELESS)); // JWT 사용을 위한 세션리스 설정 + // 로그인 필터 추가 + http + .addFilterBefore(new JWTFilter(jwtUtil), LoginFilter.class); + http + .addFilterAt(new LoginFilter(authenticationManager(authenticationConfiguration), jwtUtil), UsernamePasswordAuthenticationFilter.class); + return http.build(); } } \ No newline at end of file diff --git a/refrigerator/src/main/java/moja/refrigerator/controller/user/UserController.java b/refrigerator/src/main/java/moja/refrigerator/controller/user/UserController.java index 324055a..7adacab 100644 --- a/refrigerator/src/main/java/moja/refrigerator/controller/user/UserController.java +++ b/refrigerator/src/main/java/moja/refrigerator/controller/user/UserController.java @@ -15,10 +15,11 @@ public UserController(UserService userService) { this.userService = userService; } -// @GetMapping("/") -// public String getMainPage() { -// return "user Controller"; -// } + // 토큰 검증 로직 확인용 + @GetMapping("/") + public String getMainPage() { + return "user Controller"; + } // 회원 가입 처리 @PostMapping("/auth/join") diff --git a/refrigerator/src/main/java/moja/refrigerator/dto/user/CustomUserDetails.java b/refrigerator/src/main/java/moja/refrigerator/dto/user/CustomUserDetails.java index 2a9b277..2fb2d20 100644 --- a/refrigerator/src/main/java/moja/refrigerator/dto/user/CustomUserDetails.java +++ b/refrigerator/src/main/java/moja/refrigerator/dto/user/CustomUserDetails.java @@ -16,27 +16,19 @@ public CustomUserDetails(User user) { @Override public Collection getAuthorities() { - Collection collection = new ArrayList<>(); - - collection.add(new GrantedAuthority() { - - @Override - public String getAuthority() { - return user.getRole(); - } - }); + collection.add(() -> user.getUserRole()); return collection; } @Override public String getPassword() { - return user.getPassword(); + return user.getUserPw(); } @Override public String getUsername() { - return user.getUsername(); + return user.getUserId(); } @Override diff --git a/refrigerator/src/main/java/moja/refrigerator/jwt/JWTFilter.java b/refrigerator/src/main/java/moja/refrigerator/jwt/JWTFilter.java new file mode 100644 index 0000000..e22cfe8 --- /dev/null +++ b/refrigerator/src/main/java/moja/refrigerator/jwt/JWTFilter.java @@ -0,0 +1,64 @@ +package moja.refrigerator.jwt; + +import jakarta.servlet.FilterChain; +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import moja.refrigerator.aggregate.user.User; +import moja.refrigerator.dto.user.CustomUserDetails; +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.web.filter.OncePerRequestFilter; + +import java.io.IOException; + +public class JWTFilter extends OncePerRequestFilter { + private final JWTUtil jwtUtil; + + public JWTFilter(JWTUtil jwtUtil) { + this.jwtUtil = jwtUtil; + } + + @Override + protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { + // 헤더에서 토큰 추출 + String authorization = request.getHeader("Authorization"); + + // Authorization 헤더 검증 + if (authorization == null || !authorization.startsWith("Bearer ")) { + filterChain.doFilter(request, response); + return; + } + + String token = authorization.split(" ")[1]; + + // 토큰 소멸 시간 검증 + if (jwtUtil.isExpired(token)) { + // 만료된 토큰이면 그냥 통과 + filterChain.doFilter(request, response); + return; + } + + // 토큰에서 정보 추출 + String username = jwtUtil.getUsername(token); + String role = jwtUtil.getRole(token); + + // User를 생성하여 값 set + User user = new User(); + user.setUserId(username); + user.setUserPw("temppassword"); + user.setUserRole(role); + + // UserDetails에 회원 정보 객체 담기 + CustomUserDetails customUserDetails = new CustomUserDetails(user); + + // 스프링 시큐리티 인증 토큰 생성 + Authentication authToken = new UsernamePasswordAuthenticationToken(customUserDetails, null, customUserDetails.getAuthorities()); + + // 세션에 사용자 등록 + SecurityContextHolder.getContext().setAuthentication(authToken); + + filterChain.doFilter(request, response); + } +} diff --git a/refrigerator/src/main/java/moja/refrigerator/jwt/JWTUtil.java b/refrigerator/src/main/java/moja/refrigerator/jwt/JWTUtil.java new file mode 100644 index 0000000..df05cc4 --- /dev/null +++ b/refrigerator/src/main/java/moja/refrigerator/jwt/JWTUtil.java @@ -0,0 +1,46 @@ +package moja.refrigerator.jwt; + +import io.jsonwebtoken.Jwts; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.stereotype.Component; + +import javax.crypto.SecretKey; +import javax.crypto.spec.SecretKeySpec; +import java.nio.charset.StandardCharsets; +import java.util.Date; + +@Component +public class JWTUtil { + private SecretKey secretKey; + + // application.yml에서 jwt secret key를 가져옴 + public JWTUtil(@Value("${spring.jwt.secret}") String secret) { + this.secretKey = new SecretKeySpec(secret.getBytes(StandardCharsets.UTF_8), Jwts.SIG.HS256.key().build().getAlgorithm()); + } + + // 토큰에서 username 추출 + public String getUsername(String token) { + return Jwts.parser().verifyWith(secretKey).build().parseSignedClaims(token).getPayload().get("username", String.class); + } + + // 토큰에서 role(권한) 추출 + public String getRole(String token) { + return Jwts.parser().verifyWith(secretKey).build().parseSignedClaims(token).getPayload().get("role", String.class); + } + + // 토큰 만료 여부 확인 + public Boolean isExpired(String token) { + return Jwts.parser().verifyWith(secretKey).build().parseSignedClaims(token).getPayload().getExpiration().before(new Date()); + } + + // 토큰 생성 + public String createJwt(String username, String role, Long expiredMs) { + return Jwts.builder() + .claim("username", username) + .claim("role", role) + .issuedAt(new Date(System.currentTimeMillis())) + .expiration(new Date(System.currentTimeMillis() + expiredMs)) + .signWith(secretKey) + .compact(); + } +} diff --git a/refrigerator/src/main/java/moja/refrigerator/jwt/LoginFilter.java b/refrigerator/src/main/java/moja/refrigerator/jwt/LoginFilter.java index 1f98f69..622aac9 100644 --- a/refrigerator/src/main/java/moja/refrigerator/jwt/LoginFilter.java +++ b/refrigerator/src/main/java/moja/refrigerator/jwt/LoginFilter.java @@ -3,41 +3,61 @@ import jakarta.servlet.FilterChain; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; +import moja.refrigerator.dto.user.CustomUserDetails; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; +import org.springframework.security.core.GrantedAuthority; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; +import java.util.Collection; +import java.util.Iterator; + public class LoginFilter extends UsernamePasswordAuthenticationFilter { private final AuthenticationManager authenticationManager; + private final JWTUtil jwtUtil; - public LoginFilter(AuthenticationManager authenticationManager) { + public LoginFilter(AuthenticationManager authenticationManager, JWTUtil jwtUtil) { this.authenticationManager = authenticationManager; + this.jwtUtil = jwtUtil; } + // 로그인 시도 처리 @Override public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException { // 클라이언트 요청에서 username, password 추출 String username = obtainUsername(request); String password = obtainPassword(request); - //스프링 시큐리티에서 username과 password를 검증하기 위해서는 token에 담아야 함 + // 이 정보를 토큰으로 만듦 (아직 인증되지 않은 상태) UsernamePasswordAuthenticationToken authToken = new UsernamePasswordAuthenticationToken(username, password, null); - //token에 담은 검증을 위한 AuthenticationManager로 전달 + // AuthenticationManager에게 검증 요청 return authenticationManager.authenticate(authToken); } - //로그인 성공시 실행하는 메소드 (여기서 JWT를 발급하면 됨) + // 로그인 성공 처리 - JWT 토큰 발급 @Override protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain, Authentication authentication) { + CustomUserDetails customUserDetails = (CustomUserDetails) authentication.getPrincipal(); + + String username = customUserDetails.getUsername(); + + Collection authorities = authentication.getAuthorities(); + Iterator iterator = authorities.iterator(); + GrantedAuthority auth = iterator.next(); + String role = auth.getAuthority(); + + String token = jwtUtil.createJwt(username, role, 60*60*10L); + + response.addHeader("Authorization", "Bearer " + token); } - //로그인 실패시 실행하는 메소드 + // 로그인 실패 처리 @Override protected void unsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response, AuthenticationException failed) { - + response.setStatus(401); } } diff --git a/refrigerator/src/main/java/moja/refrigerator/service/user/CustomUserDetailsService.java b/refrigerator/src/main/java/moja/refrigerator/service/user/CustomUserDetailsService.java index 4c3ef4b..604afac 100644 --- a/refrigerator/src/main/java/moja/refrigerator/service/user/CustomUserDetailsService.java +++ b/refrigerator/src/main/java/moja/refrigerator/service/user/CustomUserDetailsService.java @@ -18,10 +18,10 @@ public CustomUserDetailsService(UserRepository userRepository) { } @Override - @Transactional + @Transactional(readOnly = true) public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { User userData = userRepository.findByUserId(username) - .orElseThrow(() -> new UsernameNotFoundException("사용자를 찾을 수 없습니다: " + username)); + .orElseThrow(() -> new UsernameNotFoundException("입력하신 아이디로 가입된 사용자를 찾을 수 없습니다.: " + username)); return new CustomUserDetails(userData); } } diff --git a/refrigerator/src/main/java/moja/refrigerator/service/user/UserServiceImpl.java b/refrigerator/src/main/java/moja/refrigerator/service/user/UserServiceImpl.java index 64388bf..7cd888b 100644 --- a/refrigerator/src/main/java/moja/refrigerator/service/user/UserServiceImpl.java +++ b/refrigerator/src/main/java/moja/refrigerator/service/user/UserServiceImpl.java @@ -35,6 +35,7 @@ public void createUser(UserCreateRequest request) { // 비밀번호 암호화 user.setUserPw(passwordEncoder.encode(request.getUserPw())); + user.setUserRole("ROLE_USER"); userRepository.save(user); }