admin: 로그인 회원 초기 인증 정보 수정(역할 데이터 삽입)
This commit is contained in:
parent
c9f30c4da3
commit
a74b0a56f4
|
|
@ -2,6 +2,7 @@ package com.bpgroup.poc.admin.app.authorization;
|
||||||
|
|
||||||
import com.bpgroup.poc.admin.domain.admin.entity.Admin;
|
import com.bpgroup.poc.admin.domain.admin.entity.Admin;
|
||||||
import com.bpgroup.poc.admin.domain.admin.service.AdminService;
|
import com.bpgroup.poc.admin.domain.admin.service.AdminService;
|
||||||
|
import com.bpgroup.poc.admin.domain.role.entity.Role;
|
||||||
import lombok.RequiredArgsConstructor;
|
import lombok.RequiredArgsConstructor;
|
||||||
import lombok.extern.slf4j.Slf4j;
|
import lombok.extern.slf4j.Slf4j;
|
||||||
import org.springframework.stereotype.Service;
|
import org.springframework.stereotype.Service;
|
||||||
|
|
@ -28,4 +29,15 @@ public class AuthorizationAppService {
|
||||||
return admin.getAdminRole().getRole().getRoleMenus().stream()
|
return admin.getAdminRole().getRole().getRoleMenus().stream()
|
||||||
.anyMatch(roleMenu -> requestUri.contains(roleMenu.getMenu().getUri()));
|
.anyMatch(roleMenu -> requestUri.contains(roleMenu.getMenu().getUri()));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public List<String> getRolesByUsername(String username) {
|
||||||
|
Optional<Admin> findAdmin = adminService.find(username);
|
||||||
|
if (findAdmin.isEmpty()) {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
Admin admin = findAdmin.get();
|
||||||
|
Role role = admin.getAdminRole().getRole();
|
||||||
|
return List.of(role.getName());
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -80,7 +80,7 @@ public class SecurityConfig {
|
||||||
private void configureFormLogin(HttpSecurity http) throws Exception {
|
private void configureFormLogin(HttpSecurity http) throws Exception {
|
||||||
http.formLogin(AbstractHttpConfigurer::disable);
|
http.formLogin(AbstractHttpConfigurer::disable);
|
||||||
http.addFilterBefore(authenticationGenerateFilter(), UsernamePasswordAuthenticationFilter.class);
|
http.addFilterBefore(authenticationGenerateFilter(), UsernamePasswordAuthenticationFilter.class);
|
||||||
http.addFilterAfter(new JwtTokenValidateFilter(jwtTokenProvider), BasicAuthenticationFilter.class);
|
http.addFilterAfter(new JwtTokenValidateFilter(jwtTokenProvider,authorizationAppService), BasicAuthenticationFilter.class);
|
||||||
}
|
}
|
||||||
|
|
||||||
private void configureLogout(HttpSecurity http) throws Exception {
|
private void configureLogout(HttpSecurity http) throws Exception {
|
||||||
|
|
|
||||||
|
|
@ -1,5 +1,7 @@
|
||||||
package com.bpgroup.poc.admin.security.jwt;
|
package com.bpgroup.poc.admin.security.jwt;
|
||||||
|
|
||||||
|
import com.bpgroup.poc.admin.app.authorization.AuthorizationAppService;
|
||||||
|
import com.bpgroup.poc.admin.domain.role.entity.Role;
|
||||||
import com.bpgroup.poc.admin.security.jwt.exception.JwtTokenExpiredException;
|
import com.bpgroup.poc.admin.security.jwt.exception.JwtTokenExpiredException;
|
||||||
import com.bpgroup.poc.admin.security.jwt.exception.JwtTokenInvalidException;
|
import com.bpgroup.poc.admin.security.jwt.exception.JwtTokenInvalidException;
|
||||||
import io.jsonwebtoken.Claims;
|
import io.jsonwebtoken.Claims;
|
||||||
|
|
@ -11,11 +13,15 @@ import jakarta.servlet.http.HttpServletResponse;
|
||||||
import lombok.RequiredArgsConstructor;
|
import lombok.RequiredArgsConstructor;
|
||||||
import lombok.extern.slf4j.Slf4j;
|
import lombok.extern.slf4j.Slf4j;
|
||||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||||
|
import org.springframework.security.core.GrantedAuthority;
|
||||||
|
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
||||||
import org.springframework.security.core.context.SecurityContextHolder;
|
import org.springframework.security.core.context.SecurityContextHolder;
|
||||||
import org.springframework.web.filter.OncePerRequestFilter;
|
import org.springframework.web.filter.OncePerRequestFilter;
|
||||||
import org.springframework.web.util.WebUtils;
|
import org.springframework.web.util.WebUtils;
|
||||||
|
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
|
import java.util.List;
|
||||||
|
import java.util.stream.Collectors;
|
||||||
import java.util.stream.Stream;
|
import java.util.stream.Stream;
|
||||||
|
|
||||||
@Slf4j
|
@Slf4j
|
||||||
|
|
@ -23,6 +29,7 @@ import java.util.stream.Stream;
|
||||||
public class JwtTokenValidateFilter extends OncePerRequestFilter {
|
public class JwtTokenValidateFilter extends OncePerRequestFilter {
|
||||||
|
|
||||||
private final JwtTokenProvider jwtTokenProvider;
|
private final JwtTokenProvider jwtTokenProvider;
|
||||||
|
private final AuthorizationAppService authorizationAppService;
|
||||||
private static final String[] EXCLUDED_URL_PATTERNS = {"/login", "/logout", "/error", "/css", "/js", "/images", "/favicon.ico", "/common/modal", "/font", "/csrf"};
|
private static final String[] EXCLUDED_URL_PATTERNS = {"/login", "/logout", "/error", "/css", "/js", "/images", "/favicon.ico", "/common/modal", "/font", "/csrf"};
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -36,7 +43,7 @@ public class JwtTokenValidateFilter extends OncePerRequestFilter {
|
||||||
Claims claims = jwtTokenProvider.getClaims(accessToken);
|
Claims claims = jwtTokenProvider.getClaims(accessToken);
|
||||||
String username = claims.get("username", String.class);
|
String username = claims.get("username", String.class);
|
||||||
|
|
||||||
setSecurityContext(username);
|
setSecurityContext(username,authorizationAppService);
|
||||||
} else {
|
} else {
|
||||||
log.error("SESSION ID: {} Request - JWT AT 토큰 없음", sessionId);
|
log.error("SESSION ID: {} Request - JWT AT 토큰 없음", sessionId);
|
||||||
}
|
}
|
||||||
|
|
@ -60,7 +67,7 @@ public class JwtTokenValidateFilter extends OncePerRequestFilter {
|
||||||
|
|
||||||
jwtTokenProvider.generateToken(request, response, username, JwtTokenProvider.JwtTokenIssueType.REGENERATE);
|
jwtTokenProvider.generateToken(request, response, username, JwtTokenProvider.JwtTokenIssueType.REGENERATE);
|
||||||
|
|
||||||
setSecurityContext(username);
|
setSecurityContext(username,authorizationAppService);
|
||||||
} catch (JwtTokenExpiredException e) {
|
} catch (JwtTokenExpiredException e) {
|
||||||
log.error("SESSION ID: {} JWT RT 토큰 만료", sessionId);
|
log.error("SESSION ID: {} JWT RT 토큰 만료", sessionId);
|
||||||
} catch (JwtTokenInvalidException e) {
|
} catch (JwtTokenInvalidException e) {
|
||||||
|
|
@ -69,8 +76,12 @@ public class JwtTokenValidateFilter extends OncePerRequestFilter {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
private static void setSecurityContext(String username) {
|
private static void setSecurityContext(String username, AuthorizationAppService authorizationAppService) {
|
||||||
UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken(username, null, null);
|
List<String> roles = authorizationAppService.getRolesByUsername(username);
|
||||||
|
List<GrantedAuthority> authorities = roles.stream()
|
||||||
|
.map(role -> new SimpleGrantedAuthority("ROLE_" + role.toUpperCase()))
|
||||||
|
.collect(Collectors.toList());
|
||||||
|
UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken(username, null, authorities);
|
||||||
SecurityContextHolder.getContext().setAuthentication(auth);
|
SecurityContextHolder.getContext().setAuthentication(auth);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,7 @@
|
||||||
<!DOCTYPE html>
|
<!DOCTYPE html>
|
||||||
<html lang="ko" xmlns:th="http://www.thymeleaf.org"
|
<html lang="ko" xmlns:th="http://www.thymeleaf.org"
|
||||||
xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout"
|
xmlns:sec="http://www.thymeleaf.org/extras/spring-security"
|
||||||
layout:decorate="~{main/admin/management/root.html}">
|
xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout">
|
||||||
<body>
|
<body>
|
||||||
<th:block layout:fragment="innerContents">
|
<th:block layout:fragment="innerContents">
|
||||||
<h2>관리자 등록</h2>
|
<h2>관리자 등록</h2>
|
||||||
|
|
@ -15,7 +15,7 @@
|
||||||
<option value="">선택</option>
|
<option value="">선택</option>
|
||||||
<option th:each="role : ${roles}" th:value="${role.getId()}" th:text="${role.getName()}"></option>
|
<option th:each="role : ${roles}" th:value="${role.getId()}" th:text="${role.getName()}"></option>
|
||||||
</select>
|
</select>
|
||||||
<button type="button" id="btnCreate" class="btn_blue posi_right" data-bs-dismiss="modal">등록</button>
|
<button type="button" id="btnCreate" class="btn_blue posi_right" data-bs-dismiss="modal" sec:authorize="hasAnyRole('SUPER_ADMIN')" >등록</button>
|
||||||
<button type="button" id="btnCheckDuplication" class="btn_blue posi_right" data-bs-dismiss="modal">중복체크</button>
|
<button type="button" id="btnCheckDuplication" class="btn_blue posi_right" data-bs-dismiss="modal">중복체크</button>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,6 @@
|
||||||
<!DOCTYPE html>
|
<!DOCTYPE html>
|
||||||
<html lang="ko" xmlns:th="http://www.thymeleaf.org"
|
<html lang="ko" xmlns:th="http://www.thymeleaf.org"
|
||||||
xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout"
|
xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout">
|
||||||
layout:decorate="~{main/admin/role/root.html}">
|
|
||||||
<body>
|
<body>
|
||||||
<th:block layout:fragment="innerContents">
|
<th:block layout:fragment="innerContents">
|
||||||
</th:block>
|
</th:block>
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue