ログイン機能実装途中

9d431c28 · keita.onoguchi · 6ca8e1dd · 9d431c28 · 9d431c28 · 9d431c28
Commit 9d431c28 authored Oct 14, 2020 by keita.onoguchi
5 changed files
--- a/src/main/java/com/example/SecurityConfig.java
+++ b/src/main/java/com/example/SecurityConfig.java
+package com.example;
+import org.springframework.context.annotation.Bean;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.builders.WebSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.crypto.password.Pbkdf2PasswordEncoder;
+@EnableWebSecurity
+public class SecurityConfig extends WebSecurityConfigurerAdapter{
+	@Bean
+	PasswordEncoder passwordEncoder(){
+		return new Pbkdf2PasswordEncoder();
+	}
+	@Override
+	public void configure(WebSecurity web) throws Exception{
+		web
+			.debug(false)
+			.ignoring()
+			.antMatchers("/images/**", "/js/**", "/css/**")
+			;
+	}
+	@Override
+	protected void configure(HttpSecurity http) throws Exception {
+		http
+			.authorizeRequests()
+				.mvcMatchers("/", "/signup", "/login").permitAll()
+				.mvcMatchers("/limited/admin/**").hasRole("ADMIN")
+				.anyRequest().authenticated()
+			.and()
+			.formLogin()
+				.defaultSuccessUrl("/top")
+			.and()
+			.logout()
+				.invalidateHttpSession(true)
+				.deleteCookies("JSESSIONID")
+				.logoutSuccessUrl("/login");
+	}
+}
--- a/src/main/java/com/example/domain/LoginUser.java
+++ b/src/main/java/com/example/domain/LoginUser.java
+package com.example.domain;
+import java.util.Collections;
+import java.util.Set;
+import java.util.stream.Collectors;
+import java.util.stream.Stream;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import lombok.extern.slf4j.Slf4j;
+//ユーザーの認証・認可にかかわるクラス
+@Slf4j
+public class LoginUser extends org.springframework.security.core.userdetails.User{
+	private static final long serialVersionUID = 1L;
+	private User user;
+	public LoginUser(User user){
+		super(user.getEmail(), user.getPassword(), convertGrantedAuthorities(user.getRoles()));
+		this.user = user;
+	}
+	public User getUser() {
+		return user;
+	}
+	static Set<GrantedAuthority> convertGrantedAuthorities(String roles){
+		if(roles == null || roles.isEmpty()){
+			return Collections.emptySet();
+		}
+		Set<GrantedAuthority> authorities = Stream.of(roles.split(","))
+				.map(SimpleGrantedAuthority::new)
+				.collect(Collectors.toSet());
+		return authorities;
+	}
+}
--- a/src/main/java/com/example/domain/User.java
+++ b/src/main/java/com/example/domain/User.java
+package com.example.domain;
+import java.sql.Date;
+import java.util.Collection;
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.GeneratedValue;
+import javax.persistence.Id;
+import javax.persistence.Table;
+import org.springframework.security.core.GrantedAuthority;
+import lombok.AllArgsConstructor;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+import lombok.ToString;
+//ログイン用のエンティティークラス
+@Data
+@NoArgsConstructor
+@AllArgsConstructor
+@Entity
+@Table(name="users")
+@ToString(exclude = { "email", "password" })
+public class User {
+	@GeneratedValue
+	private int id;
+	@Column(nullable = false)
+	private String name;
+	@Column(nullable = false)
+	private String postalCode;
+	@Column(nullable = false)
+	private String address;
+	@Column(nullable = false)
+	private String phoneNumber;
+	@Id
+	@Column(nullable = false)
+	private String email;
+	@Column(nullable = false)
+	private String password;
+	@Column(nullable = false)
+	private String roles;
+	@Column(nullable = false)
+	private Date createdAt;
+	@Column(nullable = false)
+	private Date updatedAt;
+}
--- a/src/main/java/com/example/repository/UserRepository.java
+++ b/src/main/java/com/example/repository/UserRepository.java
+package com.example.repository;
+import java.util.Optional;
+import org.springframework.data.jpa.repository.JpaRepository;
+import com.example.domain.User;
+public interface UserRepository extends JpaRepository<User, String>{
+	Optional<User> findByEmail(String email);
+}
--- a/src/main/java/com/example/service/LoginUserDetailsService.java
+++ b/src/main/java/com/example/service/LoginUserDetailsService.java
+package com.example.service;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+import com.example.repository.UserRepository;
+import lombok.extern.slf4j.Slf4j;
+@Service
+@Slf4j
+public class LoginUserDetailsService implements UserDetailsService {
+	private final UserRepository userRepository;
+	public LoginUserDetailsService(UserRepository userRepository){
+		this.userRepository = userRepository;
+	}
+	@Transactional(readOnly = true)
+	@Override
+	public UserDetails loadUserByUsername(String email) throws UsernameNotFoundException{
+		assert(email != null);
+		log.debug();
+	}
+}