웹개발/Spring Security

Spring Security 4-login具現

RBWSN 2021. 9. 30. 10:14
728x90

今度はLOGINの機能を具現しようと思います。

 

まず、Configureに

.loginProcessingUrl("/login") //springSecurity代わりに 認証します。
                .defaultSuccessUrl("/");

二つのCODEを書きます。

LOGINのHTMLを作ります。

<!DOCTYPE html>
<html xmlns:th="http://www.thymeleaf.org"
      xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout"
      layout:decorate="~{layouts/content1}">


<div layout:fragment="content">

    <form class="loginformz" action="/login" method="post">
        <h1 class="border-bottom"> Please sign in</h1>
        <div class="form-floating">
            <input type="email" class="form-control" name="email" placeholder="Email address">
        </div>
        <div class="form-floating">
            <input type="password" class="form-control" name="password" placeholder="password">
        </div>

        <button class="btn btn-primary" type="button" >Login</button>
        <button class="btn btn-info" type="button" onclick="location.href='/joinform'">Sign up</button>
    </form>

</div>

</html>

 

そして、authを具現します。

package com.rbwsn.auth;

//LOGINが終わったらSESSIONを作ります。

import com.rbwsn.entity.User;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;

import java.util.ArrayList;
import java.util.Collection;

public class SecurityDetails implements UserDetails {

    User user;

    public SecurityDetails(User user){
        this.user=user;
    }

    //権限をReturn
    @Override
    public Collection<? extends GrantedAuthority> getAuthorities() {
        Collection<GrantedAuthority> collection = new ArrayList<>();
        collection.add(new GrantedAuthority() {
            @Override
            public String getAuthority() {
                return user.getRole().toString();
            }
        });
        return collection;
    }

    @Override
    public String getPassword() {
        return user.getPassword();
    }

    @Override
    public String getUsername() {
        return user.getUsername();
    }

    @Override
    public boolean isAccountNonExpired() {
        return true;
    }

    @Override
    public boolean isAccountNonLocked() {
        return true;
    }

    @Override
    public boolean isCredentialsNonExpired() {
        return true;
    }

    @Override
    public boolean isEnabled() {
        return true;
    }
}

そして、UserDeailServiceを具現します。

このCLASSはUsernameをもらってnullがなければ新しくSecurityDetailsを作ってパスワードの間違いがあるか検査します。

 

package com.rbwsn.auth;

import com.rbwsn.entity.User;
import com.rbwsn.repository.UserRepository;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;

@Service
public class SecurityDetailsService implements UserDetailsService{

    @Autowired
    private UserRepository userRepository;


    @Override
    public UserDetails loadUserByUsername(String email) throws UsernameNotFoundException {
        User user = userRepository.findByEmail(email);
        if(user!=null){
            return new SecurityDetails(user);
        }
        return null;

    }



}

 

loginform

 

<!DOCTYPE html>
<html xmlns:th="http://www.thymeleaf.org"
      xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout"
      layout:decorate="~{layouts/content1}">



<div layout:fragment="content">


    <form class="loginformz" action="/login" method="post" >
        <h1 class="border-bottom"> Please sign in</h1>
        <div class="form-floating">
            <input type="email" class="form-control" name="email" placeholder="Email address">
        </div>
        <div class="form-floating">
            <input type="password" class="form-control" name="password" placeholder="password">
        </div>
        <p th:if="${param.error}" style="color: red">emailを見つけられないでしたり、パスワードが正しくありません。</p>

        <button class="btn btn-primary" type="submit">Login</button>
        <button class="btn btn-info" type="button" onclick="location.href='/joinform'">Sign up</button>
    </form>

</div>

</html>

 

 

728x90

'웹개발 > Spring Security' 카테고리의 다른 글

Spring Security 6-Facebook LoginとRefactorying  (0) 2021.10.01
Spring Security 5-Google Login  (0) 2021.09.30
Spring Security 3-Config and 登録  (0) 2021.09.28
Spring Security 2 - login page  (0) 2021.09.28
Spring Security 1  (0) 2021.09.28

'웹개발/Spring Security'의 다른글

  • 현재글Spring Security 4-login具現

관련글

댓글

티스토리툴바