今度はLOGINの機能を具現しようと思います。
まず、Configureに
.loginProcessingUrl("/login") //springSecurity代わりに 認証します。
.defaultSuccessUrl("/");
二つのCODEを書きます。
LOGINのHTMLを作ります。
<!DOCTYPE html>
<html xmlns:th="http://www.thymeleaf.org"
xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout"
layout:decorate="~{layouts/content1}">
<div layout:fragment="content">
<form class="loginformz" action="/login" method="post">
<h1 class="border-bottom"> Please sign in</h1>
<div class="form-floating">
<input type="email" class="form-control" name="email" placeholder="Email address">
</div>
<div class="form-floating">
<input type="password" class="form-control" name="password" placeholder="password">
</div>
<button class="btn btn-primary" type="button" >Login</button>
<button class="btn btn-info" type="button" onclick="location.href='/joinform'">Sign up</button>
</form>
</div>
</html>
そして、authを具現します。
package com.rbwsn.auth;
//LOGINが終わったらSESSIONを作ります。
import com.rbwsn.entity.User;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import java.util.ArrayList;
import java.util.Collection;
public class SecurityDetails implements UserDetails {
User user;
public SecurityDetails(User user){
this.user=user;
}
//権限をReturn
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
Collection<GrantedAuthority> collection = new ArrayList<>();
collection.add(new GrantedAuthority() {
@Override
public String getAuthority() {
return user.getRole().toString();
}
});
return collection;
}
@Override
public String getPassword() {
return user.getPassword();
}
@Override
public String getUsername() {
return user.getUsername();
}
@Override
public boolean isAccountNonExpired() {
return true;
}
@Override
public boolean isAccountNonLocked() {
return true;
}
@Override
public boolean isCredentialsNonExpired() {
return true;
}
@Override
public boolean isEnabled() {
return true;
}
}
そして、UserDeailServiceを具現します。
このCLASSはUsernameをもらってnullがなければ新しくSecurityDetailsを作ってパスワードの間違いがあるか検査します。
package com.rbwsn.auth;
import com.rbwsn.entity.User;
import com.rbwsn.repository.UserRepository;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
@Service
public class SecurityDetailsService implements UserDetailsService{
@Autowired
private UserRepository userRepository;
@Override
public UserDetails loadUserByUsername(String email) throws UsernameNotFoundException {
User user = userRepository.findByEmail(email);
if(user!=null){
return new SecurityDetails(user);
}
return null;
}
}
loginform
<!DOCTYPE html>
<html xmlns:th="http://www.thymeleaf.org"
xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout"
layout:decorate="~{layouts/content1}">
<div layout:fragment="content">
<form class="loginformz" action="/login" method="post" >
<h1 class="border-bottom"> Please sign in</h1>
<div class="form-floating">
<input type="email" class="form-control" name="email" placeholder="Email address">
</div>
<div class="form-floating">
<input type="password" class="form-control" name="password" placeholder="password">
</div>
<p th:if="${param.error}" style="color: red">emailを見つけられないでしたり、パスワードが正しくありません。</p>
<button class="btn btn-primary" type="submit">Login</button>
<button class="btn btn-info" type="button" onclick="location.href='/joinform'">Sign up</button>
</form>
</div>
</html>