gdg-yonsei · ddoddii · Oct 6, 2023 · Oct 6, 2023 · Oct 6, 2023 · Oct 6, 2023
diff --git a/docs/step1.md b/docs/step1.md
@@ -0,0 +1,29 @@
+## Step 1
+> 회원가입 & 로그인 구현
+
+### 회원가입 
+- `user/signup` 
+- h2 database 사용
+
+### 로그인
+- `user/login`
+- id(PK), userId, username, email, password 를 저장했다. 
+- 여기서 userId 와 email 은 unique 값으로 설정했다. 만약 이미 존재하는  userId 와 email을 입력하면 `DataIntegrityViolationException` 이 뜨도록 했다.
+
+-----
+### Spring Security
+- 스프링 시큐리티는 스프링 기반 어플리케이션의 인증과 권한을 담당하는 스프링 하위 프레임워크이다. 
+- 스프링 시큐리티의 세부 설정은 SecurityFilterChain 빈을 생성하여 설정했다. 
+
+### 프론트
+- 프론트는 bootstrap 사용
+
+----
+### 구현 화면
+- 회원가입
+
+  ![image](https://github.com/ddoddii/ddoddii.github.io/assets/95014836/04ad9802-5a5b-46f3-8561-f5024dfd9cf3)
+
+- 로그인
+
+  ![image](https://github.com/ddoddii/ddoddii.github.io/assets/95014836/a9c6545a-3ddb-43f1-93c9-fc08d05ac2c5)
diff --git a/src/main/java/com/cokepoke/app/MainController.java b/src/main/java/com/cokepoke/app/MainController.java
@@ -0,0 +1,12 @@
+package com.cokepoke.app;
+
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.GetMapping;
+
+@Controller
+public class MainController {
+    @GetMapping("/")
+    public String root() {
+        return "redirect:/user/login";
+    }
+}
diff --git a/src/main/java/com/cokepoke/app/SbbApplication.java b/src/main/java/com/cokepoke/app/SbbApplication.java
@@ -0,0 +1,11 @@
+package com.cokepoke.app;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+@SpringBootApplication
+public class SbbApplication {
+    public static void main(String[] args) {
+        SpringApplication.run(SbbApplication.class, args);
+    }
+}
diff --git a/src/main/java/com/cokepoke/app/SecurityConfig.java b/src/main/java/com/cokepoke/app/SecurityConfig.java
@@ -0,0 +1,50 @@
+package com.cokepoke.app;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter;
+import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
+
+@Configuration
+@EnableWebSecurity
+public class SecurityConfig {
+    @Bean
+    SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+        http
+                .authorizeHttpRequests((authorizeHttpRequests) -> authorizeHttpRequests
+                        .requestMatchers(new AntPathRequestMatcher("/**")).permitAll())
+                .csrf((csrf) -> csrf
+                        .ignoringRequestMatchers(new AntPathRequestMatcher("/h2-console/**")))
+                .headers((headers) -> headers
+                        .addHeaderWriter(new XFrameOptionsHeaderWriter(
+                                XFrameOptionsHeaderWriter.XFrameOptionsMode.SAMEORIGIN)))
+                .formLogin((formLogin) -> formLogin
+                        .loginPage("/user/login")
+                        .defaultSuccessUrl("/"))
+                .logout((logout) -> logout
+                        .logoutRequestMatcher(new AntPathRequestMatcher("/user/logout"))
+                        .logoutSuccessUrl("/")
+                        .invalidateHttpSession(true))
+        ;
+        return http.build();
+    }
+
+    @Bean
+    PasswordEncoder passwordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
+
+    @Bean
+    AuthenticationManager authenticationManager(AuthenticationConfiguration authenticationConfiguration) throws Exception {
+        return authenticationConfiguration.getAuthenticationManager();
+    }
+
+
+}
diff --git a/src/main/java/com/cokepoke/app/user/SiteUser.java b/src/main/java/com/cokepoke/app/user/SiteUser.java
@@ -0,0 +1,28 @@
+package com.cokepoke.app.user;
+
+import jakarta.persistence.*;
+import lombok.Getter;
+import lombok.Setter;
+
+@Getter
+@Setter
+@Entity
+public class SiteUser {
+
+    @Id
+    @GeneratedValue(strategy = GenerationType.IDENTITY)
+    private Long id;
+
+    @Column(unique = true)
+    private String userId;
+
+    @Column(unique = true)
+    private String email;
+
+    @Column
+    private String password;
+
+    @Column
+    private String userName;
+
+}
diff --git a/src/main/java/com/cokepoke/app/user/UserController.java b/src/main/java/com/cokepoke/app/user/UserController.java
@@ -0,0 +1,55 @@
+package com.cokepoke.app.user;
+
+import jakarta.validation.Valid;
+import lombok.RequiredArgsConstructor;
+import org.springframework.dao.DataIntegrityViolationException;
+import org.springframework.stereotype.Controller;
+import org.springframework.validation.BindingResult;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+
+@RequiredArgsConstructor
+@Controller
+@RequestMapping("/user")
+public class UserController {
+    private final UserService userService;
+
+    @GetMapping("/signup")
+    public String signup(UserCreateForm userCreateForm){
+        return "signup_form";
+    }
+
+    @PostMapping("/signup")
+    public  String signup(@Valid UserCreateForm userCreateForm, BindingResult bindingResult){
+        if (bindingResult.hasErrors()){
+            return "signup_form";
+        }
+        if (!userCreateForm.getPassword1().equals(userCreateForm.getPassword2())){
+            bindingResult.rejectValue("password2","PasswordIncorrect","Password Does Not Match");
+            return "signup_form";
+        }
+
+        try{
+            userService.createUser(userCreateForm.getUserId(), userCreateForm.getUserName(), userCreateForm.getEmail(), userCreateForm.getPassword1());
+        }
+        catch (DataIntegrityViolationException e) {
+            e.printStackTrace();
+            bindingResult.reject("signupFailed", "Already Exsisting User");
+            return "signup_form";
+        } catch (Exception e) {
+            e.printStackTrace();
+            bindingResult.reject("signupFailed", e.getMessage());
+            return "signup_form";
+        }
+
+
+        return "redirect:/";
+    }
+
+    @GetMapping("/login")
+    public String login(){
+        return "login_form";
+    }
+
+}
diff --git a/src/main/java/com/cokepoke/app/user/UserCreateForm.java b/src/main/java/com/cokepoke/app/user/UserCreateForm.java
@@ -0,0 +1,31 @@
+package com.cokepoke.app.user;
+
+import jakarta.validation.constraints.Email;
+import jakarta.validation.constraints.NotEmpty;
+import jakarta.validation.constraints.Size;
+import lombok.Getter;
+import lombok.Setter;
+
+@Getter
+@Setter
+public class UserCreateForm {
+    @Size(min = 3, max = 25, message = "User Id must be over 3 and under 25 characters")
+    @NotEmpty(message = "UserID is necessary")
+    private String userId;
+
+    @NotEmpty(message = "Password is necessary")
+    private String password1;
+
+    @NotEmpty(message = "Check password again")
+    private String password2;
+
+    @NotEmpty(message = "Email is necessary")
+    @Email
+    private String email;
+
+    @NotEmpty(message = "User name is necessary")
+    private String userName;
+
+
+
+}
diff --git a/src/main/java/com/cokepoke/app/user/UserRepository.java b/src/main/java/com/cokepoke/app/user/UserRepository.java
@@ -0,0 +1,9 @@
+package com.cokepoke.app.user;
+
+import org.springframework.data.jpa.repository.JpaRepository;
+
+import java.util.Optional;
+
+public interface UserRepository extends JpaRepository<SiteUser, Long> {
+    Optional<SiteUser> findByUserId(String userId);
+}
diff --git a/src/main/java/com/cokepoke/app/user/UserRole.java b/src/main/java/com/cokepoke/app/user/UserRole.java
@@ -0,0 +1,15 @@
+package com.cokepoke.app.user;
+
+import lombok.Getter;
+
+@Getter
+public enum UserRole {
+    ADMIN("ROLE_ADMIN"),
+    USER("ROLE_USER") ;
+
+    UserRole(String value){
+        this.value = value;
+    }
+    private String value;
+
+}
diff --git a/src/main/java/com/cokepoke/app/user/UserSecurityService.java b/src/main/java/com/cokepoke/app/user/UserSecurityService.java
@@ -0,0 +1,38 @@
+package com.cokepoke.app.user;
+
+import lombok.RequiredArgsConstructor;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.stereotype.Service;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Optional;
+
+@RequiredArgsConstructor
+@Service
+public class UserSecurityService implements UserDetailsService {
+
+    private final UserRepository userRepository;
+    @Override
+    public UserDetails loadUserByUsername(String userId) throws UsernameNotFoundException{
+        Optional<SiteUser> _siteUser = this.userRepository.findByUserId(userId);
+        if (_siteUser.isEmpty()){
+            throw new UsernameNotFoundException("Cannot Find User");
+        }
+        SiteUser siteUser = _siteUser.get();
+        List<GrantedAuthority> authorities = new ArrayList<>();
+        if ("admin".equals(userId)){
+            authorities.add(new SimpleGrantedAuthority(UserRole.ADMIN.getValue()));
+        }
+        else {
+            authorities.add(new SimpleGrantedAuthority(UserRole.USER.getValue()));
+        }
+        return new User(siteUser.getUserId(), siteUser.getPassword(), authorities);
+    }
+}
+
diff --git a/src/main/java/com/cokepoke/app/user/UserService.java b/src/main/java/com/cokepoke/app/user/UserService.java
@@ -0,0 +1,25 @@
+package com.cokepoke.app.user;
+
+import lombok.RequiredArgsConstructor;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.stereotype.Service;
+
+@RequiredArgsConstructor
+@Service
+public class UserService {
+    private final UserRepository userRepository;
+    private final PasswordEncoder passwordEncoder;
+
+
+    public SiteUser createUser(String userId, String userName, String email, String password){
+        SiteUser user = new SiteUser();
+        user.setUserId(userId);
+        user.setUserName(userName);
+        user.setEmail(email);
+        user.setPassword(passwordEncoder.encode(password));
+        this.userRepository.save(user);
+        return user;
+    }
+
+
+}
diff --git a/src/main/resources/static/bootstrap.min.css b/src/main/resources/static/bootstrap.min.css
diff --git a/src/main/resources/static/bootstrap.min.js b/src/main/resources/static/bootstrap.min.js
diff --git a/src/main/resources/templates/form_errors.html b/src/main/resources/templates/form_errors.html
@@ -0,0 +1,4 @@
+<div th:fragment="formErrorsFragment" class="alert alert-danger"
+     role="alert" th:if="${#fields.hasAnyErrors()}">
+    <div th:each="err : ${#fields.allErrors()}" th:text="${err}" />
+</div>
diff --git a/src/main/resources/templates/layout.html b/src/main/resources/templates/layout.html
@@ -0,0 +1,22 @@
+<!doctype html>
+<html lang="ko">
+<head>
+  <!-- Required meta tags -->
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <!-- Bootstrap CSS -->
+  <link rel="stylesheet" type="text/css" th:href="@{/bootstrap.min.css}">
+  <!-- sbb CSS -->
+  <link rel="stylesheet" type="text/css" th:href="@{/style.css}">
+  <title>Welcome to Coke Poke 🥤</title>
+</head>
+<body>
+<!-- 네비게이션바 -->
+<nav th:replace="~{navbar :: navbarFragment}"></nav>
+<!-- 기본 템플릿 안에 삽입될 내용 Start -->
+<th:block layout:fragment="content"></th:block>
+<!-- 기본 템플릿 안에 삽입될 내용 End -->
+<!-- Bootstrap JS -->
+<script th:src="@{/bootstrap.min.js}"></script>
+</body>
+</html>
diff --git a/src/main/resources/templates/login_form.html b/src/main/resources/templates/login_form.html
@@ -0,0 +1,25 @@
+<html layout:decorate="~{layout}">
+<div layout:fragment="content" class="container my-3">
+  <div class="my-3 border-bottom">
+    <div>
+      <h4>Log In</h4>
+    </div>
+  </div>
+  <form th:action="@{/user/login}" method="post">
+    <div th:if="${param.error}">
+      <div class="alert alert-danger">
+        Check Id or Password
+      </div>
+    </div>
+    <div class="mb-3">
+      <label for="username" class="form-label">ID</label>
+      <input type="text" name="username" id="username" class="form-control">
+    </div>
+    <div class="mb-3">
+      <label for="password" class="form-label">Password</label>
+      <input type="password" name="password" id="password" class="form-control">
+    </div>
+    <button type="submit" class="btn btn-primary">LogIn</button>
+  </form>
+</div>
+</html>
diff --git a/src/main/resources/templates/navbar.html b/src/main/resources/templates/navbar.html
@@ -0,0 +1,21 @@
+<nav th:fragment="navbarFragment" class="navbar navbar-expand-lg navbar-light bg-light border-bottom"
+     xmlns:sec="http://www.w3.org/1999/xhtml">
+  <div class="container-fluid">
+    <a class="navbar-brand" href="/">Coke Poke 👉🥤👈</a>
+    <button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarSupportedContent"
+            aria-controls="navbarSupportedContent" aria-expanded="false" aria-label="Toggle navigation">
+      <span class="navbar-toggler-icon"></span>
+    </button>
+    <div class="collapse navbar-collapse" id="navbarSupportedContent">
+      <ul class="navbar-nav me-auto mb-2 mb-lg-0">
+        <li class="nav-item">
+          <a class="nav-link" sec:authorize="isAnonymous()" th:href="@{/user/login}">Log In</a>
+          <a class="nav-link" sec:authorize="isAuthenticated()" th:href="@{/user/logout}">Log Out</a>
+        </li>
+        <li class="nav-item">
+          <a class="nav-link" th:href="@{/user/signup}">Sign Up</a>
+        </li>
+      </ul>
+    </div>
+  </div>
+</nav>