This repository has been archived by the owner on Aug 13, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #3 from f-lab-edu/feature/1
[#1] Create Account
- Loading branch information
Showing
26 changed files
with
1,163 additions
and
5 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
71 changes: 71 additions & 0 deletions
71
src/main/java/me/jjeda/mall/accounts/Service/AccountService.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,71 @@ | ||
package me.jjeda.mall.accounts.Service; | ||
|
||
import me.jjeda.mall.accounts.domain.Account; | ||
import me.jjeda.mall.accounts.domain.AccountAdapter; | ||
import me.jjeda.mall.accounts.domain.AccountStatus; | ||
import me.jjeda.mall.accounts.dto.AccountDto; | ||
import me.jjeda.mall.accounts.repository.AccountRepository; | ||
import org.springframework.data.domain.Pageable; | ||
import org.springframework.data.web.PagedResourcesAssembler; | ||
import org.springframework.hateoas.PagedResources; | ||
import org.springframework.security.core.userdetails.UserDetails; | ||
import org.springframework.security.core.userdetails.UserDetailsService; | ||
import org.springframework.security.core.userdetails.UsernameNotFoundException; | ||
import org.springframework.security.crypto.password.PasswordEncoder; | ||
import org.springframework.stereotype.Service; | ||
import org.springframework.transaction.annotation.Transactional; | ||
|
||
import java.util.Optional; | ||
|
||
@Service | ||
public class AccountService implements UserDetailsService { | ||
|
||
private AccountRepository accountRepository; | ||
|
||
private PasswordEncoder passwordEncoder; | ||
|
||
public AccountService(AccountRepository accountRepository, PasswordEncoder passwordEncoder) { | ||
this.accountRepository = accountRepository; | ||
this.passwordEncoder = passwordEncoder; | ||
} | ||
|
||
public Account saveAccount(AccountDto dto) { | ||
Account account = dto.toEntity(); | ||
account.setPassword(passwordEncoder.encode(dto.getPassword())); | ||
|
||
return accountRepository.save(account); | ||
} | ||
|
||
public PagedResources findAllAccountWithStatus(AccountStatus status, Pageable pageable, PagedResourcesAssembler<Account> pagedResourcesAssembler) { | ||
|
||
return pagedResourcesAssembler.toResource(accountRepository.findAccountsByStatus(status, pageable)); | ||
|
||
} | ||
|
||
public Optional<Account> getAccount(Long id) { | ||
return accountRepository.findById(id); | ||
} | ||
|
||
@Transactional | ||
public void changeAccountStatus(Long id, AccountStatus status) { | ||
Account account = accountRepository.findById(id).get(); | ||
account.setStatus(status); | ||
} | ||
|
||
@Transactional | ||
public Account updateAccount(Long id, AccountDto accountDto) { | ||
Account account = accountRepository.findById(id).get(); | ||
account.update(accountDto); | ||
|
||
return account; | ||
} | ||
|
||
@Override | ||
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { | ||
Account account = accountRepository.findByEmail(username) | ||
.orElseThrow(() -> new UsernameNotFoundException(username)); | ||
|
||
return AccountAdapter.from(account); | ||
} | ||
|
||
} |
60 changes: 60 additions & 0 deletions
60
src/main/java/me/jjeda/mall/accounts/configs/AuthServerConfig.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,60 @@ | ||
package me.jjeda.mall.accounts.configs; | ||
|
||
import me.jjeda.mall.accounts.Service.AccountService; | ||
import org.springframework.context.annotation.Configuration; | ||
import org.springframework.security.authentication.AuthenticationManager; | ||
import org.springframework.security.crypto.password.PasswordEncoder; | ||
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer; | ||
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter; | ||
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer; | ||
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer; | ||
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer; | ||
import org.springframework.security.oauth2.provider.token.TokenStore; | ||
|
||
@Configuration | ||
@EnableAuthorizationServer | ||
public class AuthServerConfig extends AuthorizationServerConfigurerAdapter { | ||
|
||
private PasswordEncoder passwordEncoder; | ||
|
||
private AuthenticationManager authenticationManager; | ||
|
||
private AccountService accountService; | ||
|
||
private TokenStore tokenStore; | ||
|
||
public AuthServerConfig(PasswordEncoder passwordEncoder, AuthenticationManager authenticationManager, AccountService accountService, TokenStore tokenStore) { | ||
this.passwordEncoder = passwordEncoder; | ||
this.authenticationManager = authenticationManager; | ||
this.accountService = accountService; | ||
this.tokenStore = tokenStore; | ||
} | ||
|
||
// 보안정보 설정 | ||
@Override | ||
public void configure(AuthorizationServerSecurityConfigurer security) throws Exception { | ||
security.passwordEncoder(passwordEncoder); | ||
} | ||
|
||
// 클라이언트 설정 | ||
@Override | ||
public void configure(ClientDetailsServiceConfigurer clients) throws Exception { | ||
clients | ||
.inMemory() | ||
.withClient("temp") | ||
.authorizedGrantTypes("password", "refresh_token") | ||
.scopes("read", "write") | ||
.secret(this.passwordEncoder.encode("pass")) | ||
.accessTokenValiditySeconds(10 * 60) | ||
.refreshTokenValiditySeconds(6 * 10 * 60); | ||
} | ||
|
||
// 엔드포인트 정보 설정 | ||
@Override | ||
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception { | ||
endpoints | ||
.authenticationManager(authenticationManager) | ||
.userDetailsService(accountService) | ||
.tokenStore(tokenStore); | ||
} | ||
} |
20 changes: 20 additions & 0 deletions
20
src/main/java/me/jjeda/mall/accounts/configs/PasswordEncoderConfig.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
package me.jjeda.mall.accounts.configs; | ||
|
||
import org.springframework.context.annotation.Bean; | ||
import org.springframework.context.annotation.Configuration; | ||
import org.springframework.security.crypto.factory.PasswordEncoderFactories; | ||
import org.springframework.security.crypto.password.PasswordEncoder; | ||
|
||
@Configuration | ||
public class PasswordEncoderConfig { | ||
|
||
/** | ||
* password : 평문 Hashing 처리를 위한 메서드 | ||
* | ||
* @return : Bcrypt Encoder | ||
*/ | ||
@Bean | ||
public PasswordEncoder passwordEncoder() { | ||
return PasswordEncoderFactories.createDelegatingPasswordEncoder(); | ||
} | ||
} |
40 changes: 40 additions & 0 deletions
40
src/main/java/me/jjeda/mall/accounts/configs/ResourceServerConfig.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,40 @@ | ||
package me.jjeda.mall.accounts.configs; | ||
|
||
import org.springframework.context.annotation.Configuration; | ||
import org.springframework.http.HttpMethod; | ||
import org.springframework.security.config.annotation.web.builders.HttpSecurity; | ||
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer; | ||
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter; | ||
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer; | ||
import org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler; | ||
|
||
@Configuration | ||
@EnableResourceServer | ||
public class ResourceServerConfig extends ResourceServerConfigurerAdapter { | ||
|
||
@Override | ||
public void configure(ResourceServerSecurityConfigurer resources) throws Exception { | ||
resources.resourceId("account"); | ||
} | ||
|
||
@Override | ||
public void configure(HttpSecurity http) throws Exception { | ||
http | ||
.anonymous() | ||
.and() | ||
.authorizeRequests() | ||
.mvcMatchers(HttpMethod.POST,"/api/accounts") | ||
.anonymous() | ||
.mvcMatchers("/api/accounts/**") | ||
.authenticated() | ||
.mvcMatchers(HttpMethod.GET, "/api/**") | ||
.permitAll() | ||
.mvcMatchers("/admin/**").hasRole("ADMIN") | ||
.anyRequest() | ||
.authenticated() | ||
.and() | ||
.exceptionHandling() | ||
.accessDeniedHandler(new OAuth2AccessDeniedHandler()); | ||
} | ||
|
||
} |
69 changes: 69 additions & 0 deletions
69
src/main/java/me/jjeda/mall/accounts/configs/SecurityConfig.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,69 @@ | ||
package me.jjeda.mall.accounts.configs; | ||
|
||
import me.jjeda.mall.accounts.Service.AccountService; | ||
import org.springframework.boot.autoconfigure.security.servlet.PathRequest; | ||
import org.springframework.context.annotation.Bean; | ||
import org.springframework.context.annotation.Configuration; | ||
import org.springframework.data.redis.connection.RedisConnectionFactory; | ||
import org.springframework.security.authentication.AuthenticationManager; | ||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; | ||
import org.springframework.security.config.annotation.web.builders.HttpSecurity; | ||
import org.springframework.security.config.annotation.web.builders.WebSecurity; | ||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; | ||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; | ||
import org.springframework.security.crypto.password.PasswordEncoder; | ||
import org.springframework.security.oauth2.provider.token.TokenStore; | ||
import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore; | ||
|
||
@Configuration | ||
@EnableWebSecurity | ||
public class SecurityConfig extends WebSecurityConfigurerAdapter { | ||
|
||
private AccountService accountService; | ||
|
||
private PasswordEncoder passwordEncoder; | ||
|
||
public SecurityConfig(AccountService accountService, PasswordEncoder passwordEncoder) { | ||
this.accountService = accountService; | ||
this.passwordEncoder = passwordEncoder; | ||
} | ||
|
||
|
||
/** | ||
* TokenStore -> Redis | ||
*/ | ||
@Bean | ||
public TokenStore tokenStore(RedisConnectionFactory redisConnectionFactory) { | ||
return new RedisTokenStore(redisConnectionFactory); | ||
} | ||
|
||
|
||
@Bean | ||
@Override | ||
public AuthenticationManager authenticationManagerBean() throws Exception { | ||
return super.authenticationManagerBean(); | ||
} | ||
|
||
@Override | ||
protected void configure(AuthenticationManagerBuilder auth) throws Exception { | ||
auth | ||
.userDetailsService(accountService) | ||
.passwordEncoder(passwordEncoder); | ||
} | ||
|
||
@Override | ||
protected void configure(HttpSecurity http) throws Exception { | ||
http | ||
.cors().disable() | ||
.csrf().disable() | ||
.formLogin().disable() | ||
.headers().frameOptions().disable(); | ||
|
||
} | ||
|
||
@Override | ||
public void configure(WebSecurity web) throws Exception { | ||
//정적 파일들 허용 | ||
web.ignoring().requestMatchers(PathRequest.toStaticResources().atCommonLocations()); | ||
} | ||
} |
57 changes: 57 additions & 0 deletions
57
src/main/java/me/jjeda/mall/accounts/controller/AccountController.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,57 @@ | ||
package me.jjeda.mall.accounts.controller; | ||
|
||
import me.jjeda.mall.accounts.Service.AccountService; | ||
import me.jjeda.mall.accounts.domain.Account; | ||
import me.jjeda.mall.accounts.domain.AccountStatus; | ||
import me.jjeda.mall.accounts.dto.AccountDto; | ||
import me.jjeda.mall.common.CurrentUser; | ||
import org.springframework.hateoas.mvc.ControllerLinkBuilder; | ||
import org.springframework.http.ResponseEntity; | ||
import org.springframework.web.bind.annotation.DeleteMapping; | ||
import org.springframework.web.bind.annotation.GetMapping; | ||
import org.springframework.web.bind.annotation.PostMapping; | ||
import org.springframework.web.bind.annotation.PutMapping; | ||
import org.springframework.web.bind.annotation.RequestBody; | ||
import org.springframework.web.bind.annotation.RequestMapping; | ||
import org.springframework.web.bind.annotation.RestController; | ||
|
||
import javax.validation.Valid; | ||
import java.net.URI; | ||
|
||
@RestController | ||
@RequestMapping("/api/accounts") | ||
public class AccountController { | ||
|
||
private AccountService accountService; | ||
|
||
public AccountController(AccountService accountService) { | ||
this.accountService = accountService; | ||
} | ||
|
||
@PostMapping | ||
public ResponseEntity createAccount(@RequestBody @Valid AccountDto requestAccount) { | ||
Account account = accountService.saveAccount(requestAccount); | ||
URI uri = ControllerLinkBuilder.linkTo(AccountController.class).slash(account.getId()).toUri(); | ||
|
||
return ResponseEntity.created(uri).body(account); | ||
} | ||
|
||
@GetMapping | ||
public ResponseEntity getAccount(@CurrentUser Account account) { | ||
return ResponseEntity.ok(account); | ||
} | ||
|
||
@DeleteMapping | ||
public ResponseEntity withdrawFromMembership(@CurrentUser Account account) { | ||
accountService.changeAccountStatus(account.getId(), AccountStatus.DELETED); | ||
|
||
return ResponseEntity.ok().build(); | ||
} | ||
|
||
@PutMapping | ||
public ResponseEntity updateAccount(@RequestBody @Valid AccountDto accountDto, @CurrentUser Account account) { | ||
Account updateAccount = accountService.updateAccount(account.getId(), accountDto); | ||
|
||
return ResponseEntity.ok(updateAccount); | ||
} | ||
} |
Oops, something went wrong.