[개발] - Spring/Security
JWT 예제 구현 (6) Dto, Repository, UserDetailsService 구현 인터페이스
완벽한 장면
2023. 12. 12. 23:43
DTO
LoginDto
package inflearn.freejwt.dto;
import lombok.*;
import javax.validation.constraints.NotNull;
import javax.validation.constraints.Size;
@Getter
@Setter
@Builder
@NoArgsConstructor
@AllArgsConstructor
public class LoginDto {
@NotNull
@Size(min = 3, max = 50) // 유효성 검사
private String username;
@NotNull
@Size(min = 3, max = 100)
private String password;
}
UserDto
package inflearn.freejwt.dto;
import com.fasterxml.jackson.annotation.JsonProperty;
import lombok.*;
import javax.validation.constraints.NotNull;
import javax.validation.constraints.Size;
@Getter
@Setter
@Builder
@AllArgsConstructor
@NoArgsConstructor
public class UserDto {
@NotNull
@Size(min = 3, max = 50)
private String username;
@JsonProperty(access = JsonProperty.Access.WRITE_ONLY)
@NotNull
@Size(min = 3, max = 100)
private String password;
@NotNull
@Size(min = 3, max = 50)
private String nickname;
}
TokenDto
package inflearn.freejwt.dto;
import com.fasterxml.jackson.annotation.JsonProperty;
import lombok.*;
import javax.validation.constraints.NotNull;
import javax.validation.constraints.Size;
@Getter
@Setter
@Builder
@AllArgsConstructor
@NoArgsConstructor
public class UserDto {
@NotNull
@Size(min = 3, max = 50)
private String username;
@JsonProperty(access = JsonProperty.Access.WRITE_ONLY)
@NotNull
@Size(min = 3, max = 100)
private String password;
@NotNull
@Size(min = 3, max = 50)
private String nickname;
}
Repository
UserRepository
package inflearn.freejwt.repository;
import inflearn.freejwt.entity.User;
import org.springframework.data.jpa.repository.EntityGraph;
import org.springframework.data.jpa.repository.JpaRepository;
import java.util.Optional;
public interface UserRepository extends JpaRepository<User, Long> {
// 해당 쿼리 수행 될 때 Eager 조회로 authorities 정보를 같이 가져오게 된다.
@EntityGraph(attributePaths = "authorities")
Optional<User> findOneWithAuthoritiesByUsername(String username);
//username을 기준으로 User 정보를 가져올 때 권한 정보도 같이 가져오게 된다.
}
Service
CustomUserDetailsService
package inflearn.freejwt.service;
import inflearn.freejwt.entity.User;
import inflearn.freejwt.repository.UserRepository;
import lombok.RequiredArgsConstructor;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Component;
import java.util.List;
import java.util.stream.Collectors;
@Component("userDetailsService")
@RequiredArgsConstructor
public class CustomUserDetailsService implements UserDetailsService {
private final UserRepository userRepository;
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
// UserRepository를 사용하여 사용자 정보를 데이터베이스에서 검색
return userRepository.findOneWithAuthoritiesByUsername(username)
.map(user -> createUser(username, user))
.orElseThrow(() -> new UsernameNotFoundException(username + " -> 데이터베이스에서 찾을 수 없습니다."));
}
// 사용자 정보를 기반으로 UserDetails 객체를 생성하는 메서드
private org.springframework.security.core.userdetails.User createUser(String username, User user) {
if (!user.isActivated()) { // 사용자가 활성화되지 않은 경우 예외 던짐
throw new RuntimeException(username + " -> 활성화되어 있지 않습니다.");
}
// 사용자의 권한 정보를 가져와서 SimpleGrantedAuthority 객체로 변환
List<GrantedAuthority> grantedAuthorities = user.getAuthorities()
.stream()
.map(authority -> new SimpleGrantedAuthority(authority.getAuthorityName()))
.collect(Collectors.toList());
// UserDetails 인터페이스를 구현한 객체를 생성하여 반환
return new org.springframework.security.core.userdetails.User(user.getUsername(),
user.getPassword(), grantedAuthorities);
}
}728x90
반응형