Bp 12 implement user login

build.gradle

@@ -40,6 +40,7 @@ repositories {
 dependencies {
     implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
     implementation 'org.springframework.boot:spring-boot-starter-web'
+    implementation 'org.springframework.boot:spring-boot-starter-security:2.3.3.RELEASE'
     compileOnly 'org.projectlombok:lombok'
     developmentOnly 'org.springframework.boot:spring-boot-devtools'
     annotationProcessor 'org.projectlombok:lombok'
@@ -55,6 +56,8 @@ dependencies {
     testImplementation 'org.springframework.restdocs:spring-restdocs-mockmvc'
     testImplementation 'com.epages:restdocs-api-spec:0.19.2'
     testImplementation 'com.epages:restdocs-api-spec-mockmvc:0.19.2'
+    testImplementation 'org.springframework.security:spring-security-test:6.3.1'
+
     swaggerUI 'org.webjars:swagger-ui:5.0.0'
 }
 

src/main/java/gdsc/konkuk/platformcore/application/auth/CustomAuthenticationFailureHandler.java

@@ -0,0 +1,34 @@
+package gdsc.konkuk.platformcore.application.auth;
+
+import java.io.IOException;
+
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
+import org.springframework.stereotype.Component;
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+
+import gdsc.konkuk.platformcore.global.exceptions.ErrorCode;
+import gdsc.konkuk.platformcore.global.responses.ErrorResponse;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import lombok.RequiredArgsConstructor;
+
+@Component
+@RequiredArgsConstructor
+public class CustomAuthenticationFailureHandler extends SimpleUrlAuthenticationFailureHandler {
+
+	private final ObjectMapper objectMapper;
+
+	@Override
+	public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws
+		IOException, ServletException {
+
+		ErrorResponse errorResponse = ErrorResponse.of(ErrorCode.INVALID_USER_INFO);
+		response.setContentType("application/json");
+		response.setCharacterEncoding("UTF-8");
+		response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
+		objectMapper.writeValue(response.getWriter(), errorResponse);
+	}
+}

src/main/java/gdsc/konkuk/platformcore/application/auth/CustomAuthenticationSuccessHandler.java

@@ -0,0 +1,38 @@
+package gdsc.konkuk.platformcore.application.auth;
+
+import java.io.IOException;
+
+import org.springframework.security.core.Authentication;
+import org.springframework.security.web.DefaultRedirectStrategy;
+import org.springframework.security.web.RedirectStrategy;
+import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;
+import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
+import org.springframework.security.web.savedrequest.RequestCache;
+import org.springframework.security.web.savedrequest.SavedRequest;
+import org.springframework.stereotype.Component;
+
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+
+@Component
+public class CustomAuthenticationSuccessHandler extends SimpleUrlAuthenticationSuccessHandler {
+
+	private RequestCache requestCache = new HttpSessionRequestCache();
+
+	private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();
+
+	@Override
+	public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
+
+		setDefaultTargetUrl("/");
+		SavedRequest savedRequest = requestCache.getRequest(request, response);
+
+		if(savedRequest != null){
+			String targetUrl = savedRequest.getRedirectUrl();
+			redirectStrategy.sendRedirect(request, response, targetUrl);
+		}else {
+			redirectStrategy.sendRedirect(request, response, getDefaultTargetUrl());
+		}
+	}
+}

src/main/java/gdsc/konkuk/platformcore/application/auth/CustomUserDetails.java

@@ -0,0 +1,41 @@
+package gdsc.konkuk.platformcore.application.auth;
+
+import java.util.ArrayList;
+import java.util.Collection;
+
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+
+import gdsc.konkuk.platformcore.domain.member.entity.Member;
+
+public class CustomUserDetails implements UserDetails {
+
+	private final Member member;
+
+	public CustomUserDetails(Member member) {
+		this.member = member;
+	}
+
+	@Override
+	public Collection<? extends GrantedAuthority> getAuthorities() {
+		Collection<GrantedAuthority> authorities = new ArrayList<>();
+		authorities.add(new SimpleGrantedAuthority(member.getRole().toString()));
+		return authorities;
+	}
+
+	@Override
+	public String getPassword() {
+		return member.getPassword();
+	}
+
+	@Override
+	public String getUsername() {
+		return member.getMemberId();
+	}
+
+	@Override
+	public boolean isAccountNonExpired() {
+		return member.isActivated();
+	}
+}

src/main/java/gdsc/konkuk/platformcore/application/auth/CustomUserDetailsService.java

@@ -0,0 +1,28 @@
+package gdsc.konkuk.platformcore.application.auth;
+
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.stereotype.Service;
+
+import gdsc.konkuk.platformcore.application.auth.exceptions.InvalidUserInfoException;
+import gdsc.konkuk.platformcore.domain.member.entity.Member;
+import gdsc.konkuk.platformcore.domain.member.repository.MemberRepository;
+import gdsc.konkuk.platformcore.global.exceptions.ErrorCode;
+import lombok.RequiredArgsConstructor;
+
+@Service
+@RequiredArgsConstructor
+public class CustomUserDetailsService implements UserDetailsService {
+
+	private final MemberRepository memberRepository;
+
+	@Override
+	public UserDetails loadUserByUsername(String memberId) throws UsernameNotFoundException {
+
+		Member member = memberRepository.findByMemberId(memberId)
+			.orElseThrow(()-> InvalidUserInfoException.of(ErrorCode.USER_NOT_FOUND));
+
+		return new CustomUserDetails(member);
+	}
+}

src/main/java/gdsc/konkuk/platformcore/application/auth/exceptions/InvalidUserInfoException.java

@@ -0,0 +1,17 @@
+package gdsc.konkuk.platformcore.application.auth.exceptions;
+
+import gdsc.konkuk.platformcore.global.exceptions.BusinessException;
+import gdsc.konkuk.platformcore.global.exceptions.ErrorCode;
+
+public class InvalidUserInfoException extends BusinessException {
+
+	private InvalidUserInfoException(String message, String logMessage) {
+		super(message, logMessage);
+	}
+
+	public static InvalidUserInfoException of(ErrorCode errorCode) {
+		return new InvalidUserInfoException(errorCode.getMessage(), errorCode.getLogMessage());
+	}
+
+}
+

src/main/java/gdsc/konkuk/platformcore/domain/member/entity/Member.java

@@ -0,0 +1,70 @@
+package gdsc.konkuk.platformcore.domain.member.entity;
+
+import java.time.LocalDateTime;
+
+import jakarta.persistence.Column;
+import jakarta.persistence.Entity;
+import jakarta.persistence.EnumType;
+import jakarta.persistence.Enumerated;
+import jakarta.persistence.GeneratedValue;
+import jakarta.persistence.Id;
+import lombok.AccessLevel;
+import lombok.Builder;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+
+@Entity
+@Getter
+@NoArgsConstructor(access = AccessLevel.PROTECTED)
+public class Member {
+
+	@Id @GeneratedValue
+	private Long id;
+
+	@Column(name = "member_id",unique = true)
+	private String memberId;
+
+	@Column(name = "password")
+	private String password;
+
+	@Column(name = "member_name")
+	private String name;
+
+	@Column(name = "member_email")
+	private String email;
+
+	@Column(name = "profile_image_url")
+	private String profileImageUrl;
+
+	@Column(name = "is_activated")
+	private boolean isActivated;
+
+	@Column(name = "is_deleted")
+	private boolean isDeleted;
+
+	@Column(name = "soft_deleted_at")
+	private LocalDateTime softDeletedAt;
+
+	@Enumerated(EnumType.STRING)
+	@Column(name = "member_role")
+	private MemberRole role;
+
+	@Column(name = "batch")
+	private int batch;
+
+	@Builder
+	public Member(Long id, String memberId, String password, String name, String email, String profileImageUrl,
+		boolean isActivated, boolean isDeleted, LocalDateTime deletedAt, MemberRole role, int batch) {
+		this.id = id;
+		this.memberId = memberId;
+		this.password = password;
+		this.name = name;
+		this.email = email;
+		this.profileImageUrl = profileImageUrl;
+		this.isActivated = isActivated;
+		this.isDeleted = isDeleted;
+		this.softDeletedAt = deletedAt;
+		this.role = role;
+		this.batch = batch;
+	}
+}

src/main/java/gdsc/konkuk/platformcore/domain/member/entity/MemberRole.java

@@ -0,0 +1,18 @@
+package gdsc.konkuk.platformcore.domain.member.entity;
+
+public enum MemberRole {
+	LEAD("ROLE_LEAD"),
+	ADMIN("ROLE_ADMIN"),
+	MEMBER("ROLE_MEMBER");
+
+	private final String authority;
+
+	MemberRole(String authority) {
+		this.authority = authority;
+	}
+
+	@Override
+	public String toString() {
+		return this.authority;
+	}
+}

src/main/java/gdsc/konkuk/platformcore/domain/member/repository/MemberRepository.java

@@ -0,0 +1,13 @@
+package gdsc.konkuk.platformcore.domain.member.repository;
+
+import java.util.Optional;
+
+import org.springframework.data.jpa.repository.JpaRepository;
+
+import gdsc.konkuk.platformcore.domain.member.entity.Member;
+
+public interface MemberRepository extends JpaRepository<Member, Long> {
+	Optional<Member> findByMemberId(String memberId);
+
+	Member save(Member member);
+}

src/main/java/gdsc/konkuk/platformcore/global/configs/SecurityConfig.java

@@ -0,0 +1,59 @@
+package gdsc.konkuk.platformcore.global.configs;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
+import org.springframework.security.web.context.SecurityContextPersistenceFilter;
+
+import gdsc.konkuk.platformcore.application.auth.CustomAuthenticationFailureHandler;
+import gdsc.konkuk.platformcore.application.auth.CustomAuthenticationSuccessHandler;
+import lombok.RequiredArgsConstructor;
+
+@Configuration
+@EnableWebSecurity
+@RequiredArgsConstructor
+public class SecurityConfig {
+
+	private final CustomAuthenticationSuccessHandler customAuthenticationSuccessHandler;
+	private final CustomAuthenticationFailureHandler customAuthenticationFailureHandler;
+
+	@Bean
+	public SecurityFilterChain securityFilterChain(HttpSecurity httpSecurity) throws Exception {
+		httpSecurity
+			.addFilterBefore(new SecurityContextPersistenceFilter(), BasicAuthenticationFilter.class)
+
+			.authorizeHttpRequests(authorize -> authorize
+				.requestMatchers("/docs/**").permitAll()
+				.requestMatchers("/admin").hasRole("ADMIN")
+				.requestMatchers("/member").hasRole("MEMBER")
+				.anyRequest().authenticated())
+
+			.formLogin(login -> login
+				.defaultSuccessUrl("/")
+				.successHandler(customAuthenticationSuccessHandler)
+				.failureHandler(customAuthenticationFailureHandler)
+				.permitAll()
+			);
+		return httpSecurity.build();
+	}
+
+	@Bean
+	public SecurityFilterChain swaggerFilterchain(HttpSecurity httpSecurity) throws Exception {
+		httpSecurity
+			.securityMatcher("/docs")
+			.authorizeHttpRequests(authorize -> authorize
+				.requestMatchers("/**").authenticated());
+		return httpSecurity.build();
+	}
+
+	@Bean
+	public BCryptPasswordEncoder passwordEncoder() {
+		return new BCryptPasswordEncoder();
+	}
+}

src/main/java/gdsc/konkuk/platformcore/global/controller/GlobalExceptionHandler.java

@@ -5,6 +5,7 @@
 import org.springframework.web.bind.annotation.ExceptionHandler;
 import org.springframework.web.bind.annotation.RestControllerAdvice;
 
+import gdsc.konkuk.platformcore.global.exceptions.BusinessException;
 import gdsc.konkuk.platformcore.global.exceptions.ErrorCode;
 import gdsc.konkuk.platformcore.global.responses.ErrorResponse;
 import lombok.extern.slf4j.Slf4j;
@@ -13,6 +14,14 @@
 @RestControllerAdvice
 public class GlobalExceptionHandler {
 
+
+	@ExceptionHandler(BusinessException.class)
+	protected ResponseEntity<ErrorResponse> handleBusinessException(final BusinessException e) {
+		log.error("BusinessException Caught! [{}]", e.getLogMessage());
+		final ErrorResponse response = ErrorResponse.of(e.getMessage(), e.getLogMessage());
+		return new ResponseEntity<>(response, HttpStatus.BAD_REQUEST);
+	}
+
 	@ExceptionHandler(Exception.class)
 	protected ResponseEntity<ErrorResponse> handleException(Exception e) {
 		log.error("Exception Uncaught! [{}]", e.getCause().toString());