FilesExpand file tree

 main

/

spring-basic-jwt.java

Copy path

BlameMore file actions

BlameMore file actions

Latest commit

 

History

History

History

69 lines (52 loc) · 2.28 KB

 main

/

spring-basic-jwt.java

Top

File metadata and controls

• Code
• Blame

69 lines (52 loc) · 2.28 KB

Raw

Copy raw file

Download raw file

Open symbols panel

Edit and raw actions

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

/*

스프링 JWT

*/

@Configuration

@EnableWebSecurity

@RequireArgsConstructor

public class SecurityConfig exntends WebSecurityConfigurerAdapter {

private final CorsFilter corsFilter;

@Override

protected void configure(HttpSecurity http) throws Exception {

http.csrf().disable();

http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS); // 세션을 사용하지 않음

.and()

.addFilter(corsFilter) // @CrossOrigin(인증X), 시큐리티 필터에 등록 인증(O)

.formLogin().disable()

.httpBasic().disable() //

.authorizeRequests()

.antMatchers("/api/v1/user/**")

.access("hasRole('ROLE_USER') or hasRole('ROLE_ADMIN') or hasRole('ROLE_MANAGER')")

.antMatchers("/api/v1/manager/**")

.access("hasRole('ROLE_ADMIN') or hasRole('ROLE_MANAGER')")

.antMatchers("/api/v1/admin/**")

.access("hasRole('ROLE_ADMIN')")

.anyRequest().permitAll();

}

}

@Configuration

public class CorsConfig {

@Bean

public CorsFilter corsFilter() {

UrlBasedCorsConfigurationSource source new UrlBasedCorsConfigurationSource();

CorsConfiguration config = new CorsConfiguration();

config.setAllowCredentials(true); // 내 서버가 응답을 할 때 json을 자바스크립트에서 처리할 수 있게 할지를 설정함

config.addAllowedOrigin("*"); // 모든 IP에 응답을 허용함

config.addAllowedHeader("*"); // 모든 header에 응답을 허용함

config.addAllowedMethod("*"); // 모든 메서드에 요청을 허용함

source.registerCorsConfiguration("/api/**", config);

return new CorsFilter(source);

}

}

// JWT 인증방식

String jwtToken = request.getHeader("Authorization").replace("Bearer ", "");

// jwtToken에서 username 클레임의 값을 뽑아서 변수 설정

String username = JWT.require(Algorithm.HMAC512("key")).build().verify(jwtToken).getClaim("username").asString();

if(username != null) {

// username 확인

User userEntity = userRepository.findByUsername(username);

PrincipalDetails principalDetails = new PrincipalDetails(userEntity);

Authentication authentication = new UserNamePasswordAuthenticationToken(principalDetails, null,principalDetails.getAuthorities());

// 강제로 시큐리티 세션에 접근하여 Authentication 객체를 저장.

SecurityContextHolder.getContext().setAuthentication(authentication);

}