728x90
보안
MemberDTO
package com.itwillbs.domain;
import java.sql.Timestamp;
import java.util.List;
public class MemberDTO {
private String userid;
private String userpw;
private String username;
private Timestamp regdate;
private Timestamp updatedate;
private String enable;
private List<AuthDTO> authList;
@Override
public String toString() {
return "MemberDTO [userid=" + userid + ", userpw=" + userpw + ", username=" + username + ", regdate=" + regdate
+ ", updatedate=" + updatedate + ", enable=" + enable + ", authList=" + authList + "]";
}
public String getUserid() {
return userid;
}
public void setUserid(String userid) {
this.userid = userid;
}
public String getUserpw() {
return userpw;
}
public void setUserpw(String userpw) {
this.userpw = userpw;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public Timestamp getRegdate() {
return regdate;
}
public void setRegdate(Timestamp regdate) {
this.regdate = regdate;
}
public Timestamp getUpdatedate() {
return updatedate;
}
public void setUpdatedate(Timestamp updatedate) {
this.updatedate = updatedate;
}
public String getEnable() {
return enable;
}
public void setEnable(String enable) {
this.enable = enable;
}
public List<AuthDTO> getAuthList() {
return authList;
}
public void setAuthList(List<AuthDTO> authList) {
this.authList = authList;
}
}
memberMapper
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper
PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
"https://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="com.itwillbs.mappers.memberMapper">
<insert id="insertMember">
insert into tbl_member(userid,userpw,username,regdate,updatedate,enabled)
values(#{userid},#{userpw},#{username},#{regdate},#{updatedate},#{enabled})
</insert>
<insert id="insertMemberAuth">
insert into tbl_member_auth(userid, auth)
values(#{userid}, #{auth})
</insert>
<!-- <select id="getMember" resultType="map"> -->
<!-- select mem.userid, userpw, username, enabled, regdate, updatedate, auth -->
<!-- from tbl_member mem -->
<!-- left join tbl_member_auth auth -->
<!-- on mem.userid = auth.userid -->
<!-- where mem.userid = #{userid} -->
<!-- </select> -->
<!-- https://mybatis.org/mybatis-3/sqlmap-xml.html -->
<resultMap type="com.itwillbs.domain.MemberDTO" id="memberMap">
<id property="userid" column="userid"/> <!-- PK -->
<result property="userid" column="userid"/>
<result property="userpw" column="userpw"/>
<result property="username" column="username"/>
<result property="regdate" column="regdate"/>
<result property="updatedate" column="updatedate"/>
<collection property="authList" resultMap="authMap">
</collection>
</resultMap>
<resultMap type="com.itwillbs.domain.AuthDTO" id="authMap">
<result property="userid" column="userid"/>
<result property="auth" column="auth"/>
</resultMap>
<select id="getMember" resultMap="memberMap">
SELECT mem.userid, userpw, username, enabled, regdate, updatedate, auth
FROM tbl_member mem LEFT JOIN tbl_member_auth auth on mem.userid = auth.userid
WHERE mem.userid = #{userid}
</select>
</mapper>
관련된 마이바티스 https://mybatis.org/mybatis-3/sqlmap-xml
https://velog.io/@ung6860/JSPMybatis-ResultMap-%EC%82%AC%EC%9A%A9%ED%95%B4%EB%B3%B4%EA%B8%B0 참고
SampleDAO
package com.itwillbs.dao;
import javax.inject.Inject;
import org.apache.ibatis.session.SqlSession;
import org.springframework.stereotype.Repository;
import com.itwillbs.domain.AuthDTO;
import com.itwillbs.domain.MemberDTO;
@Repository
public class SampleDAO {
@Inject
private SqlSession sqlSession;
private static final String namespace = "com.itwillbs.mappers.memberMapper";
public void insertMember(MemberDTO memberDTO) {
System.out.println("SampleDAO insertMember()");
System.out.println(memberDTO);
sqlSession.insert(namespace+".insertMember", memberDTO);
}
public void insertMemberAuth(AuthDTO authDTO) {
System.out.println("SampleDAO inserMemberAuth()");
System.out.println(authDTO);
sqlSession.insert(namespace+".insertMemberAuth",authDTO);
}
public MemberDTO getMember(String userid) {
System.out.println("SampleDAO getMember()");
System.out.println(userid);
return sqlSession.selectOne(namespace+".getMember", userid);
}
}
SampleService
package com.itwillbs.service;
import java.sql.Timestamp;
import java.util.Map;
import javax.inject.Inject;
import org.springframework.stereotype.Service;
import com.itwillbs.dao.SampleDAO;
import com.itwillbs.domain.AuthDTO;
import com.itwillbs.domain.MemberDTO;
@Service
public class SampleService {
@Inject
private SampleDAO sampleDAO;
public void insertMember(MemberDTO memberDTO) {
System.out.println("SampleService insertMember()");
//regdate, updatedate, enable
memberDTO.setRegdate(new Timestamp(System.currentTimeMillis()));
memberDTO.setUpdatedate(new Timestamp(System.currentTimeMillis()));
// memberDTO.setEnable("1");
sampleDAO.insertMember(memberDTO);
AuthDTO authDTO = new AuthDTO();
if(memberDTO.getUserid().equals("admin")) {
authDTO.setUserid(memberDTO.getUserid());
authDTO.setAuth("ROLE_ADMIN");
}else {
authDTO.setUserid(memberDTO.getUserid());
authDTO.setAuth("ROLE_MEMBER");
}
sampleDAO.insertMemberAuth(authDTO);
}
public MemberDTO getMember(String userid) {
System.out.println("SampleService getMember()");
System.out.println(userid);
sampleDAO = new SampleDAO();
return sampleDAO.getMember(userid);
}
}
CustomDetailsService
package com.itwillbs.security;
import java.util.Map;
import javax.inject.Inject;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
import com.itwillbs.domain.CustomUser;
import com.itwillbs.domain.MemberDTO;
import com.itwillbs.service.SampleService;
@Service
public class CustomUserDetailsService implements UserDetailsService{
@Inject
private SampleService sampleService;
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
System.out.println("CustomUserDetailsService loadUserByUsername()");
System.out.println(username);
// MemberDTO memberDTO = new MemberDTO();
// memberDTO.setUserid(username);
//
// Map<String, Object> map = sampleService.getMember(memberDTO);
//
// return map == null ? null : new CustomUser(map);
sampleService = new SampleService();
System.out.println(sampleService);
MemberDTO memberDTO = sampleService.getMember(username);
return memberDTO == null ? null : new CustomUser(memberDTO);
}
}
CustomUser
package com.itwillbs.domain;
import java.util.Collection;
import java.util.Map;
import java.util.stream.Collector;
import java.util.stream.Collectors;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.User;
public class CustomUser extends User {
// private Map<String, Object> member;
//
// public CustomUser(String username, String password, Collection<? extends GrantedAuthority> authorities) {
// super(username, password, authorities);
// System.out.println("CustomUser CustomUser() 생성자");
// }
// public CustomUser(Map<String, Object> map) {
// super(map.get("userid"), map.get("password"), map.get("auth").collect(Collectors.toList()));
// System.out.println("CustomUser CustomUser() 생성자2");
//
// this.member= map;
// }
private MemberDTO memberDTO;
public MemberDTO getMemberDTO() {
return memberDTO;
}
public void setMemberDTO(MemberDTO memberDTO) {
this.memberDTO = memberDTO;
}
public CustomUser(String username, String password, Collection<? extends GrantedAuthority> authorities) {
super(username, password, authorities);
}
public CustomUser(MemberDTO vo) {
super(vo.getUserid(), vo.getUserpw(), vo.getAuthList().stream().map(auth -> new SimpleGrantedAuthority(auth.getAuth())).collect(Collectors.toList()));
this.memberDTO = vo;
}
}
728x90
'KDT > WEB' 카테고리의 다른 글
| WEB - 롬복2 (0) | 2024.04.04 |
|---|---|
| WEB - 테스트 1, 롬복 1 (0) | 2024.04.03 |
| 240326 WEB - 보안 5 (0) | 2024.03.26 |
| 240325 WEB - 보안 4 (0) | 2024.03.25 |
| 240322 WEB - 보안 3 (0) | 2024.03.22 |