[spring] 비밀번호 암호화

UserService.java

package simple.user;
 
import java.util.List;
 
import org.springframework.security.crypto.password.PasswordEncoder;
 
 
public interface UserService {
    
    public List<UserVo> selectUserList(UserVo userVo);
 
    public UserVo selectUserOne(UserVo userVo);
    
    public int insertUser(UserVo userVo);
    
    public int updateUser(UserVo userVo);
    
    public int deleteUser(String userId);
    
    public PasswordEncoder passwordEncoder();
    
}
 

public PasswordEncoder passwordEncoder(); 추가

---

UserServiceImpl.java

package simple.user;
 
import java.util.List;
 
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;
 
@Service
public class UserServiceImpl implements UserService {
    
    @Autowired
    private UserDao userDao;
    
    private PasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
 
    @Override
    public List<UserVo> selectUserList(UserVo userVo) {
        return userDao.selectUserList(userVo);
    }
 
    @Override
    public UserVo selectUserOne(UserVo userVo) {
        return userDao.selectUserOne(userVo);
    }
 
    @Override
    public int insertUser(UserVo userVo) {
        String rawPassword = userVo.getPasswd();
        String encodePasswd = passwordEncoder.encode(rawPassword);
        userVo.setPasswd(encodePasswd);
        
        return userDao.insertUser(userVo);
    }
 
    @Override
    public int updateUser(UserVo userVo) {
        return userDao.updateUser(userVo);
    }
 
    @Override
    public int deleteUser(String userId) {
        return userDao.deleteUser(userId);
    }
 
    @Override
    public PasswordEncoder passwordEncoder() {
        return this.passwordEncoder;
    }
 
}
 

private PasswordEncoder passwordEncoder = new BCryptPasswordEncoder();

@Override

 

    public PasswordEncoder passwordEncoder() {

        return this.passwordEncoder;

    }

코드 추가

---

AuthProvider.java

package simple.configuration;
 
import java.util.ArrayList;
import java.util.List;
 
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.session.HttpSessionEventPublisher;
import org.springframework.stereotype.Component;
 
import com.barunsw.simple.user.UserService;
import com.barunsw.simple.user.UserVo;
 
@Component
public class AuthProvider implements AuthenticationProvider {
 
    @Autowired
    private UserService userService;
 
    @Override
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        
        String userIdInput = authentication.getName();
        String passwdInput = (String) authentication.getCredentials();
 
        // 패스워드 암호화
        PasswordEncoder passwordEncoder = userService.passwordEncoder();
        //String encoderPasswd = passwordEncoder.encode(passwdInput);
        
        UsernamePasswordAuthenticationToken token;
        
        UserVo userVo = userService.selectUserOne(new UserVo(userIdInput));
        
        if ( userVo != null && passwordEncoder.matches(passwdInput, userVo.getPasswd()) ) {
            List<GrantedAuthority> roles = new ArrayList<GrantedAuthority>();
            roles.add(new SimpleGrantedAuthority("USER"));
            
            token = new UsernamePasswordAuthenticationToken(authentication.getPrincipal(), authentication.getCredentials(), roles);
            token.setDetails(userVo);
            
            System.out.println("Authentication 일치하는 id, passwd 존재");
            System.out.println("token" + token);
            
            return token;
        }
        else {
            System.out.println("Authentication 일치하는 id, passwd 없음");
            return null;
        }
        
    }
 
    @Override
    public boolean supports(Class<?> authentication) {
        return authentication.equals(UsernamePasswordAuthenticationToken.class);
    }
 
 
    
}
 

        // 패스워드 암호화

        PasswordEncoder passwordEncoder = userService.passwordEncoder();

        //String encoderPasswd = passwordEncoder.encode(passwdInput);

        

        UsernamePasswordAuthenticationToken token;

코드 추가하고 if문에 비밀번호검사 조건문 코드 작성