[FEATURE] E4-S1 로그인 API - 성공/실패 핸들러 #28

backend/src/main/java/com/infp/ciat/config/auth/PrincipalDetailsService.java

@@ -21,12 +21,10 @@ public UserDetails loadUserByUsername(String email) throws UsernameNotFoundExcep
     Account accountEntity = accountRepository.findByEmail(email);
 
     if (accountEntity != null) {
-      log.info("로그인 성공: " + email);
       return new PrincipalDetails(accountEntity);
     }
 
-    log.error("로그인 실패: " + email);
-    return null;
+    throw new UsernameNotFoundException("회원이 존재하지 않습니다 -> " + email);
   }
 
 }

backend/src/main/java/com/infp/ciat/config/security/LoginFailHandler.java

@@ -0,0 +1,19 @@
+package com.infp.ciat.config.security;
+
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.http.HttpStatus;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.web.authentication.AuthenticationFailureHandler;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+@Slf4j
+public class LoginFailHandler implements AuthenticationFailureHandler {
+    @Override
+    public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException {
+        log.error("로그인 실패");
+        response.setStatus(HttpStatus.UNAUTHORIZED.value());
+    }
+}

backend/src/main/java/com/infp/ciat/config/security/LoginSuccessHandler.java

@@ -0,0 +1,20 @@
+package com.infp.ciat.config.security;
+
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.http.HttpStatus;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+@Slf4j
+public class LoginSuccessHandler implements AuthenticationSuccessHandler {
+
+    @Override
+    public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
+        log.debug("[로그인 성공] -> " + authentication.getName());
+        response.sendRedirect("/user/success");
+    }
+}

backend/src/main/java/com/infp/ciat/config/security/WebSecurityConfig.java

@@ -3,7 +3,6 @@
 //import com.infp.ciat.user.service.OAuth2DetailesService;
 //import com.infp.ciat.user.service.OAuth2DetailesService;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@@ -16,8 +15,6 @@
 import org.springframework.web.cors.CorsConfigurationSource;
 import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
 
-import java.util.List;
-
 /***
  * 스프링시큐리티 설정
  */
@@ -26,9 +23,6 @@
 @Configuration
 @EnableWebSecurity
 public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
-    @Value("${cors.iplist}")
-    private String[] cors;
-
 //    @Autowired
 //    private OAuth2DetailesService oAuth2DetailesService;
 
@@ -51,12 +45,13 @@ protected void configure(HttpSecurity http) throws Exception {
         http.csrf().disable();
         http
             .authorizeRequests()
-//          .antMatchers("/user/**").authenticated() // Q
-            .anyRequest().permitAll()
+            .antMatchers("/user/signup").authenticated()
             .and()
         .formLogin()
             .usernameParameter("email")
             .passwordParameter("password")
+            .failureHandler(new LoginFailHandler())
+            .successHandler(new LoginSuccessHandler())
             .and()
         .cors()
             .configurationSource(corsConfigurationSource())

backend/src/main/java/com/infp/ciat/user/controller/AccountController.java

@@ -1,20 +1,22 @@
 package com.infp.ciat.user.controller;
 
+import com.infp.ciat.config.auth.PrincipalDetails;
 import com.infp.ciat.user.controller.dto.request.SignupRequestDTO;
+import com.infp.ciat.user.controller.dto.response.LoginSuccessResponse;
 import com.infp.ciat.user.controller.dto.response.SignUpResponse;
 import com.infp.ciat.user.service.AccountService;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.security.core.annotation.AuthenticationPrincipal;
+import org.springframework.web.bind.annotation.*;
 
 import javax.validation.Valid;
 
 @RestController
 @RequiredArgsConstructor
+@RequestMapping("/user")
 @Slf4j
 public class AccountController {
     private final AccountService accountService;
@@ -27,4 +29,15 @@ public ResponseEntity<SignUpResponse> signUp(@Valid @RequestBody SignupRequestDT
         Long created_id = accountService.signUp(requestDTO);
         return new ResponseEntity<>(new SignUpResponse(created_id), HttpStatus.CREATED);
     }
+
+    /***
+     * 회원가입 성공후 response
+     * @param user
+     * @return
+     */
+    @GetMapping("/success")
+    public ResponseEntity<LoginSuccessResponse> login_success(@AuthenticationPrincipal PrincipalDetails user) {
+        log.debug(("AAAa"));
+        return new ResponseEntity<>(new LoginSuccessResponse(user.getUsername()), HttpStatus.OK);
+    }
 }

backend/src/main/java/com/infp/ciat/user/controller/dto/response/LoginSuccessResponse.java

@@ -0,0 +1,9 @@
+package com.infp.ciat.user.controller.dto.response;
+
+public class LoginSuccessResponse {
+    public String email;
+
+    public LoginSuccessResponse(String email) {
+        this.email = email;
+    }
+}