- 시스템관리 > 관리자목록조회, 관리자등록, 관리자수정, 관리자삭제, 관리자상세조회

2025-12-07 06:08:56 +09:00 · 2022-05-29 10:12:37 +09:00
parent ad80b88089
commit 5077696e46
275 changed files with 17338 additions and 23433 deletions
--- a/src/main/java/kr/co/uplus/ez/config/SecurityConfig.java
+++ b/src/main/java/kr/co/uplus/ez/config/SecurityConfig.java
@@ -18,35 +18,48 @@ import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 import org.springframework.web.cors.CorsUtils;

-import kr.co.uplus.ez.common.auth.LoginFailureHandler;
-import kr.co.uplus.ez.common.auth.LoginSuccessHandler;
-import kr.co.uplus.ez.common.auth.jwt.JwtAuthCookieFilter;
-import kr.co.uplus.ez.common.auth.jwt.JwtAuthHeaderFilter;
-import kr.co.uplus.ez.common.auth.jwt.JwtExceptionFilter;
-import kr.co.uplus.ez.common.auth.jwt.JwtProperties;
-import kr.co.uplus.ez.common.consts.ConfigProps;
+import kr.co.uplus.ez.api.login.LoginFailureHandler;
+import kr.co.uplus.ez.api.login.LoginSuccessHandler;
+import kr.co.uplus.ez.common.data.ConfigProps;
+import kr.co.uplus.ez.common.jwt.JwtAuthCookieFilter;
+import kr.co.uplus.ez.common.jwt.JwtAuthHeaderFilter;
+//import kr.co.uplus.ez.common.jwt.JwtExceptionFilter;
+import kr.co.uplus.ez.common.jwt.JwtProperties;
 import kr.co.uplus.ez.common.security.VueStaticFilter;
 import kr.co.uplus.ez.common.security.XssFilter;

@Configuration
@EnableWebSecurity
 public class SecurityConfig extends WebSecurityConfigurerAdapter {
-	private static final String LOGIN_FORM_URL = "/login";
-	//public static final String LOGIN_API_URL = "/api/auth/login";
+
+	private static final String LOGIN_FORM_URL = "/login/**";
 	public static final String LOGIN_API_URL = "/api/v1/bo/login/*";
 	public static final String LOGIN_FAIL_URL = "/login?error=true";
 	public static final String LOGIN_SUCC_URL = "/";
-	public static final String NO_RCS_AUTH_LOGIN_SUCC_URL = "/view/mgt/brand";
 	private static final String API_URL = "/api/**";
-	//public static final String PUBLIC_API_URL = "/api/public/**"; // 내부에서 인증없이 호출하는 API
 	public static final String PUBLIC_API_URL = "/api/v1/bo/**"; // 내부에서 인증없이 호출하는 API
-	private static final String OPEN_API_URL = "/openapi/**"; // 외부에서 호출하는 API
-	public static final String[] REST_API_URLS = {API_URL, OPEN_API_URL};
+	public static final String[] REST_API_URLS = {API_URL};
+
+	private static final String[] PERMIT_URL_ARRAY = {
+            "/login",
+			"/api/v1/bo/login/*",
+            "/v2/api-docs",
+            "/swagger-resources",
+            "/swagger-resources/**",
+            "/configuration/ui",
+            "/configuration/security",
+            "/swagger-ui.html",
+            "/webjars/**",
+            "/v3/api-docs/**",
+            "/swagger-ui/**",
+            "/"
+    };
+

 	public static final String LOGIN_ID_PARAM = "userId";
 	@SuppressWarnings("unused")
 	private static final String LOGIN_PWD_PARAM = "userPwd";
-	
+
 	public static final String AUTH_USER = "authUser";

    @Autowired
@@ -59,7 +72,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
 	@Override
 	public void configure(WebSecurity web) throws Exception {
 		web.ignoring()
-			.antMatchers("/static/**");
+			.antMatchers("/static/**", "/assets/**");
 	}

 	@Bean
@@ -72,8 +85,6 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
 	    http
 		    .addFilterBefore(new VueStaticFilter(), UsernamePasswordAuthenticationFilter.class) // Vue에서 호출시 화면관련 URL은 / forward
 	    	.addFilterBefore(new XssFilter(cprops), UsernamePasswordAuthenticationFilter.class)
-	    	//.addFilterBefore(new LogFilter(cprops), UsernamePasswordAuthenticationFilter.class)
-	    	.addFilterBefore(new JwtExceptionFilter(), UsernamePasswordAuthenticationFilter.class)
 			.addFilterBefore(jwtAuthFilter(), UsernamePasswordAuthenticationFilter.class)
 			.addFilterBefore(new JwtAuthHeaderFilter(jwtProps), UsernamePasswordAuthenticationFilter.class);

@@ -88,14 +99,14 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
 			.headers().frameOptions().disable()
 			.and()
 			.exceptionHandling()
-				.authenticationEntryPoint(new MixedAuthenticationEntryPoint(LOGIN_FORM_URL, REST_API_URLS))
+				.authenticationEntryPoint(new MixedAuthenticationEntryPoint(LOGIN_FORM_URL, PUBLIC_API_URL))
 				.and()
 			.authorizeRequests()
 				.requestMatchers(CorsUtils::isPreFlightRequest).permitAll() // CORS preflight 요청은 인증처리를 하지 않도록 설정
-				.antMatchers("/", PUBLIC_API_URL, OPEN_API_URL, LOGIN_FORM_URL, LOGIN_API_URL, "/swagger-ui.html", "/swagger-ui/**", "/api-docs", "/api-docs/**").permitAll()
-				//.antMatchers("/", PUBLIC_API_URL, OPEN_API_URL, LOGIN_FORM_URL, LOGIN_API_URL).permitAll()
+				.antMatchers(PERMIT_URL_ARRAY).permitAll()
 				.antMatchers(API_URL).authenticated()
 				.anyRequest().authenticated();
+
 	}

    @Override
@@ -105,14 +116,6 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {

 	@Bean
 	public PasswordEncoder passwordEncoder() {
-		/*String encodingId = "bcrypt";
-		Map<String, PasswordEncoder> encoders = new HashMap<>();
-		encoders.put(encodingId, new BCryptPasswordEncoder());
-		Pbkdf2PasswordEncoder Pbkdf2 = new Pbkdf2PasswordEncoder();
-		Pbkdf2.setAlgorithm(Pbkdf2PasswordEncoder.SecretKeyFactoryAlgorithm.PBKDF2WithHmacSHA512);
-		encoders.put("pbkdf2", Pbkdf2);
-		return new DelegatingPasswordEncoder(encodingId, encoders);
-		*/
 		return PasswordEncoderFactories.createDelegatingPasswordEncoder();
 	}