Implement #18 - custom login, logout page

스프링 시큐리티 기본 로그인, 로그아웃 페이지를 수동 페이지로 전환 로그인, 로그아웃 기능 post url 은 시큐리티 기본 기능을 활용
bmcho · Aug 26, 2022 · 3da367e · 3da367e
1 parent 51ea29c
commit 3da367e
Show file tree

Hide file tree

Showing 6 changed files with 68 additions and 6 deletions.
diff --git a/src/main/java/com/bm/getin/config/SecurityCustomConfig.java b/src/main/java/com/bm/getin/config/SecurityCustomConfig.java
@@ -14,6 +14,7 @@ public class SecurityCustomConfig {
     public PasswordEncoder passwordEncoder() {
         return PasswordEncoderFactories.createDelegatingPasswordEncoder();
     }
+
     @Autowired
     public void configureGlobal(
             AuthenticationManagerBuilder auth,
@@ -22,20 +23,24 @@ public void configureGlobal(
     ) throws Exception {
         auth.userDetailsService(adminService).passwordEncoder(passwordEncoder);
     }
+
     @Bean
     public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
         http.authorizeRequests()
                 .antMatchers("/", "/event/**", "/places/**")
                 .permitAll()
-                .anyRequest()
-                .authenticated()
+                    .anyRequest()
+                    .authenticated()
                 .and()
                 .formLogin()
-                .permitAll()
+                    .permitAll()
+                    .loginPage("/login")
+                    .defaultSuccessUrl("/admin/places")
                 .and()
                 .logout()
-                .permitAll()
-                .logoutSuccessUrl("/")
+                    .permitAll()
+                    .logoutUrl("/logout")
+                    .logoutSuccessUrl("/")
         ;
 
         return http.build();

diff --git a/src/main/java/com/bm/getin/controller/AuthController.java b/src/main/java/com/bm/getin/controller/AuthController.java
@@ -1,7 +1,9 @@
 package com.bm.getin.controller;
 
 import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestHeader;
 
 @Controller
 public class AuthController {
@@ -11,6 +13,13 @@ public String login() {
         return "auth/login";
     }
 
+    @GetMapping("/logout")
+    public String logout(@RequestHeader("referer") String referer, Model model) {
+        model.addAttribute("backUrl", referer);
+
+        return "auth/logout";
+    }
+
     @GetMapping("/sign-up")
     public String signUp() {
         return "auth/sign-up";

diff --git a/src/main/resources/templates/auth/login.html b/src/main/resources/templates/auth/login.html
@@ -5,6 +5,24 @@
     <title>Title</title>
 </head>
 <body>
-login page
+<p>
+    <span id="loginTitle">This is login page.</span>
+</p>
+<form id="loginForm">
+    <table>
+        <tbody>
+        <tr>
+            <td><label for="username">EMAIL</label></td>
+            <td><input type="text" id="username" name="username" required></td>
+        </tr>
+        <tr>
+            <td><label for="password">패스워드</label></td>
+            <td><input type="password" id="password" name="password" required></td>
+        </tr>
+        </tbody>
+    </table>
+    <input type="hidden" id="csrf">
+</form>
+<button id="login" type="submit">로그인</button>
 </body>
 </html>
diff --git a/src/main/resources/templates/auth/login.th.xml b/src/main/resources/templates/auth/login.th.xml
@@ -0,0 +1,6 @@
+<?xml version="1.0"?>
+<thlogic>
+  <attr sel="#loginTitle" th:text="'로그인 페이지'" />
+  <attr sel="#csrf" th:value="${_csrf.token}" th:name="${_csrf.parameterName}" />
+  <attr sel="#login" th:form="loginForm" th:formaction="@{/login}" th:formmethod="post" />
+</thlogic>
diff --git a/src/main/resources/templates/auth/logout.html b/src/main/resources/templates/auth/logout.html
@@ -0,0 +1,17 @@
+<!DOCTYPE html>
+<html lang="ko">
+<head>
+  <meta charset="UTF-8">
+  <title>Title</title>
+</head>
+<body>
+<p>
+  <span id="logoutTitle">This is logout page.</span>
+</p>
+<form id="logoutForm">
+  <input type="hidden" id="csrf">
+</form>
+<button id="logout" type="submit">로그아웃</button>
+<button id="cancel" type="button">취소</button>
+</body>
+</html>
diff --git a/src/main/resources/templates/auth/logout.th.xml b/src/main/resources/templates/auth/logout.th.xml
@@ -0,0 +1,7 @@
+<?xml version="1.0"?>
+<thlogic>
+  <attr sel="#logoutTitle" th:text="'로그아웃 페이지'" />
+  <attr sel="#csrf" th:value="${_csrf.token}" th:name="${_csrf.parameterName}" />
+  <attr sel="#logout" th:form="logoutForm" th:formaction="@{/logout}" th:formmethod="post" />
+  <attr sel="#cancel" th:onclick="'location.href=\'' + @{${backUrl}} + '\''" />
+</thlogic>