Interceptor 제거

This commit is contained in:
현성필
2024-04-25 11:01:26 +09:00
parent 01e6b34cdd
commit 852e55ac24
2 changed files with 0 additions and 94 deletions
@@ -1,75 +0,0 @@
package com.eactive.testmaster.common.interceptor;
import com.eactive.testmaster.common.exception.UserNotLoginException;
import com.eactive.testmaster.common.util.SecurityUtil;
import com.eactive.testmaster.user.entity.AnonymousUser;
import com.eactive.testmaster.user.entity.User;
import org.springframework.util.AntPathMatcher;
import org.springframework.web.servlet.AsyncHandlerInterceptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.List;
/**
* 인증여부 체크 인터셉터
*
* @author
* @version 1.0
*/
public class AuthenticInterceptor implements AsyncHandlerInterceptor {
/**
* 관리자 접근 권한 패턴 목록
*/
private List<String> adminAuthPatternList;
private static AntPathMatcher pathMatcher = new AntPathMatcher();
public List<String> getAdminAuthPatternList() {
return adminAuthPatternList;
}
public void setAdminAuthPatternList(List<String> adminAuthPatternList) {
this.adminAuthPatternList = adminAuthPatternList;
}
/**
* 인증된 사용자 여부로 인증 여부를 체크한다.
* 관리자 권한에 따라 접근 페이지 권한을 체크한다.
*/
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
//인증된사용자 여부
User currentUser = SecurityUtil.getCurrentUser();
if (currentUser == null || currentUser instanceof AnonymousUser) {
throw new UserNotLoginException();
}
boolean found = findPattern(request.getRequestURI());
if (found) {
if (currentUser.getUserSecurity() != null && "ROLE_ADMIN".equals(currentUser.getUserSecurity())) {
return true;
} else {
throw new UserNotLoginException();
}
}
return true;
}
boolean findPattern(String path) {
for (String pattern : adminAuthPatternList) {
if (pathMatcher.match(pattern, path)) {
return true;
}
}
return false;
}
}
@@ -9,7 +9,6 @@ import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
@@ -49,24 +48,6 @@ public class PortalConfigSecurity {
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http
.authenticationManager(portalAuthenticationManager)
// .authorizeRequests(authorizeRequests -> authorizeRequests.antMatchers("/h2-console/",
// "/css/",
// "/html/",
// "/images/",
// "/img/",
// "/js/",
// "/login",
// "/intro.do",
// "/join.do",
// "/actionLogin.do",
// "/search_id.do",
// "/admin_register_view.do",
// "/admin_register.do",
// "/reset_password.do",
// "/forgot_password.do")
// .permitAll()
// .anyRequest()
// .authenticated())
.formLogin(form -> form
.loginPage("/login")
.usernameParameter("id")