Interceptor 제거
This commit is contained in:
@@ -1,75 +0,0 @@
|
||||
package com.eactive.testmaster.common.interceptor;
|
||||
|
||||
|
||||
import com.eactive.testmaster.common.exception.UserNotLoginException;
|
||||
import com.eactive.testmaster.common.util.SecurityUtil;
|
||||
import com.eactive.testmaster.user.entity.AnonymousUser;
|
||||
import com.eactive.testmaster.user.entity.User;
|
||||
import org.springframework.util.AntPathMatcher;
|
||||
import org.springframework.web.servlet.AsyncHandlerInterceptor;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* 인증여부 체크 인터셉터
|
||||
*
|
||||
* @author
|
||||
* @version 1.0
|
||||
*/
|
||||
|
||||
|
||||
public class AuthenticInterceptor implements AsyncHandlerInterceptor {
|
||||
|
||||
/**
|
||||
* 관리자 접근 권한 패턴 목록
|
||||
*/
|
||||
private List<String> adminAuthPatternList;
|
||||
|
||||
private static AntPathMatcher pathMatcher = new AntPathMatcher();
|
||||
|
||||
public List<String> getAdminAuthPatternList() {
|
||||
return adminAuthPatternList;
|
||||
}
|
||||
|
||||
public void setAdminAuthPatternList(List<String> adminAuthPatternList) {
|
||||
this.adminAuthPatternList = adminAuthPatternList;
|
||||
}
|
||||
|
||||
/**
|
||||
* 인증된 사용자 여부로 인증 여부를 체크한다.
|
||||
* 관리자 권한에 따라 접근 페이지 권한을 체크한다.
|
||||
*/
|
||||
@Override
|
||||
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
|
||||
//인증된사용자 여부
|
||||
User currentUser = SecurityUtil.getCurrentUser();
|
||||
|
||||
if (currentUser == null || currentUser instanceof AnonymousUser) {
|
||||
throw new UserNotLoginException();
|
||||
}
|
||||
|
||||
boolean found = findPattern(request.getRequestURI());
|
||||
|
||||
if (found) {
|
||||
if (currentUser.getUserSecurity() != null && "ROLE_ADMIN".equals(currentUser.getUserSecurity())) {
|
||||
return true;
|
||||
} else {
|
||||
throw new UserNotLoginException();
|
||||
}
|
||||
}
|
||||
return true;
|
||||
|
||||
}
|
||||
|
||||
boolean findPattern(String path) {
|
||||
for (String pattern : adminAuthPatternList) {
|
||||
if (pathMatcher.match(pattern, path)) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
}
|
||||
@@ -9,7 +9,6 @@ import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.config.http.SessionCreationPolicy;
|
||||
import org.springframework.security.web.SecurityFilterChain;
|
||||
import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
|
||||
@@ -49,24 +48,6 @@ public class PortalConfigSecurity {
|
||||
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
||||
http
|
||||
.authenticationManager(portalAuthenticationManager)
|
||||
// .authorizeRequests(authorizeRequests -> authorizeRequests.antMatchers("/h2-console/",
|
||||
// "/css/",
|
||||
// "/html/",
|
||||
// "/images/",
|
||||
// "/img/",
|
||||
// "/js/",
|
||||
// "/login",
|
||||
// "/intro.do",
|
||||
// "/join.do",
|
||||
// "/actionLogin.do",
|
||||
// "/search_id.do",
|
||||
// "/admin_register_view.do",
|
||||
// "/admin_register.do",
|
||||
// "/reset_password.do",
|
||||
// "/forgot_password.do")
|
||||
// .permitAll()
|
||||
// .anyRequest()
|
||||
// .authenticated())
|
||||
.formLogin(form -> form
|
||||
.loginPage("/login")
|
||||
.usernameParameter("id")
|
||||
|
||||
Reference in New Issue
Block a user