Fix: [session-redis] refactoring

- fix version(2.0.0.RELEASE)
- fix dependency

Author: heowc

SpringBootSecurityAddRedis/README.md

@@ -0,0 +1,11 @@
+## install redis
+
+```bash
+$ docker pull redis
+```
+
+## run redis
+
+```bash
+$ docker run --name some-redis -d -p 6379:6379 redis
+```

SpringBootSecurityAddRedis/build.gradle

@@ -1,6 +1,6 @@
 buildscript {
 	ext {
-		springBootVersion = '1.5.2.RELEASE'
+		springBootVersion = '2.0.0.RELEASE'
 	}
 	repositories {
 		mavenCentral()
@@ -11,15 +11,13 @@ buildscript {
 }
 
 apply plugin: 'java'
-apply plugin: 'idea'
+apply plugin: 'eclipse'
 apply plugin: 'org.springframework.boot'
+apply plugin: 'io.spring.dependency-management'
 
-jar {
-	baseName = 'basic'
-	version = '0.0.1-SNAPSHOT'
-}
+group = 'com.example'
+version = '0.0.1-SNAPSHOT'
 sourceCompatibility = 1.8
-targetCompatibility = 1.8
 
 repositories {
 	mavenCentral()
@@ -28,10 +26,9 @@ repositories {
 dependencies {
 	compile('org.springframework.boot:spring-boot-starter-data-jpa')
 	compile('org.springframework.boot:spring-boot-starter-data-redis')
-	compile('org.springframework.session:spring-session:1.3.0.RELEASE')
+	compile('org.springframework.session:spring-session-data-redis')
 	compile('org.springframework.boot:spring-boot-starter-security')
 	compile('org.springframework.boot:spring-boot-starter-web')
 	runtime('com.h2database:h2')
-	compileOnly('org.projectlombok:lombok')
 	testCompile('org.springframework.boot:spring-boot-starter-test')
 }

SpringBootSecurityAddRedis/src/main/java/com/tistory/heowc/SpringBootSecurityAddRedisApplication.java

@@ -12,9 +12,9 @@ public class SpringBootSecurityAddRedisApplication {
 	public static void main(String[] args) {
 		SpringApplication.run(SpringBootSecurityAddRedisApplication.class, args);
 	}
-	
+
 	@Bean
-	public PasswordEncoder passwordEncoder(){
+	public PasswordEncoder passwordEncoder() {
 		return new BCryptPasswordEncoder();
 	}
 }

SpringBootSecurityAddRedis/src/main/java/com/tistory/heowc/component/InitRunner.java

@@ -2,28 +2,30 @@
 
 import com.tistory.heowc.domain.Member;
 import com.tistory.heowc.repository.MemberRepository;
-import lombok.RequiredArgsConstructor;
-import org.springframework.boot.CommandLineRunner;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.ApplicationArguments;
+import org.springframework.boot.ApplicationRunner;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Component;
 import org.springframework.transaction.annotation.Transactional;
 
 @Component
-@RequiredArgsConstructor
-public class InitRunner implements CommandLineRunner {
+public class InitRunner implements ApplicationRunner {
+
+	@Autowired
+	private MemberRepository repository;
+
+	@Autowired
+	private PasswordEncoder passwordEncoder;
 
-	private final MemberRepository repository;
-	private final PasswordEncoder passwordEncoder;
-	
-	@Transactional
 	@Override
-	public void run(String... args) throws Exception {
+	public void run(ApplicationArguments args) {
 		repository.save(new Member("wonchul", passwordEncoder.encode("1234")));
 		repository.save(new Member("naeun", passwordEncoder.encode("1234")));
 		repository.save(new Member("tistory", passwordEncoder.encode("1234")));
 		repository.save(new Member("security", passwordEncoder.encode("1234")));
-		
-		for( Member member : repository.findAll()) {
+
+		for (Member member : repository.findAll()) {
 			System.out.println(member.toString());
 		}
 	}

SpringBootSecurityAddRedis/src/main/java/com/tistory/heowc/component/SecurityHandler.java

@@ -2,54 +2,18 @@
 
 import com.tistory.heowc.domain.Member;
 import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.authority.AuthorityUtils;
 import org.springframework.security.core.userdetails.User;
 
-import java.util.ArrayList;
 import java.util.Collection;
-import java.util.List;
 
 public class UserDetailsImpl extends User {
 
-	private Member member;
-	
-	private static final boolean isEnabled				= true;
-	private static final boolean isAccountNonExpired	= true;
-	private static final boolean isAccountNonLocked		= true;
-	private static final boolean isCredentialsNonExpired= true;
-	
-	public UserDetailsImpl(Member member){
-		super(member.getId(), member.getPassoword(), authorities());
-		this.member = member;
-	}
-	
-	private static Collection<? extends GrantedAuthority> authorities() {
-		List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
-		authorities.add(new SimpleGrantedAuthority("USER"));
-		return authorities;
-	}
-	
-	public Member getMember() {
-		return member;
-	}
-	
-	@Override
-	public boolean isEnabled() {
-		return isEnabled;
+	public UserDetailsImpl(Member member) {
+		super(member.getId(), member.getPassword(), authorities());
 	}
 
-	@Override
-	public boolean isAccountNonExpired() {
-		return isAccountNonExpired;
-	}
-
-	@Override
-	public boolean isAccountNonLocked() {
-		return isAccountNonLocked;
-	}
-
-	@Override
-	public boolean isCredentialsNonExpired() {
-		return isCredentialsNonExpired;
+	private static Collection<? extends GrantedAuthority> authorities() {
+		return AuthorityUtils.createAuthorityList("USER");
 	}
 }

SpringBootSecurityAddRedis/src/main/java/com/tistory/heowc/component/UserDetailsImpl.java

@@ -1,60 +1,45 @@
 package com.tistory.heowc.config;
 
-import com.tistory.heowc.component.SecurityHandler;
-import lombok.RequiredArgsConstructor;
+import com.tistory.heowc.service.UserDetailsServiceImpl;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.builders.WebSecurity;
-import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.crypto.password.PasswordEncoder;
 
 @Configuration
-@EnableWebSecurity
-@RequiredArgsConstructor
 public class SecurityConfig extends WebSecurityConfigurerAdapter {
 
-	private final UserDetailsService userDetailsService;
-	private final PasswordEncoder passwordEncoder;
-	private final SecurityHandler securityHandler;
-	
+	@Autowired
+	private UserDetailsServiceImpl userDetailsService;
+
+	@Autowired
+	private PasswordEncoder passwordEncoder;
+
 	@Override
-	public void configure(WebSecurity web) throws Exception {
+	public void configure(WebSecurity web) {
 		web.ignoring().antMatchers("/resources/**");
 	}
-	
-//	@Bean
-//	public HttpSessionStrategy httpSessionStrategy() {
-//		return new HeaderHttpSessionStrategy();
-//	}
-	
+
+	@Override
+	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+		auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder);
+	}
+
 	@Override
 	protected void configure(HttpSecurity http) throws Exception {
 		http
-			.authorizeRequests()
+				.authorizeRequests()
 				.anyRequest().authenticated()
-			.and()
-			.formLogin()
+				.and()
+				.formLogin()
 				.usernameParameter("id")
 				.passwordParameter("pw")
-//				.defaultSuccessUrl("/user", true)
-//				.failureForwardUrl("/")
-				.successHandler(securityHandler)
-				.failureHandler(securityHandler)
+				.defaultSuccessUrl("/user", true)
 				.permitAll()
-			.and()
-			.httpBasic()
-			.and()
+				.and()
 				.csrf().disable();
 	}
-
-	@Autowired
-	public void configureGlobal(AuthenticationManagerBuilder auth)
-			throws Exception {
-		auth.userDetailsService(userDetailsService).passwordEncoder(
-				passwordEncoder);
-	}
 }

SpringBootSecurityAddRedis/src/main/java/com/tistory/heowc/config/SecurityConfig.java

@@ -1,24 +1,45 @@
 package com.tistory.heowc.domain;
 
-import java.io.Serializable;
 
 import javax.persistence.Entity;
 import javax.persistence.Id;
 
-import lombok.AllArgsConstructor;
-import lombok.Data;
-
-
-@Data
 @Entity
-@SuppressWarnings("serial")
-@AllArgsConstructor
-public class Member implements Serializable {
+public class Member {
 
 	@Id
-	String id;
+	private String id;
 
-	String passoword;
+	private String password;
 
-	protected Member(){}
+	protected Member() { }
+
+	public Member(String id, String password) {
+		this.id = id;
+		this.password = password;
+	}
+
+	public String getId() {
+		return id;
+	}
+
+	public void setId(String id) {
+		this.id = id;
+	}
+
+	public String getPassword() {
+		return password;
+	}
+
+	public void setPassword(String password) {
+		this.password = password;
+	}
+
+	@Override
+	public String toString() {
+		return "Member{" +
+				"id='" + id + '\'' +
+				", password='" + password + '\'' +
+				'}';
+	}
 }

SpringBootSecurityAddRedis/src/main/java/com/tistory/heowc/domain/Member.java

@@ -1,12 +1,8 @@
 package com.tistory.heowc.repository;
 
-import org.springframework.data.jpa.repository.JpaRepository;
-import org.springframework.stereotype.Repository;
-
 import com.tistory.heowc.domain.Member;
+import org.springframework.data.jpa.repository.JpaRepository;
 
-@Repository
 public interface MemberRepository extends JpaRepository<Member, String> {
 
-	Member findById(String id);
 }

SpringBootSecurityAddRedis/src/main/java/com/tistory/heowc/repository/MemberRepository.java

@@ -3,26 +3,23 @@
 import com.tistory.heowc.component.UserDetailsImpl;
 import com.tistory.heowc.domain.Member;
 import com.tistory.heowc.repository.MemberRepository;
-import lombok.RequiredArgsConstructor;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.stereotype.Service;
 
 @Service
-@RequiredArgsConstructor
 public class UserDetailsServiceImpl implements UserDetailsService {
 
-	private final MemberRepository repository;
-	
+	@Autowired
+	private MemberRepository repository;
+
 	@Override
 	public UserDetails loadUserByUsername(String id) {
-		Member member = repository.findById(id);
-		System.out.println(member);
-		if(member == null){
-			throw new UsernameNotFoundException(id);
-		}
-		
+		Member member = repository.findById(id)
+								.orElseThrow(() -> new UsernameNotFoundException(id));
+
 		return new UserDetailsImpl(member);
 	}
 }