Q&A
前提
認証機能では、Form認証とGoogle認証二つを実装しており
実際のlogin画面は、http://localhost:8080/loginになり
Controller.javaにもlogin.htmlを呼び出す実装もしています。
下記の記事を元に作成しました。
https://qiita.com/kazuki43zoo/items/53804e18337933a77ad0
今回のソースコード(GitHub):
https://github.com/NishiguchiHiroki/TodoApp
実現したいこと
ログイン画面のデフォルト画面を、下記の実装したい画面(login.html)へカスタマイズしたいです。
認証機能は問題なく動いています。
デフォルト画面:
実装したい画面(login.html):
該当のソースコード
SecurityConfig.java
1package com.example.its.config; 2 3import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; 4import org.springframework.security.config.annotation.web.builders.HttpSecurity; 5import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; 6import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; 7import org.springframework.security.core.userdetails.UserDetailsService; 8import org.springframework.security.crypto.password.NoOpPasswordEncoder; 9import org.springframework.security.crypto.password.PasswordEncoder; 10 11import com.example.its.domain.auth.CustomUserDetailsService; 12 13import lombok.RequiredArgsConstructor; 14 15@EnableWebSecurity 16@RequiredArgsConstructor 17public class SecurityConfig extends WebSecurityConfigurerAdapter{ 18 19 private final UserDetailsService userDetailsService; 20 private final PasswordEncoder passwordEncoder; 21 22 @Override 23 protected void configure(HttpSecurity http) throws Exception { 24 http 25 .authorizeRequests().antMatchers("/h2-console/**").permitAll() 26 .and() 27 .csrf().ignoringAntMatchers("/h2-console/**") 28 .and() 29 .headers().frameOptions().disable(); 30 http 31 .authorizeRequests() 32 .mvcMatchers("/login/**").permitAll() 33 .mvcMatchers("/signup/**").permitAll() 34 .mvcMatchers("/users/**").hasAuthority("ADMIN") 35 .anyRequest().authenticated() 36 .and() 37 .oauth2Login() 38 .and() 39 .formLogin() 40 .usernameParameter("email") 41 .passwordParameter("password"); 42 } 43 44 @Override 45 protected void configure(AuthenticationManagerBuilder auth) throws Exception { 46 auth.userDetailsService(userDetailsService) 47 .passwordEncoder(passwordEncoder); 48 } 49}
IndexController
1package com.example.its.web; 2 3import org.springframework.stereotype.Controller; 4import org.springframework.web.bind.annotation.GetMapping; 5import org.springframework.web.bind.annotation.PostMapping; 6 7@Controller 8public class IndexController { 9 10 @GetMapping 11 public String index() { 12 return "index"; 13 } 14 15 @GetMapping("/login") 16 public String showLoginForm() { 17 return "login"; 18 } 19 20 @GetMapping("/logout") 21 public String showLogoutForm() { 22 return "logout"; 23 } 24}
login.html
1<!DOCTYPE html> 2<html xmlns:th="http://www.thymeleaf.org" 3 th:replace="~{fragments/layout :: layout(~{::title}, ~{::body})}"> 4<head> 5 <title>ログインページ | 課題管理アプリケーション</title> 6</head> 7<body> 8<h1 class="mt-3">課題管理アプリケーション</h1> 9<div style="color:red" th:if="${param.error}"> 10 <p>ユーザ名もしくはパスワードが違います。</p> 11</div> 12<form action="#" th:action="@{/login}" method="post"> 13 <div class="mt-3"> 14 <label for="usernameInput" class="form-label">メールアドレス</label> 15 <input type="text" id="usernameInput" name="email" class="form-control"> 16 </div> 17 <div class="mt-3"> 18 <label for="passwordInput" class="form-label">パスワード</label> 19 <input type="password" id="passwordInput" name="password" class="form-control"> 20 </div> 21 <div class="mt-3"> 22 <button type="submit" class="btn btn-primary">ログイン</button> 23 </div> 24</form> 25 26<button onclick="location.href='http://localhost:8080/login/oauth2/code/google'">Googleでログイン</button> 27</body> 28</html>
CustomUserDetailsService.java
1package com.example.its.domain.auth; 2 3import java.util.Collection; 4import java.util.Collections; 5import java.util.List; 6 7import org.springframework.security.core.GrantedAuthority; 8import org.springframework.security.core.authority.SimpleGrantedAuthority; 9import org.springframework.security.core.userdetails.UserDetails; 10import org.springframework.security.core.userdetails.UserDetailsService; 11import org.springframework.security.core.userdetails.UsernameNotFoundException; 12import org.springframework.stereotype.Service; 13 14import com.example.its.domain.auth.User.Authority; 15 16import lombok.RequiredArgsConstructor; 17 18@Service 19@RequiredArgsConstructor 20public class CustomUserDetailsService implements UserDetailsService{ 21 22 private final UserRepository userRepository; 23 24 @Override 25 public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { 26 27 return userRepository.findByUsername(username) 28 .map( 29 user -> new CustomUserDetails( 30 user.getEmail(), 31 user.getPassword(), 32 toGrantedAuthorityList(user.getAuthority()) 33 ) 34 ) 35 36 .orElseThrow( 37 () -> new UsernameNotFoundException( 38 "Given username is not found. (username" + username + ")" 39 ) 40 ); 41 } 42 43 private List<GrantedAuthority> toGrantedAuthorityList(User.Authority authority) { 44 return Collections.singletonList(new SimpleGrantedAuthority(authority.name())); 45 } 46}
build.gradle
1dependencies { 2 implementation 'org.springframework.boot:spring-boot-starter-jdbc' 3 implementation 'org.springframework.boot:spring-boot-starter-thymeleaf' 4 implementation 'org.springframework.boot:spring-boot-starter-web' 5 developmentOnly 'org.springframework.boot:spring-boot-devtools' 6 testImplementation 'org.springframework.boot:spring-boot-starter-test' 7 compileOnly 'org.projectlombok:lombok' 8 annotationProcessor 'org.projectlombok:lombok' 9 implementation 'org.mybatis.spring.boot:mybatis-spring-boot-starter:2.2.0' 10 runtimeOnly 'com.h2database:h2' 11 implementation 'org.springframework.boot:spring-boot-starter-validation' 12 implementation 'org.springframework.boot:spring-boot-starter-security' 13 implementation 'org.thymeleaf.extras:thymeleaf-extras-springsecurity5' 14 testImplementation 'org.springframework.security:spring-security-test' 15 implementation 'org.mybatis.spring.boot:mybatis-spring-boot-starter:2.0.1' 16 implementation group: 'org.springframework.security', name: 'spring-security-oauth2-client' 17 implementation group: 'org.springframework.security', name: 'spring-security-oauth2-jose' 18 runtimeOnly 'org.postgresql:postgresql' 19}
試したこと
Security Configを.passwordParameter("password")の後に
.loginPage("/login");を追加
→http://localhost:8080/loginのURL先は、Google認証しか出てこない。
http://localhost:8080/でアクセスした時
IndexController.javaのhtmlの向き先をloginページに変更し
http://localhost:8080/にアクセス許可を設定。
→画面は表示されますが、認証機能が機能しません。
以上、すみませんがご教授お願いします。
あなたの回答
tips
プレビュー
