Update: password String으로 변경 및 passwordEncoder 적용 완료

Update: Member에 Role 부여

backend/build.gradle

@@ -29,7 +29,10 @@ dependencies {
 
     // Spring Web
     implementation 'org.springframework.boot:spring-boot-starter-web'
+    implementation 'org.springframework.boot:spring-boot-starter-security'
     testImplementation 'org.springframework.boot:spring-boot-starter-test'
+    testImplementation 'org.springframework.security:spring-security-test'
+    runtimeOnly 'com.h2database:h2'
     testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
 
     // Bean Validation

backend/src/main/java/grepp/coffee/backend/config/SecurityConfig.java

@@ -0,0 +1,49 @@
+package grepp.coffee.backend.config;
+
+import jakarta.servlet.http.HttpServletResponse;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.web.SecurityFilterChain;
+
+@Configuration
+@EnableWebSecurity
+public class SecurityConfig {
+
+    @Bean
+    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+        http
+                .csrf(csrf -> csrf.disable()) // CSRF 비활성화
+                .authorizeHttpRequests(auth -> auth
+                        // ADMIN 역할이 있는 사용자만 접근 가능
+                        .requestMatchers("/order/admin/**").hasRole("ADMIN")
+                        // 나머지 요청은 누구나 접근 가능
+                        .anyRequest().permitAll()
+                )
+                .logout(logout -> logout
+                        .logoutUrl("/account/logout")
+                        .logoutSuccessHandler((request, response, authentication) ->
+                                response.setStatus(HttpServletResponse.SC_OK))
+                );
+
+        return http.build();
+    }
+
+    @Bean
+    public PasswordEncoder passwordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
+
+    @Bean
+    public AuthenticationManager authenticationManager(AuthenticationConfiguration authenticationConfiguration) throws Exception {
+        return authenticationConfiguration.getAuthenticationManager();
+    }
+}
+
+
+

backend/src/main/java/grepp/coffee/backend/controller/member/MemberController.java

@@ -45,6 +45,7 @@ public ResponseEntity<Member> login(HttpServletRequest httpServletRequest,
 
         HttpSession session = httpServletRequest.getSession();
         session.setAttribute("loginMember", member);
+        session.setAttribute("userRole", member.getRole());
         session.setMaxInactiveInterval(60 * 10);
         return ResponseEntity.ok().body(member);
 

backend/src/main/java/grepp/coffee/backend/controller/member/request/MemberLoginRequest.java

@@ -14,5 +14,5 @@ public class MemberLoginRequest {
     private String email;
 
     @NotNull
-    private byte[] password;
+    private String password;
 }

backend/src/main/java/grepp/coffee/backend/controller/member/request/MemberRegisterRequest.java

@@ -1,5 +1,6 @@
 package grepp.coffee.backend.controller.member.request;
 
+import grepp.coffee.backend.model.entity.member.constant.ROLE;
 import jakarta.validation.constraints.NotNull;
 import lombok.AllArgsConstructor;
 import lombok.Getter;
@@ -16,7 +17,10 @@ public class MemberRegisterRequest {
     private String email;
 
     @NotNull
-    private byte[] password;
+    private String password;
+
+    @NotNull
+    private ROLE role;
 
     @NotNull
     private String address;

backend/src/main/java/grepp/coffee/backend/controller/member/request/MemberUpdateRequest.java

@@ -11,7 +11,7 @@
 public class MemberUpdateRequest {
 
     @NotNull
-    private byte[] password;
+    private String password;
 
     @NotNull
     private String address;

backend/src/main/java/grepp/coffee/backend/model/entity/member/Member.java

@@ -1,6 +1,7 @@
 package grepp.coffee.backend.model.entity.member;
 
 import grepp.coffee.backend.model.entity.BaseEntity;
+import grepp.coffee.backend.model.entity.member.constant.ROLE;
 import jakarta.persistence.*;
 import lombok.AccessLevel;
 import lombok.Builder;
@@ -22,7 +23,11 @@ public class Member extends BaseEntity {
     private String email;
 
     @Column(name = "PASSWORD", nullable = false)
-    private byte[] password;
+    private String password;
+
+    @Enumerated(EnumType.STRING)
+    @Column(name = "ROLE", length = 50, nullable = false, columnDefinition = "VARCHAR(50) DEFAULT 'MEMBER'")
+    private ROLE role;
 
     @Column(name = "POINT", nullable = true)
     private int point;
@@ -34,10 +39,11 @@ public class Member extends BaseEntity {
     private String postcode;
 
     @Builder
-    public Member(Long memberId, String email, byte[] password, int point, String address, String postcode) {
+    public Member(Long memberId, String email, String password, ROLE role, int point, String address, String postcode) {
         this.memberId = memberId;
         this.email = email;
         this.password = password;
+        this.role = role;
         this.point = point;
         this.address = address;
         this.postcode = postcode;

backend/src/main/java/grepp/coffee/backend/model/entity/member/constant/ROLE.java

@@ -0,0 +1,14 @@
+package grepp.coffee.backend.model.entity.member.constant;
+
+import lombok.Getter;
+import lombok.RequiredArgsConstructor;
+
+@Getter
+@RequiredArgsConstructor
+public enum ROLE {
+    ADMIN("ROLE_ADMIN"),
+    MEMBER("ROLE_MEMBER")
+    ;
+
+    private final String text;
+}

backend/src/main/java/grepp/coffee/backend/model/service/member/MemberService.java

@@ -8,21 +8,53 @@
 import grepp.coffee.backend.controller.member.request.MemberRegisterRequest;
 import grepp.coffee.backend.controller.member.request.MemberUpdateRequest;
 import grepp.coffee.backend.model.entity.member.Member;
+import grepp.coffee.backend.model.entity.member.constant.ROLE;
 import grepp.coffee.backend.model.repository.member.MemberRepository;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.context.support.BeanDefinitionDsl;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
+import java.util.ArrayList;
 import java.util.Arrays;
+import java.util.Collection;
+import java.util.Collections;
 
 @Slf4j
 @Service
 @Transactional(readOnly = true)
 @RequiredArgsConstructor
-public class MemberService {
+public class MemberService implements UserDetailsService {
 
     private final MemberRepository memberRepository;
+    private final PasswordEncoder passwordEncoder;
+
+    // Spring Security의 UserDetailsService 구현
+    @Override
+    public UserDetails loadUserByUsername(String email) throws UsernameNotFoundException {
+        Member member = memberRepository.findByEmail(email);
+
+        if (member == null) {
+            throw new MemberException(ExceptionMessage.MEMBER_NOT_FOUND);
+        }
+
+        return new org.springframework.security.core.userdetails.User(
+                member.getEmail(),
+                passwordEncoder.encode(member.getPassword()),
+                getAuthorities(member.getRole()));
+    }
+
+    private Collection<? extends GrantedAuthority> getAuthorities(ROLE role) {
+        return Collections.singletonList(new SimpleGrantedAuthority("ROLE_" + role.name()));
+    }
+
 
     //회원가입
     @Transactional
@@ -38,7 +70,8 @@ public void registerMember(MemberRegisterRequest request) {
         // 새로운 member 생성 및 저장
         Member member = Member.builder()
                 .email(request.getEmail())
-                .password(request.getPassword())
+                .password(passwordEncoder.encode(request.getPassword()))
+                .role(request.getRole())
                 .address(request.getAddress())
                 .build();
         memberRepository.save(member);
@@ -56,10 +89,10 @@ public Member login(MemberLoginRequest request) {
 
         //회원 정보 조회
         Member member = getMemberByEmail(request.getEmail());
-        String password = (member == null) ? "" : Arrays.toString(member.getPassword());
+        String password = (member == null) ? "" : member.getPassword();
 
         //비밀번호 일치 시 회원 정보 리턴
-        if (member != null && Arrays.toString(request.getPassword()).equals(password))
+        if (member != null && passwordEncoder.matches(request.getPassword(), password))
             return member;
 
         return null;