Merge pull request #6 from Tave100Shot/3-feat-Project-초기세팅

feat project 초기세팅 pr

build.gradle

@@ -23,7 +23,7 @@ repositories {
 
 dependencies {
 	implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
-//	implementation 'org.springframework.boot:spring-boot-starter-security'
+	implementation 'org.springframework.boot:spring-boot-starter-security'
 	implementation 'org.springframework.boot:spring-boot-starter-validation'
 	implementation 'org.springframework.boot:spring-boot-starter-web'
 	compileOnly 'org.projectlombok:lombok'

src/main/java/com/api/TaveShot/domain/Member/Member.java

@@ -0,0 +1,22 @@
+package com.api.TaveShot.domain.Member;
+
+import com.api.TaveShot.domain.base.BaseEntity;
+import jakarta.persistence.Entity;
+import jakarta.persistence.GeneratedValue;
+import jakarta.persistence.GenerationType;
+import jakarta.persistence.Id;
+import lombok.AccessLevel;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.NoArgsConstructor;
+
+@Entity
+@NoArgsConstructor(access = AccessLevel.PROTECTED)
+@Builder
+@AllArgsConstructor
+public class Member extends BaseEntity {
+
+    @Id @GeneratedValue(strategy = GenerationType.IDENTITY)
+    private Long id;
+
+}

src/main/java/com/api/TaveShot/domain/Member/MemberRepository.java

@@ -0,0 +1,6 @@
+package com.api.TaveShot.domain.Member;
+
+import org.springframework.data.jpa.repository.JpaRepository;
+
+public interface MemberRepository extends JpaRepository<Member, Long> {
+}

src/main/java/com/api/TaveShot/domain/base/BaseEntity.java

@@ -0,0 +1,23 @@
+package com.api.TaveShot.domain.base;
+
+import jakarta.persistence.Column;
+import jakarta.persistence.EntityListeners;
+import jakarta.persistence.MappedSuperclass;
+import lombok.Getter;
+import org.springframework.data.annotation.CreatedBy;
+import org.springframework.data.annotation.LastModifiedBy;
+import org.springframework.data.jpa.domain.support.AuditingEntityListener;
+
+@Getter
+@MappedSuperclass
+@EntityListeners(AuditingEntityListener.class)
+public class BaseEntity extends BaseTimeEntity{
+    @CreatedBy
+    @Column(updatable = false)
+    private String createdBy;
+
+    @LastModifiedBy
+    private String lastModifiedBy;
+
+    private boolean status;
+}

src/main/java/com/api/TaveShot/domain/base/BaseEntityConfig.java

@@ -0,0 +1,19 @@
+package com.api.TaveShot.domain.base;
+
+import java.util.Optional;
+import java.util.UUID;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.data.domain.AuditorAware;
+import org.springframework.data.jpa.repository.config.EnableJpaAuditing;
+
+@EnableJpaAuditing
+@Configuration
+public class BaseEntityConfig {
+
+    @Bean
+    public AuditorAware<String> auditorProvider() {
+        // TODO 지금은 UUID이지만, Security 설정 후 spring Securitycontextholder 에서 값 꺼내기
+        return () -> Optional.of(UUID.randomUUID().toString());
+    }
+}

src/main/java/com/api/TaveShot/domain/base/BaseTimeEntity.java

@@ -0,0 +1,24 @@
+package com.api.TaveShot.domain.base;
+
+import jakarta.persistence.Column;
+import jakarta.persistence.EntityListeners;
+import jakarta.persistence.MappedSuperclass;
+import java.time.LocalDateTime;
+import lombok.Getter;
+import org.springframework.data.annotation.CreatedDate;
+import org.springframework.data.annotation.LastModifiedDate;
+import org.springframework.data.jpa.domain.support.AuditingEntityListener;
+
+@Getter
+@MappedSuperclass
+@EntityListeners(AuditingEntityListener.class)
+public class BaseTimeEntity {
+
+    @CreatedDate
+    @Column(updatable = false)
+    private LocalDateTime createdDate;
+
+    @LastModifiedDate
+    private LocalDateTime lastModifiedDate;
+
+}

src/main/java/com/api/TaveShot/global/config/SecurityConfig.java

@@ -0,0 +1,50 @@
+package com.api.TaveShot.global.config;
+
+import java.util.List;
+import lombok.RequiredArgsConstructor;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configurers.CsrfConfigurer;
+import org.springframework.security.config.annotation.web.configurers.HttpBasicConfigurer;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.web.cors.CorsConfiguration;
+
+@Configuration
+@EnableWebSecurity
+@RequiredArgsConstructor
+public class SecurityConfig {
+
+    @Bean
+    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+        http
+                .httpBasic(HttpBasicConfigurer::disable)
+                .csrf(CsrfConfigurer::disable)
+                .cors(corsCustomizer -> corsCustomizer.configurationSource(request -> {
+                    CorsConfiguration cors = new CorsConfiguration();
+                    cors.setAllowedOrigins(List.of("*", "http://localhost:3000", "http://localhost:8080"));
+                    cors.setAllowedMethods(List.of("GET", "POST", "PATCH", "DELETE"));
+                    // cookie 비활성화
+                    cors.setAllowCredentials(false);
+                    // Authorization Header 노출
+                    cors.addExposedHeader("Authorization");
+                    return cors;
+                }))
+                .sessionManagement(configurer -> configurer.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
+                .authorizeHttpRequests(authorize ->
+                        authorize
+                                .requestMatchers(
+                                        "/actuator/**"
+                                        , "/swagger-ui/**"
+                                        , "/api-docs/swagger-config"
+                                        , "/members/login"
+                                        , "/**"
+                                ).permitAll()
+                                .anyRequest().permitAll());
+
+        return http.build();
+    }
+
+}