From 4aeddf2fa1b654cd4fbb56b5a4b40f00474707bd Mon Sep 17 00:00:00 2001
From: Suh <enjoylife727@gmail.com>
Date: Thu, 25 Jan 2024 17:35:33 +0900
Subject: [PATCH] =?UTF-8?q?=EC=95=94=ED=98=B8=ED=99=94=20=EB=B0=8F=20?=
 =?UTF-8?q?=EC=9D=B4=EB=AF=B8=EC=A7=80=20=EC=97=85=EB=A1=9C=EB=93=9C=20?=
 =?UTF-8?q?=EA=B4=80=EB=A0=A8=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 build.gradle                                  |  5 +--
 gradle/wrapper/gradle-wrapper.properties      |  2 +-
 .../no1/wms/account/AccountController.java    | 14 +++++--
 src/main/java/com/no1/wms/base/WebConfig.java | 10 ++++-
 .../com/no1/wms/category/CategoryDto.java     |  1 +
 .../com/no1/wms/login/LoginController.java    | 11 ++++--
 .../com/no1/wms/mypage/MypageController.java  |  5 ++-
 .../ResetPasswordController.java              | 13 ++++++-
 .../wms/resetpassword/ResetPasswordDto.java   |  2 +-
 src/main/java/com/no1/wms/utils/SHA256.java   | 37 +++++++++++++++++++
 src/main/resources/mappers/AccountMapper.xml  |  4 +-
 .../resources/mappers/ResetPasswordMapper.xml |  2 +-
 .../webapp/WEB-INF/views/authority/list.jsp   | 22 +++++------
 .../webapp/WEB-INF/views/base/navigation.jsp  |  4 +-
 .../webapp/WEB-INF/views/mypage/mypage.jsp    |  2 +-
 15 files changed, 101 insertions(+), 33 deletions(-)
 create mode 100644 src/main/java/com/no1/wms/utils/SHA256.java

diff --git a/build.gradle b/build.gradle
index b6ee991..2b6433f 100644
--- a/build.gradle
+++ b/build.gradle
@@ -2,20 +2,19 @@ plugins {
 	id 'java'
 	id 'org.springframework.boot' version '2.5.0'
 	id 'io.spring.dependency-management' version '1.1.4'
+	id 'war'
 }
-
 group = 'com.no1'
 version = '0.0.1-SNAPSHOT'
+
 configurations {
 	compileOnly {
 		extendsFrom annotationProcessor
 	}
 }
-
 repositories {
 	mavenCentral()
 }
-
 dependencies {
 	implementation 'org.springframework.boot:spring-boot-starter-jdbc'
 	implementation 'org.springframework.boot:spring-boot-starter-web'
diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties
index 1af9e09..fe1a99c 100644
--- a/gradle/wrapper/gradle-wrapper.properties
+++ b/gradle/wrapper/gradle-wrapper.properties
@@ -1,6 +1,6 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-8.5-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-7.5-bin.zip
 networkTimeout=10000
 validateDistributionUrl=true
 zipStoreBase=GRADLE_USER_HOME
diff --git a/src/main/java/com/no1/wms/account/AccountController.java b/src/main/java/com/no1/wms/account/AccountController.java
index 5cf6ea9..b7507d3 100644
--- a/src/main/java/com/no1/wms/account/AccountController.java
+++ b/src/main/java/com/no1/wms/account/AccountController.java
@@ -4,11 +4,13 @@ import com.google.gson.Gson;
 import com.no1.wms.authority.AuthorityDto;
 import com.no1.wms.authority.AuthorityService;
 import com.no1.wms.utils.ConstantValues;
+import com.no1.wms.utils.SHA256;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.servlet.ModelAndView;
 
+import java.security.NoSuchAlgorithmException;
 import java.util.List;
 import java.util.Map;
 import java.util.UUID;
@@ -25,6 +27,8 @@ public class AccountController {
 
     @GetMapping("/list")
     public ModelAndView list(ModelAndView mav,@RequestParam(defaultValue = "0") int searchn, @RequestParam(defaultValue = "") String search, @RequestParam(defaultValue = "1") int page){
+
+
         int perPage = 10;
         int startRow = (page - 1) * perPage;
         int count = accountService.count(searchn, search, startRow, perPage);
@@ -64,7 +68,7 @@ public class AccountController {
 
     @PostMapping("/create_process")
     @ResponseBody
-    public String createProcess(AccountDto dto, Gson gson){
+    public String createProcess(AccountDto dto, Gson gson) throws NoSuchAlgorithmException {
         String uuid = UUID.randomUUID().toString();
         AuthorityDto authorityDto = new AuthorityDto();
         authorityDto.setId(dto.getGroupAuthorityId());
@@ -75,6 +79,8 @@ public class AccountController {
 
         accountService.insertToAuthority(authorityDto);
         dto.setPersonalAuthorityId(uuid);
+
+        dto.setPassword(SHA256.encrypt(dto.getEmployeeNumber()));
         accountService.insert(dto);
 
         return gson.toJson("s");
@@ -105,8 +111,6 @@ public class AccountController {
 
         AccountDto accountDto = gson.fromJson(data.get("account").toString(), AccountDto.class);
 
-        System.out.println(accountDto);
-        System.out.println(personalAuthorityDto);
         accountService.update(accountDto);
         authorityService.update(personalAuthorityDto);
 
@@ -115,7 +119,9 @@ public class AccountController {
 
     @PostMapping("/reset_password")
     @ResponseBody
-    public String resetPassword(AccountDto dto, Gson gson){
+    public String resetPassword(AccountDto dto, Gson gson) throws NoSuchAlgorithmException {
+        dto = accountService.selectById(dto);
+        dto.setPassword(SHA256.encrypt(dto.getEmployeeNumber()));
         accountService.resetPassword(dto);
 
         return gson.toJson("s");
diff --git a/src/main/java/com/no1/wms/base/WebConfig.java b/src/main/java/com/no1/wms/base/WebConfig.java
index 7348249..6884423 100644
--- a/src/main/java/com/no1/wms/base/WebConfig.java
+++ b/src/main/java/com/no1/wms/base/WebConfig.java
@@ -5,6 +5,7 @@ import org.mybatis.spring.annotation.MapperScan;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.EnableAspectJAutoProxy;
+import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 import org.springframework.web.servlet.view.tiles3.TilesConfigurer;
 import org.springframework.web.servlet.view.tiles3.TilesView;
@@ -13,13 +14,18 @@ import org.springframework.web.servlet.view.tiles3.TilesViewResolver;
 @Configuration
 @EnableAspectJAutoProxy
 public class WebConfig implements WebMvcConfigurer {
+    @Override
+    public void addResourceHandlers(ResourceHandlerRegistry registry) {
+        registry.addResourceHandler("/images/**")
+                .addResourceLocations("file:///static/img/mypage/profile/");
+    }
 
     @Bean
     public TilesConfigurer tilesConfigurer(){
         final TilesConfigurer configurer = new TilesConfigurer();
 
         configurer.setDefinitions(new String[]{
-                "/WEB-INF/tiles/tiles.xml"
+                "WEB-INF/tiles/tiles.xml"
         });
 
         configurer.setCheckRefresh(true);
@@ -33,4 +39,6 @@ public class WebConfig implements WebMvcConfigurer {
         tilesViewResolver.setOrder(1);
         return tilesViewResolver;
     }
+
+
 }
diff --git a/src/main/java/com/no1/wms/category/CategoryDto.java b/src/main/java/com/no1/wms/category/CategoryDto.java
index 47511b0..e0051d3 100644
--- a/src/main/java/com/no1/wms/category/CategoryDto.java
+++ b/src/main/java/com/no1/wms/category/CategoryDto.java
@@ -9,6 +9,7 @@ import lombok.NoArgsConstructor;
 
 @Data
 @AllArgsConstructor
+@Builder
 @Alias("CategoryDto")
 public class CategoryDto {
 		
diff --git a/src/main/java/com/no1/wms/login/LoginController.java b/src/main/java/com/no1/wms/login/LoginController.java
index 9f90c93..539d70e 100644
--- a/src/main/java/com/no1/wms/login/LoginController.java
+++ b/src/main/java/com/no1/wms/login/LoginController.java
@@ -6,6 +6,7 @@ import com.no1.wms.account.AccountService;
 import com.no1.wms.authority.AuthorityDto;
 import com.no1.wms.authority.AuthorityService;
 import com.no1.wms.base.AuthData;
+import com.no1.wms.utils.SHA256;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpRequest;
 import org.springframework.stereotype.Controller;
@@ -17,6 +18,7 @@ import org.springframework.web.servlet.ModelAndView;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpSession;
+import java.security.NoSuchAlgorithmException;
 import java.util.HashMap;
 
 @Controller
@@ -29,7 +31,7 @@ public class LoginController {
     AuthorityService authorityService;
 
     @GetMapping("/login")
-    public String loginPage(){
+    public String loginPage() throws NoSuchAlgorithmException {
         return "login";
     }
 
@@ -63,10 +65,13 @@ public class LoginController {
 
     @PostMapping("/login/check_password")
     @ResponseBody
-    public String login(AccountDto data, AuthorityDto authDto, Gson gson,  HttpServletRequest request){
-        HttpSession session = request.getSession();
+    public String login(AccountDto data, AuthorityDto authDto, Gson gson,  HttpServletRequest request) throws NoSuchAlgorithmException {
 
+        HttpSession session = request.getSession();
+        data.setPassword(SHA256.encrypt(data.getPassword()));
+        System.out.println(data);
         AccountDto dto = accountService.selectByLogin(data);
+
         if(dto.getPassword().equals(data.getPassword())){
             authDto.setId(dto.getPersonalAuthorityId());
             authDto = authorityService.selectById(authDto);
diff --git a/src/main/java/com/no1/wms/mypage/MypageController.java b/src/main/java/com/no1/wms/mypage/MypageController.java
index 3e87011..1137586 100644
--- a/src/main/java/com/no1/wms/mypage/MypageController.java
+++ b/src/main/java/com/no1/wms/mypage/MypageController.java
@@ -2,10 +2,12 @@ package com.no1.wms.mypage;
 
 import java.io.File;
 import java.io.IOException;
+import java.security.NoSuchAlgorithmException;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpSession;
 
+import com.no1.wms.utils.SHA256;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.core.io.ClassPathResource;
 import org.springframework.stereotype.Controller;
@@ -82,7 +84,8 @@ public class MypageController {
 
 	@ResponseBody
 	@PutMapping("/mypage/updateUserInfo")
-	public boolean updateUserInfo(AccountDto dto) {
+	public boolean updateUserInfo(AccountDto dto) throws NoSuchAlgorithmException {
+		dto.setPassword(SHA256.encrypt(dto.getPassword()));
 		int i = accountService.updateIncludePassword(dto);
 		System.out.println(i);
 		if (i == 1) {
diff --git a/src/main/java/com/no1/wms/resetpassword/ResetPasswordController.java b/src/main/java/com/no1/wms/resetpassword/ResetPasswordController.java
index ecc05ef..143527c 100644
--- a/src/main/java/com/no1/wms/resetpassword/ResetPasswordController.java
+++ b/src/main/java/com/no1/wms/resetpassword/ResetPasswordController.java
@@ -1,11 +1,15 @@
 package com.no1.wms.resetpassword;
 
 import com.google.gson.Gson;
+import com.no1.wms.account.AccountDto;
+import com.no1.wms.account.AccountService;
+import com.no1.wms.utils.SHA256;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.*;
 
+import java.security.NoSuchAlgorithmException;
 import java.util.List;
 import java.util.Map;
 import java.util.Objects;
@@ -18,6 +22,9 @@ public class ResetPasswordController {
     @Autowired
     ResetPasswordService resetPasswordService;
 
+    @Autowired
+    AccountService accountService;
+
     @GetMapping("/list")
     public String list(@RequestParam(name = "searchn", defaultValue = "0") int searchn,
                        @RequestParam(name = "search", defaultValue = "") String search,
@@ -74,7 +81,11 @@ public class ResetPasswordController {
 
     @PutMapping("/update")
     @ResponseBody
-    public boolean update(ResetPasswordDto dto) {
+    public boolean update(ResetPasswordDto dto) throws NoSuchAlgorithmException {
+        AccountDto accountDto = new AccountDto();
+        accountDto.setId(dto.getAccountId());
+        accountDto = accountService.selectById(accountDto);
+        dto.setPassword(SHA256.encrypt(accountDto.getEmployeeNumber()));
         int i = resetPasswordService.passwordUpdate(dto);
         if (i != 0) {
             resetPasswordService.delete(dto);
diff --git a/src/main/java/com/no1/wms/resetpassword/ResetPasswordDto.java b/src/main/java/com/no1/wms/resetpassword/ResetPasswordDto.java
index 9084d19..1af5a98 100644
--- a/src/main/java/com/no1/wms/resetpassword/ResetPasswordDto.java
+++ b/src/main/java/com/no1/wms/resetpassword/ResetPasswordDto.java
@@ -21,7 +21,7 @@ public class ResetPasswordDto {
     String note;
     @DateTimeFormat(pattern = "yyyy-MM-dd")
     Date date;
-
+    String password;
     AccountDto accountDto;
     String employeeNumber;
 }
diff --git a/src/main/java/com/no1/wms/utils/SHA256.java b/src/main/java/com/no1/wms/utils/SHA256.java
new file mode 100644
index 0000000..86057d3
--- /dev/null
+++ b/src/main/java/com/no1/wms/utils/SHA256.java
@@ -0,0 +1,37 @@
+package com.no1.wms.utils;
+
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+
+public class SHA256 {
+
+    // 입력 문자열을 SHA-256으로 암호화하여 해시 값을 반환하는 메서드
+
+    public static String encrypt(String pwd) {
+        String salt="1234";
+
+        String result = "";
+        try {
+            //1. SHA256 알고리즘 객체 생성
+            MessageDigest md = MessageDigest.getInstance("SHA-256");
+
+            //2. 비밀번호와 salt 합친 문자열에 SHA 256 적용
+            md.update((pwd+salt).getBytes());
+            byte[] pwdsalt = md.digest();
+
+            //3. byte To String (10진수의 문자열로 변경)
+            StringBuffer sb = new StringBuffer();
+            for (byte b : pwdsalt) {
+                sb.append(String.format("%02x", b));
+            }
+
+            result=sb.toString();
+
+        } catch (NoSuchAlgorithmException e) {
+            e.printStackTrace();
+        }
+        return result;
+    }
+
+}
\ No newline at end of file
diff --git a/src/main/resources/mappers/AccountMapper.xml b/src/main/resources/mappers/AccountMapper.xml
index eacb04b..945e475 100644
--- a/src/main/resources/mappers/AccountMapper.xml
+++ b/src/main/resources/mappers/AccountMapper.xml
@@ -81,7 +81,7 @@
         )
         VALUES
         (
-           UUID(), #{employeeNumber}, #{employeeNumber},
+           UUID(), #{employeeNumber}, #{password},
            #{email}, #{groupAuthorityId},
            #{personalAuthorityId},#{name},#{gender},
            #{birth},#{telephone}, #{address},
@@ -118,7 +118,7 @@
     </select>
     <update id="resetPassword" parameterType="accountDto">
         update account SET
-                           password = ( SELECT employee_number from account where id = #{id} )
+                           password = #{password}
         WHERE id = #{id}
     </update>
 
diff --git a/src/main/resources/mappers/ResetPasswordMapper.xml b/src/main/resources/mappers/ResetPasswordMapper.xml
index e23bd76..fca3555 100644
--- a/src/main/resources/mappers/ResetPasswordMapper.xml
+++ b/src/main/resources/mappers/ResetPasswordMapper.xml
@@ -69,7 +69,7 @@
     <update id="passwordUpdate" parameterType="resetPasswordDto">
         update account a
         left join reset_password rs on a.id = rs.account_id
-        set a.password = a.employee_number
+        set a.password = #{password}
         where rs.id = #{id}
     </update>
 
diff --git a/src/main/webapp/WEB-INF/views/authority/list.jsp b/src/main/webapp/WEB-INF/views/authority/list.jsp
index 88631fe..835fc29 100644
--- a/src/main/webapp/WEB-INF/views/authority/list.jsp
+++ b/src/main/webapp/WEB-INF/views/authority/list.jsp
@@ -27,35 +27,32 @@
         $(".authority_tr").on("click", function(event){
             readAuthority($(event.currentTarget).data("tid"), $(event.currentTarget).data("tgroup"));
         });
-
-
     });
 
     function onSearch(isPersonalSearch){
         let jsonData = {};
-        if(isPersonalSearch){
+        if(isPersonalSearch)
+        {
             jsonData.searchOption = $("select[name='search_select'] option:selected").val();
             jsonData.searchValue = $("#search_personal_input").val();
-
         }else{
             jsonData.searchValue = $("#search_group_input").val();
         }
-
-        console.log(JSON.stringify(jsonData));
     }
-
     function readAuthority(id, group){
         $("#formInput").val(id);
         $("#isGroupInput").val(group);
         $("#form").attr("action", "/authority/read" );
         $("#form").trigger("submit");
-
     }
-
-
-
+    function goCreate(){
+        const $form = $("<form method='get' action='/authority/create'></form> ");
+        $(".att").after($form);
+        $form.trigger("submit");
+    }
 </script>
-<div class="container-fluid">
+
+<div class="container-fluid att">
     <div class="row">
         <div class="col-12">
             <div class="mt-5 mb-5 text-center">
@@ -131,6 +128,7 @@
                                     </c:forEach>
                                     </tbody>
                                 </table>
+                                <button class="btn btn-primary" onclick="goCreate()">생성</button>
                             </div>
 
                         </div>
diff --git a/src/main/webapp/WEB-INF/views/base/navigation.jsp b/src/main/webapp/WEB-INF/views/base/navigation.jsp
index b98b51c..fc2d8f6 100644
--- a/src/main/webapp/WEB-INF/views/base/navigation.jsp
+++ b/src/main/webapp/WEB-INF/views/base/navigation.jsp
@@ -9,7 +9,7 @@
                 <a class="nav-link d-flex align-items-center gap-2" href="/mypage">
                     <div class="text-center">
 
-                        <img alt =""  class="img-user" src="/resources/static/img/mypage/profile/${userData.id}.jpg" onerror="this.onerror=null; this.src='https://academy.ilwoo.org/data/file/reference/3531300541_J1gHPmC6_479f762b4825515abc781b3a616929d8949ea2c5.jpg'">
+                        <img alt =""  class="img-user" src="${pageContext.request.scheme}://${pageContext.request.serverName}/images/${userData.id}.jpg" onerror="this.onerror=null; this.src='https://academy.ilwoo.org/data/file/reference/3531300541_J1gHPmC6_479f762b4825515abc781b3a616929d8949ea2c5.jpg'">
                         <br>
                         <p class="user-name">${userData.name}</p>
                     </div>
@@ -18,7 +18,7 @@
             <hr class="my-3">
             <li class="nav-item">
                 <a class="nav-link d-flex align-items-center gap-2" href="/">
-                    <i data-feather="list"></i>게시판
+                    <i data-feather="list"></i>메인 페이지
                 </a>
             </li>
             <c:if test="${authSession.account.read}">
diff --git a/src/main/webapp/WEB-INF/views/mypage/mypage.jsp b/src/main/webapp/WEB-INF/views/mypage/mypage.jsp
index 88f590b..1fd0e67 100644
--- a/src/main/webapp/WEB-INF/views/mypage/mypage.jsp
+++ b/src/main/webapp/WEB-INF/views/mypage/mypage.jsp
@@ -16,7 +16,7 @@
 		<div class="container-fluid">
 			<div class="row">
 	            <div class="col-md-4" style="text-align: center;">
-	            	<img alt="Default Image" width="200" src="/resources/static/img/mypage/profile/${userData.id}.jpg" onerror="this.onerror=null; this.src='/resources/static/img/mypage/profile/defaultimg.jpg'" />
+	            	<img alt="Default Image" width="200" src="${pageContext.request.scheme}://${pageContext.request.serverName}/images/${userData.id}.jpg" onerror="this.onerror=null; this.src='${pageContext.request.scheme}://${pageContext.request.serverName}/images/defaultimg.jpg'" />
 	            	<!-- <img alt="Default Image" src="/resources/static/img/mypage/profile/${list.id}.png" width="200" /> -->
 	                <!--  -->
 	                <hr>