github-mirrors/No1WMS
1
0
Fork 0
mirror of https://github.com/suhf/No1WMS.git synced 2026-02-04 12:13:24 +09:00
Code Issues Packages Projects Releases Wiki Activity

암호화 및 이미지 업로드 관련 수정

Browse Source
This commit is contained in:
Suh
2024-01-25 17:35:33 +09:00
parent 236c022a54
commit 4aeddf2fa1
15 changed files with 101 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
build.gradle
View File

@@ -2,20 +2,19 @@ plugins {
id 'java' id 'java'
id 'org.springframework.boot' version '2.5.0' id 'org.springframework.boot' version '2.5.0'
id 'io.spring.dependency-management' version '1.1.4' id 'io.spring.dependency-management' version '1.1.4'
id 'war'
} }
group = 'com.no1' group = 'com.no1'
version = '0.0.1-SNAPSHOT' version = '0.0.1-SNAPSHOT'
configurations { configurations {
compileOnly { compileOnly {
extendsFrom annotationProcessor extendsFrom annotationProcessor
} }
} }
repositories { repositories {
mavenCentral() mavenCentral()
} }
dependencies { dependencies {
implementation 'org.springframework.boot:spring-boot-starter-jdbc' implementation 'org.springframework.boot:spring-boot-starter-jdbc'
implementation 'org.springframework.boot:spring-boot-starter-web' implementation 'org.springframework.boot:spring-boot-starter-web'

2
gradle/wrapper/gradle-wrapper.properties vendored
View File

@@ -1,6 +1,6 @@
distributionBase=GRADLE_USER_HOME distributionBase=GRADLE_USER_HOME
distributionPath=wrapper/dists distributionPath=wrapper/dists
distributionUrl=https\://services.gradle.org/distributions/gradle-8.5-bin.zip distributionUrl=https\://services.gradle.org/distributions/gradle-7.5-bin.zip
networkTimeout=10000 networkTimeout=10000
validateDistributionUrl=true validateDistributionUrl=true
zipStoreBase=GRADLE_USER_HOME zipStoreBase=GRADLE_USER_HOME

14
src/main/java/com/no1/wms/account/AccountController.java
View File

@@ -4,11 +4,13 @@ import com.google.gson.Gson;
import com.no1.wms.authority.AuthorityDto; import com.no1.wms.authority.AuthorityDto;
import com.no1.wms.authority.AuthorityService; import com.no1.wms.authority.AuthorityService;
import com.no1.wms.utils.ConstantValues; import com.no1.wms.utils.ConstantValues;
import com.no1.wms.utils.SHA256;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller; import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.*; import org.springframework.web.bind.annotation.*;
import org.springframework.web.servlet.ModelAndView; import org.springframework.web.servlet.ModelAndView;
import java.security.NoSuchAlgorithmException;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.UUID; import java.util.UUID;
@@ -25,6 +27,8 @@ public class AccountController {
@GetMapping("/list") @GetMapping("/list")
public ModelAndView list(ModelAndView mav,@RequestParam(defaultValue = "0") int searchn, @RequestParam(defaultValue = "") String search, @RequestParam(defaultValue = "1") int page){ public ModelAndView list(ModelAndView mav,@RequestParam(defaultValue = "0") int searchn, @RequestParam(defaultValue = "") String search, @RequestParam(defaultValue = "1") int page){
int perPage = 10; int perPage = 10;
int startRow = (page - 1) * perPage; int startRow = (page - 1) * perPage;
int count = accountService.count(searchn, search, startRow, perPage); int count = accountService.count(searchn, search, startRow, perPage);
@@ -64,7 +68,7 @@ public class AccountController {
@PostMapping("/create_process") @PostMapping("/create_process")
@ResponseBody @ResponseBody
public String createProcess(AccountDto dto, Gson gson){ public String createProcess(AccountDto dto, Gson gson) throws NoSuchAlgorithmException {
String uuid = UUID.randomUUID().toString(); String uuid = UUID.randomUUID().toString();
AuthorityDto authorityDto = new AuthorityDto(); AuthorityDto authorityDto = new AuthorityDto();
authorityDto.setId(dto.getGroupAuthorityId()); authorityDto.setId(dto.getGroupAuthorityId());
@@ -75,6 +79,8 @@ public class AccountController {
accountService.insertToAuthority(authorityDto); accountService.insertToAuthority(authorityDto);
dto.setPersonalAuthorityId(uuid); dto.setPersonalAuthorityId(uuid);
dto.setPassword(SHA256.encrypt(dto.getEmployeeNumber()));
accountService.insert(dto); accountService.insert(dto);
return gson.toJson("s"); return gson.toJson("s");
@@ -105,8 +111,6 @@ public class AccountController {
AccountDto accountDto = gson.fromJson(data.get("account").toString(), AccountDto.class); AccountDto accountDto = gson.fromJson(data.get("account").toString(), AccountDto.class);
System.out.println(accountDto);
System.out.println(personalAuthorityDto);
accountService.update(accountDto); accountService.update(accountDto);
authorityService.update(personalAuthorityDto); authorityService.update(personalAuthorityDto);
@@ -115,7 +119,9 @@ public class AccountController {
@PostMapping("/reset_password") @PostMapping("/reset_password")
@ResponseBody @ResponseBody
public String resetPassword(AccountDto dto, Gson gson){ public String resetPassword(AccountDto dto, Gson gson) throws NoSuchAlgorithmException {
dto = accountService.selectById(dto);
dto.setPassword(SHA256.encrypt(dto.getEmployeeNumber()));
accountService.resetPassword(dto); accountService.resetPassword(dto);
return gson.toJson("s"); return gson.toJson("s");

10
src/main/java/com/no1/wms/base/WebConfig.java
View File

@@ -5,6 +5,7 @@ import org.mybatis.spring.annotation.MapperScan;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.EnableAspectJAutoProxy; import org.springframework.context.annotation.EnableAspectJAutoProxy;
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
import org.springframework.web.servlet.view.tiles3.TilesConfigurer; import org.springframework.web.servlet.view.tiles3.TilesConfigurer;
import org.springframework.web.servlet.view.tiles3.TilesView; import org.springframework.web.servlet.view.tiles3.TilesView;
@@ -13,13 +14,18 @@ import org.springframework.web.servlet.view.tiles3.TilesViewResolver;
@Configuration @Configuration
@EnableAspectJAutoProxy @EnableAspectJAutoProxy
public class WebConfig implements WebMvcConfigurer { public class WebConfig implements WebMvcConfigurer {
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
registry.addResourceHandler("/images/**")
.addResourceLocations("file:///static/img/mypage/profile/");
}
@Bean @Bean
public TilesConfigurer tilesConfigurer(){ public TilesConfigurer tilesConfigurer(){
final TilesConfigurer configurer = new TilesConfigurer(); final TilesConfigurer configurer = new TilesConfigurer();
configurer.setDefinitions(new String[]{ configurer.setDefinitions(new String[]{
"/WEB-INF/tiles/tiles.xml" "WEB-INF/tiles/tiles.xml"
}); });
configurer.setCheckRefresh(true); configurer.setCheckRefresh(true);
@@ -33,4 +39,6 @@ public class WebConfig implements WebMvcConfigurer {
tilesViewResolver.setOrder(1); tilesViewResolver.setOrder(1);
return tilesViewResolver; return tilesViewResolver;
} }
} }

1
src/main/java/com/no1/wms/category/CategoryDto.java
View File

@@ -9,6 +9,7 @@ import lombok.NoArgsConstructor;
@Data @Data
@AllArgsConstructor @AllArgsConstructor
@Builder
@Alias("CategoryDto") @Alias("CategoryDto")
public class CategoryDto { public class CategoryDto {

11
src/main/java/com/no1/wms/login/LoginController.java
View File

@@ -6,6 +6,7 @@ import com.no1.wms.account.AccountService;
import com.no1.wms.authority.AuthorityDto; import com.no1.wms.authority.AuthorityDto;
import com.no1.wms.authority.AuthorityService; import com.no1.wms.authority.AuthorityService;
import com.no1.wms.base.AuthData; import com.no1.wms.base.AuthData;
import com.no1.wms.utils.SHA256;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpRequest; import org.springframework.http.HttpRequest;
import org.springframework.stereotype.Controller; import org.springframework.stereotype.Controller;
@@ -17,6 +18,7 @@ import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession; import javax.servlet.http.HttpSession;
import java.security.NoSuchAlgorithmException;
import java.util.HashMap; import java.util.HashMap;
@Controller @Controller
@@ -29,7 +31,7 @@ public class LoginController {
AuthorityService authorityService; AuthorityService authorityService;
@GetMapping("/login") @GetMapping("/login")
public String loginPage(){ public String loginPage() throws NoSuchAlgorithmException {
return "login"; return "login";
} }
@@ -63,10 +65,13 @@ public class LoginController {
@PostMapping("/login/check_password") @PostMapping("/login/check_password")
@ResponseBody @ResponseBody
public String login(AccountDto data, AuthorityDto authDto, Gson gson, HttpServletRequest request){ public String login(AccountDto data, AuthorityDto authDto, Gson gson, HttpServletRequest request) throws NoSuchAlgorithmException {
HttpSession session = request.getSession();
HttpSession session = request.getSession();
data.setPassword(SHA256.encrypt(data.getPassword()));
System.out.println(data);
AccountDto dto = accountService.selectByLogin(data); AccountDto dto = accountService.selectByLogin(data);
if(dto.getPassword().equals(data.getPassword())){ if(dto.getPassword().equals(data.getPassword())){
authDto.setId(dto.getPersonalAuthorityId()); authDto.setId(dto.getPersonalAuthorityId());
authDto = authorityService.selectById(authDto); authDto = authorityService.selectById(authDto);

5
src/main/java/com/no1/wms/mypage/MypageController.java
View File

@@ -2,10 +2,12 @@ package com.no1.wms.mypage;
import java.io.File; import java.io.File;
import java.io.IOException; import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession; import javax.servlet.http.HttpSession;
import com.no1.wms.utils.SHA256;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.io.ClassPathResource; import org.springframework.core.io.ClassPathResource;
import org.springframework.stereotype.Controller; import org.springframework.stereotype.Controller;
@@ -82,7 +84,8 @@ public class MypageController {
@ResponseBody @ResponseBody
@PutMapping("/mypage/updateUserInfo") @PutMapping("/mypage/updateUserInfo")
public boolean updateUserInfo(AccountDto dto) { public boolean updateUserInfo(AccountDto dto) throws NoSuchAlgorithmException {
dto.setPassword(SHA256.encrypt(dto.getPassword()));
int i = accountService.updateIncludePassword(dto); int i = accountService.updateIncludePassword(dto);
System.out.println(i); System.out.println(i);
if (i == 1) { if (i == 1) {

13
src/main/java/com/no1/wms/resetpassword/ResetPasswordController.java
View File

@@ -1,11 +1,15 @@
package com.no1.wms.resetpassword; package com.no1.wms.resetpassword;
import com.google.gson.Gson; import com.google.gson.Gson;
import com.no1.wms.account.AccountDto;
import com.no1.wms.account.AccountService;
import com.no1.wms.utils.SHA256;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller; import org.springframework.stereotype.Controller;
import org.springframework.ui.Model; import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.*; import org.springframework.web.bind.annotation.*;
import java.security.NoSuchAlgorithmException;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.Objects; import java.util.Objects;
@@ -18,6 +22,9 @@ public class ResetPasswordController {
@Autowired @Autowired
ResetPasswordService resetPasswordService; ResetPasswordService resetPasswordService;
@Autowired
AccountService accountService;
@GetMapping("/list") @GetMapping("/list")
public String list(@RequestParam(name = "searchn", defaultValue = "0") int searchn, public String list(@RequestParam(name = "searchn", defaultValue = "0") int searchn,
@RequestParam(name = "search", defaultValue = "") String search, @RequestParam(name = "search", defaultValue = "") String search,
@@ -74,7 +81,11 @@ public class ResetPasswordController {
@PutMapping("/update") @PutMapping("/update")
@ResponseBody @ResponseBody
public boolean update(ResetPasswordDto dto) { public boolean update(ResetPasswordDto dto) throws NoSuchAlgorithmException {
AccountDto accountDto = new AccountDto();
accountDto.setId(dto.getAccountId());
accountDto = accountService.selectById(accountDto);
dto.setPassword(SHA256.encrypt(accountDto.getEmployeeNumber()));
int i = resetPasswordService.passwordUpdate(dto); int i = resetPasswordService.passwordUpdate(dto);
if (i != 0) { if (i != 0) {
resetPasswordService.delete(dto); resetPasswordService.delete(dto);

2
src/main/java/com/no1/wms/resetpassword/ResetPasswordDto.java
View File

@@ -21,7 +21,7 @@ public class ResetPasswordDto {
String note; String note;
@DateTimeFormat(pattern = "yyyy-MM-dd") @DateTimeFormat(pattern = "yyyy-MM-dd")
Date date; Date date;
String password;
AccountDto accountDto; AccountDto accountDto;
String employeeNumber; String employeeNumber;
} }

37
src/main/java/com/no1/wms/utils/SHA256.java Normal file
View File

@@ -0,0 +1,37 @@
package com.no1.wms.utils;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
public class SHA256 {
// 입력 문자열을 SHA-256으로 암호화하여 해시 값을 반환하는 메서드
public static String encrypt(String pwd) {
String salt="1234";
String result = "";
try {
//1. SHA256 알고리즘 객체 생성
MessageDigest md = MessageDigest.getInstance("SHA-256");
//2. 비밀번호와 salt 합친 문자열에 SHA 256 적용
md.update((pwd+salt).getBytes());
byte[] pwdsalt = md.digest();
//3. byte To String (10진수의 문자열로 변경)
StringBuffer sb = new StringBuffer();
for (byte b : pwdsalt) {
sb.append(String.format("%02x", b));
}
result=sb.toString();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
return result;
}
}

4
src/main/resources/mappers/AccountMapper.xml
View File

@@ -81,7 +81,7 @@
) )
VALUES VALUES
( (
UUID(), #{employeeNumber}, #{employeeNumber}, UUID(), #{employeeNumber}, #{password},
#{email}, #{groupAuthorityId}, #{email}, #{groupAuthorityId},
#{personalAuthorityId},#{name},#{gender}, #{personalAuthorityId},#{name},#{gender},
#{birth},#{telephone}, #{address}, #{birth},#{telephone}, #{address},
@@ -118,7 +118,7 @@
</select> </select>
<update id="resetPassword" parameterType="accountDto"> <update id="resetPassword" parameterType="accountDto">
update account SET update account SET
password = ( SELECT employee_number from account where id = #{id} ) password = #{password}
WHERE id = #{id} WHERE id = #{id}
</update> </update>

2
src/main/resources/mappers/ResetPasswordMapper.xml
View File

@@ -69,7 +69,7 @@
<update id="passwordUpdate" parameterType="resetPasswordDto"> <update id="passwordUpdate" parameterType="resetPasswordDto">
update account a update account a
left join reset_password rs on a.id = rs.account_id left join reset_password rs on a.id = rs.account_id
set a.password = a.employee_number set a.password = #{password}
where rs.id = #{id} where rs.id = #{id}
</update> </update>

22
src/main/webapp/WEB-INF/views/authority/list.jsp
View File

@@ -27,35 +27,32 @@
$(".authority_tr").on("click", function(event){ $(".authority_tr").on("click", function(event){
readAuthority($(event.currentTarget).data("tid"), $(event.currentTarget).data("tgroup")); readAuthority($(event.currentTarget).data("tid"), $(event.currentTarget).data("tgroup"));
}); });
}); });
function onSearch(isPersonalSearch){ function onSearch(isPersonalSearch){
let jsonData = {}; let jsonData = {};
if(isPersonalSearch){ if(isPersonalSearch)
{
jsonData.searchOption = $("select[name='search_select'] option:selected").val(); jsonData.searchOption = $("select[name='search_select'] option:selected").val();
jsonData.searchValue = $("#search_personal_input").val(); jsonData.searchValue = $("#search_personal_input").val();
}else{ }else{
jsonData.searchValue = $("#search_group_input").val(); jsonData.searchValue = $("#search_group_input").val();
} }
console.log(JSON.stringify(jsonData));
} }
function readAuthority(id, group){ function readAuthority(id, group){
$("#formInput").val(id); $("#formInput").val(id);
$("#isGroupInput").val(group); $("#isGroupInput").val(group);
$("#form").attr("action", "/authority/read" ); $("#form").attr("action", "/authority/read" );
$("#form").trigger("submit"); $("#form").trigger("submit");
} }
function goCreate(){
const $form = $("<form method='get' action='/authority/create'></form> ");
$(".att").after($form);
$form.trigger("submit");
}
</script> </script>
<div class="container-fluid">
<div class="container-fluid att">
<div class="row"> <div class="row">
<div class="col-12"> <div class="col-12">
<div class="mt-5 mb-5 text-center"> <div class="mt-5 mb-5 text-center">
@@ -131,6 +128,7 @@
</c:forEach> </c:forEach>
</tbody> </tbody>
</table> </table>
<button class="btn btn-primary" onclick="goCreate()">생성</button>
</div> </div>
</div> </div>

4
src/main/webapp/WEB-INF/views/base/navigation.jsp
View File

@@ -9,7 +9,7 @@
<a class="nav-link d-flex align-items-center gap-2" href="/mypage"> <a class="nav-link d-flex align-items-center gap-2" href="/mypage">
<div class="text-center"> <div class="text-center">
<img alt ="" class="img-user" src="/resources/static/img/mypage/profile/${userData.id}.jpg" onerror="this.onerror=null; this.src='https://academy.ilwoo.org/data/file/reference/3531300541_J1gHPmC6_479f762b4825515abc781b3a616929d8949ea2c5.jpg'"> <img alt ="" class="img-user" src="${pageContext.request.scheme}://${pageContext.request.serverName}/images/${userData.id}.jpg" onerror="this.onerror=null; this.src='https://academy.ilwoo.org/data/file/reference/3531300541_J1gHPmC6_479f762b4825515abc781b3a616929d8949ea2c5.jpg'">
<br> <br>
<p class="user-name">${userData.name}</p> <p class="user-name">${userData.name}</p>
</div> </div>
@@ -18,7 +18,7 @@
<hr class="my-3"> <hr class="my-3">
<li class="nav-item"> <li class="nav-item">
<a class="nav-link d-flex align-items-center gap-2" href="/"> <a class="nav-link d-flex align-items-center gap-2" href="/">
<i data-feather="list"></i>게시판 <i data-feather="list"></i>메인 페이지
</a> </a>
</li> </li>
<c:if test="${authSession.account.read}"> <c:if test="${authSession.account.read}">

2
src/main/webapp/WEB-INF/views/mypage/mypage.jsp
View File

@@ -16,7 +16,7 @@
<div class="container-fluid"> <div class="container-fluid">
<div class="row"> <div class="row">
<div class="col-md-4" style="text-align: center;"> <div class="col-md-4" style="text-align: center;">
<img alt="Default Image" width="200" src="/resources/static/img/mypage/profile/${userData.id}.jpg" onerror="this.onerror=null; this.src='/resources/static/img/mypage/profile/defaultimg.jpg'" /> <img alt="Default Image" width="200" src="${pageContext.request.scheme}://${pageContext.request.serverName}/images/${userData.id}.jpg" onerror="this.onerror=null; this.src='${pageContext.request.scheme}://${pageContext.request.serverName}/images/defaultimg.jpg'" />
<!-- <img alt="Default Image" src="/resources/static/img/mypage/profile/${list.id}.png" width="200" /> --> <!-- <img alt="Default Image" src="/resources/static/img/mypage/profile/${list.id}.png" width="200" /> -->
<!-- --> <!-- -->
<hr> <hr>