github-mirrors/No1WMS
1
0
Fork 0
mirror of https://github.com/suhf/No1WMS.git synced 2026-02-04 12:13:24 +09:00
Code Issues Packages Projects Releases Wiki Activity

암호화 및 이미지 업로드 관련 수정

Browse Source
This commit is contained in:
Suh
2024-01-25 17:35:33 +09:00
parent 236c022a54
commit 4aeddf2fa1
15 changed files with 101 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
build.gradle
View File

@@ -2,20 +2,19 @@ plugins {
id 'java'
id 'org.springframework.boot' version '2.5.0'
id 'io.spring.dependency-management' version '1.1.4'
id 'war'
}
group = 'com.no1'
version = '0.0.1-SNAPSHOT'
configurations {
compileOnly {
extendsFrom annotationProcessor
}
}
repositories {
mavenCentral()
}
dependencies {
implementation 'org.springframework.boot:spring-boot-starter-jdbc'
implementation 'org.springframework.boot:spring-boot-starter-web'

2
gradle/wrapper/gradle-wrapper.properties vendored
View File

@@ -1,6 +1,6 @@
distributionBase=GRADLE_USER_HOME
distributionPath=wrapper/dists
distributionUrl=https\://services.gradle.org/distributions/gradle-8.5-bin.zip
distributionUrl=https\://services.gradle.org/distributions/gradle-7.5-bin.zip
networkTimeout=10000
validateDistributionUrl=true
zipStoreBase=GRADLE_USER_HOME

14
src/main/java/com/no1/wms/account/AccountController.java
View File

@@ -4,11 +4,13 @@ import com.google.gson.Gson;
import com.no1.wms.authority.AuthorityDto;
import com.no1.wms.authority.AuthorityService;
import com.no1.wms.utils.ConstantValues;
import com.no1.wms.utils.SHA256;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.servlet.ModelAndView;
import java.security.NoSuchAlgorithmException;
import java.util.List;
import java.util.Map;
import java.util.UUID;
@@ -25,6 +27,8 @@ public class AccountController {
@GetMapping("/list")
public ModelAndView list(ModelAndView mav,@RequestParam(defaultValue = "0") int searchn, @RequestParam(defaultValue = "") String search, @RequestParam(defaultValue = "1") int page){
int perPage = 10;
int startRow = (page - 1) * perPage;
int count = accountService.count(searchn, search, startRow, perPage);
@@ -64,7 +68,7 @@ public class AccountController {
@PostMapping("/create_process")
@ResponseBody
public String createProcess(AccountDto dto, Gson gson){
public String createProcess(AccountDto dto, Gson gson) throws NoSuchAlgorithmException {
String uuid = UUID.randomUUID().toString();
AuthorityDto authorityDto = new AuthorityDto();
authorityDto.setId(dto.getGroupAuthorityId());
@@ -75,6 +79,8 @@ public class AccountController {
accountService.insertToAuthority(authorityDto);
dto.setPersonalAuthorityId(uuid);
dto.setPassword(SHA256.encrypt(dto.getEmployeeNumber()));
accountService.insert(dto);
return gson.toJson("s");
@@ -105,8 +111,6 @@ public class AccountController {
AccountDto accountDto = gson.fromJson(data.get("account").toString(), AccountDto.class);
System.out.println(accountDto);
System.out.println(personalAuthorityDto);
accountService.update(accountDto);
authorityService.update(personalAuthorityDto);
@@ -115,7 +119,9 @@ public class AccountController {
@PostMapping("/reset_password")
@ResponseBody
public String resetPassword(AccountDto dto, Gson gson){
public String resetPassword(AccountDto dto, Gson gson) throws NoSuchAlgorithmException {
dto = accountService.selectById(dto);
dto.setPassword(SHA256.encrypt(dto.getEmployeeNumber()));
accountService.resetPassword(dto);
return gson.toJson("s");

10
src/main/java/com/no1/wms/base/WebConfig.java
View File

@@ -5,6 +5,7 @@ import org.mybatis.spring.annotation.MapperScan;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.EnableAspectJAutoProxy;
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
import org.springframework.web.servlet.view.tiles3.TilesConfigurer;
import org.springframework.web.servlet.view.tiles3.TilesView;
@@ -13,13 +14,18 @@ import org.springframework.web.servlet.view.tiles3.TilesViewResolver;
@Configuration
@EnableAspectJAutoProxy
public class WebConfig implements WebMvcConfigurer {
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
registry.addResourceHandler("/images/**")
.addResourceLocations("file:///static/img/mypage/profile/");
}
@Bean
public TilesConfigurer tilesConfigurer(){
final TilesConfigurer configurer = new TilesConfigurer();
configurer.setDefinitions(new String[]{
"/WEB-INF/tiles/tiles.xml"
"WEB-INF/tiles/tiles.xml"
});
configurer.setCheckRefresh(true);
@@ -33,4 +39,6 @@ public class WebConfig implements WebMvcConfigurer {
tilesViewResolver.setOrder(1);
return tilesViewResolver;
}
}

1
src/main/java/com/no1/wms/category/CategoryDto.java
View File

@@ -9,6 +9,7 @@ import lombok.NoArgsConstructor;
@Data
@AllArgsConstructor
@Builder
@Alias("CategoryDto")
public class CategoryDto {

11
src/main/java/com/no1/wms/login/LoginController.java
View File

@@ -6,6 +6,7 @@ import com.no1.wms.account.AccountService;
import com.no1.wms.authority.AuthorityDto;
import com.no1.wms.authority.AuthorityService;
import com.no1.wms.base.AuthData;
import com.no1.wms.utils.SHA256;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpRequest;
import org.springframework.stereotype.Controller;
@@ -17,6 +18,7 @@ import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import java.security.NoSuchAlgorithmException;
import java.util.HashMap;
@Controller
@@ -29,7 +31,7 @@ public class LoginController {
AuthorityService authorityService;
@GetMapping("/login")
public String loginPage(){
public String loginPage() throws NoSuchAlgorithmException {
return "login";
}
@@ -63,10 +65,13 @@ public class LoginController {
@PostMapping("/login/check_password")
@ResponseBody
public String login(AccountDto data, AuthorityDto authDto, Gson gson, HttpServletRequest request){
HttpSession session = request.getSession();
public String login(AccountDto data, AuthorityDto authDto, Gson gson, HttpServletRequest request) throws NoSuchAlgorithmException {
HttpSession session = request.getSession();
data.setPassword(SHA256.encrypt(data.getPassword()));
System.out.println(data);
AccountDto dto = accountService.selectByLogin(data);
if(dto.getPassword().equals(data.getPassword())){
authDto.setId(dto.getPersonalAuthorityId());
authDto = authorityService.selectById(authDto);

5
src/main/java/com/no1/wms/mypage/MypageController.java
View File

@@ -2,10 +2,12 @@ package com.no1.wms.mypage;
import java.io.File;
import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import com.no1.wms.utils.SHA256;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.io.ClassPathResource;
import org.springframework.stereotype.Controller;
@@ -82,7 +84,8 @@ public class MypageController {
@ResponseBody
@PutMapping("/mypage/updateUserInfo")
public boolean updateUserInfo(AccountDto dto) {
public boolean updateUserInfo(AccountDto dto) throws NoSuchAlgorithmException {
dto.setPassword(SHA256.encrypt(dto.getPassword()));
int i = accountService.updateIncludePassword(dto);
System.out.println(i);
if (i == 1) {

13
src/main/java/com/no1/wms/resetpassword/ResetPasswordController.java
View File

@@ -1,11 +1,15 @@
package com.no1.wms.resetpassword;
import com.google.gson.Gson;
import com.no1.wms.account.AccountDto;
import com.no1.wms.account.AccountService;
import com.no1.wms.utils.SHA256;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.*;
import java.security.NoSuchAlgorithmException;
import java.util.List;
import java.util.Map;
import java.util.Objects;
@@ -18,6 +22,9 @@ public class ResetPasswordController {
@Autowired
ResetPasswordService resetPasswordService;
@Autowired
AccountService accountService;
@GetMapping("/list")
public String list(@RequestParam(name = "searchn", defaultValue = "0") int searchn,
@RequestParam(name = "search", defaultValue = "") String search,
@@ -74,7 +81,11 @@ public class ResetPasswordController {
@PutMapping("/update")
@ResponseBody
public boolean update(ResetPasswordDto dto) {
public boolean update(ResetPasswordDto dto) throws NoSuchAlgorithmException {
AccountDto accountDto = new AccountDto();
accountDto.setId(dto.getAccountId());
accountDto = accountService.selectById(accountDto);
dto.setPassword(SHA256.encrypt(accountDto.getEmployeeNumber()));
int i = resetPasswordService.passwordUpdate(dto);
if (i != 0) {
resetPasswordService.delete(dto);

2
src/main/java/com/no1/wms/resetpassword/ResetPasswordDto.java
View File

@@ -21,7 +21,7 @@ public class ResetPasswordDto {
String note;
@DateTimeFormat(pattern = "yyyy-MM-dd")
Date date;
String password;
AccountDto accountDto;
String employeeNumber;
}

37
src/main/java/com/no1/wms/utils/SHA256.java Normal file
View File

@@ -0,0 +1,37 @@
package com.no1.wms.utils;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
public class SHA256 {
// 입력 문자열을 SHA-256으로 암호화하여 해시 값을 반환하는 메서드
public static String encrypt(String pwd) {
String salt="1234";
String result = "";
try {
//1. SHA256 알고리즘 객체 생성
MessageDigest md = MessageDigest.getInstance("SHA-256");
//2. 비밀번호와 salt 합친 문자열에 SHA 256 적용
md.update((pwd+salt).getBytes());
byte[] pwdsalt = md.digest();
//3. byte To String (10진수의 문자열로 변경)
StringBuffer sb = new StringBuffer();
for (byte b : pwdsalt) {
sb.append(String.format("%02x", b));
}
result=sb.toString();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
return result;
}
}

4
src/main/resources/mappers/AccountMapper.xml
View File

@@ -81,7 +81,7 @@
)
VALUES
(
UUID(), #{employeeNumber}, #{employeeNumber},
UUID(), #{employeeNumber}, #{password},
#{email}, #{groupAuthorityId},
#{personalAuthorityId},#{name},#{gender},
#{birth},#{telephone}, #{address},
@@ -118,7 +118,7 @@
</select>
<update id="resetPassword" parameterType="accountDto">
update account SET
password = ( SELECT employee_number from account where id = #{id} )
password = #{password}
WHERE id = #{id}
</update>

2
src/main/resources/mappers/ResetPasswordMapper.xml
View File

@@ -69,7 +69,7 @@
<update id="passwordUpdate" parameterType="resetPasswordDto">
update account a
left join reset_password rs on a.id = rs.account_id
set a.password = a.employee_number
set a.password = #{password}
where rs.id = #{id}
</update>

22
src/main/webapp/WEB-INF/views/authority/list.jsp
View File

@@ -27,35 +27,32 @@
$(".authority_tr").on("click", function(event){
readAuthority($(event.currentTarget).data("tid"), $(event.currentTarget).data("tgroup"));
});
});
function onSearch(isPersonalSearch){
let jsonData = {};
if(isPersonalSearch){
if(isPersonalSearch)
{
jsonData.searchOption = $("select[name='search_select'] option:selected").val();
jsonData.searchValue = $("#search_personal_input").val();
}else{
jsonData.searchValue = $("#search_group_input").val();
}
console.log(JSON.stringify(jsonData));
}
function readAuthority(id, group){
$("#formInput").val(id);
$("#isGroupInput").val(group);
$("#form").attr("action", "/authority/read" );
$("#form").trigger("submit");
}
function goCreate(){
const $form = $("<form method='get' action='/authority/create'></form> ");
$(".att").after($form);
$form.trigger("submit");
}
</script>
<div class="container-fluid">
<div class="container-fluid att">
<div class="row">
<div class="col-12">
<div class="mt-5 mb-5 text-center">
@@ -131,6 +128,7 @@
</c:forEach>
</tbody>
</table>
<button class="btn btn-primary" onclick="goCreate()">생성</button>
</div>
</div>

4
src/main/webapp/WEB-INF/views/base/navigation.jsp
View File

@@ -9,7 +9,7 @@
<a class="nav-link d-flex align-items-center gap-2" href="/mypage">
<div class="text-center">
<img alt ="" class="img-user" src="/resources/static/img/mypage/profile/${userData.id}.jpg" onerror="this.onerror=null; this.src='https://academy.ilwoo.org/data/file/reference/3531300541_J1gHPmC6_479f762b4825515abc781b3a616929d8949ea2c5.jpg'">
<img alt ="" class="img-user" src="${pageContext.request.scheme}://${pageContext.request.serverName}/images/${userData.id}.jpg" onerror="this.onerror=null; this.src='https://academy.ilwoo.org/data/file/reference/3531300541_J1gHPmC6_479f762b4825515abc781b3a616929d8949ea2c5.jpg'">
<br>
<p class="user-name">${userData.name}</p>
</div>
@@ -18,7 +18,7 @@
<hr class="my-3">
<li class="nav-item">
<a class="nav-link d-flex align-items-center gap-2" href="/">
<i data-feather="list"></i>게시판
<i data-feather="list"></i>메인 페이지
</a>
</li>
<c:if test="${authSession.account.read}">

2
src/main/webapp/WEB-INF/views/mypage/mypage.jsp
View File

@@ -16,7 +16,7 @@
<div class="container-fluid">
<div class="row">
<div class="col-md-4" style="text-align: center;">
<img alt="Default Image" width="200" src="/resources/static/img/mypage/profile/${userData.id}.jpg" onerror="this.onerror=null; this.src='/resources/static/img/mypage/profile/defaultimg.jpg'" />
<img alt="Default Image" width="200" src="${pageContext.request.scheme}://${pageContext.request.serverName}/images/${userData.id}.jpg" onerror="this.onerror=null; this.src='${pageContext.request.scheme}://${pageContext.request.serverName}/images/defaultimg.jpg'" />
<!-- <img alt="Default Image" src="/resources/static/img/mypage/profile/${list.id}.png" width="200" /> -->
<!-- -->
<hr>