aop로 권한 적용되게 추가

2026-02-04 12:13:24 +09:00 · 2024-01-15 15:39:00 +09:00
parent cd82828562
commit f21300a991
16 changed files with 423 additions and 14 deletions
--- a/build.gradle
+++ b/build.gradle
@@ -51,6 +51,9 @@ dependencies {
 	implementation 'org.apache.tiles:tiles-api:3.0.8'
 	implementation 'org.apache.tiles:tiles-core:3.0.8'

+	// https://mvnrepository.com/artifact/org.springframework.boot/spring-boot-starter-aop
+	implementation group: 'org.springframework.boot', name: 'spring-boot-starter-aop', version: '2.5.0'
+

 }
 tasks.named('test') {
--- a/src/main/java/com/no1/wms/account/AccountController.java
+++ b/src/main/java/com/no1/wms/account/AccountController.java
@@ -22,6 +22,7 @@ public class AccountController {

    @Autowired
    AccountService accountService;
+
    @Autowired
    AuthorityService authorityService;

@@ -75,6 +76,7 @@ public class AccountController {
        return mav;
    }

+
    @PostMapping("/update_process")
    @ResponseBody
    public String updateProcess(@RequestBody Map<String, Object> data, Gson gson){
@@ -99,6 +101,15 @@ public class AccountController {
        return gson.toJson("s");
    }

+    @PostMapping("/delete_process")
+    @ResponseBody
+    public String deleteProcess(AccountDto dto, Gson gson){
+        accountService.delete(dto);
+
+        return gson.toJson("s");
+    }
+
+
    @PostMapping("/show_modal")
    public ModelAndView showModal(ModelAndView mav, @RequestParam(defaultValue = "") String search,
                                  @RequestParam(defaultValue = "0") int start, @RequestParam String name){
--- a/src/main/java/com/no1/wms/account/AccountMapper.java
+++ b/src/main/java/com/no1/wms/account/AccountMapper.java
@@ -28,5 +28,7 @@ public interface AccountMapper {

    int resetPassword(AccountDto dto);

+    int delete(AccountDto dto);

+    AccountDto selectByLogin(AccountDto dto);
 }
--- a/src/main/java/com/no1/wms/account/AccountService.java
+++ b/src/main/java/com/no1/wms/account/AccountService.java
@@ -61,6 +61,12 @@ public class AccountService {
        return mapper.resetPassword(dto);
    }

+    int delete(AccountDto dto){
+        return mapper.delete(dto);
+    }

+    public AccountDto selectByLogin(AccountDto dto){
+           return mapper.selectByLogin(dto);
+    }

 }
--- a/src/main/java/com/no1/wms/base/AuthAspect.java
+++ b/src/main/java/com/no1/wms/base/AuthAspect.java
@@ -0,0 +1,133 @@
+package com.no1.wms.base;
+
+import com.no1.wms.account.AccountDto;
+import com.no1.wms.account.AccountService;
+import com.no1.wms.authority.AuthorityDto;
+import com.no1.wms.authority.AuthorityService;
+import lombok.Getter;
+import org.aspectj.lang.JoinPoint;
+import org.aspectj.lang.ProceedingJoinPoint;
+import org.aspectj.lang.annotation.Around;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.annotation.Before;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+import org.springframework.web.context.request.ServletWebRequest;
+import org.springframework.web.servlet.ModelAndView;
+import org.springframework.web.servlet.ModelAndViewDefiningException;
+import org.springframework.web.servlet.view.RedirectView;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import java.util.HashMap;
+import java.util.Objects;
+
+@Aspect
+@Component
+public class AuthAspect {
+
+
+
+    @Around("execution(* com.no1.wms.*.*Controller.*(..))")
+    public Object before(ProceedingJoinPoint joinPoint) throws Throwable {
+        ServletRequestAttributes sa = (ServletRequestAttributes)RequestContextHolder.currentRequestAttributes();
+        HttpServletRequest request = sa.getRequest();
+        HttpServletResponse response = sa.getResponse();
+        HttpSession session = request.getSession();
+        HashMap<String, AuthData> auth = (HashMap<String, AuthData>) session.getAttribute("authSession");
+        if(auth == null){
+            auth = test(request);
+        }
+        String targetController = joinPoint.getTarget().toString().toLowerCase();
+        String[] list = targetController.split("\\.");
+
+        String packageName = list[3];
+        if(packageName.equals("login")) {
+            return joinPoint.proceed();
+        }
+
+
+
+        if(session.getAttribute("userData") == null){
+            response.sendRedirect("/login");
+            return joinPoint.proceed();
+        }
+
+
+
+        AuthData authData = auth.get(packageName);
+        if(packageName.equals("base")){
+            return joinPoint.proceed();
+        }else if( authData != null ){
+            String methodName = joinPoint.getSignature().getName().toLowerCase();
+            if((methodName.startsWith("list") || methodName.startsWith("read")) && !authData.read){
+                throw new Exception();
+            }else if(methodName.startsWith("create") && !authData.create){
+                throw new Exception();
+            }else if(methodName.startsWith("update") && !authData.update){
+                throw new Exception();
+            }else if(methodName.startsWith("delete") && !authData.delete){
+                throw new Exception();
+            }
+
+        }else{
+            throw new Exception();
+        }
+
+        return joinPoint.proceed();
+    }
+    @Autowired
+    AccountService accountService;
+    @Autowired
+    AuthorityService authorityService;
+
+    private HashMap<String, AuthData> test(HttpServletRequest request){
+        AccountDto data = new AccountDto();
+        AuthorityDto authDto = new AuthorityDto();
+        data.setPassword("11232");
+        data.setEmployeeNumber("11232");
+        HttpSession session = request.getSession();
+
+        AccountDto dto = accountService.selectByLogin(data);
+        if(dto.getPassword().equals(data.getPassword())){
+            authDto.setId(dto.getPersonalAuthorityId());
+            authDto = authorityService.selectById(authDto);
+            session.setAttribute("userData", dto);
+            HashMap<String, AuthData> auth = new HashMap<>();
+            auth.put("account", getAuthArrayFromInt(authDto.getAccount()));
+            auth.put("authority", getAuthArrayFromInt(authDto.getAuthority()));
+            auth.put("category",getAuthArrayFromInt(authDto.getProductCategory()));
+            auth.put("product",getAuthArrayFromInt(authDto.getProduct()));
+            auth.put("price",getAuthArrayFromInt(authDto.getPrices())); //prices
+            auth.put("vendor",getAuthArrayFromInt(authDto.getVendor()));
+            auth.put("warehouse",getAuthArrayFromInt(authDto.getWarehouse()));
+            auth.put("stock",getAuthArrayFromInt(authDto.getStock()));
+            auth.put("in",getAuthArrayFromInt(authDto.getProductIn())); //prodcut_in
+            auth.put("out",getAuthArrayFromInt(authDto.getProductOut())); //product_out
+            auth.put("board",getAuthArrayFromInt(authDto.getBoard()));
+            session.setAttribute("authSession", auth);
+            return auth;
+        }
+        return null;
+    }
+    private AuthData getAuthArrayFromInt(int value){
+        AuthData data = new AuthData();
+        if( (value & 1) > 0){
+            data.setDelete(true);
+        }
+        if( (value & 2) > 0){
+            data.setUpdate(true);
+        }
+        if( (value & 4) > 0){
+            data.setCreate(true);
+        }
+        if( (value & 8) > 0){
+            data.setRead(true);
+        }
+
+        return data;
+    }
+}
--- a/src/main/java/com/no1/wms/base/AuthData.java
+++ b/src/main/java/com/no1/wms/base/AuthData.java
@@ -0,0 +1,12 @@
+package com.no1.wms.base;
+
+import lombok.Data;
+
+@Data
+public class AuthData {
+
+    boolean read = false;
+    boolean create = false;
+    boolean update = false;
+    boolean delete = false;
+}
--- a/src/main/java/com/no1/wms/base/BaseController.java
+++ b/src/main/java/com/no1/wms/base/BaseController.java
@@ -1,12 +1,30 @@
 package com.no1.wms.base;

+import com.no1.wms.account.AccountDto;
+import com.no1.wms.account.AccountService;
+import com.no1.wms.authority.AuthorityDto;
+import com.no1.wms.authority.AuthorityService;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.servlet.ModelAndView;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
+import java.util.HashMap;

@Controller
 public class BaseController {
+
    @GetMapping("/")
-    public String base(){
-        return "base/hello";
+    public ModelAndView base(HttpServletRequest request, ModelAndView mav){
+
+        mav.addObject("userData", request.getSession().getAttribute("userData"));
+
+        mav.setViewName("base/hello");
+
+        return mav;
    }
+
+
 }
--- a/src/main/java/com/no1/wms/base/WebConfig.java
+++ b/src/main/java/com/no1/wms/base/WebConfig.java
@@ -4,12 +4,14 @@ package com.no1.wms.base;
 import org.mybatis.spring.annotation.MapperScan;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.EnableAspectJAutoProxy;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 import org.springframework.web.servlet.view.tiles3.TilesConfigurer;
 import org.springframework.web.servlet.view.tiles3.TilesView;
 import org.springframework.web.servlet.view.tiles3.TilesViewResolver;

@Configuration
+@EnableAspectJAutoProxy
 public class WebConfig implements WebMvcConfigurer {

    @Bean
--- a/src/main/java/com/no1/wms/login/LoginController.java
+++ b/src/main/java/com/no1/wms/login/LoginController.java
@@ -1,15 +1,86 @@
 package com.no1.wms.login;

+import com.google.gson.Gson;
+import com.no1.wms.account.AccountDto;
+import com.no1.wms.account.AccountService;
+import com.no1.wms.authority.AuthorityDto;
+import com.no1.wms.authority.AuthorityService;
+import com.no1.wms.base.AuthData;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpRequest;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.ResponseBody;
 import org.springframework.web.servlet.ModelAndView;

+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
+import java.util.HashMap;
+
@Controller
 public class LoginController {
+
+    @Autowired
+    AccountService accountService;
+
+    @Autowired
+    AuthorityService authorityService;
+
    @GetMapping("/login")
-    public ModelAndView login(ModelAndView mav){
-        mav.setViewName("login");
-        return mav;
+    public String loginPage(){
+        return "login";
+    }
+
+
+
+
+    @PostMapping("/login/check_password")
+    @ResponseBody
+    public String login(AccountDto data, AuthorityDto authDto, Gson gson,  HttpServletRequest request){
+        HttpSession session = request.getSession();
+
+        AccountDto dto = accountService.selectByLogin(data);
+        if(dto.getPassword().equals(data.getPassword())){
+            authDto.setId(dto.getPersonalAuthorityId());
+            authDto = authorityService.selectById(authDto);
+            session.setAttribute("userData", dto);
+            HashMap<String, AuthData> auth = new HashMap<>();
+            auth.put("account", getAuthArrayFromInt(authDto.getAccount()));
+            auth.put("authority", getAuthArrayFromInt(authDto.getAuthority()));
+            auth.put("category",getAuthArrayFromInt(authDto.getProductCategory()));
+            auth.put("product",getAuthArrayFromInt(authDto.getProduct()));
+            auth.put("price",getAuthArrayFromInt(authDto.getPrices())); //prices
+            auth.put("vendor",getAuthArrayFromInt(authDto.getVendor()));
+            auth.put("warehouse",getAuthArrayFromInt(authDto.getWarehouse()));
+            auth.put("stock",getAuthArrayFromInt(authDto.getStock()));
+            auth.put("in",getAuthArrayFromInt(authDto.getProductIn())); //prodcut_in
+            auth.put("out",getAuthArrayFromInt(authDto.getProductOut())); //product_out
+            auth.put("board",getAuthArrayFromInt(authDto.getBoard()));
+            session.setAttribute("authSession", auth);
+            return gson.toJson("s");
+        }
+
+        return gson.toJson("f");
+    }
+
+    private AuthData getAuthArrayFromInt(int value){
+        AuthData data = new AuthData();
+        if( (value & 1) > 0){
+            data.setDelete(true);
+        }
+        if( (value & 2) > 0){
+            data.setUpdate(true);
+        }
+        if( (value & 4) > 0){
+            data.setCreate(true);
+        }
+        if( (value & 8) > 0){
+            data.setRead(true);
+        }
+
+        return data;
    }

 }
--- a/src/main/resources/mappers/AccountMapper.xml
+++ b/src/main/resources/mappers/AccountMapper.xml
@@ -48,6 +48,13 @@
        and dept.id = acc.department_id and acc.position_id = pos.id
        where acc.id = #{id}
    </select>
+    <select id="selectByLogin" resultMap="accountResultMap" parameterType="accountDto">
+        SELECT
+            id, name, activation, password,
+            personal_authority_id , group_authority_id
+        from account
+        where employee_number = #{employeeNumber} and password = #{password}
+    </select>

    <select id="selectAll" resultMap="accountResultMap" parameterType="map">
        SELECT
@@ -124,4 +131,7 @@
             activation = #{activation}
        WHERE id = #{id}
    </update>
+    <update id="delete" parameterType="accountDto">
+        update account SET activation = false WHERE id = #{id}
+    </update>
 </mapper>
--- a/src/main/resources/static/css/base.css
+++ b/src/main/resources/static/css/base.css
@@ -1,6 +1,10 @@
 .navi-bg {
-    background-color : antiquewhite;
+    background-color : #222831;
 }
+.nav-item a{
+    color : #EEEEEE;
+}
+
 .img-user{
    width : 100%;
 }
--- a/src/main/webapp/WEB-INF/views/account/list.jsp
+++ b/src/main/webapp/WEB-INF/views/account/list.jsp
@@ -27,9 +27,6 @@
        $(".group_tr").on("click", function(event){
            read($(event.currentTarget).data("tid"));
        });
-
-
-
    });

    function onSearch(isPersonalSearch){
@@ -59,7 +56,7 @@
    <div class="row">
        <div class="col-12">
            <div class="mt-5 mb-5 text-center">
-                <h1>그룹 권한 관리</h1><form method="post" action="/account/create"><button class="btn btn-primary" type="submit" id="btn_create">생성</button></form>
+                <h1>계정 관리</h1><form method="post" action="/account/create"><button class="btn btn-primary" type="submit" id="btn_create">생성</button></form>
            </div>
            <div>
                <hr>
@@ -77,7 +74,7 @@
                            </thead>
                            <tbody>
                                <c:forEach items="${list }" var="dto" varStatus="status">
-                                <tr class="group_tr" data-tid="${dto.id}">
+                                <tr class="group_tr" data-mingu = "111" data-tid="${dto.id}">
                                    <td>${dto.employeeNumber}</td>
                                    <td>${dto.name}</td>
                                    <td>
--- a/src/main/webapp/WEB-INF/views/account/read.jsp
+++ b/src/main/webapp/WEB-INF/views/account/read.jsp
@@ -11,6 +11,7 @@
      alert("재정의 됨");
    }
    */
+
    const tid = '${dto.id}';
    $(function(){

@@ -26,6 +27,35 @@
        $(".c_body").after($form);
        $form.submit();
    }
+    function goDelete(){
+        yesNoModalTextDefine("계정 삭제", "해당 계정을 더이상 사용 안하시겠습니까?");
+        $("#yesNoModalLabel").text(yesNoModal.title);
+        $("#yesNoModalBodyTextDiv").text(yesNoModal.body);
+        yesNoModal.yesFunction = deleteProcess;
+        yesNoModalBootStrap.show();
+
+
+    }
+
+    function deleteProcess(){
+        const data = {};
+        data.id = tid;
+
+        $.ajax({
+            type: 'post',           // 타입 (get, post, put 등등)
+            url: '/account/delete_process',           // 요청할 서버url
+            dataType: 'json',       // 데이터 타입 (html, xml, json, text 등등)
+            data: data,
+            success: function (result) { // 결과 성공 콜백함수
+                const $form =$("<form method='get' action='/account/list'></form>");
+                $(".c_body").after($form);
+                $form.submit();
+            },
+            error: function (request, status, error) {
+                alert(error)
+            }
+        });
+    }
    function resetPassword(){
        const data = {};
        data.id = tid;
@@ -93,6 +123,7 @@
            <button class="btn btn-primary" id="password_reset_button" onclick="resetPassword()">비밀번호 리셋</button>
            <button class="btn btn-primary" id="btn_edit" onclick="goUpdate()">수정</button>
            <button class="btn btn-danger" id="btn_exit" onclick="goList()">뒤로</button>
+            <button class="btn btn-danger" id="btn_delete" onclick="goDelete()">삭제</button>
        </div>
    </div>
 </div>
--- a/src/main/webapp/WEB-INF/views/base/layout.jsp
+++ b/src/main/webapp/WEB-INF/views/base/layout.jsp
@@ -24,6 +24,8 @@
 <!-- 스크립트 부분 안건들여도됨-->
 <script>
    let searchModalBootStrap;
+    let yesNoModalBootStrap;
+    let featherLoad = false;
    $(function(){
        //네비게이션 관련
        const $listNavLink = $("a.nav-link");
@@ -36,7 +38,7 @@
        //네비게이션 관련 끝

        //yes no 모달 관련
-        const yesNoModalBootStrap = new bootstrap.Modal("#yes_no_modal");
+        yesNoModalBootStrap = new bootstrap.Modal("#yes_no_modal");
        $("#yes_no_modal_show_button").on("click", function(){
            $("#yesNoModalLabel").text(yesNoModal.title);
            $("#yesNoModalBodyTextDiv").text(yesNoModal.body);
@@ -82,7 +84,10 @@


        //네비게이션 쪽 아이콘만들어 주는 함수
-        feather.replace();
+        if(!featherLoad) {
+            featherLoad = true;
+            feather.replace();
+        }
    });
    /*
       * 검색 팝업 모달 닫는 함수
--- a/src/main/webapp/WEB-INF/views/base/navigation.jsp
+++ b/src/main/webapp/WEB-INF/views/base/navigation.jsp
@@ -1,4 +1,5 @@
 <%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
 <!-- 네비게이션 쪽 -->
 <div class="col-auto col-md-2 col-xl-2 px-sm-2 px-0 navi-bg">
    <div class="d-flex flex-column align-items-center align-items-sm-start px-3 pt-2 min-vh-100">
@@ -9,76 +10,102 @@
                    <div class="text-center">
                        <img  class="img-user" src="https://academy.ilwoo.org/data/file/reference/3531300541_J1gHPmC6_479f762b4825515abc781b3a616929d8949ea2c5.jpg" alt="유저 이미지">
                        <br>
-                        <p class="user-name">김이박 사원</p>
+                        <p class="user-name">${userData.name}</p>
                    </div>
                </a>
            </li>
            <hr class="my-3">
+            <c:if test="${authSession.account.read}">
            <li class="nav-item">
                <a class="nav-link d-flex align-items-center gap-2" href="/account/list">
                    <i data-feather="users"></i>계정
                </a>
            </li>
+            </c:if>
+            <c:if test="${authSession.account.read}">
            <li class="nav-item">
                <a class="nav-link d-flex align-items-center gap-2" href="/password_reset">
                    <i data-feather="key"></i>비밀번호 초기화
                </a>
            </li>
+            </c:if>
+            <c:if test="${authSession.authority.read}">
            <li class="nav-item">
                <a class="nav-link d-flex align-items-center gap-2 active" aria-current="page" href="/authority/list">
                    <i data-feather="user"></i>권한
                </a>
            </li>
+            </c:if>
+            <c:if test="${authSession.category.read}">
            <li class="nav-item">
                <a class="nav-link d-flex align-items-center gap-2" href="/category/list">
                    <i data-feather="user"></i>제품 카테고리
                </a>
            </li>
+            </c:if>
+            <c:if test="${authSession.product.read}">
            <li class="nav-item">
                <a class="nav-link d-flex align-items-center gap-2" href="/product/list">
                    <i data-feather="box"></i>제품
                </a>
            </li>
+            </c:if>
+            <c:if test="${authSession.price.read}">
            <li class="nav-item">
                <a class="nav-link d-flex align-items-center gap-2" href="/price/list">
                    <i data-feather="dollar-sign"></i>제품 가격
                </a>
            </li>
+            </c:if>
+            <c:if test="${authSession.vendor.read}">
            <li class="nav-item">
                <a class="nav-link d-flex align-items-center gap-2" href="/vender/list">
                    <i data-feather="compass"></i>거래처
                </a>
            </li>
+            </c:if>
+            <c:if test="${authSession.warehouse.read}">
            <li class="nav-item">
                <a class="nav-link d-flex align-items-center gap-2" href="/warehouse/list">
                    <i data-feather="inbox"></i>창고
                </a>
            </li>
+            </c:if>
+            <c:if test="${authSession.product.read}">
            <li class="nav-item">
                <a class="nav-link d-flex align-items-center gap-2" href="/stock/list">
                    <i data-feather="archive"></i>재고
                </a>
            </li>
+            </c:if>
+            <c:if test="${authSession.account.read}">
            <li class="nav-item">
                <a class="nav-link d-flex align-items-center gap-2" href="/plan_in/list">
                    <i data-feather="user"></i>입고 예정
                </a>
            </li>
+            </c:if>
+            <c:if test="${authSession.in.read}">
            <li class="nav-item">
                <a class="nav-link d-flex align-items-center gap-2" href="/in/list">
                    <i data-feather="check"></i>입고
                </a>
            </li>
+            </c:if>
+            <c:if test="${authSession.out.read}">
            <li class="nav-item">
                <a class="nav-link d-flex align-items-center gap-2" href="/out/list">
                    <i data-feather="truck"></i>출고
                </a>
            </li>
+            </c:if>
+            <c:if test="${authSession.board.read}">
            <li class="nav-item">
                <a class="nav-link d-flex align-items-center gap-2" href="/board/list">
                    <i data-feather="list"></i>게시판
                </a>
            </li>
+            </c:if>
        </ul>

        <hr class="my-3">
--- a/src/main/webapp/WEB-INF/views/modal/login.jsp
+++ b/src/main/webapp/WEB-INF/views/modal/login.jsp
@@ -0,0 +1,77 @@
+<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
+<%@taglib prefix="tiles" uri="http://tiles.apache.org/tags-tiles"%>
+<!DOCTYPE html>
+<html lang="ko">
+<head>
+
+    <meta charset="UTF-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js"></script>
+    <script src="https://unpkg.com/feather-icons"></script>
+    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-T3c6CoIi6uLrA9TneNEoa7RxnatzjcDSCmG1MXxSR1GAsXEV/Dwwykc2MPK8M2HN" crossorigin="anonymous">
+    <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js" integrity="sha384-C6RzsynM9kWDrMNeT87bh95OGNyZPhcTNXj1NW7RuBCsyN/o0jlpcV8Qyq46cDfL" crossorigin="anonymous"></script>
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+    <title>No1 WMS</title>
+    <style>
+        .form-signin {
+            width: 100%;
+            max-width: 330px;
+            padding: 15px;
+            margin: auto;
+        }
+        body{
+            display: flex;
+            align-items: center;
+            padding-top: 40px;
+            padding-bottom: 40px;
+            background-color: #f5f5f5;
+        }
+
+
+    </style>
+
+</head>
+<body class="text-center">
+<script>
+    function onLogin(){
+        const data={};
+        data.employeeNumber=$("#employ_number").val();
+        data.password=$("#password").val();
+        $.ajax({
+            type: 'post',           // 타입 (get, post, put 등등)
+            url: '/login/check_password',           // 요청할 서버url
+            dataType: 'json',       // 데이터 타입 (html, xml, json, text 등등)
+            data: data,
+            success: function (result) { // 결과 성공 콜백함수
+                window.location.href = "/";
+            },
+            error: function (request, status, error) {
+                alert(error);
+            }
+        });
+    }
+</script>
+<main class="form-signin">
+        <img class="mb-4" src="/docs/5.0/assets/brand/bootstrap-logo.svg" alt="" width="72" height="57">
+        <h1 class="h3 mb-3 fw-normal">Please sign in</h1>
+
+        <div class="form-floating">
+            <input type="text" class="form-control" id="employ_number" name="employeeNumber" placeholder="사번">
+            <label for="employ_number">사번</label>
+        </div>
+        <div class="form-floating">
+            <input type="password" name="password" class="form-control" id="password" placeholder="비밀번호">
+            <label for="password">비밀번호</label>
+        </div>
+
+        <div class="checkbox mb-3">
+            <label>
+                <a href="/">비밀번호를 잊으셨나요?</a>
+            </label>
+        </div>
+        <button class="w-100 btn btn-lg btn-primary" type="button" onclick="onLogin()">로그인</button>
+        <p class="mt-5 mb-3 text-muted">© 2023–2024</p>
+</main>
+
+</body>
+</html>