From 5a92ff7a75f433e913d2503538593050c6aa0206 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?dhji=28=EC=A7=80=EB=8C=80=ED=95=9C=29?= Date: Wed, 15 Nov 2023 10:11:06 +0900 Subject: [PATCH] =?UTF-8?q?=EA=B8=B0=EC=A1=B4=20=EC=96=B4=EB=93=9C?= =?UTF-8?q?=EB=AF=BC=20=EA=B6=8C=ED=95=9C=EC=97=90=20=ED=95=B4=EB=8B=B9=20?= =?UTF-8?q?=EB=8B=B4=EB=8B=B9=EA=B4=80=ED=95=A0=20=EC=BD=94=EB=93=9C?= =?UTF-8?q?=EA=B0=80=20=EC=9E=88=EC=9D=84=20=EA=B2=BD=EC=9A=B0=20token=20?= =?UTF-8?q?=EC=97=90=20=EC=A3=BC=EC=9E=85?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../cstmr/controller/AcntCstmrController.java | 2 - .../acnt/cstmr/model/AnctCstmerRlModel.java | 2 + .../biz/api/acnt/jwt/model/JwtUserModel.java | 163 +++++++++--------- .../biz/api/acnt/jwt/utils/JwtTokenUtil.java | 14 ++ .../elev/controller/ComnElevController.java | 3 - .../palnet/biz/jpa/entity/PtyCstmrBas.java | 5 +- .../pty/PtyCstmrQueryRepository.java | 4 +- 7 files changed, 105 insertions(+), 88 deletions(-) diff --git a/pav-server/src/main/java/com/palnet/biz/api/acnt/cstmr/controller/AcntCstmrController.java b/pav-server/src/main/java/com/palnet/biz/api/acnt/cstmr/controller/AcntCstmrController.java index e06419d6..d75a6529 100644 --- a/pav-server/src/main/java/com/palnet/biz/api/acnt/cstmr/controller/AcntCstmrController.java +++ b/pav-server/src/main/java/com/palnet/biz/api/acnt/cstmr/controller/AcntCstmrController.java @@ -13,7 +13,6 @@ import io.swagger.annotations.ApiOperation; import io.swagger.v3.oas.annotations.tags.Tag; import lombok.RequiredArgsConstructor; import lombok.extern.log4j.Log4j2; -import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpStatus; import org.springframework.http.MediaType; import org.springframework.http.ResponseEntity; @@ -31,7 +30,6 @@ import java.util.Map; @Tag(name = "회원관리", description = "회원 관련 API") public class AcntCstmrController { - @Autowired private final AcntCstmrService service; @PostMapping(value = "/register") diff --git a/pav-server/src/main/java/com/palnet/biz/api/acnt/cstmr/model/AnctCstmerRlModel.java b/pav-server/src/main/java/com/palnet/biz/api/acnt/cstmr/model/AnctCstmerRlModel.java index 77dc62f3..89f36506 100644 --- a/pav-server/src/main/java/com/palnet/biz/api/acnt/cstmr/model/AnctCstmerRlModel.java +++ b/pav-server/src/main/java/com/palnet/biz/api/acnt/cstmr/model/AnctCstmerRlModel.java @@ -27,5 +27,7 @@ public class AnctCstmerRlModel { private Instant updateDt; private String updateuserId; + + private String cptAuthCode; } diff --git a/pav-server/src/main/java/com/palnet/biz/api/acnt/jwt/model/JwtUserModel.java b/pav-server/src/main/java/com/palnet/biz/api/acnt/jwt/model/JwtUserModel.java index 03ca37fa..dd04a14f 100644 --- a/pav-server/src/main/java/com/palnet/biz/api/acnt/jwt/model/JwtUserModel.java +++ b/pav-server/src/main/java/com/palnet/biz/api/acnt/jwt/model/JwtUserModel.java @@ -16,85 +16,88 @@ import java.util.*; @AllArgsConstructor public class JwtUserModel implements UserDetails { - @Id - @GeneratedValue(strategy= GenerationType.IDENTITY) - @Column(name = "CSTMR_SNO", unique = true) - private Integer cstmrSno; - - @Column(name = "USER_ID", unique = true) - private String userId; - - @Column(name = "USER_PSWD") - private String userPswd; - - @Column(name = "SITE_CODE") - private String siteCode; - - @Column(name = "AUTH_ID") - private String auth; - - @Column(name = "CSTMR_STATUS_CD") - private String cstmrStatusCd; - - @Transient - private String userNm; - @Transient - private List group; - - - // 사용자의 권한을 콜렉션 형태로 반환 - // 단, 클래스 자료형은 GrantedAuthority를 구현해야함 - @Override - public Collection getAuthorities() { - Set roles = new HashSet<>(); - for (String role : auth.split(",")) { - roles.add(new SimpleGrantedAuthority(role)); - } - return roles; - } - - // 사용자의 id를 반환 (unique한 값) - @Override - public String getUsername() { - return userId; - } - - // 사용자의 password를 반환 - @Override - public String getPassword() { - return userPswd; - } - - // 계정 만료 여부 반환 - @Override - public boolean isAccountNonExpired() { - // 만료되었는지 확인하는 로직 - return true; // true -> 만료되지 않았음 - } - - // 계정 잠금 여부 반환 - @Override - public boolean isAccountNonLocked() { - // 계정 잠금되었는지 확인하는 로직 - if(cstmrStatusCd.equals("A")) - return true; - else - return false; + @Id + @GeneratedValue(strategy = GenerationType.IDENTITY) + @Column(name = "CSTMR_SNO", unique = true) + private Integer cstmrSno; + + @Column(name = "USER_ID", unique = true) + private String userId; + + @Column(name = "USER_PSWD") + private String userPswd; + + @Column(name = "SITE_CODE") + private String siteCode; + + @Column(name = "AUTH_ID") + private String auth; + + @Column(name = "CSTMR_STATUS_CD") + private String cstmrStatusCd; + + @Column(name = "CPT_AUTH_CODE") + private String cptAuthCode; + + @Transient + private String userNm; + @Transient + private List group; + + + // 사용자의 권한을 콜렉션 형태로 반환 + // 단, 클래스 자료형은 GrantedAuthority를 구현해야함 + @Override + public Collection getAuthorities() { + Set roles = new HashSet<>(); + for (String role : auth.split(",")) { + roles.add(new SimpleGrantedAuthority(role)); + } + return roles; + } + + // 사용자의 id를 반환 (unique한 값) + @Override + public String getUsername() { + return userId; + } + + // 사용자의 password를 반환 + @Override + public String getPassword() { + return userPswd; + } + + // 계정 만료 여부 반환 + @Override + public boolean isAccountNonExpired() { + // 만료되었는지 확인하는 로직 + return true; // true -> 만료되지 않았음 + } + + // 계정 잠금 여부 반환 + @Override + public boolean isAccountNonLocked() { + // 계정 잠금되었는지 확인하는 로직 + if ("A".equals(cstmrStatusCd)) + return true; + else + return false; // return true; // true -> 잠금되지 않았음 - } - - // 패스워드의 만료 여부 반환 - @Override - public boolean isCredentialsNonExpired() { - // 패스워드가 만료되었는지 확인하는 로직 - return true; // true -> 만료되지 않았음 - } - - // 계정 사용 가능 여부 반환 - @Override - public boolean isEnabled() { - // 계정이 사용 가능한지 확인하는 로직 - return true; // true -> 사용 가능 - } - + } + + // 패스워드의 만료 여부 반환 + @Override + public boolean isCredentialsNonExpired() { + // 패스워드가 만료되었는지 확인하는 로직 + return true; // true -> 만료되지 않았음 + } + + // 계정 사용 가능 여부 반환 + @Override + public boolean isEnabled() { + // 계정이 사용 가능한지 확인하는 로직 + return true; // true -> 사용 가능 + } + } diff --git a/pav-server/src/main/java/com/palnet/biz/api/acnt/jwt/utils/JwtTokenUtil.java b/pav-server/src/main/java/com/palnet/biz/api/acnt/jwt/utils/JwtTokenUtil.java index ee450bd2..86e1ef84 100644 --- a/pav-server/src/main/java/com/palnet/biz/api/acnt/jwt/utils/JwtTokenUtil.java +++ b/pav-server/src/main/java/com/palnet/biz/api/acnt/jwt/utils/JwtTokenUtil.java @@ -73,6 +73,7 @@ public class JwtTokenUtil implements Serializable { claims.put("auth", userDetails.getAuth()); claims.put("group", userDetails.getGroup()); claims.put("userNm", userDetails.getUserNm()); + claims.put("cptAuthCode", userDetails.getCptAuthCode()); return doGenerateToken(claims, userDetails.getUsername()); } @@ -178,4 +179,17 @@ public class JwtTokenUtil implements Serializable { return payload.get("auth", String.class); } + + + public String getCptAuthCodeByToken() { + HttpServletRequest rq = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest(); + String token = rq.getHeader("Authorization"); + + if (token == null || "".equals(token)) return null; + + token = token.substring(JWT_PREFIX.length()).trim(); + Claims payload = getAllClaimsFromToken(token); + + return payload.get("cptAuthCode", String.class); + } } \ No newline at end of file diff --git a/pav-server/src/main/java/com/palnet/biz/api/comn/elev/controller/ComnElevController.java b/pav-server/src/main/java/com/palnet/biz/api/comn/elev/controller/ComnElevController.java index 4dd9f7a7..765c57df 100644 --- a/pav-server/src/main/java/com/palnet/biz/api/comn/elev/controller/ComnElevController.java +++ b/pav-server/src/main/java/com/palnet/biz/api/comn/elev/controller/ComnElevController.java @@ -8,13 +8,10 @@ import com.palnet.biz.api.comn.response.BasicResponse; import com.palnet.biz.api.comn.response.ErrorResponse; import com.palnet.biz.api.comn.response.SuccessResponse; import com.palnet.comn.exception.CustomException; -import io.swagger.annotations.ApiImplicitParam; -import io.swagger.annotations.ApiImplicitParams; import io.swagger.annotations.ApiOperation; import io.swagger.v3.oas.annotations.tags.Tag; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; -import org.springframework.data.domain.Page; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; import org.springframework.web.bind.annotation.PostMapping; diff --git a/pav-server/src/main/java/com/palnet/biz/jpa/entity/PtyCstmrBas.java b/pav-server/src/main/java/com/palnet/biz/jpa/entity/PtyCstmrBas.java index eb74031d..de62aa77 100644 --- a/pav-server/src/main/java/com/palnet/biz/jpa/entity/PtyCstmrBas.java +++ b/pav-server/src/main/java/com/palnet/biz/jpa/entity/PtyCstmrBas.java @@ -34,11 +34,12 @@ public class PtyCstmrBas implements Serializable { @Column(name="CSTMR_STATUS_CD") private String cstmrStatusCd; -// @Temporal(TemporalType.TIMESTAMP) @Column(name="CSTMR_STATUS_CNG_DT", columnDefinition = "TIMESTAMP") private Instant cstmrStatusCngDt; -// @Temporal(TemporalType.TIMESTAMP) + @Column(name="CPT_AUTH_CODE") + private String cptAuthCode; + @Column(name="JOIN_DT", columnDefinition = "TIMESTAMP") private Instant joinDt; diff --git a/pav-server/src/main/java/com/palnet/biz/jpa/repository/pty/PtyCstmrQueryRepository.java b/pav-server/src/main/java/com/palnet/biz/jpa/repository/pty/PtyCstmrQueryRepository.java index c3014cba..61d3b9ac 100644 --- a/pav-server/src/main/java/com/palnet/biz/jpa/repository/pty/PtyCstmrQueryRepository.java +++ b/pav-server/src/main/java/com/palnet/biz/jpa/repository/pty/PtyCstmrQueryRepository.java @@ -164,6 +164,7 @@ public class PtyCstmrQueryRepository { model.setUserId(entity.getUserId()); model.setCstmrSno(entity.getCstmrSno()); model.setCstmrStatusCd(entity.getCstmrStatusCd()); + model.setCptAuthCode(entity.getCptAuthCode()); model.setUserPswd(entity.getUserPswd()); if (pcgEntityList != null && !pcgEntityList.isEmpty()) { List groupModelList = new ArrayList<>(); @@ -277,7 +278,8 @@ public class PtyCstmrQueryRepository { dtl.email, dtl.hpno, dtl.updateDt, - bas.userId + bas.userId, + bas.cptAuthCode )) .from(bas) .leftJoin(dtl)