From b24e18b1a1a93610d48d08f92f9cde743e06a3e8 Mon Sep 17 00:00:00 2001 From: myname Date: Fri, 19 May 2023 13:50:20 +0900 Subject: [PATCH] =?UTF-8?q?2023-05-19=2013:50=20=EC=9D=B8=EC=A6=9D=20?= =?UTF-8?q?=EC=86=8C=EC=8A=A4=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../cmn/interceptor/CertifInterceptor.java | 202 ++++++++---------- 1 file changed, 84 insertions(+), 118 deletions(-) diff --git a/src/main/java/com/itn/mjonApi/cmn/interceptor/CertifInterceptor.java b/src/main/java/com/itn/mjonApi/cmn/interceptor/CertifInterceptor.java index 6a98604..bd753fb 100644 --- a/src/main/java/com/itn/mjonApi/cmn/interceptor/CertifInterceptor.java +++ b/src/main/java/com/itn/mjonApi/cmn/interceptor/CertifInterceptor.java @@ -55,7 +55,11 @@ public class CertifInterceptor implements HandlerInterceptor{ public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { - { + + String referer = ""; //URL referer 접속정보 + String serverIp = ""; //접속 server IP + + try{ String clientIp = null; boolean isIpInHeader = false; @@ -83,136 +87,98 @@ public class CertifInterceptor implements HandlerInterceptor{ clientIp = request.getRemoteAddr(); } - System.out.println(clientIp); - System.out.println(clientIp); - System.out.println(clientIp); + serverIp = clientIp; + + }catch(Exception ex) { + ex.printStackTrace(); + + //내부 오류 + this._jsonResult(response, HttpStatus.BAD_GATEWAY); //502 + return false; } - // URL 접속정보 - String referer = request.getHeader("Referer"); - //System.out.println("=====preHandle=5=apikey=refer="+referer); - String serverIp = request.getRemoteAddr(); - System.out.println("request.getRemoteAddr()"); - System.out.println(request.getRemoteAddr()); - System.out.println(request.getRemoteHost()); - System.out.println(request.getRemotePort()); - System.out.println(request.getRemoteUser()); - System.out.println("request.getRemoteAddr()"); //step0-1.log 남기기 //step0-2.IP 체크 - { - try{ - //step0-1.log 남기기 - - //ip - HttpServletRequest req = ((ServletRequestAttributes)RequestContextHolder.currentRequestAttributes()).getRequest(); - String ip = req.getHeader("X-FORWARDED-FOR"); - if (ip == null){ ip = req.getRemoteAddr();} + try{ + referer = request.getHeader("Referer"); + + // hylee Builder 패턴으로 변경 => 20230516 + LettnLoginLogVO lettnLoginLogVO = + new LettnLoginLogVO() + .builder() + .logId(idgenApiLogId.getNextStringId()) // idgen ID + .conectId(request.getParameter("mberId")) //사용자 ID + .userAt("U") //사용자 여부 + //.conectIp(ip) + .conectIp(serverIp) + .deviceType(_isMobile(request) ? "M" : "P") //device type + .progrmFileNm("API") //program_nm, menuNm, menuNo - API 값 고정 + .menuNm("API") + .menuNo("100") + .url(request.getRequestURI()) + .build(); - -// lettnLoginLogVO.setConectIp(ip); - - //사용자 여부 -// lettnLoginLogVO.setUserAt("U"); - - //사용자 ID -// lettnLoginLogVO.setConectId(request.getParameter("mberId")); - - //device type -// if(_isMobile(request)){ -// lettnLoginLogVO.setDeviceType("M"); -// }else{ -// lettnLoginLogVO.setDeviceType("P"); -// } - - -// lettnLoginLogVO.setProgrmFileNm("API"); -// lettnLoginLogVO.setMenuNm("API"); -// lettnLoginLogVO.setMenuNo("100"); - - //url -// lettnLoginLogVO.setUrl(request.getRequestURI()); - - // hylee Builder 패턴으로 변경 => 20230516 - LettnLoginLogVO lettnLoginLogVO = - new LettnLoginLogVO() - .builder() - .logId(idgenApiLogId.getNextStringId()) // idgen ID - .conectId(request.getParameter("mberId")) //사용자 ID - .userAt("U") //사용자 여부 - .conectIp(ip) - .deviceType(_isMobile(request) ? "M" : "P") //device type - .progrmFileNm("API") //program_nm, menuNm, menuNo - API 값 고정 - .menuNm("API") - .menuNo("100") - .url(request.getRequestURI()) - .build(); - - //IP 컬럼 길이를 늘려서 비교 조건 제거함 2023-04-05 - if (lettnLoginLogVO.getUrl().length()>200){ //길이문제로 오류가 발생하는 경우도 처리하도록 수정 - lettnLoginLogVO.setUrl(lettnLoginLogVO.getUrl().substring(0,199)); - } - - // logId :: idgen 사용으로 수정 => 2023-04-25 -// lettnLoginLogVO.setLogId(idgenApiLogId.getNextStringId()); - lettnLoginLogService.insert(lettnLoginLogVO); - - - //step0-2.IP 체크 - lettnLoginLogVO = lettnLoginLogService.selectIgnoreIpCnt(lettnLoginLogVO); - int i_ignoreCnt = lettnLoginLogVO.getCnt(); - - //IP 접근 제어 - if (i_ignoreCnt>0) { - //제한 아이피인 경우는 화면 안나옴 처리 - this._jsonResult(response, HttpStatus.FORBIDDEN); - return false; - } - - }catch(Exception ex) { - ex.printStackTrace(); - - //내부 오류 - this._jsonResult(response, HttpStatus.INTERNAL_SERVER_ERROR); - return false; + //IP 컬럼 길이를 늘려서 비교 조건 제거함 2023-04-05 + if (lettnLoginLogVO.getUrl().length()>200){ //길이문제로 오류가 발생하는 경우도 처리하도록 수정 + lettnLoginLogVO.setUrl(lettnLoginLogVO.getUrl().substring(0,199)); } - - } + + // logId :: idgen 사용으로 수정 => 2023-04-25 +// lettnLoginLogVO.setLogId(idgenApiLogId.getNextStringId()); + lettnLoginLogService.insert(lettnLoginLogVO); + + + //step0-2.IP 체크 + lettnLoginLogVO = lettnLoginLogService.selectIgnoreIpCnt(lettnLoginLogVO); + int i_ignoreCnt = lettnLoginLogVO.getCnt(); + + //IP 접근 제어 + if (i_ignoreCnt>0) { + //제한 아이피인 경우는 화면 안나옴 처리 + this._jsonResult(response, HttpStatus.FORBIDDEN); //403 + return false; + } + + }catch(Exception ex) { + ex.printStackTrace(); + + //내부 오류 + this._jsonResult(response, HttpStatus.NETWORK_AUTHENTICATION_REQUIRED); //511 + return false; + } //step1.키 검증 - accessKey & mberId 는 검증을 위한 필수값 - { - try{ -// AccessKeyVO accessKeyVO = new AccessKeyVO(); -// accessKeyVO.setAccessKey(request.getParameter("accessKey")); -// accessKeyVO.setMberId(request.getParameter("mberId")); -// accessKeyVO.setCallInfo(referer); + try{ + //referer 값이 없으면 serverIP 값으로 대체한다. + if ("".equals(referer) || referer==null) { + referer = serverIp; + } + + // hylee Builder 패턴으로 변경 => 20230516 + AccessKeyVO accessKeyVO = accessKeyService.selectRKey( + new AccessKeyVO().builder() + .accessKey(request.getParameter("accessKey")) + .mberId(request.getParameter("mberId")) + .callInfo(referer) + .build() + ); + + //인증 실패 + if (accessKeyVO ==null) { - // hylee Builder 패턴으로 변경 => 20230516 - AccessKeyVO accessKeyVO = accessKeyService.selectRKey( - new AccessKeyVO().builder() - .accessKey(request.getParameter("accessKey")) - .mberId(request.getParameter("mberId")) - .callInfo(referer) - .build() - ); - - //인증 실패 - if (accessKeyVO ==null) { - - this._jsonResult(response, HttpStatus.UNAUTHORIZED); - return false; - } - - }catch(Exception ex) { - ex.printStackTrace(); - - //내부 오류 - this._jsonResult(response, HttpStatus.INTERNAL_SERVER_ERROR); + this._jsonResult(response, HttpStatus.UNAUTHORIZED); //401 return false; } - } + + }catch(Exception ex) { + ex.printStackTrace(); + + //내부 오류 + this._jsonResult(response, HttpStatus.INTERNAL_SERVER_ERROR); //500 + return false; + } return true;