tolag3/mjon_api
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/master'

Browse Source 
# Conflicts:
#	src/main/java/com/itn/mjonApi/cmn/config/WebConfig.java
#	src/main/java/com/itn/mjonApi/cmn/interceptor/CertifInterceptor.java
This commit is contained in:
hylee 2023-05-15 09:33:56 +09:00
commit deef4ca1ad
5 changed files with 87 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/main/java/com/itn/mjonApi/cmn/config/WebConfig.java
View File

@ -22,17 +22,17 @@ import com.itn.mjonApi.cmn.interceptor.CertifInterceptor;
@Configuration @Configuration
public class WebConfig implements WebMvcConfigurer { public class WebConfig implements WebMvcConfigurer {
@Bean @Bean
public CertifInterceptor certificationInterceptor(){ public CertifInterceptor certifInterceptor(){
return new CertifInterceptor(); return new CertifInterceptor();
} }
@Override @Override
public void addInterceptors(InterceptorRegistry registry) { public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(certifInterceptor())
registry.addInterceptor(certificationInterceptor()) .addPathPatterns("/api/accessKey/**")
.addPathPatterns("/api/**"); //.addPathPatterns("/api/accessTest/**")
;
//.excludePathPatterns("/css/**", "/images/**", "/js/**"); //.excludePathPatterns("/css/**", "/images/**", "/js/**");
} }

3
src/main/java/com/itn/mjonApi/cmn/idgen/mapper/domain/AccessKeyVO.java
View File

@ -28,5 +28,8 @@ public class AccessKeyVO implements Serializable {
private String accessToken; //access_token 고유번호 private String accessToken; //access_token 고유번호
private String tokenObj; //access_token 고유번호 private String tokenObj; //access_token 고유번호
private String expirePnttm; //access_token 파기일시 private String expirePnttm; //access_token 파기일시
//for call_info
private String callInfo; //access_token 고유번호
} }

63
src/main/java/com/itn/mjonApi/cmn/interceptor/CertifInterceptor.java
View File

@ -8,6 +8,7 @@ import com.itn.mjonApi.cmn.idgen.service.IdgenService;
import com.itn.mjonApi.mjon.api.access.service.AccessKeyService; import com.itn.mjonApi.mjon.api.access.service.AccessKeyService;
import com.itn.mjonApi.mjon.log.service.LettnLoginLogService; import com.itn.mjonApi.mjon.log.service.LettnLoginLogService;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.web.context.request.RequestContextHolder; import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes; import org.springframework.web.context.request.ServletRequestAttributes;
import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.HandlerInterceptor;
@ -44,19 +45,10 @@ public class CertifInterceptor implements HandlerInterceptor{
@Override @Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
throws Exception { throws Exception {
//HttpSession session = request.getSession();
System.out.println("=====preHandle=4=apikey=="); // URL 접속정보
System.out.println("=====preHandle=4=apikey=="+request.getRequestURI()); String referer = request.getHeader("Referer");
//System.out.println("=====preHandle=5=apikey=refer="+referer);
System.out.println("=====preHandle=4=apikey=="+request.getRemoteAddr());
System.out.println("=====preHandle=4=apikey=="+request.getRemoteHost());
System.out.println("=====preHandle=4=apikey=="+request.getRemotePort());
System.out.println("=====preHandle=4=apikey=="+request.getRemoteUser());
System.out.println("=====preHandle=4=apikey=="+request.getRequestedSessionId());
System.out.println("=====preHandle=4=apikey==");
//step0-1.log 남기기 //step0-1.log 남기기
//step0-2.IP 체크 //step0-2.IP 체크
@ -79,13 +71,13 @@ public class CertifInterceptor implements HandlerInterceptor{
lettnLoginLogVO.setConectId(request.getParameter("mberId")); lettnLoginLogVO.setConectId(request.getParameter("mberId"));
//device type //device type
if(isMobile(request)){ if(_isMobile(request)){
lettnLoginLogVO.setDeviceType("M"); lettnLoginLogVO.setDeviceType("M");
}else{ }else{
lettnLoginLogVO.setDeviceType("P"); lettnLoginLogVO.setDeviceType("P");
} }
//program_nm //program_nm - API 고정
lettnLoginLogVO.setProgrmFileNm("API"); lettnLoginLogVO.setProgrmFileNm("API");
lettnLoginLogVO.setMenuNm("API"); lettnLoginLogVO.setMenuNm("API");
lettnLoginLogVO.setMenuNo("100"); lettnLoginLogVO.setMenuNo("100");
@ -106,18 +98,19 @@ public class CertifInterceptor implements HandlerInterceptor{
lettnLoginLogVO = lettnLoginLogService.selectIgnoreIpCnt(lettnLoginLogVO); lettnLoginLogVO = lettnLoginLogService.selectIgnoreIpCnt(lettnLoginLogVO);
int i_ignoreCnt = lettnLoginLogVO.getCnt(); int i_ignoreCnt = lettnLoginLogVO.getCnt();
//IP 접근 제어
if (i_ignoreCnt>0) { if (i_ignoreCnt>0) {
//제한 아이피인 경우는 화면 안나옴 처리 //제한 아이피인 경우는 화면 안나옴 처리
response.setContentType("application/json"); this._jsonResult(response, HttpStatus.FORBIDDEN);
response.setCharacterEncoding("UTF-8"); return false;
response.getWriter().write("{\"resultCode\":\"403\",\"message\":\"Forbidden\"}"); }
return false;
}
}catch(Exception ex) { }catch(Exception ex) {
ex.printStackTrace(); ex.printStackTrace();
//내부 오류
this._jsonResult(response, HttpStatus.INTERNAL_SERVER_ERROR);
return false;
} }
} }
@ -128,27 +121,26 @@ public class CertifInterceptor implements HandlerInterceptor{
AccessKeyVO accessKeyVO = new AccessKeyVO(); AccessKeyVO accessKeyVO = new AccessKeyVO();
accessKeyVO.setAccessKey(request.getParameter("accessKey")); accessKeyVO.setAccessKey(request.getParameter("accessKey"));
accessKeyVO.setMberId(request.getParameter("mberId")); accessKeyVO.setMberId(request.getParameter("mberId"));
accessKeyVO.setCallInfo(referer);
accessKeyVO = accessKeyService.selectRKey(accessKeyVO); accessKeyVO = accessKeyService.selectRKey(accessKeyVO);
//인증 실패
if (accessKeyVO ==null) { if (accessKeyVO ==null) {
response.setContentType("application/json");
response.setCharacterEncoding("UTF-8");
response.getWriter().write("{\"resultCode\":\"401\",\"message\":\"Unauthorized\"}");
this._jsonResult(response, HttpStatus.UNAUTHORIZED);
return false; return false;
} }
}catch(Exception ex) { }catch(Exception ex) {
ex.printStackTrace(); ex.printStackTrace();
response.setContentType("application/json"); //내부 오류
response.setCharacterEncoding("UTF-8"); this._jsonResult(response, HttpStatus.INTERNAL_SERVER_ERROR);
response.getWriter().write("{\"resultCode\":\"401\",\"message\":\"Unauthorized\"}");
return false; return false;
} }
} }
return true; return true;
} }
@ -170,8 +162,10 @@ public class CertifInterceptor implements HandlerInterceptor{
} }
///////////////////////////////////////////////////////////////////////////////////////////////////
/*모바일접속 유무*/ /*모바일접속 유무*/
private boolean isMobile(HttpServletRequest request) { ///////////////////////////////////////////////////////////////////////////////////////////////////
private boolean _isMobile(HttpServletRequest request) throws Exception{
String userAgent = request.getHeader("user-agent"); String userAgent = request.getHeader("user-agent");
boolean mobile1 = userAgent.matches(".*(iPhone|iPod|Android|Windows CE|BlackBerry|Symbian|Windows Phone|webOS|Opera Mini|Opera Mobi|POLARIS|IEMobile|lgtelecom|nokia|SonyEricsson).*"); boolean mobile1 = userAgent.matches(".*(iPhone|iPod|Android|Windows CE|BlackBerry|Symbian|Windows Phone|webOS|Opera Mini|Opera Mobi|POLARIS|IEMobile|lgtelecom|nokia|SonyEricsson).*");
boolean mobile2 = userAgent.matches(".*(LG|SAMSUNG|Samsung).*"); boolean mobile2 = userAgent.matches(".*(LG|SAMSUNG|Samsung).*");
@ -180,5 +174,16 @@ public class CertifInterceptor implements HandlerInterceptor{
} }
return false; return false;
} }
private void _jsonResult(
HttpServletResponse p_response
, HttpStatus p_HttpStatus
) throws Exception{
p_response.setContentType("application/json");
p_response.setCharacterEncoding("UTF-8");
p_response.getWriter().write("{\"resultCode\":\""+p_HttpStatus.value()+"\",\"message\":\""+p_HttpStatus.getReasonPhrase()+"\"}");
//return "{\"resultCode\":\""+p_HttpStatus.value()+"\",\"message\":\""+p_HttpStatus.getReasonPhrase()+"\"}";
}
} }

49
src/main/java/com/itn/mjonApi/mjon/api/access/web/AccessKeyRestController.java
View File

@ -1,19 +1,23 @@
package com.itn.mjonApi.mjon.api.access.web; package com.itn.mjonApi.mjon.api.access.web;
import java.time.LocalDateTime;
import org.json.simple.JSONObject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.CrossOrigin;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;
import com.itn.mjonApi.cmn.idgen.mapper.domain.SendMsgVO; import com.itn.mjonApi.cmn.idgen.mapper.domain.SendMsgVO;
import com.itn.mjonApi.cmn.msg.PlainResponse; import com.itn.mjonApi.cmn.msg.PlainResponse;
import com.itn.mjonApi.cmn.msg.RestResponse; import com.itn.mjonApi.cmn.msg.RestResponse;
import com.itn.mjonApi.mjon.api.access.service.AccessKeyService; import com.itn.mjonApi.mjon.api.access.service.AccessKeyService;
import com.itn.mjonApi.mjon.api.access.service.AccessTokenService; import com.itn.mjonApi.mjon.api.access.service.AccessTokenService;
import org.json.simple.JSONObject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RestController;
import java.time.LocalDateTime;
/** /**
* @author User * @author User
@ -30,6 +34,28 @@ public class AccessKeyRestController {
@Autowired @Autowired
private AccessTokenService accessTokenService; private AccessTokenService accessTokenService;
//
/**
* api test for get
* @return
*
*/
@CrossOrigin("*") // 모든 요청에 접근 허용
@RequestMapping(value="/api/accessTest/Test", method= {RequestMethod.GET, RequestMethod.POST})
public ResponseEntity<RestResponse> apiAccessTestTestGet(
SendMsgVO sendMsgVO
){
return ResponseEntity.ok(
new RestResponse(
HttpStatus.OK
, HttpStatus.OK.getReasonPhrase()
, LocalDateTime.now()
)
);
}
// //
/** /**
* @param p_name_1 * @param p_name_1
@ -45,7 +71,10 @@ public class AccessKeyRestController {
* 2.plain text * 2.plain text
* *
*/ */
@GetMapping("/api/accessKey/SendMsg")
@CrossOrigin("*") // 모든 요청에 접근 허용
//@GetMapping("/api/accessKey/SendMsg")
@RequestMapping(value="/api/accessKey/SendMsg", method= {RequestMethod.GET, RequestMethod.POST})
public ResponseEntity<RestResponse> apiaccessKeysendMsg( public ResponseEntity<RestResponse> apiaccessKeysendMsg(
SendMsgVO sendMsgVO SendMsgVO sendMsgVO
){ ){

8
src/main/resources/mapper/api/AccessKeyMapper.xml
View File

@ -89,10 +89,14 @@
<include refid="select_column_name"/> <include refid="select_column_name"/>
FROM FROM
<include refid="table_name"/> a <include refid="table_name"/> a
, lettngnrlmber_access_call_info b
WHERE WHERE
1=1 1=1
AND a.ACCESS_KEY = #{accessKey} AND a.ACCESS_KEY = #{accessKey}
AND a.MBER_ID = #{mberId} AND a.MBER_ID = #{mberId}
AND a.ACCESS_no = b.ACCESS_NO
AND b.CALL_INFO LIKE CONCAT(#{callInfo}, '%')
</select> </select>