보안로그인 진행중

2024-11-21 17:51:37 +09:00 · 2024-11-21 17:51:37 +09:00 · 2f58db34b1
commit 2f58db34b1
parent 2e7852a002
10 changed files with 385 additions and 6 deletions
--- a/src/main/java/itn/let/cert/ip/service/CertLoginLogService.java
+++ b/src/main/java/itn/let/cert/ip/service/CertLoginLogService.java
@ -0,0 +1,14 @@
+package itn.let.cert.ip.service;
+
+import javax.servlet.http.HttpServletRequest;
+
+import egovframework.rte.fdl.cmmn.exception.FdlException;
+
+public interface CertLoginLogService {
+
+
+	public void insertCertLoginLog(MberCertLoginLogVO mberCertLoginLogVO, HttpServletRequest request) throws FdlException;
+
+	
+	
+}
--- a/src/main/java/itn/let/cert/ip/service/MberCertLoginLogVO.java
+++ b/src/main/java/itn/let/cert/ip/service/MberCertLoginLogVO.java
@ -0,0 +1,68 @@
+package itn.let.cert.ip.service;
+
+import itn.let.uss.umt.service.UserDefaultVO;
+/**
+ * 
+ * @author 		: 이호영
+ * @fileName 	: MberCertLoginLogVO.java 
+ * @date 		: 2024.11.21
+ * @description : 로그인 이력관리 92동안만 관리하고 삭제 
+ * =========================================================== 
+ * DATE          AUTHOR   NOTE 
+ * ----------------------------------------------------------- *
+ * 2024.11.21    이호영          최초 생성
+ * 
+ * 
+ * 
+ */
+public class MberCertLoginLogVO extends UserDefaultVO{
+
+	
+	/**
+	 * @description :
+	 */
+	private static final long serialVersionUID = 1L;
+	
+
+	private String certLoginId;
+	private String loginId;
+	private String loginIp;
+	private String loginDevice;
+	private String loginDt;
+	
+	
+	public String getCertLoginId() {
+		return certLoginId;
+	}
+	public void setCertLoginId(String certLoginId) {
+		this.certLoginId = certLoginId;
+	}
+	public String getLoginId() {
+		return loginId;
+	}
+	public void setLoginId(String loginId) {
+		this.loginId = loginId;
+	}
+	public String getLoginIp() {
+		return loginIp;
+	}
+	public void setLoginIp(String loginIp) {
+		this.loginIp = loginIp;
+	}
+	public String getLoginDevice() {
+		return loginDevice;
+	}
+	public void setLoginDevice(String loginDevice) {
+		this.loginDevice = loginDevice;
+	}
+	public String getLoginDt() {
+		return loginDt;
+	}
+	public void setLoginDt(String loginDt) {
+		this.loginDt = loginDt;
+	}
+	
+	
+	
+	
+}
--- a/src/main/java/itn/let/cert/ip/service/impl/CertLoginLogDAO.java
+++ b/src/main/java/itn/let/cert/ip/service/impl/CertLoginLogDAO.java
@ -0,0 +1,41 @@
+package itn.let.cert.ip.service.impl;
+
+import org.springframework.stereotype.Repository;
+
+import egovframework.rte.psl.dataaccess.EgovAbstractDAO;
+import itn.let.cert.ip.service.MberCertLoginLogVO;
+
+@Repository("CertLoginLogDAO")
+public class CertLoginLogDAO extends EgovAbstractDAO {
+
+
+/*
+	public List<MberCertIpVO> selectMberCertIpList(MberCertIpVO mberCertIpVO) {
+		return (List<MberCertIpVO>) list("MberCertIpVO.selectMberCertIpList", mberCertIpVO);
+	}
+
+	public void insertCertIp(MberCertIpVO mberCertIpVO) {
+		insert("MberCertIpVO.insertCertIp", mberCertIpVO);
+	}
+
+	public void deleteCertIp(MberCertIpVO mberCertIpVO) {
+		insert("MberCertIpVO.deleteCertIp", mberCertIpVO);
+	}
+
+	public MberCertIpVO findByMberCertIpList(MberCertIpVO mberCertIpVO) {
+		return (MberCertIpVO) select("MberCertIpVO.findByMberCertIpList", mberCertIpVO);
+	}
+*/
+	public void insertCertLoginLog(MberCertLoginLogVO mberCertLoginLogVO) {
+		insert("MberCertLoginLogVO.insertCertLoginLog", mberCertLoginLogVO);
+	}
+
+	public int checkLoginIpExists(MberCertLoginLogVO mberCertLoginLogVO) {
+		return (int) select("MberCertLoginLogVO.checkLoginIpExists", mberCertLoginLogVO);
+	}
+
+	public void updateCertLoginLog(MberCertLoginLogVO mberCertLoginLogVO) {
+		insert("MberCertLoginLogVO.updateCertLoginLog", mberCertLoginLogVO);
+	}
+	
+}
--- a/src/main/java/itn/let/cert/ip/service/impl/CertLoginLogServiceImpl.java
+++ b/src/main/java/itn/let/cert/ip/service/impl/CertLoginLogServiceImpl.java
@ -0,0 +1,78 @@
+package itn.let.cert.ip.service.impl;
+
+import javax.annotation.Resource;
+import javax.servlet.http.HttpServletRequest;
+
+import org.springframework.stereotype.Service;
+
+import egovframework.rte.fdl.cmmn.EgovAbstractServiceImpl;
+import egovframework.rte.fdl.cmmn.exception.FdlException;
+import egovframework.rte.fdl.idgnr.EgovIdGnrService;
+import itn.let.cert.ip.service.CertLoginLogService;
+import itn.let.cert.ip.service.MberCertLoginLogVO;
+
+@Service("CertLoginLogService")
+public class CertLoginLogServiceImpl extends EgovAbstractServiceImpl implements CertLoginLogService {
+
+	@Resource(name = "CertLoginLogDAO")
+	private CertLoginLogDAO certLoginLogDAO;
+
+    @Resource(name = "egovMjonCertLoginLogIdGnrService")
+	private EgovIdGnrService certLoginLogIdGnrService;
+/*
+	@Override
+	public StatusResponse selectMberCertIpList(MberCertIpVO mberCertPhoneVO) {
+		List<MberCertIpVO> mberCertIpListVO = certLoginLogDAO.selectMberCertIpList(mberCertPhoneVO);
+		return new StatusResponse(HttpStatus.OK, mberCertIpListVO, LocalDateTime.now());
+	}
+
+
+	@Override
+	public StatusResponse insertCertIp(MberCertIpVO mberCertIpVO) {
+		MberCertIpVO mberCertIpListVO = certLoginLogDAO.findByMberCertIpList(mberCertIpVO);
+		if(mberCertIpListVO != null) {
+			return new StatusResponse(HttpStatus.CONFLICT, "중복 IP입니다.", LocalDateTime.now());
+		}
+		certLoginLogDAO.insertCertIp(mberCertIpVO);
+		return new StatusResponse(HttpStatus.OK, "등록 하였습니다.", LocalDateTime.now());
+	}
+
+
+	@Override
+	public StatusResponse deleteCertIp(MberCertIpVO mberCertIpVO) {
+		certLoginLogDAO.deleteCertIp(mberCertIpVO);
+		return new StatusResponse(HttpStatus.OK, "삭제 하였습니다.", LocalDateTime.now());
+	}
+*/
+
+	@Override
+	public void insertCertLoginLog(MberCertLoginLogVO mberCertLoginLogVO, HttpServletRequest request) throws FdlException {
+ 
+		
+		int count = certLoginLogDAO.checkLoginIpExists(mberCertLoginLogVO);
+		
+		if (count > 0) {
+			// 이미 존재하면 UPDATE
+			certLoginLogDAO.updateCertLoginLog(mberCertLoginLogVO);
+		} else {
+	
+			mberCertLoginLogVO.setCertLoginId(certLoginLogIdGnrService.getNextStringId());
+			mberCertLoginLogVO.setLoginDevice(getDevice(request));
+			certLoginLogDAO.insertCertLoginLog(mberCertLoginLogVO);
+			
+		}
+	}
+		
+	private String getDevice(HttpServletRequest request) {
+		String userAgent = request.getHeader("User-Agent").toLowerCase();
+
+		if (userAgent.contains("mobile") || userAgent.contains("android") || userAgent.contains("iphone")) {
+			return "M";
+		} else if (userAgent.contains("tablet") || userAgent.contains("ipad")) {
+			return "T";
+		} else {
+			return "D";
+		}
+	}
+
+}
--- a/src/main/java/itn/let/cert/ip/web/CertLoginLogController.java
+++ b/src/main/java/itn/let/cert/ip/web/CertLoginLogController.java
@ -0,0 +1,102 @@
+package itn.let.cert.ip.web;
+
+import java.time.LocalDateTime;
+
+import javax.annotation.Resource;
+
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.servlet.ModelAndView;
+
+import egovframework.rte.fdl.security.userdetails.util.EgovUserDetailsHelper;
+import itn.com.cmm.LoginVO;
+import itn.com.utl.fcc.service.EgovStringUtil;
+import itn.let.cert.ip.service.CertLoginLogService;
+import itn.let.cert.ip.service.MberCertIpVO;
+import itn.let.mail.service.StatusResponse;
+
+/**
+ * 
+ * @author 		: 이호영
+ * @fileName 	: CertIpController.java 
+ * @date 		: 2024.11.19
+ * @description : 허용 IP 관련 컨트롤러
+ * =========================================================== 
+ * DATE          AUTHOR   NOTE 
+ * ----------------------------------------------------------- *
+ * 2024.11.19    이호영          최초 생성
+ * 
+ * 
+ * 
+ */
+@Controller
+public class CertLoginLogController {
+	
+	
+	/* CertLoginLogService */
+	@Resource(name = "CertLoginLogService")
+	private CertLoginLogService certLoginLogService;
+	
+	/*
+	@RequestMapping(value = {"/cert/ip/selectMberCertIpList.do"})
+	public ResponseEntity<StatusResponse> selectMberCertIpList(MberCertIpVO mberCertPhoneVO) throws Exception {
+		
+		ModelAndView modelAndView = new ModelAndView();
+		modelAndView.setViewName("jsonView");
+		
+		//로그인 권한정보 불러오기
+		LoginVO loginVO = EgovUserDetailsHelper.isAuthenticated()? (LoginVO)EgovUserDetailsHelper.getAuthenticatedUser():null;
+		String userId = loginVO == null ? "" : EgovStringUtil.isNullToString(loginVO.getId());
+		
+		if(userId == null) {
+			if(StringUtils.isEmpty(userId)) return ResponseEntity.ok().body(new StatusResponse(HttpStatus.BAD_REQUEST, "로그인 후 이용해 주세요", LocalDateTime.now()));
+		}
+		mberCertPhoneVO.setMberId(userId);
+		return ResponseEntity.ok().body(certLoginLogService.selectMberCertIpList(mberCertPhoneVO));
+	}	
+	
+	
+	@RequestMapping(value = {"/cert/ip/insertCertIp.do"})
+	public ResponseEntity<StatusResponse> insertCertIp(MberCertIpVO mberCertIpVO) throws Exception {
+		
+		ModelAndView modelAndView = new ModelAndView();
+		modelAndView.setViewName("jsonView");
+		
+		//로그인 권한정보 불러오기
+		LoginVO loginVO = EgovUserDetailsHelper.isAuthenticated()? (LoginVO)EgovUserDetailsHelper.getAuthenticatedUser():null;
+		String userId = loginVO == null ? "" : EgovStringUtil.isNullToString(loginVO.getId());
+		
+		if(userId == null) {
+			if(StringUtils.isEmpty(userId)) return ResponseEntity.ok().body(new StatusResponse(HttpStatus.BAD_REQUEST, "로그인 후 이용해 주세요", LocalDateTime.now()));
+		}
+		mberCertIpVO.setFrstRegisterId(userId);
+		mberCertIpVO.setMberId(userId);
+		
+		
+		return ResponseEntity.ok().body(certLoginLogService.insertCertIp(mberCertIpVO));
+	}	
+	
+	@RequestMapping(value = {"/cert/ip/deleteCertIp.do"})
+	public ResponseEntity<StatusResponse> deleteCertIp(MberCertIpVO mberCertIpVO) throws Exception {
+		
+		ModelAndView modelAndView = new ModelAndView();
+		modelAndView.setViewName("jsonView");
+		
+		//로그인 권한정보 불러오기
+		LoginVO loginVO = EgovUserDetailsHelper.isAuthenticated()? (LoginVO)EgovUserDetailsHelper.getAuthenticatedUser():null;
+		String userId = loginVO == null ? "" : EgovStringUtil.isNullToString(loginVO.getId());
+		
+		if(userId == null) {
+			if(StringUtils.isEmpty(userId)) return ResponseEntity.ok().body(new StatusResponse(HttpStatus.BAD_REQUEST, "로그인 후 이용해 주세요", LocalDateTime.now()));
+		}
+		mberCertIpVO.setLastUpdusrId(userId);
+		mberCertIpVO.setMberId(userId);
+		
+		
+		return ResponseEntity.ok().body(certLoginLogService.deleteCertIp(mberCertIpVO));
+	}	
+		*/
+}
--- a/src/main/java/itn/let/uat/uia/web/EgovLoginController.java
+++ b/src/main/java/itn/let/uat/uia/web/EgovLoginController.java
@ -83,6 +83,8 @@ import itn.com.cmm.util.StringUtil;
 import itn.com.cmm.util.WebUtil;
 import itn.com.uss.olh.hpc.service.HackIpService;
 import itn.com.uss.olh.hpc.service.HackIpVO;
+import itn.let.cert.ip.service.CertLoginLogService;
+import itn.let.cert.ip.service.MberCertLoginLogVO;
 import itn.let.cert.phone.service.CertPhoneService;
 import itn.let.cert.phone.service.MberCertPhoneVO;
 import itn.let.cop.bbs.service.BoardVO;
@ -242,6 +244,9 @@ public class EgovLoginController {
 	@Resource(name = "CertPhoneService")
 	private CertPhoneService certPhoneService;
 	
+	@Resource(name = "CertLoginLogService")
+	private CertLoginLogService certLoginLogService;
+	
 	private static final Logger logger = LoggerFactory.getLogger(MjonMsgDataController.class);

 	/* 문자온 사용자 로그인 시작 */
@ -1111,6 +1116,7 @@ public class EgovLoginController {

 		// 공인 IP 구하기
 		String userIp = EgovClntInfo.getClntIP(request);
+		System.out.println("userIp :: "+userIp);
 		// java.util.Scanner s = new java.util.Scanner(new
 		// java.net.URL("https://api.ipify.org").openStream(),
 		// "UTF-8").useDelimiter("\\A");
@ -2664,7 +2670,14 @@ public class EgovLoginController {
 				loginVO.getIp();
 				loginVO.setMessage("로그인 성공되었습니다.");
 				loginVO.setLoginYn("Y");
+				
 				loginService.insertActionLoginLog(loginVO);
+				// 인증 로그인 이력을 위한 insert
+				
+				MberCertLoginLogVO mberCertLoginLogVO = new MberCertLoginLogVO();
+				mberCertLoginLogVO.setLoginId(loginVO.getId());
+				mberCertLoginLogVO.setLoginIp(loginVO.getIp());
+				certLoginLogService.insertCertLoginLog(mberCertLoginLogVO, request);
 			}

 			// 등급제 Start
--- a/src/main/resources/egovframework/spring/com/context-idgen.xml
+++ b/src/main/resources/egovframework/spring/com/context-idgen.xml
@ -2849,5 +2849,24 @@
 		<property name="cipers" value="13" />
 		<property name="fillChar" value="0" />
 	</bean>
+	
+	
+	<!-- 문자온 로그인LOG ID Generation  Strategy Config -->
+	<bean name="egovMjonCertLoginLogIdGnrService"
+		class="egovframework.rte.fdl.idgnr.impl.EgovTableIdGnrServiceImpl"
+		destroy-method="destroy">
+		<property name="dataSource" ref="dataSource" />
+		<property name="strategy" ref="mjonCertLoginLogIdStrategy" />
+		<property name="blockSize"  value="10"/>
+		<property name="table"      value="IDS"/>
+		<property name="tableName"  value="CERT_LOGIN_LOG_ID"/>
+	</bean>
+	<bean name="mjonCertLoginLogIdStrategy" 
+		class="egovframework.rte.fdl.idgnr.impl.strategy.EgovIdGnrStrategyImpl">
+		<property name="prefix" value="CERTLOGINLOG_" />
+		<property name="cipers" value="10" />
+		<property name="fillChar" value="0" />
+	</bean>
+	
 		
 </beans>
--- a/src/main/resources/egovframework/sqlmap/config/mysql/sql-map-config-mysql-cert.xml
+++ b/src/main/resources/egovframework/sqlmap/config/mysql/sql-map-config-mysql-cert.xml
@ -3,6 +3,7 @@

 <sqlMapConfig>
 	<settings cacheModelsEnabled="true" useStatementNamespaces="true" />
-	<sqlMap resource="egovframework/sqlmap/let/cert/MjonCertIp_SQL_mysql.xml"/>	 <!-- 문자메세지 -->
-	<sqlMap resource="egovframework/sqlmap/let/cert/MjonCertPhone_SQL_mysql.xml"/>	 <!-- 문자메세지 -->
+	<sqlMap resource="egovframework/sqlmap/let/cert/MjonCertIp_SQL_mysql.xml"/>	 <!-- 로그인 허용 IP -->
+	<sqlMap resource="egovframework/sqlmap/let/cert/MjonCertLoginLog_SQL_mysql.xml"/>	 <!-- 로그인 허용 IP를 위한 로그인Log -->
+	<sqlMap resource="egovframework/sqlmap/let/cert/MjonCertPhone_SQL_mysql.xml"/>	 <!-- 로그인 인증 폰번호 -->
 </sqlMapConfig>
--- a/src/main/resources/egovframework/sqlmap/let/cert/MjonCertLoginLog_SQL_mysql.xml
+++ b/src/main/resources/egovframework/sqlmap/let/cert/MjonCertLoginLog_SQL_mysql.xml
@ -0,0 +1,45 @@
+<?xml version="1.0" encoding="UTF-8"?><!--
+	수정일		수정자					수정내용
+  =========     =======    =================================================
+  2021.03.01    신명섭 	
+-->
+<!DOCTYPE sqlMap PUBLIC "-//iBATIS.com//DTD SQL Map 2.0//EN" "http://ibatis.apache.org/dtd/sql-map-2.dtd">
+<sqlMap namespace="MjonCertLoginLog">
+	<typeAlias  alias="mberCertLoginLogVO" type="itn.let.cert.ip.service.MberCertLoginLogVO"/>
+	
+	
+    <select id="MberCertLoginLogVO.checkLoginIpExists" resultClass="int" parameterClass="mberCertLoginLogVO">
+        SELECT COUNT(1)
+        FROM LETTNGNRLMBER_CERT_LOGIN_LOG_IP
+        WHERE LOGIN_IP = #loginIp#
+        AND LOGIN_ID = #loginId#
+    </select>
+	
+	<insert id="MberCertLoginLogVO.insertCertLoginLog" parameterClass="mberCertLoginLogVO">
+		INSERT INTO LETTNGNRLMBER_CERT_LOGIN_LOG_IP
+		(
+		    CERT_LOGIN_ID,
+		    LOGIN_ID,
+		    LOGIN_IP,
+		    LOGIN_DEVICE,
+		    LOGIN_DT
+		)
+		VALUES
+		(
+		    #certLoginId#,
+		    #loginId#,
+		    #loginIp#,
+		    #loginDevice#,
+		    NOW()
+		)
+	</insert>
+	
+	<!-- LOGIN_IP가 존재할 경우 UPDATE -->
+	<update id="MberCertLoginLogVO.updateCertLoginLog" parameterClass="mberCertLoginLogVO">
+		UPDATE LETTNGNRLMBER_CERT_LOGIN_LOG_IP
+			SET LOGIN_DT = NOW()
+			WHERE LOGIN_IP = #loginIp#
+			AND LOGIN_ID = #loginId#
+	</update>
+	
+</sqlMap>
--- a/src/main/webapp/WEB-INF/jsp/web/user/mberSecureLogin.jsp
+++ b/src/main/webapp/WEB-INF/jsp/web/user/mberSecureLogin.jsp
@ -20,10 +20,8 @@ $(document).ready(function(){
 	// on/off 시 confirm 창 노출
 	$('.security_set .tab_depth1 a').click(function () {
 		if ($(this).text().trim() == "ON") {
-			if(!confirm("보안로그인 설정 후 로그인 시, 등록한 휴대폰번호로 추가 인증이 진행됩니다")){
-				console.log('???');
-				return false;
-			}
+			confirm("보안로그인 설정 후 로그인 시, 등록한 휴대폰번호로 추가 인증이 진행됩니다");
+			
 		} else {
 			confirm("가입자 휴대폰번호로 본인인증 후 해제가 가능하며, 보안로그인 설정을 해제함으로써 발생하는 손해에 대하여 회사는 책임지지 않습니다.");
 			openKMCISWindow();