+보안로그인 컨트롤러 체크 완료

2024-11-21 21:59:12 +09:00 · 2024-11-21 21:59:12 +09:00 · bee412376c
commit bee412376c
parent 7a38574459
7 changed files with 103 additions and 27 deletions
--- a/src/main/java/itn/let/uat/uia/service/impl/EgovMberManageServiceImpl.java
+++ b/src/main/java/itn/let/uat/uia/service/impl/EgovMberManageServiceImpl.java
@ -604,6 +604,12 @@ public class EgovMberManageServiceImpl extends EgovAbstractServiceImpl implement
 		
 		return resultCnt;
 	}
+
+	@Override
+	public String getSecuLoginFlag(String id) {
+		// TODO Auto-generated method stub
+		return mberManageDAO.getSecuLoginFlag(id);
+	}
 	
 	
 }
--- a/src/main/java/itn/let/uat/uia/service/impl/MberManageDAO.java
+++ b/src/main/java/itn/let/uat/uia/service/impl/MberManageDAO.java
@ -332,5 +332,9 @@ public class MberManageDAO extends EgovComAbstractDAO{
 		
 		return resultCnt;
 	}
+
+	public String getSecuLoginFlag(String id) {
+		return (String)select("mberManageDAO.getSecuLoginFlag", id);
+	}
 	
 }
--- a/src/main/java/itn/let/uat/uia/web/EgovLoginController.java
+++ b/src/main/java/itn/let/uat/uia/web/EgovLoginController.java
@ -83,7 +83,9 @@ import itn.com.cmm.util.StringUtil;
 import itn.com.cmm.util.WebUtil;
 import itn.com.uss.olh.hpc.service.HackIpService;
 import itn.com.uss.olh.hpc.service.HackIpVO;
+import itn.let.cert.ip.service.CertIpService;
 import itn.let.cert.ip.service.CertLoginLogService;
+import itn.let.cert.ip.service.MberCertIpVO;
 import itn.let.cert.ip.service.MberCertLoginLogVO;
 import itn.let.cert.phone.service.CertPhoneService;
 import itn.let.cert.phone.service.MberCertPhoneVO;
@ -247,6 +249,9 @@ public class EgovLoginController {
 	@Resource(name = "CertLoginLogService")
 	private CertLoginLogService certLoginLogService;
 	
+	@Resource(name = "CertIpService")
+	private CertIpService certIpService;
+	
 	private static final Logger logger = LoggerFactory.getLogger(MjonMsgDataController.class);

 	/* 문자온 사용자 로그인 시작 */
@ -2072,6 +2077,35 @@ public class EgovLoginController {
 		modelAndView.addObject("data", resultVO);
 		modelAndView.addObject("mberCertPhoneList", mberCertPhoneList);
 		
+		
+
+
+		/* 일시 : 2024.11.21
+		 * 내용 : 패스 인증 조회
+		 * 작업자 : 이호영
+		 */
+		String userId = loginVO.getId();
+		// lettngnrlmber TB에 secuLoginFlag 값이 Y면 인증 해야함
+		String secuLoginFlag = mberManageService.getSecuLoginFlag(userId);
+		
+		String passFlag = "Y";
+		if("Y".equals(secuLoginFlag)) {
+			// lettngnrlmber TB에 secuLoginFlag 값이 Y면
+			// IP가 등록 되어 있는지 확인
+			// 있으면 2차인증 안함
+			// 없으면 2차인증 진행
+	    	MberCertIpVO mberCertIpVO = new MberCertIpVO();
+	    	mberCertIpVO.setCertIp(userIp);
+	    	mberCertIpVO.setMberId(userId);
+	    	// ip가 있으면 true
+	    	if(!certIpService.checkCertIp(mberCertIpVO)) {
+	    		passFlag = "N";
+	    	}
+		}
+		modelAndView.addObject("passFlag", passFlag);
+		
+		
+		
 		return modelAndView;
 		

@ -2467,14 +2501,24 @@ public class EgovLoginController {
 		sendLogVO.setSendId(id);
 		sendLogVO.setReceive(s_hp);
 		sendLogVO.setCheckNo(s_num);
-				
-		sendLogVO = mjonMsgDataService.selectSysMsgLogCheck(sendLogVO);
 		
-		if (sendLogVO==null) {
-			redirectAttributes.addFlashAttribute("fail2", true);
-			return "redirect:/web/user/login/login.do";
-		}		
+		String passFlag	=	request.getParameter("passFlag");
+		System.out.println("passFlag : "+ passFlag);
+		System.out.println("passFlag : "+ passFlag);
+		System.out.println("passFlag : "+ passFlag);
+		System.out.println("passFlag : "+ passFlag);
+		System.out.println("passFlag : "+ passFlag);
+		System.out.println("passFlag : "+ passFlag);
+		if("Y".equals(passFlag)) {
 		
+			sendLogVO = mjonMsgDataService.selectSysMsgLogCheck(sendLogVO);
+			
+			if (sendLogVO==null) {
+				redirectAttributes.addFlashAttribute("fail2", true);
+				return "redirect:/web/user/login/login.do";
+			}		
+		
+		}
 		
 		String password = decryptRsa(privateKey, loginVO.getPassword());
 		loginVO.setId(id);
--- a/src/main/java/itn/let/uss/umt/service/EgovMberManageService.java
+++ b/src/main/java/itn/let/uss/umt/service/EgovMberManageService.java
@ -243,4 +243,6 @@ public interface EgovMberManageService {
 	
 	//기업회원 기업정보 변경신청 취소 처리
 	public int updateCmpUserInfoCancel(MberManageVO mberManageVO) throws Exception;
+
+	public String getSecuLoginFlag(String id);
 }
--- a/src/main/resources/egovframework/sqlmap/let/cert/MjonCertIp_SQL_mysql.xml
+++ b/src/main/resources/egovframework/sqlmap/let/cert/MjonCertIp_SQL_mysql.xml
@ -93,7 +93,7 @@
 				LOGIN_IP as certIp 
 			from lettngnrlmber_cert_login_log_ip
 			where LOGIN_ID = #mberId#
-			and CERT_IP = #certIp#
+			and LOGIN_IP = #certIp#
 			union all
 			select 
 				CERT_IP as certIp  
--- a/src/main/resources/egovframework/sqlmap/let/uss/umt/EgovMberManage_SQL_Mysql.xml
+++ b/src/main/resources/egovframework/sqlmap/let/uss/umt/EgovMberManage_SQL_Mysql.xml
@ -2106,4 +2106,11 @@
 		WHERE CMPHST_ID = #cmpHstId#
    
    </update>
+    
+    <select id="mberManageDAO.getSecuLoginFlag" resultClass="String" parameterClass="String">
+    
+    
+		select SECU_LOGIN_FLAG  from lettngnrlmber where MBER_ID = #id#
+    
+    </select>
 </sqlMap>
--- a/src/main/webapp/WEB-INF/jsp/web/login/EgovLoginGnrlUsr.jsp
+++ b/src/main/webapp/WEB-INF/jsp/web/login/EgovLoginGnrlUsr.jsp
@ -138,6 +138,7 @@ function whoisIpCountry() {
 }

 function actionLogin(){
+	console.log('actionLogin : actionLogin')

 	setTimeout(function() {
 		if (isKoreaIpAddress == false) {
@ -180,28 +181,39 @@ function actionLogin(){
 			      //alert(data.data.moblphonNo);
 			      console.log('===========');
 			      console.log(data.mberCertPhoneList);
+			  		console.log(data.passFlag);

 			      if (data.status=="success"){
-			    	  //번호인증팝업 띄우기
-			    	  $("#input_list_item_1").hide();
-			    	  $("#input_list_item_2").hide();
-			    	  $("#input_list_item_3").hide();
-			    	  $("#input_list_item_0").hide();
-
-			    	  $("#input_list_item_4").show();
-			    	  $("#input_list_item_5").show();
-			    	  $("#input_list_item_6").show();
-
-// 			    	  $("#hp_text2").val(data.data.moblphonNo);
-			    		var $select = $('#hp_text2');
-			    		data.mberCertPhoneList.forEach(function(item) {
-			    			$select.append($('<option>', {
-			    				value: item.mbtlnum, // option의 value 값
-			    				text: item.mbtlnum+'('+item.certAlias+')'  // option의 화면에 보이는 텍스트
-			    			}));
-			    		});
-			    	  
-			    	  
+				    	
+				    	if(data.passFlag == "Y")
+			    		{
+				    	    document.loginForm2.passFlag.value = passFlag;
+				    		actionLogin_end();
+			    		}
+				    	else
+				    	{
+					    	  
+					    	//번호인증팝업 띄우기
+					    	$("#input_list_item_1").hide();
+					    	$("#input_list_item_2").hide();
+					    	$("#input_list_item_3").hide();
+					    	$("#input_list_item_0").hide();
+		
+					    	$("#input_list_item_4").show();
+					    	$("#input_list_item_5").show();
+					    	$("#input_list_item_6").show();
+		
+		// 			    	$("#hp_text2").val(data.data.moblphonNo);
+					    	var $select = $('#hp_text2');
+					    	data.mberCertPhoneList.forEach(function(item) {
+					    		$select.append($('<option>', {
+					    			value: item.mbtlnum, // option의 value 값
+					    			text: item.mbtlnum+'('+item.certAlias+')'  // option의 화면에 보이는 텍스트
+					    		}));
+					    	});
+		
+				    	}
+				    	
 			   		}else if (data.status=="fail"){
 			   			
 			   			if (data.dormantYn=="Y"){
@ -526,6 +538,7 @@ function fn_click_banner_add_stat(bannerMenuCode){
    <input type="hidden" name="goEventPay" value="${goEventPay}"/>
    <input type="hidden" id="hp" name="hp">
    <input type="hidden" id="num" name="num">
+    <input type="hidden" id="passFlag" name="passFlag">
    
    <div class="send_top">
 		<div class="mypage_content current">