비밀번호 변경 - 기존 비밀번호, 새 비밀번호 검증 및 암호화 후 DB 저장

2 years ago · e8078d5dd0
5 changed files with 135 additions and 15 deletions
--- a/src/main/java/com/palnet/biz/api/acnt/cstmr/controller/AcntCstmrController.java
+++ b/src/main/java/com/palnet/biz/api/acnt/cstmr/controller/AcntCstmrController.java
@ -2,9 +2,13 @@ package com.palnet.biz.api.acnt.cstmr.controller;

 import java.security.Principal;
 import java.util.ArrayList;
+import java.util.HashMap;
 import java.util.List;
+import java.util.Map;

 import com.palnet.biz.api.acnt.cstmr.model.AcntCstmrGroupModel;
+import com.palnet.biz.api.acnt.cstmr.model.AcntCstmrPwModel;
+
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
@ -16,6 +20,7 @@ import com.palnet.biz.api.acnt.cstmr.model.AcntCstmrRqModel;
 import com.palnet.biz.api.acnt.cstmr.model.AcntCstmrRsModel;
 import com.palnet.biz.api.acnt.cstmr.model.AnctCstmerRlModel;
 import com.palnet.biz.api.acnt.cstmr.service.AcntCstmrService;
+import com.palnet.biz.api.acnt.jwt.model.JwtUserModel;
 import com.palnet.biz.api.anls.hstry.model.AnlsHstryDetailModel;
 import com.palnet.biz.api.anls.hstry.model.AnlsHstryModel;
 import com.palnet.biz.api.anls.hstry.model.AnlsHstryRqModel;
@ -24,8 +29,11 @@ import com.palnet.biz.api.comn.response.BasicResponse;
 import com.palnet.biz.api.comn.response.ErrorResponse;
 import com.palnet.biz.api.comn.response.SuccessResponse;
 import com.palnet.biz.api.ctr.cntrl.service.CtrCntrlService;
+import com.palnet.biz.jpa.entity.PtyCstmrBas;
+import com.palnet.biz.jpa.entity.PtyCstmrDtl;
 import com.palnet.biz.sample.entity.SampleEntity;
 import com.palnet.biz.sample.service.SampleService;
+import com.palnet.comn.exception.CustomException;
 import com.palnet.comn.model.GPHistoryModel;

 import lombok.RequiredArgsConstructor;
@ -60,14 +68,13 @@ public class AcntCstmrController {
 		return ResponseEntity.ok().body(new SuccessResponse<AcntCstmrRsModel>(result));
 	}
 	
-	@GetMapping(value = "/profile/{id}")
-	public ResponseEntity<? extends BasicResponse> mypage(@PathVariable Integer id){
+	@GetMapping(value = "/profile/{cstmrSno}")
+	public ResponseEntity<? extends BasicResponse> mypage(@PathVariable Integer cstmrSno){
 		List<AnctCstmerRlModel> result = null;
 		
 		try {
 			
-			result = service.list(id);
-			log.info("result 값 확인하기 >>>>>>>>>>>>>>>>>>>>>>>>",result);
+			result = service.list(cstmrSno);
 			
 		} catch (Exception e) {
 			return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR)
@ -78,7 +85,27 @@ public class AcntCstmrController {
 		
 		return ResponseEntity.ok().body(new SuccessResponse<List>(result));
 	}
-
+	
+	@PostMapping(value = "/profile/pswdupdate")
+	public ResponseEntity<? extends BasicResponse> passwordupdate(@RequestBody AcntCstmrPwModel rq){
+		Map<String, Object> resultMap = new HashMap<String, Object>();
+		try {
+			PtyCstmrBas result = service.updatepas(rq);
+			resultMap.put("result", result);
+			
+		} catch (CustomException e) {
+			log.error("IGNOE : {}", e);
+			resultMap.put("result", false);
+			resultMap.put("errorCode", e.getErrorCode());
+			resultMap.put("errorMessage", e.getMessage());
+			return ResponseEntity.ok().body(new SuccessResponse<Map>(resultMap));
+		} catch (Exception e) {
+			log.error("IGONE : {}", e);
+			return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(new ErrorResponse("Server Error", "-1"));
+		}
+		
+		return ResponseEntity.ok().body(new SuccessResponse<>(resultMap));
+	}

 	
 	
--- a/src/main/java/com/palnet/biz/api/acnt/cstmr/model/AcntCstmrPwModel.java
+++ b/src/main/java/com/palnet/biz/api/acnt/cstmr/model/AcntCstmrPwModel.java
@ -0,0 +1,17 @@
+package com.palnet.biz.api.acnt.cstmr.model;
+
+import java.util.Date;
+
+import lombok.Data;
+
+@Data
+public class AcntCstmrPwModel {
+	
+	private Date pswdupdtDt;
+	
+	private String userPswd;
+	
+	private String newPswd;
+	
+	private String newPswdConfirm;
+}
--- a/src/main/java/com/palnet/biz/api/acnt/cstmr/model/AnctCstmerRlModel.java
+++ b/src/main/java/com/palnet/biz/api/acnt/cstmr/model/AnctCstmerRlModel.java
@ -21,4 +21,8 @@ public class AnctCstmerRlModel {
 	
 	private String userId;
 	
+	private Date updateDt;
+	
+	private String updateuserId;
+	
 }
--- a/src/main/java/com/palnet/biz/api/acnt/cstmr/service/AcntCstmrService.java
+++ b/src/main/java/com/palnet/biz/api/acnt/cstmr/service/AcntCstmrService.java
@ -10,6 +10,8 @@ import javax.persistence.EntityTransaction;
 import javax.persistence.Persistence;

 import com.palnet.biz.api.acnt.cstmr.model.AcntCstmrGroupModel;
+import com.palnet.biz.api.acnt.cstmr.model.AcntCstmrPwModel;
+
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@ -23,6 +25,8 @@ import com.palnet.biz.api.acnt.cstmr.model.AcntCstmrRqModel;
 import com.palnet.biz.api.acnt.cstmr.model.AcntCstmrRsModel;
 import com.palnet.biz.api.acnt.cstmr.model.AnctCstmerRlModel;
 import com.palnet.biz.api.acnt.cstmr.model.AnctCstmrTermsModel;
+import com.palnet.biz.api.acnt.jwt.model.JwtUserModel;
+import com.palnet.biz.api.acnt.jwt.utils.JwtTokenUtil;
 import com.palnet.biz.api.acnt.terms.model.AcntTermsRqModel;
 import com.palnet.biz.api.acnt.terms.model.AcntTermsRsModel;
 import com.palnet.biz.jpa.entity.PtyCstmrBas;
@ -66,6 +70,9 @@ public class AcntCstmrService {
 	@Autowired
 	private EntityManagerFactory emf;
 	
+	@Autowired
+	private  JwtTokenUtil jwtTokenUtil;
+	
 	/**
 	 * 
 	 * 
@ -184,16 +191,54 @@ public class AcntCstmrService {
 		
 	}
 	
-public List<AnctCstmerRlModel> list(int cstmrSno) {
-		
-		List<AnctCstmerRlModel> resultList = query.list(cstmrSno);
-		
-		for(AnctCstmerRlModel model : resultList) {
-			model.setEmail(EncryptUtils.decrypt(model.getEmail()));
-			model.setMemberName(EncryptUtils.decrypt(model.getMemberName()));
-			model.setHpno(EncryptUtils.decrypt(model.getHpno()));
+	public List<AnctCstmerRlModel> list(int cstmrSno) {
+			
+			List<AnctCstmerRlModel> resultList = query.list(cstmrSno);
+			
+			for(AnctCstmerRlModel model : resultList) {
+				model.setEmail(EncryptUtils.decrypt(model.getEmail()));
+				model.setMemberName(EncryptUtils.decrypt(model.getMemberName()));
+				model.setHpno(EncryptUtils.decrypt(model.getHpno()));
+			}
+			
+			return resultList;
 		}
-		
-		return resultList;
+
+
+	public PtyCstmrBas updatepas(AcntCstmrPwModel rq) {
+		// 	1. 토큰 유저 정보 불러오기
+  		Integer userId = jwtTokenUtil.getCstmrSnoByToken();
+  		
+  		// 2. DB의 유저정보 조회
+//  		AcntCstmrRqModel result = query.findpassword(userId);
+  		PtyCstmrBas userEntity = ptyCstmrBasRepository.findById(userId).orElse(null);
+  		
+  		// 3. RQ의 유저 패스워드를 암호화 처리
+  		rq.setUserPswd(EncryptUtils.sha256Encrypt(rq.getUserPswd()));
+  		
+  		// 4. RQ의 암호화한 패스워드와 DB에서 조회한 유저의 패스워드랑 비교
+  		if(!rq.getUserPswd().equals(userEntity.getUserPswd())) {
+  			log.info("RQ 비밀번호 : {}, DB 비밀번호 : {}", rq.getUserPswd(), userEntity.getUserPswd());
+
+  			// 	4.e 일치하지 않으면 예외처리 (패스워드 불일치)  			
+  			throw new CustomException(ErrorCode.FAIL); // 임시,, 수정해야함
+  		}
+  		
+  		// 5. 새로운 비밀번호 검증
+  		if(!rq.getNewPswd().equals(rq.getNewPswdConfirm())) {
+  			// 5.e 새로운 비밀번호 일치하지 않으면 예외처리
+  			throw new CustomException(ErrorCode.FAIL); //임시...수정필요
+  		}
+  		
+  		// 6. 새로운 패스워드 암호화
+  		String encryptNewPwd = EncryptUtils.sha256Encrypt(rq.getNewPswd());
+  		
+  		// 7. 유저 정보 저장 
+  		userEntity.setUserPswd(encryptNewPwd);
+  		userEntity.setPswdUpdtDt(DateUtils.nowDate());
+  		
+  		PtyCstmrBas updateUserEntity =  ptyCstmrBasRepository.save(userEntity);
+  		
+		return updateUserEntity;
 	}
 }
--- a/src/main/java/com/palnet/biz/jpa/repository/pty/PtyCstmrQueryRepository.java
+++ b/src/main/java/com/palnet/biz/jpa/repository/pty/PtyCstmrQueryRepository.java
@ -1,5 +1,7 @@
 package com.palnet.biz.jpa.repository.pty;

+import com.palnet.biz.api.acnt.cstmr.model.AcntCstmrPwModel;
+import com.palnet.biz.api.acnt.cstmr.model.AcntCstmrRqModel;
 import com.palnet.biz.api.acnt.cstmr.model.AnctCstmerRlModel;
 import com.palnet.biz.api.acnt.jwt.model.JwtGroupModel;
 import com.palnet.biz.jpa.entity.*;
@ -197,4 +199,29 @@ public class PtyCstmrQueryRepository{
 				 		
 		return list;
 	}
+
+
+
+	public AcntCstmrRqModel findpassword(String userId) {
+		QPtyCstmrBas basEntity = QPtyCstmrBas.ptyCstmrBas;
+		
+		BooleanBuilder builder = new BooleanBuilder();
+		builder.and(basEntity.userId.eq(userId));
+		
+		PtyCstmrBas entity = query.select(basEntity)
+				.from(basEntity)
+				.where(builder)
+				.fetchFirst();
+		
+		if(entity != null) {
+			JwtUserModel model = new JwtUserModel();
+			model.setCstmrSno(entity.getCstmrSno());
+			model.setUserPswd(entity.getUserPswd());
+		}
+		
+		return null;
+	}
+
+
+
 }