비밀번호 로직 변경

src/main/java/com/lemon/lifecenter/common/LifeCenterFunction.java

@@ -14,6 +14,8 @@ import java.net.MalformedURLException;
 import java.net.URL;
 import java.net.URLDecoder;
 import java.net.URLEncoder;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
 import java.security.spec.AlgorithmParameterSpec;
 import java.text.DateFormat;
 import java.text.ParseException;
@@ -62,6 +64,34 @@ public class LifeCenterFunction {
 
         return Base64.getEncoder().encodeToString(cipherText);
     }
+    
+    /**
+     * sha256 passwd encrypt
+     * @author jksong
+     * @Param
+     **/
+    public static String sha256Encrypt(String str) {
+      String SHA = "";
+
+      try {
+        MessageDigest sh = MessageDigest.getInstance("SHA-256");
+        sh.update(str.getBytes());
+        byte byteData[] = sh.digest();
+        StringBuffer sb = new StringBuffer();
+
+        for (int i = 0; i < byteData.length; i++) {
+          sb.append(Integer.toString((byteData[i] & 0xff) + 0x100, 16).substring(1));
+        }
+
+        SHA = sb.toString();
+
+      } catch (NoSuchAlgorithmException e) {
+        e.printStackTrace();
+        SHA = null;
+      }
+
+      return SHA;
+    }
 
     public static String aesDecrypt(String encKey, byte[] iv, String paramInput) throws Exception {
         byte[] textBytes = Base64.getDecoder().decode(paramInput);

src/main/java/com/lemon/lifecenter/controller/CenterController.java

@@ -78,7 +78,8 @@ public class CenterController extends LifeCenterController {
         
         mDto.setCenterCode(dto.getCenterCode());
         mDto.setId(staffId);
-        mDto.setPassword(LifeCenterFunction.aesEncrypt(config.aesKey, config.IV, staffPw));
+//        mDto.setPassword(LifeCenterFunction.aesEncrypt(config.aesKey, config.IV, staffPw));
+        mDto.setPassword(LifeCenterFunction.sha256Encrypt(staffPw));
         mDto.setName(staffName);
         mDto.setPhoneNumber(staffPhoneNumber);
         mDto.setGroupIdx( 2 ); // 1: 시스템관리자 2:관리자 3:일반사용자, 센터신규등록시 아이디생성은 관리자 권한으로 생성, 센터하나에 관리자 1명으로 개발진행

src/main/java/com/lemon/lifecenter/controller/LoginController.java

@@ -62,7 +62,8 @@ public class LoginController extends LifeCenterController {
         HashMap<String, String> accessMap = new HashMap<String, String>();
         JSONObject json = new JSONObject();
         
-        dto.setPassword( LifeCenterFunction.aesEncrypt( config.aesKey, config.IV, dto.getPassword() ) );
+//        dto.setPassword( LifeCenterFunction.aesEncrypt( config.aesKey, config.IV, dto.getPassword() ) );
+        dto.setPassword( LifeCenterFunction.sha256Encrypt(dto.getPassword()) );
         
         int total = loginService.selectMemberCount( dto );
         

src/main/java/com/lemon/lifecenter/controller/MobileLoginController.java

@@ -59,7 +59,8 @@ public class MobileLoginController extends LifeCenterController {
         String message = "";
         JSONObject object = new JSONObject();
         
-        dto.setPw(LifeCenterFunction.aesEncrypt(config.aesKey, config.IV, dto.getPw()));
+//        dto.setPw(LifeCenterFunction.aesEncrypt(config.aesKey, config.IV, dto.getPw()));
+        dto.setPw( LifeCenterFunction.sha256Encrypt(dto.getPw()) );
         
         int cnt = patientService.selectMPatientCount(dto);
         if (cnt == 0) {

src/main/java/com/lemon/lifecenter/controller/PatientController.java

@@ -151,7 +151,8 @@ public class PatientController extends LifeCenterController {
         dto.setId( dto.getWardNumber().trim() + dto.getRoomNumber().trim() );
         
         // 환자 password는 생년월일(yyyymmdd)을 암호화
-        dto.setPw( LifeCenterFunction.aesEncrypt( config.aesKey, config.IV, jumin ) );
+//        dto.setPw( LifeCenterFunction.aesEncrypt( config.aesKey, config.IV, jumin ) );
+        dto.setPw( LifeCenterFunction.sha256Encrypt( jumin ) );
         dto.setJumin( jumin );
         dto.setCenterCode( sesCenterCode );
         dto.setState( "H" ); // H : 입소
@@ -280,7 +281,7 @@ public class PatientController extends LifeCenterController {
         String jumin = dto.getJumin().replace( "-" , "" );
         
         dto.setId( dto.getWardNumber().trim() + dto.getRoomNumber().trim() );
-        dto.setPw( LifeCenterFunction.aesEncrypt( config.aesKey, config.IV, jumin ) );
+        dto.setPw( LifeCenterFunction.sha256Encrypt( jumin ) );
         dto.setJumin( jumin );
         dto.setCenterCode( sesCenterCode );
         dto.setUpdateBy( sesId );

src/main/java/com/lemon/lifecenter/controller/StaffController.java

@@ -222,7 +222,7 @@ public class StaffController extends LifeCenterController {
         logger.error("dto.id -- > " + dto.getId());
         logger.error("dto.getPassword -- > " + dto.getPassword());
         
-        String encryptPw = LifeCenterFunction.aesEncrypt(config.aesKey, config.IV, dto.getPassword());
+        String encryptPw = LifeCenterFunction.sha256Encrypt(dto.getPassword());
         dto.setPassword(encryptPw);
         
         int mCnt = memberService.selectMemberCount(dto);
@@ -326,10 +326,12 @@ public class StaffController extends LifeCenterController {
         StaffDTO dto = new StaffDTO();
         dto.setId(id);
         if (type.equals("staff")) {
-            pw = LifeCenterFunction.aesEncrypt(config.aesKey, config.IV, config.staffResetPw);
+//            pw = LifeCenterFunction.aesEncrypt(config.aesKey, config.IV, config.staffResetPw);
+            pw = LifeCenterFunction.sha256Encrypt(config.staffResetPw);
         } else {
             logger.error("config.centerResetPw -- > " + config.centerResetPw);
-            pw = LifeCenterFunction.aesEncrypt(config.aesKey, config.IV, config.centerResetPw);
+//            pw = LifeCenterFunction.aesEncrypt(config.aesKey, config.IV, config.centerResetPw);
+            pw = LifeCenterFunction.sha256Encrypt(config.centerResetPw);
         }
         dto.setPassword(pw);
         

src/main/java/com/lemon/lifecenter/test/TestContorller.java

@@ -1,25 +1,79 @@
 package com.lemon.lifecenter.test;
 
+import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collections;
 import java.util.List;
 import java.util.Random;
 
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.servlet.ModelAndView;
 
+import com.lemon.lifecenter.common.LifeCenterConfigVO;
 import com.lemon.lifecenter.common.LifeCenterController;
+import com.lemon.lifecenter.common.LifeCenterFunction;
 import com.lemon.lifecenter.dto.PatientDTO;
+import com.lemon.lifecenter.dto.StaffDTO;
 
 @Controller
 
 public class TestContorller extends LifeCenterController {
     
+    private final Logger logger = LoggerFactory.getLogger(this.getClass());
+    
+    @Autowired
+    private LifeCenterConfigVO config;
+    
     @Autowired
-    TestService s;
+    private TestService s;
+    
+//    @RequestMapping("/update/info")
+//    public ModelAndView updatePassword() throws Exception {
+//        ArrayList<StaffDTO> listDto = new ArrayList<>();
+//        listDto = (ArrayList<StaffDTO>) s.selectMemberPassword();
+//        
+//        for (int i = 0; i < listDto.size(); i++) {
+//            String id = listDto.get(i).getId();
+//            String pw = LifeCenterFunction.aesDecrypt(config.aesKey, config.IV, listDto.get(i).getPassword());
+//            logger.error("id -- > " + id + " :::: pw -- > " + pw);
+//            pw = LifeCenterFunction.sha256Encrypt(pw);
+//            
+//            StaffDTO sdto = new StaffDTO();
+//            sdto.setId(id);
+//            sdto.setPassword(pw);
+//            s.updateMemberPassword(sdto);
+//        }
+//        
+//        ModelAndView mv = setMV("test");
+//        return mv;
+//    }
+//    
+//    @RequestMapping("/update/patient")
+//    public ModelAndView updatePatientPassword() throws Exception {
+//        ArrayList<PatientDTO> listDto = new ArrayList<>();
+//        listDto = s.selectPatientPassword();
+//        
+//        for (int i = 0; i < listDto.size(); i++) {
+//            String id = listDto.get(i).getId();
+//            String pw = LifeCenterFunction.aesDecrypt(config.aesKey, config.IV, listDto.get(i).getPw());
+//            pw = LifeCenterFunction.sha256Encrypt(pw);
+//            
+//            
+//            PatientDTO dto = new PatientDTO();
+//            dto.setId(id);
+//            dto.setPw(pw);
+//            
+//            s.updatePatientPassword(dto);
+//        }
+//        
+//        ModelAndView mv = setMV("test");
+//        return mv;
+//    }
     
     @RequestMapping("/insert/{start}/{end}")
     public ModelAndView insert(@PathVariable("start") int start, @PathVariable("end") int end) {

src/main/java/com/lemon/lifecenter/test/TestMapper.java

@@ -1,9 +1,13 @@
 package com.lemon.lifecenter.test;
 
+import java.util.ArrayList;
+import java.util.List;
+
 import org.apache.ibatis.annotations.Mapper;
 import org.springframework.stereotype.Repository;
 
 import com.lemon.lifecenter.dto.PatientDTO;
+import com.lemon.lifecenter.dto.StaffDTO;
 
 @Repository
 @Mapper
@@ -11,4 +15,10 @@ public interface TestMapper {
     public void insertPatientCare( PatientDTO dto );
     public void insertPatientSymptom( PatientDTO dto );
     public void insertPatientDisease( PatientDTO dto );
+    
+    public void updateMemberPassword(StaffDTO dto);
+    public ArrayList<StaffDTO> selectMemberPassword();
+    
+    public ArrayList<PatientDTO> selectPatientPassword();
+    public void updatePatientPassword(PatientDTO dto);
 }

src/main/java/com/lemon/lifecenter/test/TestService.java

@@ -1,9 +1,13 @@
 package com.lemon.lifecenter.test;
 
+import java.util.ArrayList;
+import java.util.List;
+
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
 import com.lemon.lifecenter.dto.PatientDTO;
+import com.lemon.lifecenter.dto.StaffDTO;
 
 @Service
 public class TestService {
@@ -22,5 +26,19 @@ public class TestService {
         mapper.insertPatientDisease(dto);
     }
     
+    public ArrayList<StaffDTO> selectMemberPassword() {
+        return mapper.selectMemberPassword();
+    }
+    
+    public void updateMemberPassword(StaffDTO dto) {
+        mapper.updateMemberPassword(dto);
+    }
+    
+    public ArrayList<PatientDTO> selectPatientPassword() {
+        return mapper.selectPatientPassword();
+    }
+    public void updatePatientPassword(PatientDTO dto) {
+        mapper.updatePatientPassword(dto);
+    }
 
 }

src/main/resources/mybatis/mapper/test/test.xml

@@ -15,6 +15,34 @@
 <!--        WHERE id = 'admin' -->
 <!--     ]]> -->
 <!--   </select> -->
+
+  <select id="selectMemberPassword" resultType="com.lemon.lifecenter.dto.StaffDTO">
+    <![CDATA[
+      SELECT id, password
+        FROM MEMBER
+    ]]>
+  </select>
+  <update id ="updateMemberPassword" parameterType="com.lemon.lifecenter.dto.StaffDTO">
+    <![CDATA[
+      UPDATE MEMBER
+         SET password = #{password}
+       WHERE id = #{id}
+    ]]>
+  </update>
+  
+  <select id="selectPatientPassword" resultType="com.lemon.lifecenter.dto.PatientDTO">
+    <![CDATA[
+      SELECT id, pw
+        FROM PATIENT_CARE
+    ]]>
+  </select>
+  <update id="updatePatientPassword" parameterType="com.lemon.lifecenter.dto.PatientDTO">
+    <![CDATA[
+      UPDATE PATIENT_CARE
+         SET pw = #{pw}
+       WHERE id = #{id}
+    ]]>
+  </update>
   
   <insert id="insertPatientCare" parameterType="com.lemon.lifecenter.dto.PatientDTO">
     <![CDATA[