package com.lemon.lifecenter.common; import java.io.IOException; import java.io.PrintWriter; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; import org.springframework.web.servlet.ModelAndView; import org.springframework.web.servlet.handler.HandlerInterceptorAdapter; import com.lemon.lifecenter.dto.RoleDTO; import com.lemon.lifecenter.service.RoleService; @Component public class LifeCenterInterCeptor extends HandlerInterceptorAdapter { @Autowired private LifeCenterConfigVO config; @Autowired private RoleService roleService; private final Logger logger = LoggerFactory.getLogger(this.getClass()); @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws IOException { logger.info( "--------------------- InterCeptor Start --------------------- " ); String url = request.getRequestURI().toString(); String port = String.valueOf(request.getServerPort()); Object session = request.getSession().getAttribute( "sesId" ); Object groupIdx = request.getSession().getAttribute( "sesGroupIdx" ); Object sesMId = request.getSession().getAttribute( "sesMId" ); Object sesPasswordChange = request.getSession().getAttribute( "sesPasswordChange" ); Object sesAcceptCheck = request.getSession().getAttribute( "sesAcceptCheck" ); logger.info( "|------------------------------------------------------------------|" ); logger.info( "| URL : " + url + " | IP : " + LifeCenterFunction.getRemoteAddr(request) + " | Port : " + port ); logger.info( "|------------------------------------------------------------------|" ); logger.info( " sesMobileId : " + sesMId + " sesWebId : " + session + " groupIdx : " + groupIdx ); if ( url.contains( "/error" ) || url.contains( "/nonface/wait" ) || url.contains( "/store" ) || url.contains( "/favicon.ico" ) || url.contains( "/mobile/getAppVersion" ) || url.contains("/lifeCenter/api") ) { return true; } if( url.contains( "/mobile" ) ) { if( !url.equals( "/mobile/login" ) && !url.equals( "/mobile/check" ) ) { if( sesMId == null ) { response.sendRedirect( "/mobile/login" ); return false; } else { logger.info( "IP : " + LifeCenterFunction.getRemoteAddr( request ) + " ID : " + sesMId.toString() + " URL : " + url + " Port : " + port ); Object sesMAcceptCheck = request.getSession().getAttribute( "sesMAcceptCheck" ); // System.err.println( "sesMAcceptCheck : " + sesMAcceptCheck ); if( sesMAcceptCheck != null && sesMAcceptCheck.equals( "Y" ) ) { if( !url.equals( "/mobile/accept/list" ) ) { logger.info( "약관 동의 페이지로 이동" ); if( !url.equals( "/mobile/accept/insert" ) && !url.equals( "/mobile/login/logout" ) ) { LifeCenterFunction.scriptMessage( response, "location.href='/mobile/accept/list';" ); } } else { // LifeCenterFunction.scriptMessage( response, "alertBox({ txt: '약관 동의 후 서비스 이용이 가능합니다.', callBack : function(){ } });" ); } } else { if( url.equals( "/mobile/accept/list" ) ) { response.sendRedirect( "/mobile/menu" ); } } } } else if( url.equals( "/mobile/login" ) ) { if( sesMId != null ) { response.sendRedirect( "/mobile/menu" ); return false; } } } else { if( !url.equals( "/login/staff" ) && !url.equals( "/login/admin" ) && !url.equals( "/login/check" ) ) { if( session == null ) { response.sendRedirect( "/login/staff" ); return false; } else { logger.info( "IP : " + LifeCenterFunction.getRemoteAddr( request ) + " ID : " + session.toString() + " URL : " + url + " Port : " + port ); /* * 현재경로에대해 권한 체크 */ /* RoleDTO roleDTO = new RoleDTO(); roleDTO.setMenuPath( url ); int roleCount = roleService.selectNowPathRoleCheckTotal( roleDTO ); if( roleCount > 0 ) { Object sesGroupIdx = request.getSession().getAttribute( "sesGroupIdx" ); roleDTO.setGroupIdx( Integer.valueOf( sesGroupIdx.toString() ) ); roleDTO = roleService.selectNowPathRoleCheckData( roleDTO ); String menuType = roleDTO.getMenuType(); boolean roleFlag = true; System.err.println( ); if( menuType.equals( "C" ) ) { if( roleDTO.getCreateYn().equals( "N" ) ) { roleFlag = false; } } else if( menuType.equals( "R" ) ) { if( roleDTO.getReadYn().equals( "N" ) ) { roleFlag = false; } } else if( menuType.equals( "U" ) ) { if( roleDTO.getUpdateYn().equals( "N" ) ) { roleFlag = false; } } else if( menuType.equals( "" ) ) { if( roleDTO.getDeleteYn().equals( "N" ) ) { roleFlag = false; } } if( roleFlag == false ) { logger.error( "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" ); logger.error( "현재 경로에 대한 권한이 없습니다 . IP : " + LifeCenterFunction.getRemoteAddr( request ) + " ID : " + session.toString() + " URL : " + url + " Port : " + port ); logger.error( "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" ); // System.err.println( "XMLHttpRequest".equals( request.getHeader( "x-requested-with" ) ) ); // Ajax 요청인지 확인 if( "XMLHttpRequest".equals( request.getHeader( "x-requested-with" ) ) == true ) { response.sendError( 999 ); } else { response.sendError( 403 ); } return false; } } */ /* * 약관 동의 체크, 비밀번호 초기화 체크 */ if( sesAcceptCheck != null && sesAcceptCheck.equals( "Y" ) ) { if( !url.equals( "/accept/list" ) ) { logger.info( "약관 동의 페이지로 이동" ); if( !url.equals( "/accept/insert" ) && !url.equals( "/login/logout" ) ) { LifeCenterFunction.scriptMessage( response, "location.href='/accept/list';" ); } } else { // LifeCenterFunction.scriptMessage( response, "alertBox({ txt: '약관 동의 후 서비스 이용이 가능합니다.', callBack : function(){ } });" ); } } else { if( url.equals( "/accept/list" ) ) { response.sendRedirect( "/" ); } if( sesPasswordChange != null ) { if( sesPasswordChange.equals( "REQUIRED" ) ) { if( !url.equals( "/staff/myinfo" ) ) { logger.info( "비밀번호 변경 필요 -> 비밀번호 변경 페이지로 이동" ); if( !url.equals( "/common/passwordCheck" ) && !url.equals( "/staff/myinfo/update" ) && !url.equals( "/login/logout" ) ) { LifeCenterFunction.scriptMessage( response, "location.href='/staff/myinfo';" ); return false; } } else { LifeCenterFunction.scriptMessage( response, "alertBox({ txt: '비밀번호 보안 규정 변경으로 인하여 의무적으로 비밀번호 1회 변경 진행 후 서비스 이용이 가능합니다.', callBack : function(){ } });" ); } } else if( sesPasswordChange.equals( "RESET" ) ) { if( !url.equals( "/staff/myinfo" ) ) { logger.info( "초기화 비밀번호로 로그인 -> 비밀번호 변경 페이지로 이동" ); if( !url.equals( "/common/passwordCheck" ) && !url.equals( "/staff/myinfo/update" ) && !url.equals( "/login/logout" ) ) { LifeCenterFunction.scriptMessage( response, "location.href='/staff/myinfo';" ); return false; } } else { LifeCenterFunction.scriptMessage( response, "alertBox({ txt: '초기화 비밀번호로 로그인시 비밀번호 변경 후 서비스 이용이 가능합니다.', callBack : function(){ } });" ); } } } } } } else if( url.equals( "/login/staff" ) || url.equals( "/login/admin" ) ) { if( session != null ) { if( groupIdx.equals( "1" ) ) { response.sendRedirect( "/center/list" ); } else { response.sendRedirect( "/patient/list" ); } return false; } } } return true; } @Override public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) { //logger.info("Method Executed Time : postHandle"); } @Override public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) { //logger.info("Method Completed Time : afterCompletion"); logger.info( "--------------------- InterCeptor afterCompletion ---------------------" ); } }