본문 바로가기
개발 공부 Today I Learned

[국비 67일차 TIL] 글 제목 앞에 new 붙이기, 비밀번호 암호화

by 개발자신입 2024. 2. 28.
반응형

오늘 작성한 글 제목 앞에 new 붙이기

notice-mapper.xml

`if(date_format(now(), '%Y-%m-%d') = date_format(ndate, '%Y-%m-%d'), 1, 0) as ndel`

: 현재 날짜와 `ndate`가 같은지 비교하여 같으면 `1`, 다르면 `0`으로 표시합니다. 이를 통해 오늘 작성된 글을 표시하기 위한 조건을 생성합니다.

‌<select id="noticeList" parameterType="Integer" resultType="notice">
‌‌SELECT nno, nread, nlike, ntitle, 
‌‌if( date_format(now(), '%Y-%m-%d') = date_format(ndate, '%Y-%m-%d'), 
‌‌date_format(ndate, '%h:%i'), date_format(ndate, '%m-%d') ) as ndate, 
‌‌if(date_format(now(), '%Y-%m-%d') = date_format(ndate, '%Y-%m-%d'), 1, 0) as ndel 
‌‌FROM notice WHERE ndel=1 
‌‌ORDER BY nno DESC 
‌‌LIMIT #{pageNo}, 10
‌</select>

notice.jsp

<c:if test="${row.ndel eq 1}"><img alt="new" src="./img/new.png"></c:if>

LoginController.java

‌@GetMapping("/join")
‌public String join() {
‌‌return "join";
}

join.jsp

<script>
‌$(function() {
‌‌// Swal.fire('title','content', 'success');

‌‌// join을 클릭하면 이벤트 발생
‌‌$('#join').click(function() {
‌‌‌// Swal.fire('회원가입','버튼을 클릭했습니다.','success');
‌‌‌// id값 가져오기
‌‌‌let id = $('#id').val();
‌‌‌let pw1 = $('#password1').val();
‌‌‌let pw2 = $('#password2').val();
‌‌‌let name = $('#name').val();
‌‌‌let email = $('#email').val();

‌‌‌// Swal.fire('회원가입', '아이디 : ' + id + "<br>비밀번호 : " + pw1 + "/" + pw2, 'success');
‌‌‌
‌‌‌// 전송하기
‌‌‌let loginForm = $('<form></form>');
‌‌‌loginForm.attr('name','login');
‌‌‌loginForm.attr('method','post');
‌‌‌loginForm.attr('action','/join');
‌‌‌
‌‌‌loginForm.append($('<input>', {'type':'hidden', 'name':'id','value':id}));
‌‌‌loginForm.append($('<input>', {'type':'hidden', 'name':'pw1','value':pw1}));
‌‌‌loginForm.append($('<input>', {'type':'hidden', 'name':'name','value':name}));
‌‌‌loginForm.append($('<input>', {'type':'hidden', 'name':'email','value':email}));
‌‌‌
‌‌‌loginForm.appendTo('body');
‌‌‌loginForm.submit();
‌‌})
});
</script>

<body id="page-top">
‌<!-- Navigation 코드 이동 : menu.jsp -->
‌<%@ include file="menu.jsp"%>

‌<div class="container">
‌‌<div class="content">
‌‌‌<div class="row">
‌‌‌‌<div class="col-md-6 order-md-1">
‌‌‌‌‌<img src="./assets/img/cute.jpg" alt="좌측이미지" class="img-fluid" style="object-fit: contain; margin: 0 auto; height: 100%; margin-top: 100px;">
‌‌‌‌</div>
‌‌‌‌<div class="col-md-6 order-md-2" style="margin-top: 200px;">
‌‌‌‌‌<div class="header">
‌‌‌‌‌‌<h1>회원가입</h1>
‌‌‌‌‌</div>
‌‌‌‌‌<div class="main">
‌‌‌‌‌‌<form action="#">
‌‌‌‌‌‌‌<div class="mb-3 row">
‌‌‌‌‌‌‌‌<label for="id" class="col-sm-2 col-form-label">아이디</label>
‌‌‌‌‌‌‌<div class="col-sm-7">
‌‌‌‌‌‌‌‌<input type="text" id="id" class="form-control" placeholder="아이디를 입력하세요">
‌‌‌‌‌‌‌</div>
‌‌‌‌‌‌‌<div class="col-sm-3">
‌‌‌‌‌‌‌‌<button type="button" id="idCheck" class="btn btn-info w-100">ID 검사</button>
‌‌‌‌‌‌‌</div>
‌‌‌‌‌‌</div>
‌‌‌‌‌‌‌<div class="mb-3 row">
‌‌‌‌‌‌‌‌<label for="inputPassword" class="col-sm-2 col-form-label">비밀번호</label>
‌‌‌‌‌‌‌<div class="col-sm-5">
‌‌‌‌‌‌‌‌<input type="password" class="form-control" id="password1" placeholder="암호를 입력하세요">
‌‌‌‌‌‌‌</div>
‌‌‌‌‌‌‌<div class="col-sm-5">
​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​<input type="password" class="form-control" id="password2" placeholder="암호를 입력하세요">
​​​​​​​​​​​​​​​​​​​​​​​​​​​​</div>
​​​​​​​​​​​​​​​​​​​​​​​​</div>
​​​​​​​​​​​​​​​​​​​​​​​​​​​​<div class="mb-3 row">
​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​<label for="name" class="col-sm-2 col-form-label">이 름</label>
​​​​​​​​​​​​​​​​​​​​​​​​​​​​<div class="col-sm-10">
​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​<input type="text" class="form-control" id="name" placeholder="이름을 입력하세요">
​​​​​​​​​​​​​​​​​​​​​​​​​​​​</div>
‌‌‌‌‌‌</div>
​​​​​​​​​​​​​​​​​​​​​​​​​​​​<div class="mb-3 row">
​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​<label for="email" class="col-sm-2 col-form-label">이메일</label>
​​​​​​​​​​​​​​​​​​​​​​​​​​​​<div class="col-sm-10">
​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​<input type="email" class="form-control" id="email" placeholder="이메일을 입력하세요">
​​​​​​​​​​​​​​​​​​​​​​​​​​​​</div>
​​​​​​​​​​​​​​​​​​​​​​​​</div>
​​​​​​​​​​​​​​​​​​​​​​​​​​​​<div class="mb-3 row">
​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​<div class="col-sm-12">
​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​<button type="button" id="join" class="btn btn-info">회원가입</button>
​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​</div>
​​​​​​​​​​​​​​​​​​​​​​​​​​​​</div>
​​​​​​​​​​​​​​​​​​​​​​​​</form>
‌‌‌‌‌</div>
‌‌‌‌</div>
‌‌‌</div>
‌‌</div>
‌</div>
</section>

LoginController.java

MemberDTO에 meamil 추가

‌@PostMapping("/join")
‌public String join(HttpServletRequest request) {
‌‌System.out.println(request.getParameter("id"));
‌‌System.out.println(request.getParameter("pw"));
‌‌System.out.println(request.getParameter("name"));
‌‌System.out.println(request.getParameter("email"));
‌‌
‌‌MemberDTO join = new MemberDTO();
‌‌join.setMid(request.getParameter("id"));
‌‌join.setMpw(request.getParameter("pw"));
‌‌join.setMname(request.getParameter("name"));
‌‌join.setMemail(request.getParameter("email"));
‌‌
‌‌int result = loginService.join(join);
‌‌System.out.println("회원가입 결과 : " + result);

 

-> join 생성해주기 ( 서비스, DAO)

LoginService.java

‌public int join(MemberDTO join) {
‌‌return loginDAO.join(join);
}

LoginDAO.java

‌public int join(MemberDTO join) {
‌‌return sqlSession.insert("login.join", join);
}

login-mapper.xml

‌<!-- 2024-02-28 회원가입 -->
‌<insert id="join" parameterType="memberDTO">
‌‌INSERT INTO member(mid, mpw, mname, memail) 
‌‌VALUES (#{mid}, #{mpw}, #{mname}, #{memail})
‌</insert>

데이터베이스 암호화

사용자의 입력 -> jsp -> spring -> DB

눈으로 볼 수 있는 평문저장이 아니라 암호화해서 저장해야 함.

  • 구간 : http 80 / https 443
  • 스프링 시큐리티 (스프링 mybatis db) : 사용자가 jsp -> spring-> DB
  • DB암호화 : 데이터베이스에 저장된 암호만 암호화

-- 암호화하기 

SELECT 
HEX(
‌AES_ENCRYPT('01234567','testtest')
)
FROM DUAL;


-- 뱽? s?<諂?V = 93A3F6522073DA94113CF4DB17EA7F56 (HEX code)

-- 복호화 (-> 평문화)

SELECT 
AES_DECRYPT(UNHEX('93A3F6522073DA94113CF4DB17EA7F56'),'testtest')
FROM DUAL;


-- MD5 : 단방향, 복호화 불가

select MD5('01234567')
FROM DUAL;

 -- 2e9ec317e197819358fbc43afca7d837

SELECT 
HEX(AES_ENCRYPT(MD5('01234567'),'testtest'))
FROM DUAL;


-- SHA2

SELECT SHA2('01234567', 256)
FROM DUAL;


-- 결과 : 924592b9b103f14f833faafb67f480691f01988aa457c0061769f58cd47311bc

SELECT mpw
FROM member;

-- 암호키 Daiso
-- HEX(AES_ENCRYPT('mpw','Daiso'))
UPDATE member SET mpw='01234567'
UPDATE member SET mpw=HEX(AES_ENCRYPT(mpw,'Daiso'))


-> 데이터 테이블에서 mpw의 길이 늘리기

 

login-mapper.xml

mpw부분 변경
1. select 구문에서는 mpw as pw를  AES_DECRYPT(UNHEX(mpw),'Daiso') as pw  이렇게 변경.

‌<select id="login" parameterType="loginDTO" resultType="loginDTO">
‌<![CDATA[
‌‌SELECT COUNT(*) as count, mname, mcount, AES_DECRYPT(UNHEX(mpw),'Daiso') as pw 
‌‌FROM member
‌‌WHERE mid=#{id} AND mgrade > 4
]]>
‌</select>

 

2. insert 구문에서는 #{mpw} 를 HEX(AES_ENCRYPT(${mpw},'Daiso')) 로 변경

‌<insert id="join" parameterType="memberDTO">
‌‌INSERT INTO member(mid, mpw, mname, memail) 
‌‌VALUES (#{mid}, HEX(AES_ENCRYPT(${mpw},'Daiso')), #{mname}, #{memail})
‌</insert>

결과

신규 가입시에도 비밀번호가 암호화되어서 DB에 저장됨.

 

회원가입 로직

 

https://developlsb2dwb.tistory.com/21 참고블로그

 

반응형
저작자표시 비영리 변경금지 (새창열림)

'개발 공부 Today I Learned' 카테고리의 다른 글

[국비 69일차 TIL] 관리자 페이지 게시글 관리  (0) 2024.03.04
[국비 68일차 TIL] ID 중복검사, 검색창 생성  (0) 2024.02.29
[spring] 회원가입 비밀번호 일치 확인  (0) 2024.02.28
[국비 66일차 TIL] 공지사항, 글 삭제, 페이징  (0) 2024.02.27
[국비 65일차 TIL] 갤러리 글 상세보기  (0) 2024.02.26

관련글

댓글

티스토리툴바