본문 바로가기
개발 공부 Today I Learned

[국비 67일차 TIL] 글 제목 앞에 new 붙이기, 비밀번호 암호화

by 개발자신입 2024. 2. 28.
반응형

오늘 작성한 글 제목 앞에 new 붙이기

notice-mapper.xml

`if(date_format(now(), '%Y-%m-%d') = date_format(ndate, '%Y-%m-%d'), 1, 0) as ndel`

: 현재 날짜와 `ndate`가 같은지 비교하여 같으면 `1`, 다르면 `0`으로 표시합니다. 이를 통해 오늘 작성된 글을 표시하기 위한 조건을 생성합니다.

	<select id="noticeList" parameterType="Integer" resultType="notice">
		SELECT nno, nread, nlike, ntitle, 
		if( date_format(now(), '%Y-%m-%d') = date_format(ndate, '%Y-%m-%d'), 
		date_format(ndate, '%h:%i'), date_format(ndate, '%m-%d') ) as ndate, 
		if(date_format(now(), '%Y-%m-%d') = date_format(ndate, '%Y-%m-%d'), 1, 0) as ndel 
		FROM notice WHERE ndel=1 
		ORDER BY nno DESC 
		LIMIT #{pageNo}, 10
	</select>

notice.jsp

<c:if test="${row.ndel eq 1}"><img alt="new" src="./img/new.png"></c:if>

LoginController.java

	@GetMapping("/join")
	public String join() {
		return "join";
	}

join.jsp

<script>
	$(function() {
		// Swal.fire('title','content', 'success');

		// join을 클릭하면 이벤트 발생
		$('#join').click(function() {
			// Swal.fire('회원가입','버튼을 클릭했습니다.','success');
			// id값 가져오기
			let id = $('#id').val();
			let pw1 = $('#password1').val();
			let pw2 = $('#password2').val();
			let name = $('#name').val();
			let email = $('#email').val();

			// Swal.fire('회원가입', '아이디 : ' + id + "<br>비밀번호 : " + pw1 + "/" + pw2, 'success');
			
			// 전송하기
			let loginForm = $('<form></form>');
			loginForm.attr('name','login');
			loginForm.attr('method','post');
			loginForm.attr('action','/join');
			
			loginForm.append($('<input>', {'type':'hidden', 'name':'id','value':id}));
			loginForm.append($('<input>', {'type':'hidden', 'name':'pw1','value':pw1}));
			loginForm.append($('<input>', {'type':'hidden', 'name':'name','value':name}));
			loginForm.append($('<input>', {'type':'hidden', 'name':'email','value':email}));
			
			loginForm.appendTo('body');
			loginForm.submit();
		})
	});
</script>

<body id="page-top">
	<!-- Navigation 코드 이동 : menu.jsp -->
	<%@ include file="menu.jsp"%>

	<div class="container">
		<div class="content">
			<div class="row">
				<div class="col-md-6 order-md-1">
					<img src="./assets/img/cute.jpg" alt="좌측이미지" class="img-fluid" style="object-fit: contain; margin: 0 auto; height: 100%; margin-top: 100px;">
				</div>
				<div class="col-md-6 order-md-2" style="margin-top: 200px;">
					<div class="header">
						<h1>회원가입</h1>
					</div>
					<div class="main">
						<form action="#">
							<div class="mb-3 row">
								<label for="id" class="col-sm-2 col-form-label">아이디</label>
							<div class="col-sm-7">
								<input type="text" id="id" class="form-control" placeholder="아이디를 입력하세요">
							</div>
							<div class="col-sm-3">
								<button type="button" id="idCheck" class="btn btn-info w-100">ID 검사</button>
							</div>
						</div>
							<div class="mb-3 row">
								<label for="inputPassword" class="col-sm-2 col-form-label">비밀번호</label>
							<div class="col-sm-5">
								<input type="password" class="form-control" id="password1" placeholder="암호를 입력하세요">
							</div>
							<div class="col-sm-5">
                                <input type="password" class="form-control" id="password2" placeholder="암호를 입력하세요">
                            </div>
                        </div>
                            <div class="mb-3 row">
                                <label for="name" class="col-sm-2 col-form-label">이 름</label>
                            <div class="col-sm-10">
                                <input type="text" class="form-control" id="name" placeholder="이름을 입력하세요">
                            </div>
						</div>
                            <div class="mb-3 row">
                                <label for="email" class="col-sm-2 col-form-label">이메일</label>
                            <div class="col-sm-10">
                                <input type="email" class="form-control" id="email" placeholder="이메일을 입력하세요">
                            </div>
                        </div>
                            <div class="mb-3 row">
                                <div class="col-sm-12">
                                    <button type="button" id="join" class="btn btn-info">회원가입</button>
                                </div>
                            </div>
                        </form>
					</div>
				</div>
			</div>
		</div>
	</div>
</section>

LoginController.java

MemberDTO에 meamil 추가

	@PostMapping("/join")
	public String join(HttpServletRequest request) {
		System.out.println(request.getParameter("id"));
		System.out.println(request.getParameter("pw"));
		System.out.println(request.getParameter("name"));
		System.out.println(request.getParameter("email"));
		
		MemberDTO join = new MemberDTO();
		join.setMid(request.getParameter("id"));
		join.setMpw(request.getParameter("pw"));
		join.setMname(request.getParameter("name"));
		join.setMemail(request.getParameter("email"));
		
		int result = loginService.join(join);
		System.out.println("회원가입 결과 : " + result);

 

-> join 생성해주기 ( 서비스, DAO)

LoginService.java

	public int join(MemberDTO join) {
		return loginDAO.join(join);
	}

LoginDAO.java

	public int join(MemberDTO join) {
		return sqlSession.insert("login.join", join);
	}

login-mapper.xml

	<!-- 2024-02-28 회원가입 -->
	<insert id="join" parameterType="memberDTO">
		INSERT INTO member(mid, mpw, mname, memail) 
		VALUES (#{mid}, #{mpw}, #{mname}, #{memail})
	</insert>

데이터베이스 암호화

사용자의 입력 -> jsp -> spring -> DB

눈으로 볼 수 있는 평문저장이 아니라 암호화해서 저장해야 함.

  • 구간 : http 80 / https 443
  • 스프링 시큐리티 (스프링 mybatis db) : 사용자가 jsp -> spring-> DB
  • DB암호화 : 데이터베이스에 저장된 암호만 암호화

-- 암호화하기 

SELECT 
HEX(
	AES_ENCRYPT('01234567','testtest')
)
FROM DUAL;


-- 뱽? s?<諂?V = 93A3F6522073DA94113CF4DB17EA7F56 (HEX code)

-- 복호화 (-> 평문화)

SELECT 
AES_DECRYPT(UNHEX('93A3F6522073DA94113CF4DB17EA7F56'),'testtest')
FROM DUAL;


-- MD5 : 단방향, 복호화 불가

select MD5('01234567')
FROM DUAL;

 -- 2e9ec317e197819358fbc43afca7d837

SELECT 
HEX(AES_ENCRYPT(MD5('01234567'),'testtest'))
FROM DUAL;


-- SHA2

SELECT SHA2('01234567', 256)
FROM DUAL;


-- 결과 : 924592b9b103f14f833faafb67f480691f01988aa457c0061769f58cd47311bc

SELECT mpw
FROM member;

-- 암호키 Daiso
-- HEX(AES_ENCRYPT('mpw','Daiso'))
UPDATE member SET mpw='01234567'
UPDATE member SET mpw=HEX(AES_ENCRYPT(mpw,'Daiso'))


-> 데이터 테이블에서 mpw의 길이 늘리기

 

login-mapper.xml

mpw부분 변경
1. select 구문에서는 mpw as pw를  AES_DECRYPT(UNHEX(mpw),'Daiso') as pw  이렇게 변경.

	<select id="login" parameterType="loginDTO" resultType="loginDTO">
	<![CDATA[
		SELECT COUNT(*) as count, mname, mcount, AES_DECRYPT(UNHEX(mpw),'Daiso') as pw 
		FROM member
		WHERE mid=#{id} AND mgrade > 4
	]]>
	</select>

 

2. insert 구문에서는 #{mpw} 를 HEX(AES_ENCRYPT(${mpw},'Daiso')) 로 변경

	<insert id="join" parameterType="memberDTO">
		INSERT INTO member(mid, mpw, mname, memail) 
		VALUES (#{mid}, HEX(AES_ENCRYPT(${mpw},'Daiso')), #{mname}, #{memail})
	</insert>

결과

신규 가입시에도 비밀번호가 암호화되어서 DB에 저장됨.

 

회원가입 로직

 

https://developlsb2dwb.tistory.com/21 참고블로그

 

반응형
저작자표시 비영리 변경금지

'개발 공부 Today I Learned' 카테고리의 다른 글

[국비 69일차 TIL] 관리자 페이지 게시글 관리  (0) 2024.03.04
[국비 68일차 TIL] ID 중복검사, 검색창 생성  (0) 2024.02.29
[spring] 회원가입 비밀번호 일치 확인  (0) 2024.02.28
[국비 66일차 TIL] 공지사항, 글 삭제, 페이징  (0) 2024.02.27
[국비 65일차 TIL] 갤러리 글 상세보기  (0) 2024.02.26

관련글

댓글

티스토리툴바