This commit is contained in:
@@ -91,7 +91,10 @@
|
|||||||
data: $('#loginForm').serialize(),
|
data: $('#loginForm').serialize(),
|
||||||
dataType: 'json',
|
dataType: 'json',
|
||||||
success: function(response) {
|
success: function(response) {
|
||||||
if (response.smsAuthRequired) {
|
if (response.changePassword) {
|
||||||
|
showChangeInitPassword(response);
|
||||||
|
}
|
||||||
|
else if (response.smsAuthRequired) {
|
||||||
// SMS 인증 필요
|
// SMS 인증 필요
|
||||||
showSmsAuthModal(response);
|
showSmsAuthModal(response);
|
||||||
} else if (response.success) {
|
} else if (response.success) {
|
||||||
@@ -108,6 +111,13 @@
|
|||||||
}
|
}
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function showChangeInitPassword(data) {
|
||||||
|
$('input[name="resetUserId"]').val($('input[name="userId"]').val());
|
||||||
|
$('input[name="resetPassword"]').val($('input[name="password"]').val());
|
||||||
|
$('#changeInitPassword').hide();
|
||||||
|
$('#pwdChgModal').modal('show');
|
||||||
|
}
|
||||||
|
|
||||||
// SMS 인증 모달 표시
|
// SMS 인증 모달 표시
|
||||||
function showSmsAuthModal(data) {
|
function showSmsAuthModal(data) {
|
||||||
@@ -218,44 +228,39 @@
|
|||||||
clearInterval(resendTimer);
|
clearInterval(resendTimer);
|
||||||
$('#smsAuthModal').modal('hide');
|
$('#smsAuthModal').modal('hide');
|
||||||
}
|
}
|
||||||
function changePwd(){
|
|
||||||
|
function checkPwd(){
|
||||||
if ($("input[name=resetUserId]").val() == null || $("input[name=resetUserId]").val().length == 0 ){
|
if ($("input[name=resetUserId]").val() == null || $("input[name=resetUserId]").val().length == 0 ){
|
||||||
alert("<%= localeMessage.getString("login.checkid") %>");
|
alert("<%= localeMessage.getString("login.checkid") %>");
|
||||||
$("input[name=resetUserId]").trigger("focus");
|
$("input[name=resetUserId]").trigger("focus");
|
||||||
return;
|
return false;
|
||||||
}
|
}
|
||||||
if ($("input[name=resetPassword]").val() == null || $("input[name=resetPassword]").val().trim().length == 0 ){
|
if ($("input[name=resetPassword]").val() == null || $("input[name=resetPassword]").val().trim().length == 0 ){
|
||||||
alert("<%= localeMessage.getString("login.checkpwd1") %>");
|
alert("<%= localeMessage.getString("login.checkpwd1") %>");
|
||||||
$("input[name=resetPassword]").trigger("focus");
|
$("input[name=resetPassword]").trigger("focus");
|
||||||
return;
|
return false;
|
||||||
}
|
}
|
||||||
if ($("input[name=changePassword]").val() == null || $("input[name=changePassword]").val().trim().length == 0 ){
|
if ($("input[name=changePassword]").val() == null || $("input[name=changePassword]").val().trim().length == 0 ){
|
||||||
alert("<%= localeMessage.getString("login.checkpwd2") %>");
|
alert("<%= localeMessage.getString("login.checkpwd2") %>");
|
||||||
$("input[name=changePassword]").trigger("focus");
|
$("input[name=changePassword]").trigger("focus");
|
||||||
return ;
|
return false;
|
||||||
}
|
}
|
||||||
if ($("input[name=confirmPassword]").val() == null || $("input[name=confirmPassword]").val().trim().length == 0 ){
|
if ($("input[name=confirmPassword]").val() == null || $("input[name=confirmPassword]").val().trim().length == 0 ){
|
||||||
alert("<%= localeMessage.getString("login.checkpwd3") %>");
|
alert("<%= localeMessage.getString("login.checkpwd3") %>");
|
||||||
return ;
|
return false;
|
||||||
}
|
}
|
||||||
if ($("input[name=confirmPassword]").val() != $("input[name=confirmPassword]").val()){
|
if ($("input[name=changePassword]").val() != $("input[name=confirmPassword]").val()){
|
||||||
alert("<%= localeMessage.getString("login.checkpwd4") %>");
|
alert("<%= localeMessage.getString("login.checkpwd4") %>");
|
||||||
$("input[name=confirmPassword]").trigger("focus");
|
$("input[name=confirmPassword]").trigger("focus");
|
||||||
return ;
|
return false;
|
||||||
}
|
}
|
||||||
if ($("input[name=resetUserId]").val() == $("input[name=changePassword]").val()){
|
if ($("input[name=resetUserId]").val() == $("input[name=changePassword]").val()){
|
||||||
alert("<%= localeMessage.getString("login.checkpwd5") %>");
|
alert("<%= localeMessage.getString("login.checkpwd5") %>");
|
||||||
$("input[name=changePassword]").trigger("focus");
|
$("input[name=changePassword]").trigger("focus");
|
||||||
return ;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
//if (idCheck.checked){
|
return true;
|
||||||
// setCookie("key",id);
|
|
||||||
//}
|
|
||||||
<%-- $("form").attr("action","<c:url value="/changePassword.do"/>");
|
|
||||||
//$("form").action = "<%=request.getContextPath()%>/changePassword.do";
|
|
||||||
--%>
|
|
||||||
$("form").submit();
|
|
||||||
}
|
}
|
||||||
|
|
||||||
$(document).ready(function() {
|
$(document).ready(function() {
|
||||||
@@ -271,14 +276,22 @@
|
|||||||
});
|
});
|
||||||
$("input[name=changePassword]").keydown(function(event){
|
$("input[name=changePassword]").keydown(function(event){
|
||||||
if ( event.which == 13 ) {
|
if ( event.which == 13 ) {
|
||||||
changePwd();
|
$('#modalLoginForm').submit();
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
$("input[name=confirmPassword]").keydown(function(event){
|
$("input[name=confirmPassword]").keydown(function(event){
|
||||||
if ( event.which == 13 ) {
|
if ( event.which == 13 ) {
|
||||||
changePwd();
|
$('#modalLoginForm').submit();
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
// Password Change 링크로 직접 열 때만 초기화 (JS에서 modal('show') 호출 시 relatedTarget 없음)
|
||||||
|
$('#pwdChgModal').on('show.bs.modal', function(event) {
|
||||||
|
if (event.relatedTarget) {
|
||||||
|
$('#modalLoginForm')[0].reset();
|
||||||
|
$('#changeInitPassword').show();
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
$("select[name=serviceType]").change(function(){
|
$("select[name=serviceType]").change(function(){
|
||||||
fncPreMain();
|
fncPreMain();
|
||||||
});
|
});
|
||||||
@@ -286,9 +299,7 @@
|
|||||||
$("#btn_login").click(function(){
|
$("#btn_login").click(function(){
|
||||||
fncPreMain();
|
fncPreMain();
|
||||||
});
|
});
|
||||||
$("#changePwd").click(function(){
|
|
||||||
changePwd();
|
|
||||||
});
|
|
||||||
$("#btn_sso_login").click(function(){
|
$("#btn_sso_login").click(function(){
|
||||||
fncSsoLogin();
|
fncSsoLogin();
|
||||||
});
|
});
|
||||||
@@ -366,7 +377,7 @@
|
|||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
<!-- 비밀번호 변경 모달 -->
|
||||||
<div class="modal fade" id="pwdChgModal" tabindex="-1" role="dialog" aria-labelledby="pwdChgModalLabel" aria-hidden="true">
|
<div class="modal fade" id="pwdChgModal" tabindex="-1" role="dialog" aria-labelledby="pwdChgModalLabel" aria-hidden="true">
|
||||||
<div class="modal-dialog" role="document">
|
<div class="modal-dialog" role="document">
|
||||||
<div class="modal-content">
|
<div class="modal-content">
|
||||||
@@ -376,13 +387,15 @@
|
|||||||
<span aria-hidden="true">X</span>
|
<span aria-hidden="true">X</span>
|
||||||
</button>
|
</button>
|
||||||
</div>
|
</div>
|
||||||
<form name="form" id="modalLoginForm" action="<c:url value="/changePassword.do"/>" method="post">
|
<form id="modalLoginForm" action="<c:url value="/changePassword.do"/>" method="post" onsubmit="return checkPwd()" novalidate>
|
||||||
<div class="modal-body">
|
<div class="modal-body">
|
||||||
<div class="form-group d-flex">
|
<div id="changeInitPassword">
|
||||||
<input type="text" name="resetUserId" class="form-control rounded-left" placeholder="User Id" required>
|
<div class="form-group d-flex">
|
||||||
</div>
|
<input type="text" name="resetUserId" class="form-control rounded-left" placeholder="User Id" required>
|
||||||
<div class="form-group d-flex">
|
</div>
|
||||||
<input type="password" name="resetPassword" class="form-control rounded-left" placeholder="<%= localeMessage.getString("login.placeholderCurrentPassword") %>" autocomplete="off" required>
|
<div class="form-group d-flex">
|
||||||
|
<input type="password" name="resetPassword" class="form-control rounded-left" placeholder="<%= localeMessage.getString("login.placeholderCurrentPassword") %>" autocomplete="off" required>
|
||||||
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<p><%= localeMessage.getString("login.toChangePasswordMessage") %></p>
|
<p><%= localeMessage.getString("login.toChangePasswordMessage") %></p>
|
||||||
<div class="form-group d-flex">
|
<div class="form-group d-flex">
|
||||||
@@ -393,7 +406,7 @@
|
|||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<div class="modal-footer">
|
<div class="modal-footer">
|
||||||
<input type="button" id ="changePwd" class="form-control btn btn-primary rounded submit px-3" value="변경">
|
<button type="submit" id="changePwd" class="form-control btn btn-primary rounded submit px-3">변경</button>
|
||||||
</div>
|
</div>
|
||||||
</form>
|
</form>
|
||||||
</div>
|
</div>
|
||||||
|
|||||||
@@ -42,7 +42,7 @@ import lombok.RequiredArgsConstructor;
|
|||||||
@RequiredArgsConstructor
|
@RequiredArgsConstructor
|
||||||
public class UserManService extends BaseService {
|
public class UserManService extends BaseService {
|
||||||
|
|
||||||
private final String DEFAULT_PASSWORD_SUBFIX = "@!";
|
|
||||||
|
|
||||||
private final UserInfoService userInfoService;
|
private final UserInfoService userInfoService;
|
||||||
private final UserRoleService userRoleService;
|
private final UserRoleService userRoleService;
|
||||||
@@ -100,9 +100,11 @@ public class UserManService extends BaseService {
|
|||||||
|
|
||||||
UserInfo userInfo = userUIMapper.toEntity(userUI);
|
UserInfo userInfo = userUIMapper.toEntity(userUI);
|
||||||
userInfo.setRoleidnfiname(CommonConstants.DEPT_DEVELOPER);
|
userInfo.setRoleidnfiname(CommonConstants.DEPT_DEVELOPER);
|
||||||
|
|
||||||
|
String subfix = monitoringContext.getStringProperty(MonitoringContext.RMS_PASSWORD_INIT_SUBFIX, "@!");
|
||||||
|
|
||||||
try {
|
try {
|
||||||
userInfo.setPassword(DamoManager.getInstance().hash(DamoManager.SHA256,userUI.getUserId()+DEFAULT_PASSWORD_SUBFIX));
|
userInfo.setPassword(DamoManager.getInstance().hash(DamoManager.SHA256,userUI.getUserId()+subfix));
|
||||||
} catch (Exception e) {
|
} catch (Exception e) {
|
||||||
throw new RuntimeException("Error encrypting password", e);
|
throw new RuntimeException("Error encrypting password", e);
|
||||||
}
|
}
|
||||||
@@ -142,8 +144,9 @@ public class UserManService extends BaseService {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public void updatePassword(UserUI userUI) throws Exception {
|
public void updatePassword(UserUI userUI) throws Exception {
|
||||||
|
String subfix = monitoringContext.getStringProperty(MonitoringContext.RMS_PASSWORD_INIT_SUBFIX, "@!");
|
||||||
UserInfo userInfo = userInfoService.getById(userUI.getUserId());
|
UserInfo userInfo = userInfoService.getById(userUI.getUserId());
|
||||||
userInfo.setPassword(DamoManager.getInstance().hash(DamoManager.SHA256, userUI.getUserId()+DEFAULT_PASSWORD_SUBFIX));
|
userInfo.setPassword(DamoManager.getInstance().hash(DamoManager.SHA256, userUI.getUserId()+subfix));
|
||||||
userUIMapper.updateToEntity(userUI, userInfo);
|
userUIMapper.updateToEntity(userUI, userInfo);
|
||||||
userInfoService.save(userInfo);
|
userInfoService.save(userInfo);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -262,6 +262,9 @@ public interface MonitoringContext {
|
|||||||
public static final String API_WEBHOOK_RETRY_COUNT = "api.webhook.retry_count";
|
public static final String API_WEBHOOK_RETRY_COUNT = "api.webhook.retry_count";
|
||||||
public static final String API_WEBHOOK_RETRY_TIME = "api.webhook.retry_time";
|
public static final String API_WEBHOOK_RETRY_TIME = "api.webhook.retry_time";
|
||||||
|
|
||||||
|
//비밀번호 초기화 접미사
|
||||||
|
public static final String RMS_PASSWORD_INIT_SUBFIX = "rms.password.init.subfix";
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
public abstract String getStringProperty(String propertyName);
|
public abstract String getStringProperty(String propertyName);
|
||||||
|
|||||||
@@ -45,4 +45,9 @@ public class LoginResponseDto {
|
|||||||
* 에러 메시지 (로그인 실패 시)
|
* 에러 메시지 (로그인 실패 시)
|
||||||
*/
|
*/
|
||||||
private String errorMessage;
|
private String errorMessage;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 초기 비밀번호 변경 필요 여부
|
||||||
|
*/
|
||||||
|
private boolean changePassword;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -191,6 +191,19 @@ public class MainController implements InterceptorSkipController {
|
|||||||
.redirectUrl(redirectUrl)
|
.redirectUrl(redirectUrl)
|
||||||
.build();
|
.build();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
// 2.1 초기 비밀번호인 경우, 비밀번호 변경해야 함
|
||||||
|
String subfix = monitoringContext.getStringProperty(MonitoringContext.RMS_PASSWORD_INIT_SUBFIX, "@!");
|
||||||
|
if (userInfo.getPassword().equals(DamoManager.getInstance().hash(DamoManager.SHA256, userInfo.getUserid()+subfix))
|
||||||
|
|| userInfo.getPassword().equals(DamoManager.getInstance().hash(DamoManager.SHA256, userInfo.getUserid()))) {
|
||||||
|
return LoginResponseDto.builder()
|
||||||
|
.success(false)
|
||||||
|
.changePassword(true)
|
||||||
|
.errorMessage("비밀번호 변경후 사용가능합니다.")
|
||||||
|
.build();
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
// 3. SMS 인증 필요 여부 체크
|
// 3. SMS 인증 필요 여부 체크
|
||||||
SmsAuthService smsAuthService = getSmsAuthService();
|
SmsAuthService smsAuthService = getSmsAuthService();
|
||||||
@@ -758,6 +771,9 @@ public class MainController implements InterceptorSkipController {
|
|||||||
String changePassword, String confirmPassword,
|
String changePassword, String confirmPassword,
|
||||||
String resetUserId, String resetPassword) {
|
String resetUserId, String resetPassword) {
|
||||||
HttpSession session = request.getSession();
|
HttpSession session = request.getSession();
|
||||||
|
// AJAX 로그인 인증 후 초기비밀번호 변경 경로에서 세션에 부분 로그인 상태가 남아
|
||||||
|
// root emergency.jsp가 main.do로 잘못 리다이렉트하는 것을 방지
|
||||||
|
session.removeAttribute(CommonConstants.LOGIN);
|
||||||
|
|
||||||
try {
|
try {
|
||||||
|
|
||||||
@@ -815,6 +831,8 @@ public class MainController implements InterceptorSkipController {
|
|||||||
.getString("login.pwdchanged"));
|
.getString("login.pwdchanged"));
|
||||||
session.setAttribute(RESULT_MSG, localeMessage
|
session.setAttribute(RESULT_MSG, localeMessage
|
||||||
.getString("login.pwdchanged"));
|
.getString("login.pwdchanged"));
|
||||||
|
logger.debug("\n\n\n\n===================" + localeMessage
|
||||||
|
.getString("login.pwdchanged"));
|
||||||
return REDIRECT_LOGIN_URL;
|
return REDIRECT_LOGIN_URL;
|
||||||
|
|
||||||
} catch (Exception e) {
|
} catch (Exception e) {
|
||||||
|
|||||||
Reference in New Issue
Block a user