This commit is contained in:
@@ -33,6 +33,7 @@ import com.eactive.eai.rms.data.entity.man.role.Role;
|
||||
import com.eactive.eai.rms.data.entity.man.role.RoleService;
|
||||
import com.eactive.eai.rms.data.entity.onl.bzwkdstcd.UserBusinessService;
|
||||
import com.eactive.eai.rms.onl.common.exception.BizException;
|
||||
import com.eactive.ext.djb.DamoManager;
|
||||
|
||||
import lombok.RequiredArgsConstructor;
|
||||
|
||||
@@ -140,7 +141,7 @@ public class UserManService extends BaseService {
|
||||
|
||||
public void updatePassword(UserUI userUI) throws Exception {
|
||||
UserInfo userInfo = userInfoService.getById(userUI.getUserId());
|
||||
userInfo.setPassword(Seed.encrypt(userUI.getUserId()));
|
||||
userInfo.setPassword(DamoManager.getInstance().hash(DamoManager.SHA256, userUI.getUserId()));
|
||||
userUIMapper.updateToEntity(userUI, userInfo);
|
||||
userInfoService.save(userInfo);
|
||||
}
|
||||
|
||||
@@ -33,6 +33,7 @@ import org.springframework.web.servlet.View;
|
||||
|
||||
import com.eactive.eai.common.seed.Seed;
|
||||
import com.eactive.eai.rms.ext.kjb.smsauth.SmsAuthService;
|
||||
import com.eactive.ext.djb.DamoManager;
|
||||
import com.eactive.eai.data.converter.LocalDateTimeFormatters;
|
||||
import com.eactive.eai.rms.common.context.MonitoringContext;
|
||||
import com.eactive.eai.rms.common.datasource.DataSourceType;
|
||||
@@ -363,7 +364,7 @@ public class MainController implements InterceptorSkipController {
|
||||
String loginMode = System.getProperty("login.mode");
|
||||
if("db".equals(loginMode) || "DB".equals(loginMode)) {
|
||||
/* 기존로직 - LDAP 사용 x */
|
||||
if (!userInfo.getPassword().equals(Seed.encrypt(dto.getPassword()))) {
|
||||
if (!userInfo.getPassword().equals(DamoManager.getInstance().hash(DamoManager.SHA256, dto.getPassword()))) {
|
||||
// password 다름.
|
||||
setLoginFailure(request, session, "login.loginfail1",
|
||||
"login.loginfail2");
|
||||
@@ -799,9 +800,9 @@ public class MainController implements InterceptorSkipController {
|
||||
.getString("login.pwdmismatch4"));
|
||||
return REDIRECT_CHANGE_PASSWORD_URL;
|
||||
}
|
||||
|
||||
|
||||
// 3. 비밀번호 체크
|
||||
if (!userInfo.getPassword().equals(Seed.encrypt(resetPassword))
|
||||
if (!userInfo.getPassword().equals(DamoManager.getInstance().hash(DamoManager.SHA256,resetPassword))
|
||||
|| !userInfo.getUserid().equals(resetUserId)) {
|
||||
UserAccessLogger.log(request, LOG_CATEGORY_LOGIN, "F",
|
||||
localeMessage
|
||||
@@ -812,7 +813,7 @@ public class MainController implements InterceptorSkipController {
|
||||
}
|
||||
|
||||
// 4. 비밀번호 변경
|
||||
userInfo.setPassword(Seed.encrypt(changePassword));
|
||||
userInfo.setPassword(DamoManager.getInstance().hash(DamoManager.SHA256,changePassword));
|
||||
userInfoService.save(userInfo);
|
||||
|
||||
UserAccessLogger.log(request, LOG_CATEGORY_LOGIN, "S", localeMessage
|
||||
|
||||
Reference in New Issue
Block a user