DBNT
/
kcscDev
9
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: DBNT:f67c3ee502ac5e712d360da04c2fbfff69a454eb
Branches Tags
DBNT:master
DBNT:thkim
DBNT:cks
..
compare: DBNT:e6f436ac2243656e77bb683b1cd3d334a7b6816c
Branches Tags
DBNT:master
DBNT:thkim
DBNT:cks

No commits in common. "f67c3ee502ac5e712d360da04c2fbfff69a454eb" and "e6f436ac2243656e77bb683b1cd3d334a7b6816c" have entirely different histories.
f67c3ee502 ... e6f436ac22

6 changed files with 18 additions and 62 deletions
Show Stats Expand all files Collapse all files

2
egovframe-template-simple-react-contribution/src/pages/login/EgovLoginContent.jsx
View File

@ -82,7 +82,6 @@ function EgovLoginContent(props) {
EgovNet.requestFetch(loginUrl,
requestOptions,
(resp) => {
if (Number(resp.resultCode) === Number(CODE.RCV_SUCCESS)) {
let accessToken = resp?.accessToken || null;
let resultVO = parseJwt(accessToken);
let refreshToken = resp?.refreshToken || null;
@ -90,6 +89,7 @@ function EgovLoginContent(props) {
// setSessionItem('accessToken', accessToken);
setLocalItem('accessToken', accessToken);
setLocalItem('refreshToken', refreshToken);
if (Number(resp.resultCode) === Number(CODE.RCV_SUCCESS)) {
// setSessionItem('loginUser', resultVO);
props.onChangeLogin(resultVO);
if (saveIDFlag) {

21
kcsc-back-end/src/main/java/com/dbnt/kcscbackend/config/security/CustomUrlAuthenticationSuccessHandler.java
View File

@ -1,10 +1,8 @@
package com.dbnt.kcscbackend.config.security;
import com.dbnt.kcscbackend.auth.entity.UserInfo;
import com.dbnt.kcscbackend.config.common.ResponseCode;
import com.dbnt.kcscbackend.config.egov.EgovProperties;
import com.dbnt.kcscbackend.config.jwt.EgovJwtTokenUtil;
import com.dbnt.kcscbackend.config.util.ClientUtils;
import lombok.NoArgsConstructor;
import lombok.RequiredArgsConstructor;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.MediaType;
@ -19,12 +17,11 @@ import org.springframework.security.web.savedrequest.RequestCache;
import org.springframework.security.web.savedrequest.SavedRequest;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
@RequiredArgsConstructor
@Configuration
@ -33,8 +30,6 @@ public class CustomUrlAuthenticationSuccessHandler extends SimpleUrlAuthenticati
private final EgovJwtTokenUtil jwtTokenUtil;
private RequestCache requestCache = new HttpSessionRequestCache();
private static final List<String> adminIpList = Arrays.asList(EgovProperties.getProperty("Globals.admin.allow-ip").split(","));
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
Authentication authentication) throws ServletException, IOException {
@ -53,24 +48,20 @@ public class CustomUrlAuthenticationSuccessHandler extends SimpleUrlAuthenticati
securityUser = (UserInfo) principal;
}
}
// application/json(ajax) 요청일 경우 아래의 처리!
MappingJackson2HttpMessageConverter jsonConverter = new MappingJackson2HttpMessageConverter();
MediaType jsonMimeType = MediaType.APPLICATION_JSON;
HashMap<String, Object> resultMap = new HashMap<>();
if(securityUser.getUserId().equals("admin") && !adminIpList.contains(ClientUtils.getRemoteIP(request))){
resultMap.put("resultCode", ResponseCode.FAILED.getCode());
resultMap.put("resultMessage", "관리자 계정은 지정된 아이피에서만 접속할 수 있습니다.\n필요한 경우 관리자에게 요청하십시오.\n접속자 아이피: "+ClientUtils.getRemoteIP(request));
}else{
String accessToken = jwtTokenUtil.generateAccessToken(securityUser, request.getRemoteAddr());
String refreshToken = jwtTokenUtil.generateRefreshTokenToken(securityUser, request.getRemoteAddr());
resultMap.put("resultCode", ResponseCode.SUCCESS.getCode());
HashMap<String, Object> resultMap = new HashMap<>();
resultMap.put("resultCode", "200");
resultMap.put("accessToken", accessToken);
resultMap.put("refreshToken", refreshToken);
// response.addHeader("Authorization", "BEARER "+accessToken);
// Cookie refreshTokenCookie = new Cookie("refreshToken", refreshToken);
// response.addCookie(refreshTokenCookie);
}
if (jsonConverter.canWrite(resultMap.getClass(), jsonMimeType)) {
jsonConverter.write(resultMap, jsonMimeType, new ServletServerHttpResponse(response));
}

32
kcsc-back-end/src/main/java/com/dbnt/kcscbackend/config/util/ClientUtils.java
View File

@ -1,32 +0,0 @@
package com.dbnt.kcscbackend.config.util;
import javax.servlet.http.HttpServletRequest;
public class ClientUtils {
public static String getRemoteIP(HttpServletRequest request){
String ip = request.getHeader("X-FORWARDED-FOR");
//proxy 환경일 경우
if (ip == null || ip.isEmpty()) {
ip = request.getHeader("Proxy-Client-IP");
}
//웹로직 서버일 경우
if (ip == null || ip.isEmpty()) {
ip = request.getHeader("WL-Proxy-Client-IP");
}
if (ip == null || ip.isEmpty()) {
ip = request.getRemoteAddr() ;
}
if (ip == null || ip.isEmpty()) {
ip = request.getHeader("HTTP_CLIENT_IP");
}
if (ip == null || ip.isEmpty()) {
ip = request.getHeader("HTTP_X_FORWARDED_FOR");
}
if (ip == null || ip.isEmpty()) {
ip = request.getRemoteAddr();
}
return ip;
}
}

3
kcsc-back-end/src/main/resources/application.properties
View File

@ -13,8 +13,5 @@ spring.redis.port=6379
# secret key
Globals.jwt.secret = qWwMroux3QtiIJcPSIZARNTZEBBnWVH0jZ2Lx7tfFChCYi0ViZllo1bekZdiU0B3FRjJI7g90n0ha120dwlz8JZU8rOkmNCe9Uq0
# admin allow ip
Globals.admin.allow-ip = 218.49.16.81,218.49.21.183,218.49.16.168,218.49.17.102,218.49.21.222,218.49.17.229,218.49.16.219,218.49.17.66,218.49.16.40,218.49.17.205,218.49.21.164,218.49.17.122,218.49.17.199,218.49.17.121,218.49.17.28,218.49.20.33,218.49.20.207,218.49.16.79,218.49.16.250,58.234.249.138,218.49.22.51,218.49.21.238,127.0.0.1,0:0:0:0:0:0:0:1
#?????? ???? ?
#?? : ??? ??? "egovframe"? ????? ???? ????? ????.