controller/

LedgerController.java

package com.example.pkscl.controller;

import java.util.List;
import java.util.Map;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.example.pkscl.data.dto.ReceiptModel;
import com.example.pkscl.service.LedgerService;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.transaction.annotation.Isolation;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.PatchMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.PutMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

import lombok.extern.slf4j.Slf4j;


@Slf4j
// 문제점 1.  majorNumber랑 API로 수정하고자하는 곳이 다르면 403을 띄워야함.. 근데 이많은걸 다 어떻게?
@RestController
public class LedgerController {

    private final LedgerService ledgerService;

    @Autowired
    public LedgerController(LedgerService ledgerService) {
        this.ledgerService = ledgerService;
    }

    @GetMapping(value = "/major-info")
    public Map<String, Object> getLedger(HttpServletRequest request, HttpServletResponse response) {
        String majorNumber = (String) request.getSession(false).getAttribute("majorNumber");
        String position = (String) request.getSession(false).getAttribute("position");
        String status = (String) request.getSession(false).getAttribute("status");

        if(!status.equals("approval")) {
            response.setStatus(403);
            return null;
        }

        return ledgerService.getLedgerData(majorNumber, position);
    }

    @GetMapping(value = "/major-info/admin")
    public Map<String, Object> getLedgerAdmin(@RequestParam(value = "major-number", required = true) String majorNumber, HttpServletRequest request, HttpServletResponse response) {
        String position = (String) request.getSession(false).getAttribute("position");

        return ledgerService.getLedgerData(majorNumber, position);
    }

    @GetMapping(value = "/temp-major-info")
    public Map<String, Object> getTempLedger(HttpServletRequest request, HttpServletResponse response){
        return ledgerService.getLedgerData("0", "president");
    }

    @Transactional(isolation = Isolation.SERIALIZABLE)
    @PostMapping(value = "/event")
    public void addLedger(@RequestBody Map<String, Object> body, HttpServletRequest request, HttpServletResponse response) {
        String majorNumber = (String) request.getSession(false).getAttribute("majorNumber");
        String position = (String) request.getSession(false).getAttribute("position");
        String status = (String) request.getSession(false).getAttribute("status");
        String quarter = (String) body.get("quarter");

        // 403 Forbidden
        if(!position.equals("president") || !status.equals("approval")) {
            response.setStatus(403);
            return;
        }

        ledgerService.addEvent(majorNumber, quarter);
    }

    @Transactional(isolation = Isolation.SERIALIZABLE)
    @DeleteMapping(value = "/event")
    public void deleteLedger(@RequestParam(value = "event-number", required = true) String eventNumber, HttpServletRequest request, HttpServletResponse response) {
        String position = (String) request.getSession(false).getAttribute("position");
        String majorNumber = (String) request.getSession(false).getAttribute("majorNumber");
        String status = (String) request.getSession(false).getAttribute("status");

        // 403 Forbidden
        if(!position.equals("president") || !status.equals("approval") || !ledgerService.checkMajor("event", eventNumber, majorNumber)) {
            response.setStatus(403);
            return;
        }
        

        ledgerService.deleteEvent(eventNumber);
    }

    @GetMapping(value = "/ledger-date")
    public Map<String, Object> getLedgerDate(@RequestParam(value = "major-number", required = false) String adminMajorNumber, HttpServletRequest request, HttpServletResponse response) {
        String position = (String) request.getSession(false).getAttribute("position");
        if(position.equals("admin")) {
            return ledgerService.getLedgerDate(adminMajorNumber);
        }
        String majorNumber = (String) request.getSession(false).getAttribute("majorNumber");

        return ledgerService.getLedgerDate(majorNumber);
    }

    @Transactional(isolation = Isolation.SERIALIZABLE)
    @PutMapping(value = "/ledger-date")
    public void putLedgerDate(@RequestBody Map<String, Object> body, HttpServletRequest request, HttpServletResponse response) {
        String position = (String) request.getSession(false).getAttribute("position");
        String majorNumber = (String) request.getSession(false).getAttribute("majorNumber");
        String status = (String) request.getSession(false).getAttribute("status");
        String quarter = (String) body.get("quarter");
        String openDate = (String) body.get("openDate");
        String closeDate = (String) body.get("closeDate");

        // 403 Forbidden
        if(!position.equals("president") || !status.equals("approval")) {
            response.setStatus(403);
            return;
        }

        ledgerService.putLedgerDate(majorNumber, quarter, openDate, closeDate);
    }

    @Transactional(isolation = Isolation.SERIALIZABLE)
    @PatchMapping(value = "/event")
    public void patchEvent(@RequestBody Map<String, Object> body, HttpServletRequest request, HttpServletResponse response) {
        String position = (String) request.getSession(false).getAttribute("position");
        String majorNumber = (String) request.getSession(false).getAttribute("majorNumber");
        String status = (String) request.getSession(false).getAttribute("status");
        String eventNumber = (String) body.get("eventNumber");
        String eventTitle = (String) body.get("eventTitle");
        String eventContext = (String) body.get("eventContext");

        if(!position.equals("president")){
            log.info("position error");
        }
        if(!status.equals("approval")) {
            log.info("status error");
        }
        if(!ledgerService.checkMajor("event", eventNumber, majorNumber)) {
            log.info("majorNumber error");
        }
        // 403 Forbidden
        if(!position.equals("president") || !status.equals("approval") || !ledgerService.checkMajor("event", eventNumber, majorNumber)) {
            response.setStatus(403);
            return;
        }

        ledgerService.patchEvent(eventNumber, eventTitle, eventContext);
    }

    @Transactional(isolation = Isolation.SERIALIZABLE)
    @PostMapping(value = "/receipt")
    public void postReceipt(@ModelAttribute ReceiptModel receiptModel, HttpServletRequest request, HttpServletResponse response) {
        
        // receiptModel출력
        System.out.println(receiptModel);
        String position = (String) request.getSession(false).getAttribute("position");
        String majorNumber = (String) request.getSession(false).getAttribute("majorNumber");
        String status = (String) request.getSession(false).getAttribute("status");

        //403 Forbidden
        if(!position.equals("president") || !status.equals("approval") || !ledgerService.checkMajor("event", receiptModel.getEventNumber(), majorNumber)) {
            response.setStatus(403);
            return;
        }

        ledgerService.postReceipt(receiptModel);
    }

    @Transactional(isolation = Isolation.SERIALIZABLE)
    @PutMapping(value = "/receipt")
    public void putReceipt(@ModelAttribute ReceiptModel receiptModel, HttpServletRequest request, HttpServletResponse response) {

        // receiptModel출력
        System.out.println(receiptModel);
        String position = (String) request.getSession(false).getAttribute("position");
        String majorNumber = (String) request.getSession(false).getAttribute("majorNumber");
        String status = (String) request.getSession(false).getAttribute("status");

        // 403 Forbidden
        if(!position.equals("president") || !status.equals("approval") || !ledgerService.checkMajor("receipt", receiptModel.getReceiptNumber(), majorNumber)) {
            response.setStatus(403);
            return;
        }

        ledgerService.putReceipt(receiptModel);
    }

    @Transactional(isolation = Isolation.SERIALIZABLE)
    @DeleteMapping(value = "/receipt")
    public void deleteReceipt(@RequestParam(value = "receipt-number", required = true) String receiptNumberList, HttpServletRequest request, HttpServletResponse response) {
        String position = (String) request.getSession(false).getAttribute("position");
        String majorNumber = (String) request.getSession(false).getAttribute("majorNumber");
        String status = (String) request.getSession(false).getAttribute("status");

        // 403 Forbidden
        if(!position.equals("president") || !status.equals("approval")) {
            response.setStatus(403);
            return;
        }


        ledgerService.deleteReceiptList(receiptNumberList, majorNumber, response);
    }

    @Transactional(isolation = Isolation.SERIALIZABLE)
    @PatchMapping(value = "/event-sequence")
    public void patchEventSequence(@RequestBody Map<String, Object> body, HttpServletRequest request, HttpServletResponse response) {
        String position = (String) request.getSession(false).getAttribute("position");
        String majorNumber = (String) request.getSession(false).getAttribute("majorNumber");
        String status = (String) request.getSession(false).getAttribute("status");
        List<String> eventNumberList = (List<String>) body.get("eventNumberList");

        // 403 Forbidden
        if(!position.equals("president") || !status.equals("approval")) {
            response.setStatus(403);
            return;
        }
        for(String eventNumber : eventNumberList) {
            if(!ledgerService.checkMajor("event", eventNumber, majorNumber)) {
                response.setStatus(403);
                return;
            }
        }

        ledgerService.patchEventSequence(eventNumberList);
    }

    

}

MemberManagementController.java

package com.example.pkscl.controller;

import com.example.pkscl.service.MemberManagementService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PatchMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RestController;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.List;
import java.util.Map;

@RestController
public class MemberManagementController {

    private final MemberManagementService memberManagementService;

    @Autowired
    public MemberManagementController(MemberManagementService memberManagementService) {
        this.memberManagementService = memberManagementService;
    }
    
    @GetMapping(value = "/student-list")
    public Map<String,Object> studentList(HttpServletRequest request, HttpServletResponse response) {

        // 서비스 파라미터 설정
        String position = (String) request.getSession(false).getAttribute("position");
        String status = (String) request.getSession(false).getAttribute("status");
        String majorNumber = (String) request.getSession(false).getAttribute("majorNumber");

        // 400 Bad Request
        if(majorNumber == null) {
            response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
            return null;
        }

        // 403 Forbidden
        if(!position.equals("president") || !status.equals("approval")) {
            response.setStatus(HttpServletResponse.SC_FORBIDDEN);
            return null;
        }

        // 서비스 호출 및 반환
        return memberManagementService.getStudentData(majorNumber);
    }

    @PatchMapping(value = "/student-list")
    public void patchStudentStatus(@RequestBody Map<String, Object> body, HttpServletRequest request, HttpServletResponse response) {

        // 서비스 파라미터 설정
        String position = (String) request.getSession(false).getAttribute("position");
        String status = (String) request.getSession(false).getAttribute("status");
        String majorNumber = (String) request.getSession(false).getAttribute("majorNumber");
        String patchStatus = (String) body.get("status");
        List<String> emailList = (List<String>) body.get("email");

        // 400 Bad Request
        if(emailList == null || emailList.size() == 0 || patchStatus == null) {
            response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
            return;
        }

        // 403 Forbidden
        if(!position.equals("president") || !status.equals("approval")) {
            response.setStatus(HttpServletResponse.SC_FORBIDDEN);
            return;
        }

        // 서비스 호출
        for(String email : emailList) {
            memberManagementService.patchStudentStatus(email, patchStatus, majorNumber);
        }
    }

    @GetMapping(value = "/president-list")
    public Map<String,Object> presidentList(HttpServletRequest request, HttpServletResponse response) {

        // 서비스 파라미터 설정
        String position = (String) request.getSession(false).getAttribute("position");
        
        // 403 Forbidden
        if(!position.equals("admin")) {
            response.setStatus(HttpServletResponse.SC_FORBIDDEN);
            return null;
        }

        // 서비스 호출 및 반환
        return memberManagementService.getPresidentData();
    }

    @PatchMapping(value = "/president-list")
    public void patchPresidentStatus(@RequestBody Map<String, Object> body, HttpServletRequest request, HttpServletResponse response) {

        // 서비스 파라미터 설정
        String position = (String) request.getSession(false).getAttribute("position");
        String patchStatus = (String) body.get("status");
        List<String> emailList = (List<String>) body.get("email");

        // 400 Bad Request
        if(emailList == null || emailList.size() == 0 || patchStatus == null) {
            response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
            return;
        }

        // 409 Conflict


        // 403 Forbidden
        if(!position.equals("admin")) {
            response.setStatus(HttpServletResponse.SC_FORBIDDEN);
            return;
        }

        // 서비스 호출
        for(String email : emailList) {
            memberManagementService.patchPresidentStatus(email, patchStatus, response);
        }
    }

    @PatchMapping(value = "/major-president")
    public void patchMajorPresident(@RequestBody Map<String, Object> body, HttpServletRequest request, HttpServletResponse response) {

        // 서비스 파라미터 설정
        String position = (String) request.getSession(false).getAttribute("position");
        String majorNumber = (String) request.getSession(false).getAttribute("majorNumber");
        String presidentEmail = (String) request.getSession(false).getAttribute("email");
        String newPresidentEmail = (String) body.get("email");

        // 403 Forbidden
        if(!position.equals("president")) {
            response.setStatus(HttpServletResponse.SC_FORBIDDEN);
            return;
        }

        // 서비스 호출
        memberManagementService.patchMajorPresident(presidentEmail, newPresidentEmail, majorNumber, response);
    }

}

ProfileController.java

package com.example.pkscl.controller;

import com.example.pkscl.data.dto.PresidentProfileModel;
import com.example.pkscl.data.dto.StudentProfileModel;
import com.example.pkscl.service.ProfileService;
import java.util.LinkedHashMap;
import java.util.Map;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.multipart.MultipartFile;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;


@RestController
public class ProfileController {
    private final ProfileService profileService;
    private final PasswordEncoder passwordEncoder;

    @Autowired
    public ProfileController(ProfileService profileService, PasswordEncoder passwordEncoder) {
        this.profileService = profileService;
        this.passwordEncoder = passwordEncoder;
    }

    // 학생 및 학과회장 정보로드
    @GetMapping(value = "/profile")
    public Map<String,Object> studentProfile(HttpServletRequest request, HttpServletResponse response) {



        // 세션 여부를 판단하기 위한 변수 설정
        String email = (String) request.getSession(false).getAttribute("email");
        String majorNumber = (String) request.getSession(false).getAttribute("majorNumber");
        String position = (String) request.getSession(false).getAttribute("position");



        // 400 Bad Request
        if(majorNumber == null || email==null || position==null) {
            Map<String,Object> errorMsg = new LinkedHashMap<>();
            errorMsg.put("errorMessage", "존재하지 않는 회원입니다.");
            response.setStatus(HttpServletResponse.SC_BAD_REQUEST);

            return errorMsg;
        }

        // 서비스 호출 및 반환
        return profileService.getProfileData(position, email, majorNumber);
    }

    // 학생 정보 변경
    @PutMapping(value = "/profile/student") //president로 나눠야함 form양식이 달라서
    public void patchStudentStatus(@ModelAttribute StudentProfileModel studentProfileModel, MultipartFile certFile,  HttpServletRequest request, HttpServletResponse response) throws Exception{

        // 403
        if(studentProfileModel.getStdID().equals(null) || studentProfileModel.getMajorNumber() == 0 ||
            studentProfileModel.getName().equals(null)) {
            Map<String,Object> errorMsg = new LinkedHashMap<>();
            response.setStatus(403);
            return;
        }

        // 세션서 이메일값을 받아온다.
        String email = (String) request.getSession(false).getAttribute("email");

        String stdID = studentProfileModel.getStdID();
        int major =  studentProfileModel.getMajorNumber();
        String name  = studentProfileModel.getName();

        String fileName = null;

        if(certFile != null) {
            fileName = new java.text.SimpleDateFormat("yyyyMMddHHmmssSSS").format(new java.util.Date());
            fileName = fileName + certFile.getOriginalFilename().substring(certFile.getOriginalFilename().lastIndexOf("."));
            profileService.fileUploadStd(fileName, certFile);

        }

        // 레포에 업데이트
        profileService.putStudentProfileData(email, stdID, major, name, fileName);


    }

    @PutMapping(value = "/profile/president") //president로 나눠야함 form양식이 달라서
    public void patchPresidentStatus(@ModelAttribute PresidentProfileModel presidentProfileModel, MultipartFile majorLogo,  HttpServletRequest request, HttpServletResponse response) throws Exception{

        // 403 Forbidden
        if(presidentProfileModel.getStdID().equals(null) || presidentProfileModel.getPhoneNumber().equals(null) ||
            presidentProfileModel.getName().equals(null)) {
            response.setStatus(403);
            return;
        }

        String email = (String) request.getSession(false).getAttribute("email");

        String stdID = presidentProfileModel.getStdID();
        String name = presidentProfileModel.getName();
        String phoneNumber= presidentProfileModel.getPhoneNumber();
        String majorNumber = presidentProfileModel.getMajorNumber();


        String fileName = null;

        if(majorLogo != null) {
            fileName = new java.text.SimpleDateFormat("yyyyMMddHHmmssSSS").format(new java.util.Date());
            fileName = fileName + majorLogo.getOriginalFilename().substring(majorLogo.getOriginalFilename().lastIndexOf("."));
            profileService.fileUploadLogo(fileName, majorLogo);

        }
        profileService.putPresidentProfileData(email, stdID, name, phoneNumber, fileName, majorNumber);
    }

    @PatchMapping(value = "/password")
    public void patchPassword(@RequestBody Map<String, Object> body,  HttpServletRequest request, HttpServletResponse response){

        String email =(String) request.getSession(false).getAttribute("email");
        String position = (String) request.getSession(false).getAttribute("position");
        
        String inputPassword = (String) body.get("inputPassword");
        String inputNewPassword = (String) body.get("inputNewPassword");
        String inputCheckNewPassword = (String) body.get("inputCheckNewPassword");

        // 403 Forbidden
        if(inputPassword.equals(null) || inputNewPassword .equals(null)||  !inputNewPassword.equals(inputCheckNewPassword)) {
            response.setStatus(403); return;
        }

        else if(position.equals("student")){
        // 학생 기존 비번이랑 같은지 체크
            if (!passwordEncoder.matches(inputPassword, profileService.getStudentPassword(email))) {
                response.setStatus(401); return;
            }
            else profileService.patchStudentPassword(email, inputNewPassword);
        }

        else if(position.equals("president")){
        // 학생 기존 비번이랑 같은지 체크
            if(!passwordEncoder.matches(inputPassword, profileService.getPresidentPassword(email))) {
                response.setStatus(401); return;
            }
            else profileService.patchPresidentPassword(email, inputNewPassword);
        }

 }
}

SignInController.java

package com.example.pkscl.controller;

import java.io.IOException;
import java.util.LinkedHashMap;
import java.util.Map;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import com.example.pkscl.service.SignInService;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RestController;

@RestController
public class SignInController {

    private final SignInService signInService;
    
    @Autowired  
    public SignInController(SignInService signInService) {
        this.signInService = signInService;
    }

    @PostMapping(value = "/login/student")
    public void studentSignIn(@RequestBody Map<String, Object> body, HttpServletRequest request, HttpServletResponse response) {
        
        // 서비스 파라미터 설정
        String email = (String) body.get("email");
        String password = (String) body.get("password");

        // 400 Bad Request
        if(email == null || password == null) {
            response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
            return;
        }

        // 401 Unauthorized
        boolean match = signInService.studentMatch(password, email);
        if(!match) {
            response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
        
        // 세션 설정
        String majorNumber = signInService.getStudentMajor(email)+"";
        String status = signInService.getStudentStatus(email);
        HttpSession session = request.getSession();
        session.setAttribute("position", "student");
        session.setAttribute("email", email);
        session.setAttribute("majorNumber", majorNumber);
        session.setAttribute("status", status);
        
    }

    @PostMapping(value = "/login/president")
    public void presidentSignIn(@RequestBody Map<String, Object> body, HttpServletRequest request, HttpServletResponse response) {
    
        // 서비스 파라미터 설정
        String email = (String) body.get("email");
        String password = (String) body.get("password");

        // 400 Bad Request
        if (email == null || password == null) {
            response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
            return;
        }

        // 401 Unauthorized
        boolean match = signInService.presidentMatch(password, email);
        if(!match) {
            response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }

        // 세션 생성
        String majorNumber = signInService.getPresidentMajor(email)+"";
        String status = signInService.getPresidentStatus(email);
        HttpSession session = request.getSession();
        session.setAttribute("position", "president");
        session.setAttribute("email", email);
        session.setAttribute("majorNumber", majorNumber);
        session.setAttribute("status", status);
            
    }

    @PostMapping(value = "/login/admin")
    public void adminSignIn(@RequestBody Map<String, Object> body, HttpServletRequest request, HttpServletResponse response) {
        
        // 서비스 파라미터 설정
        String id = (String) body.get("email");
        String password = (String) body.get("password");

        // 400 bad request
        if (id == null || password == null) {
            response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
            return;
        }

        // 401 unauthorized
        boolean match = signInService.adminMatch(password, id);
        if(!match){
            response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }

        // 세션 생성
        HttpSession session = request.getSession();
        session.setAttribute("position", "admin");
        session.setAttribute("id", id);

    }

    @PostMapping("/logout") 
    public void logout(HttpServletRequest request, HttpServletResponse response) throws IOException
    { 
        HttpSession session = request.getSession(false);
        session.invalidate();
        response.setStatus(HttpServletResponse.SC_OK);
    }

    @PostMapping("/withdrawal")
    public void secession(@RequestBody Map<String, Object> body, HttpServletRequest request, HttpServletResponse response) throws IOException
    {
        // 서비스 파라미터 설정
        HttpSession session = request.getSession(false);
        String position = (String) session.getAttribute("position");
        String email = (String) session.getAttribute("email");
        String checkemail = (String) body.get("inputEmail");
        String password = (String) body.get("inputPassword");

        // 400 bad request
        if (checkemail == null || password == null) {

            response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
            return;

        }

        if(position.equals("student")) {

            // 401 unauthorized
            // 이메일, 비밀번호 일치 여부 확인
            if(!checkemail.equals(email) || !signInService.studentMatch(password, email)) {
                response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
                return;
            }

            // 탈퇴 
            signInService.withdrawalStudent(email);

        } else if(position.equals("president")) {

            // 401 unauthorized
            // 이메일, 비밀번호 일치 여부 확인
            if(!checkemail.equals(email) || !signInService.presidentMatch(password, email)) {
                response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
                return;
            }

            // 탈퇴
            signInService.withdrawalPresident(email);

        }

        // 세션 삭제
        session.invalidate();
        response.setStatus(HttpServletResponse.SC_OK);

    }

    @GetMapping("/status")
    public Map<String, Object> getStatus(HttpServletRequest request, HttpServletResponse response) throws IOException
    {
        HttpSession session = request.getSession(false);
        String status = (String) session.getAttribute("status");

        LinkedHashMap<String, Object> result = new LinkedHashMap<>();
        result.put("status", status);

        return result;
    }

    @GetMapping("/position")
    public Map<String, Object> getPosition(HttpServletRequest request, HttpServletResponse response) throws IOException
    {
        HttpSession session = request.getSession(false);
        String position = (String) session.getAttribute("position");

        LinkedHashMap<String, Object> result = new LinkedHashMap<>();
        result.put("position", position);

        return result;
    }

}

SignUpController.java

package com.example.pkscl.controller;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.multipart.MultipartFile;

import java.util.Map;

import javax.servlet.http.HttpServletResponse;

import com.example.pkscl.data.entity.member.President;
import com.example.pkscl.data.dto.PresidentModel;
import com.example.pkscl.data.entity.member.Student;
import com.example.pkscl.data.dto.StudentModel;
import com.example.pkscl.service.SignUpService;

@RestController
public class SignUpController {

    private final SignUpService signUpService;
    
    @Autowired
    public SignUpController(SignUpService signUpService) {
        this.signUpService = signUpService;
    }

    @PostMapping(value = "/signup/student")
    public void signUpStudent(@ModelAttribute StudentModel studentModel, MultipartFile certFile, HttpServletResponse response) throws Exception {

        Student student = new Student();
        student.setEmail(studentModel.getEmail());
        String password = studentModel.getPassword();

        // 401 Unauthorized
        if(!password.equals(studentModel.getCheckPassword())) {
            response.setStatus(401);
            return;
        }
        student.setPassword(password);
        student.setMajornumber(studentModel.getMajor());
        student.setStudentid(studentModel.getStdID());
        student.setName(studentModel.getName());
        
        // file_name을 현재시간을 기준으로 yyyyMMddHHmmssSSS.jpg 형태로 설정
        String dir = "./static/studentCertFile/";
        String filename = new java.text.SimpleDateFormat("yyyyMMddHHmmssSSS").format(new java.util.Date());
        String ext = certFile.getOriginalFilename().substring(certFile.getOriginalFilename().lastIndexOf("."));
        student.setCertfilepath(dir + filename + ext);

        //중복확인후 400반환
        if(!signUpService.studentCheckEmail(student.getEmail())) {
            response.setStatus(409);
            return;
        }

        signUpService.fileUpload(filename+ext, certFile);
        if(!signUpService.signUpStudent(student)) {
            response.setStatus(403);
        }
        
    }

    @PostMapping(value = "/signup/president")
    public void signUpPresident(@ModelAttribute PresidentModel presidentModel, MultipartFile certFile, HttpServletResponse response) throws Exception {

        President president = new President();
        president.setEmail(presidentModel.getEmail());
        String password = presidentModel.getPassword();

        // 401 Unauthorized
        if(!password.equals(presidentModel.getCheckPassword())) {
            response.setStatus(401);
            return;
        }
        president.setPassword(password);
        president.setName(presidentModel.getName());
        president.setMajornumber(presidentModel.getMajor());
        president.setStudentid(presidentModel.getStdID());
        president.setPhonenumber(presidentModel.getPhoneNumber());
        
        //중복확인후 400반환
        if(!signUpService.presidentCheckEmail(president.getEmail())) {
            response.setStatus(409);
            return;
        }

        if(!signUpService.signUpPresident(president)) {
            response.setStatus(403);
        }
    }

    @GetMapping(value = "/major-list")
    public Map<String,Object> getMajorList() {
        return signUpService.getMajorList();
    }

}

SMTPController.java

package com.example.pkscl.controller;

import java.io.IOException;
import java.io.PrintWriter;
import java.util.Map;

import javax.servlet.http.HttpServletResponse;

import com.example.pkscl.service.SMTPService;
import com.example.pkscl.service.SignUpService;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

@RestController
public class SMTPController {
    
    private static final String VERIFY_SUCCESS_MESSAGE = "<script>alert('이메일 인증이 완료되었습니다. 회원가입을 계속 진행해주세요.'); </script>";
    private static final String VERIFY_FAIL_MESSAGE = "<script>alert('인증에 실패하였습니다.');</script>";
    private final SMTPService smtpService;
    private final SignUpService signUpService;

    @Autowired
    public SMTPController(SMTPService smtpService, SignUpService signUpService) {
        this.smtpService = smtpService;
        this.signUpService = signUpService;
    }

    @PostMapping(value = "/email/{position}")
    public void sendEmail(@RequestBody Map<String, Object> body, @PathVariable String position, HttpServletResponse response) {

        String email = (String) body.get("email");

        // 이메일 형식 확인
        if (!smtpService.checkEmailForm(email)) {
            response.setStatus(HttpStatus.BAD_REQUEST.value());
            return;
        }

        // 중복확인
        if(position.equals("student")){
            if(!signUpService.studentCheckEmail(email)) {
                response.setStatus(HttpStatus.CONFLICT.value());
                return;
            }
        }else if(position.equals("president")){
            if(!signUpService.presidentCheckEmail(email)) {
                response.setStatus(HttpStatus.CONFLICT.value());
                return;
            }
        }else{
            response.setStatus(HttpStatus.BAD_REQUEST.value());
            return;
        }

        smtpService.sendEmailAuth(email, position);
    }

    @GetMapping(value = "/verify/token/{position}")
    public void verifyToken(@RequestParam String token, @PathVariable String position, HttpServletResponse response) throws IOException {
        if(position.equals("student")){
            if(!smtpService.studentVerifyToken(token)){
                response.setContentType("text/html; charset=euc-kr");
                PrintWriter out = response.getWriter();
                // alert 창 확인시 창 닫기
                out.println(VERIFY_FAIL_MESSAGE);
                out.flush();
                return;
            }
        }else if(position.equals("president")){
            if(!smtpService.presidentVerifyToken(token)){
                response.setContentType("text/html; charset=euc-kr");
                PrintWriter out = response.getWriter();
                // alert 창 확인시 창 닫기
                out.println(VERIFY_FAIL_MESSAGE);
                out.flush();
                return;
            }
        }else{
            response.setContentType("text/html; charset=euc-kr");
            PrintWriter out = response.getWriter();
            // alert 창 확인시 창 닫기
            out.println(VERIFY_FAIL_MESSAGE);
            out.flush();
            return;
        }

        response.setContentType("text/html; charset=euc-kr");
        PrintWriter out = response.getWriter();
        // alert 창 확인시 창 닫기
        out.println(VERIFY_SUCCESS_MESSAGE);
        out.flush();
    }
    
    // 임시 비밀번호 발급
    @PostMapping(value = "/newpwd/{position}")
    public void newPassword(@RequestBody Map<String, Object> param, @PathVariable String position, HttpServletResponse response) {
        String email = (String) param.get("email");
        String name = (String) param.get("name");
        String studentId = (String) param.get("stdID");
        if(position.equals("student")){
            if(smtpService.studentTempPassword(email, name, studentId) < 0) response.setStatus(HttpStatus.BAD_REQUEST.value());
        }else if(position.equals("president")){
            if(smtpService.presidentTempPassword(email, name, studentId) < 0) response.setStatus(HttpStatus.BAD_REQUEST.value());
        }else{
            response.setStatus(HttpStatus.BAD_REQUEST.value());
        }
    }
    
}

TestController.java

package com.example.pkscl.controller;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
public class TestController {
    
    @GetMapping("/whoami")
    // 세션으로부터 email, position 정보를 가져온다.
    public String whoami(HttpServletRequest request) {
        HttpSession session = request.getSession(false);
        String email = (String) session.getAttribute("email");
        String position = (String) session.getAttribute("position");
        String majorNumber = (String) session.getAttribute("majorNumber");
        String status = (String) session.getAttribute("status");
        return "email: " + email + ", position: " + position + ", majorNumber: " + majorNumber + ", status: " + status;
    }
}

WebController.java

package com.example.pkscl.controller;

import org.springframework.boot.web.servlet.error.ErrorController;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;

@Controller
public class WebController implements ErrorController {
    
        @GetMapping("/error")
        public String error() {
            return "/index.html";
        }
    
}

Previousconfig/Nextdata/

Last updated 2 years ago