controller/
LedgerController.java
package com.example.pkscl.controller;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.example.pkscl.data.dto.ReceiptModel;
import com.example.pkscl.service.LedgerService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.transaction.annotation.Isolation;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.PatchMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.PutMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import lombok.extern.slf4j.Slf4j;
@Slf4j
// ๋ฌธ์ ์ 1. majorNumber๋ API๋ก ์์ ํ๊ณ ์ํ๋ ๊ณณ์ด ๋ค๋ฅด๋ฉด 403์ ๋์์ผํจ.. ๊ทผ๋ฐ ์ด๋ง์๊ฑธ ๋ค ์ด๋ป๊ฒ?
@RestController
public class LedgerController {
private final LedgerService ledgerService;
@Autowired
public LedgerController(LedgerService ledgerService) {
this.ledgerService = ledgerService;
}
@GetMapping(value = "/major-info")
public Map<String, Object> getLedger(HttpServletRequest request, HttpServletResponse response) {
String majorNumber = (String) request.getSession(false).getAttribute("majorNumber");
String position = (String) request.getSession(false).getAttribute("position");
String status = (String) request.getSession(false).getAttribute("status");
if(!status.equals("approval")) {
response.setStatus(403);
return null;
}
return ledgerService.getLedgerData(majorNumber, position);
}
@GetMapping(value = "/major-info/admin")
public Map<String, Object> getLedgerAdmin(@RequestParam(value = "major-number", required = true) String majorNumber, HttpServletRequest request, HttpServletResponse response) {
String position = (String) request.getSession(false).getAttribute("position");
return ledgerService.getLedgerData(majorNumber, position);
}
@GetMapping(value = "/temp-major-info")
public Map<String, Object> getTempLedger(HttpServletRequest request, HttpServletResponse response){
return ledgerService.getLedgerData("0", "president");
}
@Transactional(isolation = Isolation.SERIALIZABLE)
@PostMapping(value = "/event")
public void addLedger(@RequestBody Map<String, Object> body, HttpServletRequest request, HttpServletResponse response) {
String majorNumber = (String) request.getSession(false).getAttribute("majorNumber");
String position = (String) request.getSession(false).getAttribute("position");
String status = (String) request.getSession(false).getAttribute("status");
String quarter = (String) body.get("quarter");
// 403 Forbidden
if(!position.equals("president") || !status.equals("approval")) {
response.setStatus(403);
return;
}
ledgerService.addEvent(majorNumber, quarter);
}
@Transactional(isolation = Isolation.SERIALIZABLE)
@DeleteMapping(value = "/event")
public void deleteLedger(@RequestParam(value = "event-number", required = true) String eventNumber, HttpServletRequest request, HttpServletResponse response) {
String position = (String) request.getSession(false).getAttribute("position");
String majorNumber = (String) request.getSession(false).getAttribute("majorNumber");
String status = (String) request.getSession(false).getAttribute("status");
// 403 Forbidden
if(!position.equals("president") || !status.equals("approval") || !ledgerService.checkMajor("event", eventNumber, majorNumber)) {
response.setStatus(403);
return;
}
ledgerService.deleteEvent(eventNumber);
}
@GetMapping(value = "/ledger-date")
public Map<String, Object> getLedgerDate(@RequestParam(value = "major-number", required = false) String adminMajorNumber, HttpServletRequest request, HttpServletResponse response) {
String position = (String) request.getSession(false).getAttribute("position");
if(position.equals("admin")) {
return ledgerService.getLedgerDate(adminMajorNumber);
}
String majorNumber = (String) request.getSession(false).getAttribute("majorNumber");
return ledgerService.getLedgerDate(majorNumber);
}
@Transactional(isolation = Isolation.SERIALIZABLE)
@PutMapping(value = "/ledger-date")
public void putLedgerDate(@RequestBody Map<String, Object> body, HttpServletRequest request, HttpServletResponse response) {
String position = (String) request.getSession(false).getAttribute("position");
String majorNumber = (String) request.getSession(false).getAttribute("majorNumber");
String status = (String) request.getSession(false).getAttribute("status");
String quarter = (String) body.get("quarter");
String openDate = (String) body.get("openDate");
String closeDate = (String) body.get("closeDate");
// 403 Forbidden
if(!position.equals("president") || !status.equals("approval")) {
response.setStatus(403);
return;
}
ledgerService.putLedgerDate(majorNumber, quarter, openDate, closeDate);
}
@Transactional(isolation = Isolation.SERIALIZABLE)
@PatchMapping(value = "/event")
public void patchEvent(@RequestBody Map<String, Object> body, HttpServletRequest request, HttpServletResponse response) {
String position = (String) request.getSession(false).getAttribute("position");
String majorNumber = (String) request.getSession(false).getAttribute("majorNumber");
String status = (String) request.getSession(false).getAttribute("status");
String eventNumber = (String) body.get("eventNumber");
String eventTitle = (String) body.get("eventTitle");
String eventContext = (String) body.get("eventContext");
if(!position.equals("president")){
log.info("position error");
}
if(!status.equals("approval")) {
log.info("status error");
}
if(!ledgerService.checkMajor("event", eventNumber, majorNumber)) {
log.info("majorNumber error");
}
// 403 Forbidden
if(!position.equals("president") || !status.equals("approval") || !ledgerService.checkMajor("event", eventNumber, majorNumber)) {
response.setStatus(403);
return;
}
ledgerService.patchEvent(eventNumber, eventTitle, eventContext);
}
@Transactional(isolation = Isolation.SERIALIZABLE)
@PostMapping(value = "/receipt")
public void postReceipt(@ModelAttribute ReceiptModel receiptModel, HttpServletRequest request, HttpServletResponse response) {
// receiptModel์ถ๋ ฅ
System.out.println(receiptModel);
String position = (String) request.getSession(false).getAttribute("position");
String majorNumber = (String) request.getSession(false).getAttribute("majorNumber");
String status = (String) request.getSession(false).getAttribute("status");
//403 Forbidden
if(!position.equals("president") || !status.equals("approval") || !ledgerService.checkMajor("event", receiptModel.getEventNumber(), majorNumber)) {
response.setStatus(403);
return;
}
ledgerService.postReceipt(receiptModel);
}
@Transactional(isolation = Isolation.SERIALIZABLE)
@PutMapping(value = "/receipt")
public void putReceipt(@ModelAttribute ReceiptModel receiptModel, HttpServletRequest request, HttpServletResponse response) {
// receiptModel์ถ๋ ฅ
System.out.println(receiptModel);
String position = (String) request.getSession(false).getAttribute("position");
String majorNumber = (String) request.getSession(false).getAttribute("majorNumber");
String status = (String) request.getSession(false).getAttribute("status");
// 403 Forbidden
if(!position.equals("president") || !status.equals("approval") || !ledgerService.checkMajor("receipt", receiptModel.getReceiptNumber(), majorNumber)) {
response.setStatus(403);
return;
}
ledgerService.putReceipt(receiptModel);
}
@Transactional(isolation = Isolation.SERIALIZABLE)
@DeleteMapping(value = "/receipt")
public void deleteReceipt(@RequestParam(value = "receipt-number", required = true) String receiptNumberList, HttpServletRequest request, HttpServletResponse response) {
String position = (String) request.getSession(false).getAttribute("position");
String majorNumber = (String) request.getSession(false).getAttribute("majorNumber");
String status = (String) request.getSession(false).getAttribute("status");
// 403 Forbidden
if(!position.equals("president") || !status.equals("approval")) {
response.setStatus(403);
return;
}
ledgerService.deleteReceiptList(receiptNumberList, majorNumber, response);
}
@Transactional(isolation = Isolation.SERIALIZABLE)
@PatchMapping(value = "/event-sequence")
public void patchEventSequence(@RequestBody Map<String, Object> body, HttpServletRequest request, HttpServletResponse response) {
String position = (String) request.getSession(false).getAttribute("position");
String majorNumber = (String) request.getSession(false).getAttribute("majorNumber");
String status = (String) request.getSession(false).getAttribute("status");
List<String> eventNumberList = (List<String>) body.get("eventNumberList");
// 403 Forbidden
if(!position.equals("president") || !status.equals("approval")) {
response.setStatus(403);
return;
}
for(String eventNumber : eventNumberList) {
if(!ledgerService.checkMajor("event", eventNumber, majorNumber)) {
response.setStatus(403);
return;
}
}
ledgerService.patchEventSequence(eventNumberList);
}
}MemberManagementController.java
package com.example.pkscl.controller;
import com.example.pkscl.service.MemberManagementService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PatchMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RestController;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.List;
import java.util.Map;
@RestController
public class MemberManagementController {
private final MemberManagementService memberManagementService;
@Autowired
public MemberManagementController(MemberManagementService memberManagementService) {
this.memberManagementService = memberManagementService;
}
@GetMapping(value = "/student-list")
public Map<String,Object> studentList(HttpServletRequest request, HttpServletResponse response) {
// ์๋น์ค ํ๋ผ๋ฏธํฐ ์ค์
String position = (String) request.getSession(false).getAttribute("position");
String status = (String) request.getSession(false).getAttribute("status");
String majorNumber = (String) request.getSession(false).getAttribute("majorNumber");
// 400 Bad Request
if(majorNumber == null) {
response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
return null;
}
// 403 Forbidden
if(!position.equals("president") || !status.equals("approval")) {
response.setStatus(HttpServletResponse.SC_FORBIDDEN);
return null;
}
// ์๋น์ค ํธ์ถ ๋ฐ ๋ฐํ
return memberManagementService.getStudentData(majorNumber);
}
@PatchMapping(value = "/student-list")
public void patchStudentStatus(@RequestBody Map<String, Object> body, HttpServletRequest request, HttpServletResponse response) {
// ์๋น์ค ํ๋ผ๋ฏธํฐ ์ค์
String position = (String) request.getSession(false).getAttribute("position");
String status = (String) request.getSession(false).getAttribute("status");
String majorNumber = (String) request.getSession(false).getAttribute("majorNumber");
String patchStatus = (String) body.get("status");
List<String> emailList = (List<String>) body.get("email");
// 400 Bad Request
if(emailList == null || emailList.size() == 0 || patchStatus == null) {
response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
return;
}
// 403 Forbidden
if(!position.equals("president") || !status.equals("approval")) {
response.setStatus(HttpServletResponse.SC_FORBIDDEN);
return;
}
// ์๋น์ค ํธ์ถ
for(String email : emailList) {
memberManagementService.patchStudentStatus(email, patchStatus, majorNumber);
}
}
@GetMapping(value = "/president-list")
public Map<String,Object> presidentList(HttpServletRequest request, HttpServletResponse response) {
// ์๋น์ค ํ๋ผ๋ฏธํฐ ์ค์
String position = (String) request.getSession(false).getAttribute("position");
// 403 Forbidden
if(!position.equals("admin")) {
response.setStatus(HttpServletResponse.SC_FORBIDDEN);
return null;
}
// ์๋น์ค ํธ์ถ ๋ฐ ๋ฐํ
return memberManagementService.getPresidentData();
}
@PatchMapping(value = "/president-list")
public void patchPresidentStatus(@RequestBody Map<String, Object> body, HttpServletRequest request, HttpServletResponse response) {
// ์๋น์ค ํ๋ผ๋ฏธํฐ ์ค์
String position = (String) request.getSession(false).getAttribute("position");
String patchStatus = (String) body.get("status");
List<String> emailList = (List<String>) body.get("email");
// 400 Bad Request
if(emailList == null || emailList.size() == 0 || patchStatus == null) {
response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
return;
}
// 409 Conflict
// 403 Forbidden
if(!position.equals("admin")) {
response.setStatus(HttpServletResponse.SC_FORBIDDEN);
return;
}
// ์๋น์ค ํธ์ถ
for(String email : emailList) {
memberManagementService.patchPresidentStatus(email, patchStatus, response);
}
}
@PatchMapping(value = "/major-president")
public void patchMajorPresident(@RequestBody Map<String, Object> body, HttpServletRequest request, HttpServletResponse response) {
// ์๋น์ค ํ๋ผ๋ฏธํฐ ์ค์
String position = (String) request.getSession(false).getAttribute("position");
String majorNumber = (String) request.getSession(false).getAttribute("majorNumber");
String presidentEmail = (String) request.getSession(false).getAttribute("email");
String newPresidentEmail = (String) body.get("email");
// 403 Forbidden
if(!position.equals("president")) {
response.setStatus(HttpServletResponse.SC_FORBIDDEN);
return;
}
// ์๋น์ค ํธ์ถ
memberManagementService.patchMajorPresident(presidentEmail, newPresidentEmail, majorNumber, response);
}
}ProfileController.java
package com.example.pkscl.controller;
import com.example.pkscl.data.dto.PresidentProfileModel;
import com.example.pkscl.data.dto.StudentProfileModel;
import com.example.pkscl.service.ProfileService;
import java.util.LinkedHashMap;
import java.util.Map;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.multipart.MultipartFile;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@RestController
public class ProfileController {
private final ProfileService profileService;
private final PasswordEncoder passwordEncoder;
@Autowired
public ProfileController(ProfileService profileService, PasswordEncoder passwordEncoder) {
this.profileService = profileService;
this.passwordEncoder = passwordEncoder;
}
// ํ์ ๋ฐ ํ๊ณผํ์ฅ ์ ๋ณด๋ก๋
@GetMapping(value = "/profile")
public Map<String,Object> studentProfile(HttpServletRequest request, HttpServletResponse response) {
// ์ธ์
์ฌ๋ถ๋ฅผ ํ๋จํ๊ธฐ ์ํ ๋ณ์ ์ค์
String email = (String) request.getSession(false).getAttribute("email");
String majorNumber = (String) request.getSession(false).getAttribute("majorNumber");
String position = (String) request.getSession(false).getAttribute("position");
// 400 Bad Request
if(majorNumber == null || email==null || position==null) {
Map<String,Object> errorMsg = new LinkedHashMap<>();
errorMsg.put("errorMessage", "์กด์ฌํ์ง ์๋ ํ์์
๋๋ค.");
response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
return errorMsg;
}
// ์๋น์ค ํธ์ถ ๋ฐ ๋ฐํ
return profileService.getProfileData(position, email, majorNumber);
}
// ํ์ ์ ๋ณด ๋ณ๊ฒฝ
@PutMapping(value = "/profile/student") //president๋ก ๋๋ ์ผํจ form์์์ด ๋ฌ๋ผ์
public void patchStudentStatus(@ModelAttribute StudentProfileModel studentProfileModel, MultipartFile certFile, HttpServletRequest request, HttpServletResponse response) throws Exception{
// 403
if(studentProfileModel.getStdID().equals(null) || studentProfileModel.getMajorNumber() == 0 ||
studentProfileModel.getName().equals(null)) {
Map<String,Object> errorMsg = new LinkedHashMap<>();
response.setStatus(403);
return;
}
// ์ธ์
์ ์ด๋ฉ์ผ๊ฐ์ ๋ฐ์์จ๋ค.
String email = (String) request.getSession(false).getAttribute("email");
String stdID = studentProfileModel.getStdID();
int major = studentProfileModel.getMajorNumber();
String name = studentProfileModel.getName();
String fileName = null;
if(certFile != null) {
fileName = new java.text.SimpleDateFormat("yyyyMMddHHmmssSSS").format(new java.util.Date());
fileName = fileName + certFile.getOriginalFilename().substring(certFile.getOriginalFilename().lastIndexOf("."));
profileService.fileUploadStd(fileName, certFile);
}
// ๋ ํฌ์ ์
๋ฐ์ดํธ
profileService.putStudentProfileData(email, stdID, major, name, fileName);
}
@PutMapping(value = "/profile/president") //president๋ก ๋๋ ์ผํจ form์์์ด ๋ฌ๋ผ์
public void patchPresidentStatus(@ModelAttribute PresidentProfileModel presidentProfileModel, MultipartFile majorLogo, HttpServletRequest request, HttpServletResponse response) throws Exception{
// 403 Forbidden
if(presidentProfileModel.getStdID().equals(null) || presidentProfileModel.getPhoneNumber().equals(null) ||
presidentProfileModel.getName().equals(null)) {
response.setStatus(403);
return;
}
String email = (String) request.getSession(false).getAttribute("email");
String stdID = presidentProfileModel.getStdID();
String name = presidentProfileModel.getName();
String phoneNumber= presidentProfileModel.getPhoneNumber();
String majorNumber = presidentProfileModel.getMajorNumber();
String fileName = null;
if(majorLogo != null) {
fileName = new java.text.SimpleDateFormat("yyyyMMddHHmmssSSS").format(new java.util.Date());
fileName = fileName + majorLogo.getOriginalFilename().substring(majorLogo.getOriginalFilename().lastIndexOf("."));
profileService.fileUploadLogo(fileName, majorLogo);
}
profileService.putPresidentProfileData(email, stdID, name, phoneNumber, fileName, majorNumber);
}
@PatchMapping(value = "/password")
public void patchPassword(@RequestBody Map<String, Object> body, HttpServletRequest request, HttpServletResponse response){
String email =(String) request.getSession(false).getAttribute("email");
String position = (String) request.getSession(false).getAttribute("position");
String inputPassword = (String) body.get("inputPassword");
String inputNewPassword = (String) body.get("inputNewPassword");
String inputCheckNewPassword = (String) body.get("inputCheckNewPassword");
// 403 Forbidden
if(inputPassword.equals(null) || inputNewPassword .equals(null)|| !inputNewPassword.equals(inputCheckNewPassword)) {
response.setStatus(403); return;
}
else if(position.equals("student")){
// ํ์ ๊ธฐ์กด ๋น๋ฒ์ด๋ ๊ฐ์์ง ์ฒดํฌ
if (!passwordEncoder.matches(inputPassword, profileService.getStudentPassword(email))) {
response.setStatus(401); return;
}
else profileService.patchStudentPassword(email, inputNewPassword);
}
else if(position.equals("president")){
// ํ์ ๊ธฐ์กด ๋น๋ฒ์ด๋ ๊ฐ์์ง ์ฒดํฌ
if(!passwordEncoder.matches(inputPassword, profileService.getPresidentPassword(email))) {
response.setStatus(401); return;
}
else profileService.patchPresidentPassword(email, inputNewPassword);
}
}
}SignInController.java
package com.example.pkscl.controller;
import java.io.IOException;
import java.util.LinkedHashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import com.example.pkscl.service.SignInService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RestController;
@RestController
public class SignInController {
private final SignInService signInService;
@Autowired
public SignInController(SignInService signInService) {
this.signInService = signInService;
}
@PostMapping(value = "/login/student")
public void studentSignIn(@RequestBody Map<String, Object> body, HttpServletRequest request, HttpServletResponse response) {
// ์๋น์ค ํ๋ผ๋ฏธํฐ ์ค์
String email = (String) body.get("email");
String password = (String) body.get("password");
// 400 Bad Request
if(email == null || password == null) {
response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
return;
}
// 401 Unauthorized
boolean match = signInService.studentMatch(password, email);
if(!match) {
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
return;
}
// ์ธ์
์ค์
String majorNumber = signInService.getStudentMajor(email)+"";
String status = signInService.getStudentStatus(email);
HttpSession session = request.getSession();
session.setAttribute("position", "student");
session.setAttribute("email", email);
session.setAttribute("majorNumber", majorNumber);
session.setAttribute("status", status);
}
@PostMapping(value = "/login/president")
public void presidentSignIn(@RequestBody Map<String, Object> body, HttpServletRequest request, HttpServletResponse response) {
// ์๋น์ค ํ๋ผ๋ฏธํฐ ์ค์
String email = (String) body.get("email");
String password = (String) body.get("password");
// 400 Bad Request
if (email == null || password == null) {
response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
return;
}
// 401 Unauthorized
boolean match = signInService.presidentMatch(password, email);
if(!match) {
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
return;
}
// ์ธ์
์์ฑ
String majorNumber = signInService.getPresidentMajor(email)+"";
String status = signInService.getPresidentStatus(email);
HttpSession session = request.getSession();
session.setAttribute("position", "president");
session.setAttribute("email", email);
session.setAttribute("majorNumber", majorNumber);
session.setAttribute("status", status);
}
@PostMapping(value = "/login/admin")
public void adminSignIn(@RequestBody Map<String, Object> body, HttpServletRequest request, HttpServletResponse response) {
// ์๋น์ค ํ๋ผ๋ฏธํฐ ์ค์
String id = (String) body.get("email");
String password = (String) body.get("password");
// 400 bad request
if (id == null || password == null) {
response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
return;
}
// 401 unauthorized
boolean match = signInService.adminMatch(password, id);
if(!match){
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
return;
}
// ์ธ์
์์ฑ
HttpSession session = request.getSession();
session.setAttribute("position", "admin");
session.setAttribute("id", id);
}
@PostMapping("/logout")
public void logout(HttpServletRequest request, HttpServletResponse response) throws IOException
{
HttpSession session = request.getSession(false);
session.invalidate();
response.setStatus(HttpServletResponse.SC_OK);
}
@PostMapping("/withdrawal")
public void secession(@RequestBody Map<String, Object> body, HttpServletRequest request, HttpServletResponse response) throws IOException
{
// ์๋น์ค ํ๋ผ๋ฏธํฐ ์ค์
HttpSession session = request.getSession(false);
String position = (String) session.getAttribute("position");
String email = (String) session.getAttribute("email");
String checkemail = (String) body.get("inputEmail");
String password = (String) body.get("inputPassword");
// 400 bad request
if (checkemail == null || password == null) {
response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
return;
}
if(position.equals("student")) {
// 401 unauthorized
// ์ด๋ฉ์ผ, ๋น๋ฐ๋ฒํธ ์ผ์น ์ฌ๋ถ ํ์ธ
if(!checkemail.equals(email) || !signInService.studentMatch(password, email)) {
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
return;
}
// ํํด
signInService.withdrawalStudent(email);
} else if(position.equals("president")) {
// 401 unauthorized
// ์ด๋ฉ์ผ, ๋น๋ฐ๋ฒํธ ์ผ์น ์ฌ๋ถ ํ์ธ
if(!checkemail.equals(email) || !signInService.presidentMatch(password, email)) {
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
return;
}
// ํํด
signInService.withdrawalPresident(email);
}
// ์ธ์
์ญ์
session.invalidate();
response.setStatus(HttpServletResponse.SC_OK);
}
@GetMapping("/status")
public Map<String, Object> getStatus(HttpServletRequest request, HttpServletResponse response) throws IOException
{
HttpSession session = request.getSession(false);
String status = (String) session.getAttribute("status");
LinkedHashMap<String, Object> result = new LinkedHashMap<>();
result.put("status", status);
return result;
}
@GetMapping("/position")
public Map<String, Object> getPosition(HttpServletRequest request, HttpServletResponse response) throws IOException
{
HttpSession session = request.getSession(false);
String position = (String) session.getAttribute("position");
LinkedHashMap<String, Object> result = new LinkedHashMap<>();
result.put("position", position);
return result;
}
}
SignUpController.java
package com.example.pkscl.controller;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.multipart.MultipartFile;
import java.util.Map;
import javax.servlet.http.HttpServletResponse;
import com.example.pkscl.data.entity.member.President;
import com.example.pkscl.data.dto.PresidentModel;
import com.example.pkscl.data.entity.member.Student;
import com.example.pkscl.data.dto.StudentModel;
import com.example.pkscl.service.SignUpService;
@RestController
public class SignUpController {
private final SignUpService signUpService;
@Autowired
public SignUpController(SignUpService signUpService) {
this.signUpService = signUpService;
}
@PostMapping(value = "/signup/student")
public void signUpStudent(@ModelAttribute StudentModel studentModel, MultipartFile certFile, HttpServletResponse response) throws Exception {
Student student = new Student();
student.setEmail(studentModel.getEmail());
String password = studentModel.getPassword();
// 401 Unauthorized
if(!password.equals(studentModel.getCheckPassword())) {
response.setStatus(401);
return;
}
student.setPassword(password);
student.setMajornumber(studentModel.getMajor());
student.setStudentid(studentModel.getStdID());
student.setName(studentModel.getName());
// file_name์ ํ์ฌ์๊ฐ์ ๊ธฐ์ค์ผ๋ก yyyyMMddHHmmssSSS.jpg ํํ๋ก ์ค์
String dir = "./static/studentCertFile/";
String filename = new java.text.SimpleDateFormat("yyyyMMddHHmmssSSS").format(new java.util.Date());
String ext = certFile.getOriginalFilename().substring(certFile.getOriginalFilename().lastIndexOf("."));
student.setCertfilepath(dir + filename + ext);
//์ค๋ณตํ์ธํ 400๋ฐํ
if(!signUpService.studentCheckEmail(student.getEmail())) {
response.setStatus(409);
return;
}
signUpService.fileUpload(filename+ext, certFile);
if(!signUpService.signUpStudent(student)) {
response.setStatus(403);
}
}
@PostMapping(value = "/signup/president")
public void signUpPresident(@ModelAttribute PresidentModel presidentModel, MultipartFile certFile, HttpServletResponse response) throws Exception {
President president = new President();
president.setEmail(presidentModel.getEmail());
String password = presidentModel.getPassword();
// 401 Unauthorized
if(!password.equals(presidentModel.getCheckPassword())) {
response.setStatus(401);
return;
}
president.setPassword(password);
president.setName(presidentModel.getName());
president.setMajornumber(presidentModel.getMajor());
president.setStudentid(presidentModel.getStdID());
president.setPhonenumber(presidentModel.getPhoneNumber());
//์ค๋ณตํ์ธํ 400๋ฐํ
if(!signUpService.presidentCheckEmail(president.getEmail())) {
response.setStatus(409);
return;
}
if(!signUpService.signUpPresident(president)) {
response.setStatus(403);
}
}
@GetMapping(value = "/major-list")
public Map<String,Object> getMajorList() {
return signUpService.getMajorList();
}
}SMTPController.java
package com.example.pkscl.controller;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.Map;
import javax.servlet.http.HttpServletResponse;
import com.example.pkscl.service.SMTPService;
import com.example.pkscl.service.SignUpService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
@RestController
public class SMTPController {
private static final String VERIFY_SUCCESS_MESSAGE = "<script>alert('์ด๋ฉ์ผ ์ธ์ฆ์ด ์๋ฃ๋์์ต๋๋ค. ํ์๊ฐ์
์ ๊ณ์ ์งํํด์ฃผ์ธ์.'); </script>";
private static final String VERIFY_FAIL_MESSAGE = "<script>alert('์ธ์ฆ์ ์คํจํ์์ต๋๋ค.');</script>";
private final SMTPService smtpService;
private final SignUpService signUpService;
@Autowired
public SMTPController(SMTPService smtpService, SignUpService signUpService) {
this.smtpService = smtpService;
this.signUpService = signUpService;
}
@PostMapping(value = "/email/{position}")
public void sendEmail(@RequestBody Map<String, Object> body, @PathVariable String position, HttpServletResponse response) {
String email = (String) body.get("email");
// ์ด๋ฉ์ผ ํ์ ํ์ธ
if (!smtpService.checkEmailForm(email)) {
response.setStatus(HttpStatus.BAD_REQUEST.value());
return;
}
// ์ค๋ณตํ์ธ
if(position.equals("student")){
if(!signUpService.studentCheckEmail(email)) {
response.setStatus(HttpStatus.CONFLICT.value());
return;
}
}else if(position.equals("president")){
if(!signUpService.presidentCheckEmail(email)) {
response.setStatus(HttpStatus.CONFLICT.value());
return;
}
}else{
response.setStatus(HttpStatus.BAD_REQUEST.value());
return;
}
smtpService.sendEmailAuth(email, position);
}
@GetMapping(value = "/verify/token/{position}")
public void verifyToken(@RequestParam String token, @PathVariable String position, HttpServletResponse response) throws IOException {
if(position.equals("student")){
if(!smtpService.studentVerifyToken(token)){
response.setContentType("text/html; charset=euc-kr");
PrintWriter out = response.getWriter();
// alert ์ฐฝ ํ์ธ์ ์ฐฝ ๋ซ๊ธฐ
out.println(VERIFY_FAIL_MESSAGE);
out.flush();
return;
}
}else if(position.equals("president")){
if(!smtpService.presidentVerifyToken(token)){
response.setContentType("text/html; charset=euc-kr");
PrintWriter out = response.getWriter();
// alert ์ฐฝ ํ์ธ์ ์ฐฝ ๋ซ๊ธฐ
out.println(VERIFY_FAIL_MESSAGE);
out.flush();
return;
}
}else{
response.setContentType("text/html; charset=euc-kr");
PrintWriter out = response.getWriter();
// alert ์ฐฝ ํ์ธ์ ์ฐฝ ๋ซ๊ธฐ
out.println(VERIFY_FAIL_MESSAGE);
out.flush();
return;
}
response.setContentType("text/html; charset=euc-kr");
PrintWriter out = response.getWriter();
// alert ์ฐฝ ํ์ธ์ ์ฐฝ ๋ซ๊ธฐ
out.println(VERIFY_SUCCESS_MESSAGE);
out.flush();
}
// ์์ ๋น๋ฐ๋ฒํธ ๋ฐ๊ธ
@PostMapping(value = "/newpwd/{position}")
public void newPassword(@RequestBody Map<String, Object> param, @PathVariable String position, HttpServletResponse response) {
String email = (String) param.get("email");
String name = (String) param.get("name");
String studentId = (String) param.get("stdID");
if(position.equals("student")){
if(smtpService.studentTempPassword(email, name, studentId) < 0) response.setStatus(HttpStatus.BAD_REQUEST.value());
}else if(position.equals("president")){
if(smtpService.presidentTempPassword(email, name, studentId) < 0) response.setStatus(HttpStatus.BAD_REQUEST.value());
}else{
response.setStatus(HttpStatus.BAD_REQUEST.value());
}
}
}TestController.java
package com.example.pkscl.controller;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;
@RestController
public class TestController {
@GetMapping("/whoami")
// ์ธ์
์ผ๋ก๋ถํฐ email, position ์ ๋ณด๋ฅผ ๊ฐ์ ธ์จ๋ค.
public String whoami(HttpServletRequest request) {
HttpSession session = request.getSession(false);
String email = (String) session.getAttribute("email");
String position = (String) session.getAttribute("position");
String majorNumber = (String) session.getAttribute("majorNumber");
String status = (String) session.getAttribute("status");
return "email: " + email + ", position: " + position + ", majorNumber: " + majorNumber + ", status: " + status;
}
}WebController.java
package com.example.pkscl.controller;
import org.springframework.boot.web.servlet.error.ErrorController;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
@Controller
public class WebController implements ErrorController {
@GetMapping("/error")
public String error() {
return "/index.html";
}
}Last updated