signup/login

.gitignore

@@ -104,3 +104,4 @@ Icon
 Network Trash Folder
 Temporary Items
 .apdisk
+

build.gradle

@@ -19,13 +19,18 @@ repositories {
 }
 
 dependencies {
+
+	implementation 'org.springframework.boot:spring-boot-starter-security'
+	implementation 'org.thymeleaf.extras:thymeleaf-extras-springsecurity5'
+
 	implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
 	implementation 'org.springframework.boot:spring-boot-starter-thymeleaf'
 	implementation 'org.springframework.boot:spring-boot-starter-web'
 	compileOnly 'org.projectlombok:lombok'
 	developmentOnly 'org.springframework.boot:spring-boot-devtools'
+	implementation 'org.springframework.boot:spring-boot-starter-jdbc'
+
 	runtimeOnly 'mysql:mysql-connector-java'
-	runtimeOnly 'org.postgresql:postgresql'
 	annotationProcessor 'org.projectlombok:lombok'
 	testImplementation 'org.springframework.boot:spring-boot-starter-test'
 }

src/main/java/com/example/demo/DemoApplication.java

@@ -2,6 +2,9 @@
 
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.context.annotation.Bean;
+import org.springframework.web.client.RestTemplate;
+import org.springframework.web.filter.HiddenHttpMethodFilter;
 
 @SpringBootApplication
 public class DemoApplication {
@@ -10,4 +13,14 @@ public static void main(String[] args) {
 		SpringApplication.run(DemoApplication.class, args);
 	}
 
+	@Bean
+	public HiddenHttpMethodFilter hiddenHttpMethodFilter() {
+		return new HiddenHttpMethodFilter();
+	}
+
+	@Bean
+	public RestTemplate getRestTemplate(){
+		return new RestTemplate();
+	}
+
 }

src/main/java/com/example/demo/api/AccountApiClient.java

@@ -0,0 +1,204 @@
+package com.example.demo.api;
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+import lombok.RequiredArgsConstructor;
+import org.springframework.http.HttpEntity;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.MediaType;
+import org.springframework.stereotype.Service;
+import org.springframework.web.client.RestTemplate;
+
+import java.io.IOException;
+import java.nio.charset.Charset;
+import java.text.SimpleDateFormat;
+import java.util.Calendar;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Random;
+
+@RequiredArgsConstructor
+@Service
+public class AccountApiClient {
+    private final RestTemplate restTemplate;
+    ObjectMapper objectMapper = new ObjectMapper();
+
+    private final String OpenFinAccountDirect = "OpenFinAccountDirect";
+    private final String CheckOpenFinAccountDirect = "CheckOpenFinAccountDirect";
+    private final String InquireBalance = "InquireBalance";
+    private final String DrawingTransfer = "DrawingTransfer";
+
+    private final String AccessToken = "fbc2f45a85d5e47781183a7417f6c34d5c4c7bbba6f3ad6763ff024f9caf4f9c";
+    private final String NHApiUrl_finAccount = "https://developers.nonghyup.com/OpenFinAccountDirect.nh";
+    private final String NHApiUrl_confirmAccount = "https://developers.nonghyup.com/CheckOpenFinAccountDirect.nh";
+    private final String NHApiUrl_inquireBalance = "https://developers.nonghyup.com/InquireBalance.nhh";
+    private final String NHApiUrl_drawingTransfer = "https://developers.nonghyup.com/DrawingTransfer.nh";
+
+
+    SimpleDateFormat format1 = new SimpleDateFormat("yyyyMMdd");
+    SimpleDateFormat format2 = new SimpleDateFormat("HHmmss");
+    Calendar today = Calendar.getInstance();
+    private final String Tsymd = format1.format(today.getTime());
+    private final String Trtm = format2.format(today.getTime());
+
+    private final String Iscd = "001063";
+    private final String FintechApsno = "001";
+    private final String ApiSvcCd = "DrawingTransferA";
+
+    public static String numberGen(int len, int dupCd ) {
+        Random rand = new Random();
+        String numStr = ""; //난수가 저장될 변수
+        for(int i=0;i<len;i++) {
+            //0~9 까지 난수 생성
+            String ran = Integer.toString(rand.nextInt(10));
+            if(dupCd==1) {
+                //중복 허용시 numStr에 append
+                numStr += ran;
+            }else if(dupCd==2) {
+                //중복을 허용하지 않을시 중복된 값이 있는지 검사한다
+                if(!numStr.contains(ran)) {
+                    //중복된 값이 없으면 numStr에 append
+                    numStr += ran;
+                }else {
+                    //생성된 난수가 중복되면 루틴을 다시 실행한다
+                    i-=1;
+                }
+            }
+        }
+        return numStr;
+    }
+
+    //핀어카운트직접발급
+    public String requestFinAccount(Map<String, String> param) {
+
+        Map<String, String> header = new HashMap<>();
+        header.put("ApiNm", OpenFinAccountDirect);
+        header.put("Tsymd", Tsymd);
+        header.put("Trtm", Trtm);
+        header.put("Iscd", Iscd);
+        header.put("FintechApsno", FintechApsno);
+        header.put("ApiSvcCd", ApiSvcCd);
+        header.put("IsTuno", numberGen(10,2));
+        header.put("AccessToken", AccessToken);
+
+        Map<String, Object> params = new HashMap<>();
+        params.put("Header", header);
+        params.put("DrtrRgyn", "Y");
+        params.put("BrdtBrno", param.get("BrdtBrno"));
+        params.put("Bncd", param.get("Bncd"));
+        params.put("Acno", param.get("Acno"));
+
+        String body = null;
+        try {
+            body = objectMapper.writeValueAsString(params);
+        } catch (IOException e) {
+            throw new RuntimeException(e);
+        }
+        System.out.println(body);
+        HttpHeaders headers = new HttpHeaders();
+        headers.setContentType(new MediaType("application", "json", Charset.forName("UTF-8")));
+
+        HttpEntity entity = new HttpEntity(body, headers);
+        System.out.println(entity);
+        String result = restTemplate.postForEntity(NHApiUrl_finAccount, entity, String.class).getBody();
+        return result;
+    }
+
+    //핀어카운트직접발급확인
+    public String confirmFinAcoount(Map<String, String> param){
+        Map<String, String> header = new HashMap<>();
+        header.put("ApiNm", CheckOpenFinAccountDirect);
+        header.put("Tsymd", Tsymd);
+        header.put("Trtm", Trtm);
+        header.put("Iscd", Iscd);
+        header.put("FintechApsno", FintechApsno);
+        header.put("ApiSvcCd", ApiSvcCd);
+        header.put("IsTuno", numberGen(10,2));
+        header.put("AccessToken", AccessToken);
+
+        Map<String, Object> params = new HashMap<>();
+        params.put("Header", header);
+        params.put("BrdtBrno", param.get("BrdtBrno"));
+        params.put("Rgno", param.get("Rgno"));
+
+        String body = null;
+        try {
+            body = objectMapper.writeValueAsString(params);
+        } catch (IOException e) {
+            throw new RuntimeException(e);
+        }
+        System.out.println(body);
+        HttpHeaders headers = new HttpHeaders();
+        headers.setContentType(new MediaType("application", "json", Charset.forName("UTF-8")));
+
+        HttpEntity entity = new HttpEntity(body, headers);
+        System.out.println(entity);
+        String result = restTemplate.postForEntity(NHApiUrl_confirmAccount, entity, String.class).getBody();
+        return result;
+    }
+
+    //잔액조회
+    public String inquireBalance(Map<String, String> param) {
+
+        Map<String, String> header = new HashMap<>();
+        header.put("ApiNm", InquireBalance);
+        header.put("Tsymd", Tsymd);
+        header.put("Trtm", Trtm);
+        header.put("Iscd", Iscd);
+        header.put("FintechApsno", FintechApsno);
+        header.put("ApiSvcCd", ApiSvcCd);
+        header.put("IsTuno", numberGen(10,2));
+        header.put("AccessToken", AccessToken);
+
+        Map<String, Object> params = new HashMap<>();
+        params.put("Header", header);
+        params.put("FinAcno", param.get("FinAcno"));
+        String body = null;
+        try {
+            body = objectMapper.writeValueAsString(params);
+        } catch (IOException e) {
+            throw new RuntimeException(e);
+        }
+        System.out.println(body);
+        HttpHeaders headers = new HttpHeaders();
+        headers.setContentType(new MediaType("application", "json", Charset.forName("UTF-8")));
+
+        HttpEntity entity = new HttpEntity(body, headers);
+        System.out.println(entity);
+        String result = restTemplate.postForEntity(NHApiUrl_inquireBalance, entity, String.class).getBody();
+        return result;
+
+    }
+
+    public String drawingTransfer(Map<String, String> param, String FinAcno) {
+        Map<String, String> header = new HashMap<>();
+        header.put("ApiNm", DrawingTransfer);
+        header.put("Tsymd", Tsymd);
+        header.put("Trtm", Trtm);
+        header.put("Iscd", Iscd);
+        header.put("FintechApsno", FintechApsno);
+        header.put("ApiSvcCd", ApiSvcCd);
+        header.put("IsTuno", numberGen(10,2));
+        header.put("AccessToken", AccessToken);
+
+        Map<String, Object> params = new HashMap<>();
+        params.put("Header", header);
+        params.put("FinAcno", FinAcno);
+        params.put("Tram", param.get("Tram"));
+        params.put("DractOtlt", "(주)놀아보새");
+
+        String body = null;
+        try {
+            body = objectMapper.writeValueAsString(params);
+        } catch (IOException e) {
+            throw new RuntimeException(e);
+        }
+        System.out.println(body);
+        HttpHeaders headers = new HttpHeaders();
+        headers.setContentType(new MediaType("application", "json", Charset.forName("UTF-8")));
+
+        HttpEntity entity = new HttpEntity(body, headers);
+        System.out.println(entity);
+        String result = restTemplate.postForEntity(NHApiUrl_drawingTransfer, entity, String.class).getBody();
+        return result;
+    }
+}

src/main/java/com/example/demo/config/SecurityConfig.java

@@ -0,0 +1,68 @@
+package com.example.demo.config;
+
+import com.example.demo.service.MemberService;
+import lombok.AllArgsConstructor;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.builders.WebSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
+
+@Configuration
+@EnableWebSecurity
+@AllArgsConstructor
+public class SecurityConfig extends WebSecurityConfigurerAdapter {
+
+    private final MemberService memberService;
+
+    @Bean
+    public PasswordEncoder passwordEncoder(){
+        return new BCryptPasswordEncoder();
+    }
+
+    @Override
+    public void configure(WebSecurity web) throws Exception{
+        web.ignoring().antMatchers("/assets/**");
+
+    }
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception{
+        http.authorizeRequests()
+                //페이지 권한 설정(Role 기준으로)
+                .antMatchers("/user/**").hasRole("MEMBER")
+                .antMatchers("/api/**").hasRole("MEMBER")
+                .antMatchers("/home/**").hasRole("MEMBER")
+                .antMatchers("/account/**").hasRole("MEMBER")
+                .antMatchers("/order/**").hasRole("MEMBER")
+                .antMatchers("/**").permitAll()
+
+                .and() // 로그인 설정
+                .formLogin()
+                .loginPage("/")
+                .defaultSuccessUrl("/home")
+                .permitAll()
+
+                .and() // 로그아웃 설정
+                .logout()
+                .logoutRequestMatcher(new AntPathRequestMatcher("/user/logout"))
+                .logoutSuccessUrl("/home")
+                .invalidateHttpSession(true)
+
+                .and()
+                // 403 예외처리 핸들링
+                .csrf().disable()
+                .exceptionHandling().accessDeniedPage("/user/denied");
+    }
+
+    @Override
+    public void configure(AuthenticationManagerBuilder auth) throws Exception {
+        auth.userDetailsService(memberService).passwordEncoder(passwordEncoder());
+    }
+
+}

src/main/java/com/example/demo/controller/AccountController.java

@@ -0,0 +1,35 @@
+package com.example.demo.controller;
+
+import com.example.demo.service.AccountService;
+import lombok.RequiredArgsConstructor;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RestController;
+
+import java.util.Map;
+
+@RequiredArgsConstructor
+@RestController
+public class AccountController {
+    private final AccountService accountService;
+
+    @PostMapping("/api/account/register")
+    public String postRequest(@RequestBody Map<String, String> param){
+        return accountService.registration(param);
+    }
+
+    @PostMapping("/api/account/confirm")
+    public String confirmAccount(@RequestBody Map<String, String> param){
+        return accountService.confirm(param);
+    }
+
+    @PostMapping("/api/account/balance")
+    public String inquireBalance(@RequestBody Map<String, String> param) {
+        return accountService.inquire(param);
+    }
+
+    @PostMapping("/api/account/order")
+    public String DrawingTransfer(@RequestBody Map<String, String> param) {
+        return accountService.order(param);
+    }
+}