From acbdbc0c83b689ccf52557fb155c8cbbaead346c Mon Sep 17 00:00:00 2001 From: hjcho Date: Fri, 8 Apr 2022 04:51:39 +0000 Subject: [PATCH] =?UTF-8?q?<=EA=B4=80=EB=A6=AC=EC=9E=90=20MTS=20=EB=B3=B8?= =?UTF-8?q?=EC=9D=B8=EC=9D=B8=EC=A6=9D=20=EA=B8=B0=EB=8A=A5=20=EC=B6=94?= =?UTF-8?q?=EA=B0=80>?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [Base] (1) Base/Base.csproj - AOCommon.cs 추가 (2) Base/Controller/AOCommon.cs - 관리자 본인인증 기능 class 추가 (3) Base/Lib/ENUM.cs - IpHostSkipGb 추가 (4) Base/Lib/Helpers.cs - IsSkipIPorHost() 매서드추가 : ip스킵여부 체크 [BO] (1) BO/BO.csproj - Partial\MobileChk.cshtml 추가 (sms체크 레이어팝업) (2) BO/Spring/Controllers.xml - aocommon bean추가 : 본인인증 (3) BO/Views/Account/Index.cshtml - index수정 (본인인증기능추가) (4) BO/Views/Shared/Partial/MobileChk.cshtml - 본인인증 layer팝업 [Dao] (1) Dao/MyBatis/Maps/User.xml -
- +
Login to Your Account @@ -98,17 +98,13 @@ } } }); - $("#btn_login").on("click", function () { - login(); - }); + $("#user_UserId").focus(); if ($("#user_UserId").val() !== "") { $("#pw").focus(); } - - - if ('@(Model.IsLoginFailed?1:0)' == '1') { + if ('@(Model.IsLoginFailed ? 1 : 0)' == '1') { switch ('@Model.LoginFailedId') { case "2": case "3": @@ -158,6 +154,15 @@ $('#xxx').html("인증시간이 초과되어 로그아웃되었습니다."); $(".xxx").show(); } + + @* @custom@ : 본인인증추가 *@ + $("#btn_login").on("click", function () { + capp("/aocommon/CheckLoginIp", { loginid: $("#user_UserId").val(), pw: $("#pw").val() }, "checkloginip"); + }); + $("#user_UserId").on("change", function () { + cnt = 5; + }); + }); //function ispop() { // try { @@ -166,7 +171,52 @@ // catch (e) { } // return false; //} - + @* @custom@ : 본인인증검증(before 인증문자발송) callback *@ + var cnt = 5; + var id = ""; + function checkloginip() { + debugger; + if (cnt > 0) { + if (capResult.obj.code == 1) { + /*//20210707 특정ip, 개발서버 제외요청*/ + @{ + bool isSkip = Helpers.IsSkipIPorHost(NP.Base.ENUM.IpHostSkipGb.SmsAuth, Request.ServerVariables["REMOTE_ADDR"], Request.ServerVariables["HTTP_HOST"]); + } + @if (isSkip) + { + @: login(); + } + } + else if (capResult.obj.code == 1000) { + $("#ipaddress").html(capResult.obj.ip); + $("#boxmobile").html(capResult.obj.mobile); + capp("/aocommon/sendlakey", { mobile: capResult.obj.mobile }, "sendkey"); + } + else if (capResult.obj.code == -1) { + cnt--; + $('#xxx').html("계정을 확인 후 다시 로그인하세요."); + $(".xxx").show(); + } + else if (capResult.obj.code == -2) { + $('#xxx').html("입력하신 계정에 해당하는 휴대폰 정보가 없습니다. 관리자에게 문의하세요."); + $(".xxx").show(); + } + else if (capResult.obj.code == -3) { + $('#xxx').html("입력하신 계정이 존재하지 않습니다. 관리자에게 문의하세요."); + $(".xxx").show(); + } + else if (capResult.obj.code == -4) { + $('#xxx').html("해당 계정은 잠금상태입니다. 관리자에게 문의하세요."); + $(".xxx").show(); + } + else { + $('#xxx').html("계정을 확인 후 다시 로그인하세요."); + $(".xxx").show(); + } + } else { + capp("/aocommon/disableaccount", { loginid: $("#user_UserId").val() }, "cbdisableaccount"); + } + } function login() { if ($.trim($("#user_UserId").val()) === "") { _focus = $("#user_UserId"); @@ -190,7 +240,43 @@ } } var _focus; + + @* @custom@ : 본인인증처리 callback *@ + function cbchkmobile() { + if (capResult.code == 1000) { + $('#xxxlogin').html("인증이 완료되었습니다. 로그인합니다."); + $(".xxxlogin").show(); + mobilechkclose(); + + setTimeout(function () { + $("#fmlogin").submit(); + }, 500); + + } else if (capResult.code == 1) { + $('#xxx').html("유효시간이 만료되었습니다.\n 창을 닫고 인증을 다시 진행해주세요."); + $(".xxx").show(); + hidebox(); + } else { + $('#xxx').html("인증이 실패하였습니다.\n 다시 확인해주세요."); + $(".xxx").show(); + } + } + function cbdisableaccount() { + if (capResult.code == 1000) { + $('#xxx').html("해당 계정은 잠금상태입니다. 관리자에게 문의하세요."); + $(".xxx").show(); + } else { + msgdev(); + } + } + function hidebox() { + $('.divIpcheck').slideUp('fast'); + } + function showbox() { + $(".divIpcheck").slideDown("fast"); + } + + + @* @custom@ : 본인인증처리 layer form*@ + + + @Html.Partial("./Partial/MobileChk", null, new ViewDataDictionary { { "bindmethod", "cbchkmobile" } }) \ No newline at end of file diff --git a/BO/Views/Shared/Partial/MobileChk.cshtml b/BO/Views/Shared/Partial/MobileChk.cshtml new file mode 100644 index 0000000..b8b4678 --- /dev/null +++ b/BO/Views/Shared/Partial/MobileChk.cshtml @@ -0,0 +1,124 @@ +@model NP.Model.VMUser +@{ + var _method = ViewData["bindmethod"].ToString(); +} + + + \ No newline at end of file diff --git a/Base/Base.csproj b/Base/Base.csproj index 01d94a3..2213544 100644 --- a/Base/Base.csproj +++ b/Base/Base.csproj @@ -147,6 +147,7 @@ + diff --git a/Base/Controller/AOCommon.cs b/Base/Controller/AOCommon.cs new file mode 100644 index 0000000..7493abb --- /dev/null +++ b/Base/Controller/AOCommon.cs @@ -0,0 +1,181 @@ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Web; +using System.Web.Mvc; + +using NP.Model; +using System.Collections; +using NP.Base.Auth; +using NP.Base.ENUM; + +namespace NP.Base.Controllers +{ + /// + /// @custom@ : 본인인증처리 controller + /// + public partial class AOCommonController : NP.Base.BaseController + { + protected override void OnActionExecuting(ActionExecutingContext filterContext) + { + base.OnActionExecuting(filterContext); + } + protected override void OnException(ExceptionContext filterContext) + { + base.OnException(filterContext); + if (Request.IsAjaxRequest()) + { + filterContext.Result = new RedirectResult("/Account/NoPermit?_code=" + NP.Base.ENUM.JSONCode.Error + "&_msg=알수없는오류"); + } + else + { + filterContext.Result = new RedirectResult("/Account/Error?_code=" + NP.Base.ENUM.JSONCode.Error + "&_msg=알수없는오류"); + } + } + + /// + /// @custom@ : 인증문자발송처리 + /// + /// + /// + [HttpPost] + public JsonResult SendLakey(String mobile) + { + long result = 0; + Random r = new Random(); + int lakey = r.Next(100000, 999999); + SmsAuth sa = new SmsAuth() { lakey = lakey.ToString(), userno=SUserInfo.UserNo }; + String msg = "[영남건설기술교육원]\n\n영남건설기술교육원 인증번호 [" + lakey + "] 입니다."; + Dao.Insert("common.smsauth", sa); + result = sa.authno; + + IList us = new List(); + us.Add(new MemoUser() + { + userno = SUserInfo.UserNo, + mobile = mobile, + title = "인증번호", + mcontents = msg, + smstype = "A", + isok = 1 + }); + SaveTalk(us, "alarm"); + + return JsonOK(result); + } + + /// + /// @custom@ : 본인인증처리 + /// + /// + /// + /// + [HttpPost] + public JsonResult ChkLakey(String lakey, int authno) + { + IList datas = Dao.Get("common.sms.chk", new Hashtable() { { "authno", authno } }); + if (datas.Count() < 1) + { + return JsonOK(0); + } + else if (datas.Where(w => w.strval.Replace(" ", "").Equals(lakey.Replace(" ", "")) && w.time.AddMinutes(3) < DateTime.Now).Count() > 0) + { + return JsonBack(new JsonRtn() { code = 1 }); + } + else if (datas.Where(w => w.strval.Replace(" ", "").Equals(lakey.Replace(" ", "")) && w.time.AddMinutes(3) >= DateTime.Now).Count() > 0) + { + return JsonBack(new JsonRtn() { code = 1000, obj = datas.First() }); + } + return JsonOK(0); + } + + [HttpPost] + public JsonResult ExtendLakey(int authno) + { + return JsonOK(Dao.Save("common.sms.extend", new Hashtable() { { "authno", authno } })); + } + [HttpPost] + public JsonResult ViewCorrection(int sdno, int lectno) + { + var rtn = new Hashtable() { }; + var sd = Dao.Get("lect.lectdiscuss", new Hashtable() { { "lectno", lectno }, { "sdno", sdno } }).FirstOrDefault(); + rtn.Add("sd", sd); + return JsonBack(rtn); + } + [HttpPost] + public JsonResult CheckMobile(String mobile) + { + var checkuser = Dao.Get("users.checkuser", new Hashtable() { { "mobile", mobile }, { "userid", null }, { "email", null } }).First(); + if (checkuser < 9) + { + return JsonOK(0); + } + return JsonOK(1); + } + + /// + /// 본인인증검증 (before 인증문자발송) + /// + /// + /// + /// + [HttpPost] + public JsonResult CheckLoginIp(string loginid, string pw) + { + string ip = GetUserIP(); + var p = new Hashtable { { "userid", loginid }, { "password", NP.Base.Lib.KISA_SHA256.SHA256Hash(pw) }}; + var ul = Dao.Get("users.adminlogin", p); + var u= new Users() { }; + //해당 아이디인 계정이 없는 경우 + if(ul.Count() < 1) + { + return JsonBack(new { code = -3 }); + } + else + { + u = ul.FirstOrDefault(); + + // @custom@ : 로컬&nptech 자동로그인처리 + bool isSkip = Helpers.IsSkipIPorHost(IpHostSkipGb.PassWord, ip, Request.ServerVariables["HTTP_HOST"]); + if (isSkip) + { + return JsonBack(new { code = 1 }); + } + + //비활성화 잠금 + if (u.status == 9) + { + return JsonBack(new { code = -4 }); + } + + //비밀번호 불일치 + if (u.userpass != NP.Base.Lib.KISA_SHA256.SHA256Hash(pw)) + { + return JsonBack(new { code = -1 }); + } + + //210707 eduwreq 특정ip인증허용 정책 폐지 + //if (ip.StartsWith("10.10.4.") || ip.StartsWith("10.10.13.") || ip == "192.168.103.13" || ip == "192.168.0.87" || ip == "121.140.58.113") + //return JsonBack(new JsonRtn() { code = 1}); + //else + //{ + //정보에 모바일번호 없는 경우 + if (u != null && !string.IsNullOrEmpty(u.mobile)) + { + return JsonBack(new { code = 1000, ip = ip, mobile = u.mobile }); + } + //기타에러 + else + { + return JsonBack(new { code = -2 }); + } + } + //} + } + [HttpPost] + public JsonResult DisableAccount(string loginid) + { + return JsonOK(Dao.Save("users.disable", new Hashtable() { { "userid", loginid } })); + } + } +} diff --git a/Base/Lib/ENUM.cs b/Base/Lib/ENUM.cs index 0cb41a9..7a5cd61 100644 --- a/Base/Lib/ENUM.cs +++ b/Base/Lib/ENUM.cs @@ -131,4 +131,14 @@ namespace NP.Base.ENUM Voca, } + /// + /// Ip 또는 Host 스킵구분 + /// + public enum IpHostSkipGb + { + + PassWord, // 패스워드 skip + SmsAuth // SMS인증 skip + } + } diff --git a/Base/Lib/Helpers.cs b/Base/Lib/Helpers.cs index be60452..5da69a7 100644 --- a/Base/Lib/Helpers.cs +++ b/Base/Lib/Helpers.cs @@ -482,4 +482,44 @@ public static class Helpers return stringBuilder.ToString(); } + + /// + /// 사용자 인증체크시(로그인/본인인증) 특정ip또는host skip할건지 여부 + /// pwd:패스워드skip, smsauth:sms인증skip( + /// + /// + /// true:skip처리, false:skip하지않음 + /// + public static bool IsSkipIPorHost(IpHostSkipGb gb, string ip, string host) + { + string ipAddrs, hosts; + //ipAddrs1 = "127.0.0.1,218.232.111.111,59.150.105.195,59.150.105.198"; + //ipAddrs2 = "218.232.111.111,59.150.105.195,59.150.105.198"; + + //ipAddrs1 = "127.0.0.1,218.232.111.111,59.150.105.195,59.150.105.198"; + //hosts = "ynictea.nptc.kr"; + + ipAddrs = ""; + hosts = ""; + + switch (gb) + { + case IpHostSkipGb.PassWord: + if (ipAddrs.Contains(ip) || hosts.Contains(host)) + { + return true; + } + break; + case IpHostSkipGb.SmsAuth: + if (ipAddrs.Contains(ip) || hosts.Contains(host)) + { + return true; + } + break; + + default: + break; + } + return false; + } } diff --git a/Dao/MyBatis/Maps/User.xml b/Dao/MyBatis/Maps/User.xml index 6575e56..88ba4b2 100644 --- a/Dao/MyBatis/Maps/User.xml +++ b/Dao/MyBatis/Maps/User.xml @@ -43,10 +43,12 @@ insert into loginlog (logsite,userno, loginstatus, logindata, ) values (#loginsite#,#userno#, #loginstatus#, #logindata#, ) diff --git a/Model/Common.cs b/Model/Common.cs index 1d746ea..5d6bb61 100644 --- a/Model/Common.cs +++ b/Model/Common.cs @@ -238,6 +238,12 @@ namespace NP.Model /// 강좌번호 /// public Int64 lectno { get; set; } + + /// + /// 요청자 + /// + public Int64 userno { get; set; } + /// /// 인증요청시간 ///