๊ฐœ๋ฐœ์ผ์ง€-7 [๐Ÿ‘จโ€๐ŸณํŒ๋งค์ž ๋„๋ฉ”์ธ: ID/PW ์ฐพ๊ธฐ]

๊น€์„ฑ์ธยท2023๋…„ 9์›” 9์ผ
0

ํŒ๋งค์ž ๋„๋ฉ”์ธ ๊ธฐ๋Šฅ ์ •์˜ ํฌ์ŠคํŒ…


์•„์ด๋”” ์ฐพ๊ธฐ ๋ฐ ๋น„๋ฐ€๋ฒˆํ˜ธ ์žฌ์„ค์ • ํ™”๋ฉด

--

5. /jat/sellers/lost

์•„์ด๋””/๋น„๋ฐ€๋ฒˆํ˜ธ๋ฅผ ์žƒ์–ด๋ฒ„๋ ธ์„ ๋•Œ, SMS์ธ์ฆ๋ฒˆํ˜ธ ์š”์ฒญ์„ ํ†ตํ•ด ๋กœ๊ทธ์ธ ์ •๋ณด์— ์ ‘๊ทผ

  • nurigo sdk ์—์„œ ์ œ๊ณตํ•˜๋Š” SMS API ์„œ๋น„์Šค๋ฅผ ์ด์šฉํ•ด ๋ณธ์ธ์ธ์ฆ์„ ๊ตฌํ˜„ํ•˜๊ธฐ๋กœ ํ•˜์˜€๋‹ค.
    -> SMS ๋ฌธ์ž ์ธ์ฆ ํฌ์ŠคํŒ…
  • ์›๋ž˜๋Š” PortOne์—์„œ ์ œ๊ณตํ•˜๋Š” PASS ๋ฅผ ํ†ตํ•ด์„œ ๋ณธ์ธ์ธ์ฆ์„ ํ•˜๋ ค๊ณ  ํ–ˆ์œผ๋‚˜, ์‚ฌ์—…์ž ๋“ฑ๋ก์ฆ์ด ํ•„์š”ํ•ด์„œ ์‹คํŒจ..
  • ์•„์ด๋”” ์ฐพ๊ธฐ๋Š” ์ด๋ฆ„, ํœด๋Œ€ํฐ ๋ฒˆํ˜ธ๋ฅผ ๊ฐ€์ž…ํ•œ ํšŒ์›์ •๋ณด์— ๋งž๊ฒŒ ๋ณด๋‚ด๊ณ ,
  • ๋น„๋ฐ€๋ฒˆํ˜ธ ์žฌ์„ค์ •์€ ์•„์ด๋””, ํœด๋Œ€ํฐ ๋ฒˆํ˜ธ๋ฅผ ๊ฐ€์ž…ํ•œ ํšŒ์›์ •๋ณด์— ๋งž๊ฒŒ ๋ณด๋‚ด๋Š” ๋ฐฉ์‹์œผ๋กœ ๊ตฌํ˜„ํ•˜์˜€๋‹ค.
  • Redis๋ฅผ ํ†ตํ•ด ์ผ์ • ๊ธฐ๊ฐ„๋งŒ ์œ ํšจํ•œ ๊ฐ’์„ ๋งŒ๋“ค๊ณ  ์‹ถ์—ˆ์ง€๋งŒ, ๊ฐ„๋‹จํ•˜๊ฒŒ SMS ํ…Œ์ด๋ธ”์„ ๋งŒ๋“ค์–ด์„œ ๊ตฌํ˜„ํ•˜์˜€๋‹ค.

  • ์•„์ด๋”” ์ฐพ๊ธฐ, ๋น„๋ฐ€๋ฒˆํ˜ธ ์žฌ์„ค์ • ์š”์ฒญ์— ๋”ฐ๋ฅธ ์ธ์ฆ๋ฒˆํ˜ธ ๊ฐ’์„ ์ €์žฅํ•˜๊ธฐ ์œ„ํ•œ ํ…Œ์ด๋ธ”์ด๋‹ค.
  • Status ๊ฐ’ - "I : ์•„์ด๋”” ์ฐพ๊ธฐ", "P : ๋น„๋ฐ€๋ฒˆํ˜ธ ์žฌ์„ค์ •", "S : ํšŒ์›๊ฐ€์ž… ์‹œ ์ธ์ฆ"
  • ์œ ํšจํ•œ ์ธ์ฆ๋ฒˆํ˜ธ๋Š” ํ•ญ์ƒ ํ•ด๋‹น ์ „ํ™”๋ฒˆํ˜ธ, ์ด๋ฆ„/์•„์ด๋””๋กœ ๋“ค์–ด์˜จ ์š”์ฒญ์— ๋Œ€ํ•ด์„œ 3๋ถ„ ์ด๋‚ด ์ƒ์„ฑ๋œ ์ธ์ฆ๋ฒˆํ˜ธ ์ค‘ ๊ฐ€์žฅ ์ตœ๊ทผ ๊ฐ’์„ ์ด์šฉํ•ด ์ธ์ฆ์„ ๊ตฌํ˜„ํ•˜์˜€๋‹ค.

(1) ๋กœ์ง ํ”Œ๋กœ์šฐ
1. ์•„์ด๋”” ์ฐพ๊ธฐ : ์ด๋ฆ„, ํ•ธ๋“œํฐ ๋ฒˆํ˜ธ๋ฅผ Body์— ๋‹ด์•„ POST๋กœ ๋ณด๋ƒ„
2. ๋น„๋ฐ€๋ฒˆํ˜ธ ์ฐพ๊ธฐ : ์•„์ด๋””, ํ•ธ๋“œํฐ ๋ฒˆํ˜ธ๋ฅผ Body์— ๋‹ด์•„ POST๋กœ ๋ณด๋ƒ„
3. ์•„์ด๋”” ์ฐพ๊ธฐ, ๋น„๋ฐ€๋ฒˆํ˜ธ ์ฐพ๊ธฐ์ธ์ง€ ํ•„๋“œ๊ฐ’์„ ํ™•์ธํ•˜์—ฌ ํŒ๋ณ„.
4. ์˜ฌ๋ฐ”๋ฅธ ํšŒ์›์ธ์ง€ ์‹๋ณ„
5. ๋žœ๋ค ์ธ์ฆ๋ฒˆํ˜ธ ์ƒ์„ฑ ํ›„ ๋ฌธ์ž ์ „์†ก
6. DB์— ์ „์†ก๋œ ์ธ์ฆ ํƒ€์ž… ๋ฐ ์ธ์ฆ ๋ฒˆํ˜ธ ์ €์žฅ.

  • ์š”์ฒญ ๋ฐ”๋”” [SmsCertificateReq.java]
    ์•„์ด๋””/ ๋น„๋ฐ€๋ฒˆํ˜ธ ์ฐพ๊ธฐ ๋ชจ๋‘ ๋‹ค ์ „ํ™”๋ฒˆํ˜ธ๋ฅผ ์ž…๋ ฅํ•˜๋Š” ๊ฒƒ์€ ๋™์ผ,
    ์•„์ด๋”” ์ฐพ๊ธฐ๋Š” ์ด๋ฆ„์„ ๋ณด๋‚ด๊ณ , ๋น„๋ฐ€๋ฒˆํ˜ธ ์ฐพ๊ธฐ๋Š” ์•„์ด๋””๋ฅผ ๋ณด๋‚ด๋Š” ๊ฒƒ์œผ๋กœ ๋ช…์„ธ์„œ์— ์ž‘์„ฑํ•˜์—ฌ ํ”„๋ก ํŠธ์™€ ํ˜‘์˜๋ฅผ ๋ณด์•˜๋‹ค.
  • SellerController.java
  • SellerService.java
@Transactional(rollbackFor = BaseException.class)
    public int lostIdAndPw(SmsCertificateReq smsCertificateReq) throws BaseException {
        // 1) ์˜ฌ๋ฐ”๋ฅธ ๋ฐ”๋”” value๋กœ ์š”์ฒญ๋˜์ง€ ์•Š์•˜์„๋•Œ
        if(smsCertificateReq.getPhoneNum() == null &&
                (smsCertificateReq.getName() == null|| smsCertificateReq.getUid() == null)){
            throw new BaseException(REQUEST_ERROR); // 2000 : ์ž…๋ ฅ๊ฐ’์„ ํ™•์ธํ•ด์ฃผ์„ธ์š”
        }

        // 2) ์ธ์ฆ ํƒ€์ž… ์„ค์ •
        String findType;
        if (smsCertificateReq.getName() != null && smsCertificateReq.getUid() == null){
            findType = "I"; // ID ์ฐพ๊ธฐ๋Š” ์ด๋ฆ„ != null && ์•„์ด๋”” == null
        }
        else if (smsCertificateReq.getName() == null && smsCertificateReq.getUid() != null){
            findType = "P"; // PW ์ฐพ๊ธฐ๋Š” ์•„์ด๋”” != null && ์ด๋ฆ„ == null
        }
        else{
            throw new BaseException(REQUEST_ERROR); // 2000 : ์ž…๋ ฅ๊ฐ’์„ ํ™•์ธํ•ด์ฃผ์„ธ์š”
        }

        // 3) ๊ฐ€์ž…ํ•˜์ง€ ์•Š์€ ํšŒ์›์ผ๋•Œ
        int sellerValidCheck = sellerDao.validLoginInfo(smsCertificateReq, findType);
        if (sellerValidCheck == 0){
            throw new BaseException(POST_USERS_NOT_FOUND); // 2021 : ๊ฐ€์ž…๋˜์ง€ ์•Š์€ ํšŒ์›์ž…๋‹ˆ๋‹ค.
        }

        // 4) ๋žœ๋ค ์ธ์ฆ๋ฒˆํ˜ธ ์ƒ์„ฑ (๋ฒˆํ˜ธ)
        Random rand  = new Random();
        String certificationNum = "";
        for(int i=0; i<6; i++) {
            String ran = Integer.toString(rand.nextInt(10));
            certificationNum+=ran;
        }

        // 5) cool SMS์ธ์ฆ๋ฒˆํ˜ธ ๋ฐœ์†ก
        try{
            // ์ธ์ฆ ๋ฉ”์‹œ์ง€ ์ƒ์„ฑ
            Message message = new Message();
            message.setFrom("01043753181");
            message.setTo(smsCertificateReq.getPhoneNum());
            message.setText((findType == "I"? "Jatteoli ์•„์ด๋”” ์ฐพ๊ธฐ\n์ธ์ฆ๋ฒˆํ˜ธ" : "Jatteoli ๋น„๋ฐ€๋ฒˆํ˜ธ ์ฐพ๊ธฐ\n์ธ์ฆ๋ฒˆํ˜ธ") + " : ["+certificationNum+"]");

            // coolSMS API ์‚ฌ์šฉํ•˜์—ฌ ์‚ฌ์šฉ์ž ํ•ธ๋“œํฐ์— ์ „์†ก
            SingleMessageSentResponse response = this.messageService.sendOne(new SingleMessageSendingRequest(message));
            log.info("coolSMS API์š”์ฒญ :{}", response);

            // DB์— ์ „์†ก ์ธ์ฆ์ •๋ณด ์ €์žฅ
            int smsSendRes = smsDao.smsSend(smsCertificateReq, certificationNum, findType);

            return smsSendRes;
        }catch(Exception exception){
            throw new BaseException(COOLSMS_API_ERROR); // 5010 : SMS ์ธ์ฆ๋ฒˆํ˜ธ ๋ฐœ์†ก์„ ์‹คํŒจํ•˜์˜€์Šต๋‹ˆ๋‹ค.
        }
    }
  • ์•„์ด๋”” ์ฐพ๊ธฐ์ธ์ง€ ๋น„๋ฐ€๋ฒˆํ˜ธ ์žฌ์„ค์ • ์š”์ฒญ์ธ์ง€ ์ปจํŠธ๋กค๋Ÿฌ์—์„œ ๊ตฌ๋ณ„ํ–ˆ์œผ๋ฉด ์ฝ”๋“œ๊ฐ€ ๋” ๊น”๋”ํ–ˆ์„ ๊ฒƒ ๊ฐ™์€๋ฐ.. ํƒ€์ž… ์„ค์ •์ด๋‚˜ DB์— ์ €์žฅํ•˜๋Š” ๊ธฐ์ค€์„ ๋„ˆ๋ฌด ํ•˜๋‚˜๋งŒ ๋ฐ”๋ผ๋ณด๊ณ  ์ฒ˜๋ฆฌํ•˜์˜€๋‹ค..
  • ๋ฐ˜ํ™˜ ๊ฐ’์€ DB์— ์ €์žฅ๋œ smsIdx ๊ฐ’์„ ์ฃผ์—ˆ๋‹ค.
  • SellerDao.java
public int validLoginInfo(SmsCertificateReq smsCertificateReq, String findType){
        String query = "SELECT EXISTS(" +
                "SELECT * FROM Merchandisers M " +
                (findType.equals("I") ? "WHERE M.name = ? AND M.phone = ?)" : "WHERE M.uid = ? AND M.phone = ?)");

        Object[] params = new Object[]{
                (findType.equals("I") ?smsCertificateReq.getName() : smsCertificateReq.getUid()),
                smsCertificateReq.getPhoneNum()
        };
        return this.jdbcTemplate.queryForObject(query, int.class, params);
    }
public int smsSend(SmsCertificateReq smsCertificateReq, String certificationNum, String checkType){
        String query = "INSERT INTO Sms(phone, name, uid, certification_num, status)" +
                "VALUES(?, ?, ?, ?, ?);";

        Object[] params = new Object[]{
                smsCertificateReq.getPhoneNum(),
                smsCertificateReq.getName() == null ? null : smsCertificateReq.getName(),
                smsCertificateReq.getUid() == null ? null : smsCertificateReq.getUid(),
                certificationNum,
                checkType
        };

        this.jdbcTemplate.update(query, params);

        String lastInsertIdQuery = "select last_insert_id()";
        return this.jdbcTemplate.queryForObject(lastInsertIdQuery,int.class);
    }

6. /jat/sellers/id-find, /jat/sellers/pw-find

id-find : ์•„์ด๋”” ์ฐพ๊ธฐ ๋ฒˆํ˜ธ ์ธ์ฆ ์š”์ฒญ ํ›„ ์ธ์ฆ๋ฒˆํ˜ธ๋ฅผ ์ž…๋ ฅ ํ•ด์„œ ์•„์ด๋”” ์ฐพ๊ธฐ ์š”์ฒญ

pw-find: ๋น„๋ฐ€๋ฒˆํ˜ธ ์žฌ์„ค์ • ๋ฒˆํ˜ธ ์ธ์ฆ ์š”์ฒญ ํ›„ ์ธ์ฆ ๋ฒˆํ˜ธ๋ฅผ ์ž…๋ ฅ ํ•ด์„œ ๋น„๋ฐ€๋ฒˆํ˜ธ ์žฌ์„ค์ • ์š”์ฒญ

  • ๋งˆ์ฐฌ๊ฐ€์ง€๋กœ ๋ชจ๋“  ๋ฒˆํ˜ธ ์ธ์ฆ์€ SMS ์ธ์ฆ์œผ๋กœ ๊ตฌํ˜„ํ•˜์˜€๋‹ค. -> SMS ๋ฌธ์ž ์ธ์ฆ ํฌ์ŠคํŒ…
  • ์œ„์— ์žˆ๋Š” 5. /jat/sellers/lost ์™€ ๋˜‘๊ฐ™์€ ์–‘์‹์— ํ•ธ๋“œํฐ์œผ๋กœ ์ˆ˜์‹ ๋ฐ›์€ ์ธ์ฆ๋ฒˆํ˜ธ๋ฅผ ์ถ”๊ฐ€๋กœ Body์— ๋‹ด์•„ POST๋กœ ์š”์ฒญํ•œ๋‹ค.
  • ์š”์ฒญ ๋ฐ”๋”” [ReceivedNumConfReq.java]
  • SellerController.java
  • id-find: ์•„์ด๋”” ์ฐพ๊ธฐ๋Š” ํ•œ ์‚ฌ์šฉ์ž๊ฐ€ ์—ฌ๋Ÿฌ ๊ฐœ์˜ ๊ฐ€์ž…์ •๋ณด๋ฅผ ๊ฐ€์งˆ ์ˆ˜ ์žˆ์œผ๋ฉฐ ์•„์ด๋””, ์ƒ์„ฑ๋‚ ์งœ๋ฅผ ๋ฆฌ์ŠคํŠธ ํ˜•ํƒœ๋กœ ๋ฐ˜ํ™˜ํ•˜์˜€๊ณ ,
  • pw-find: ๋น„๋ฐ€๋ฒˆํ˜ธ๋Š” ๋ณธ์ธ ์™ธ์— ๋ฐ”๊พธ๋ฉด ์•ˆ๋˜๊ธฐ์—, ๋‹ค์Œ ์žฌ์„ค์ • ์š”์ฒญ์—์„œ ์ธ๊ฐ€๋œ ์ ‘๊ทผ์„ ํ•  ์ˆ˜ ์žˆ๋„๋ก jwt๋ฅผ ํฌํ•จํ•˜์—ฌ ๋ฐ˜ํ™˜ํ•œ๋‹ค.
  • SellerService.java
// ์•„์ด๋”” ์ฐพ๊ธฐ
public List<ReceivedNumConfRes> idFind(ReceivedNumConfReq receivedNumConfReq) throws BaseException{
        try{
            int smsIdx = smsDao.smsCheckId(receivedNumConfReq);

            if (smsIdx == 1){
                return sellerDao.idFind(receivedNumConfReq);
            }
            else{
                throw new BaseException(SMS_CERTIFICATE_FAILED); // 4022 : SMS ์ธ์ฆ ์‹คํŒจ
            }

        }catch(Exception exception){
            throw new BaseException(SMS_DATA_FIND_ERROR); // 4021 : ์œ ํšจํ•˜์ง€ ์•Š์€ SMS ์ธ์ฆ๋ฒˆํ˜ธ ์š”์ฒญ์ž…๋‹ˆ๋‹ค.
        }
    }
// ๋น„๋ฐ€๋ฒˆํ˜ธ ์ฐพ๊ธฐ
public ReceivedNumConfPwRes pwFind(ReceivedNumConfReq receivedNumConfReq) throws BaseException{
        try{
            int smsIdx = smsDao.smsCheckPw(receivedNumConfReq);

            if (smsIdx == 1){
                int sellerIdx = sellerDao.JwtForRestorePw(receivedNumConfReq);
                String jwt = jwtTokenProvider.createJwt(sellerIdx, "Merchandiser");
                return new ReceivedNumConfPwRes(jwt, receivedNumConfReq.getUid(), 1);
            }
            else{
                throw new BaseException(SMS_CERTIFICATE_FAILED); // 4021 : ๋น„๋ฐ€๋ฒˆํ˜ธ ์•”ํ˜ธํ™”์— ์‹คํŒจํ•˜์˜€์Šต๋‹ˆ๋‹ค
            }
        }catch(Exception exception){
            throw new BaseException(SMS_DATA_FIND_ERROR); // 4022 : SMS ์ธ์ฆ ์‹คํŒจ
        }
    }
  • SmsDao.java
// ์•„์ด๋”” ์ฐพ๊ธฐ : ์•„์ด๋”” ์ฐพ๊ธฐ ์ „ ์ธ์ฆ ์š”์ฒญ์„ ๋ณด๋ƒˆ์„ ๋•Œ ๋ฐœ์ƒํ•œ ์ธ์ฆ๋ฒˆํ˜ธ๋ฅผ ํ˜„์‹œ๊ฐ์œผ๋กœ๋ถ€ํ„ฐ 3๋ถ„์ด๋‚ด,
//             ์š”์ฒญํ•œ ์ „ํ™”๋ฒˆํ˜ธ์™€ ์ด๋ฆ„์œผ๋กœ ๊ฐ€์ž…๋œ ํšŒ์›์˜ ๋งˆ์ง€๋ง‰ ๋ฐœ์ƒ ์ธ์ฆ๋ฒˆํ˜ธ๋ฅผ ์กฐํšŒํ•œ๋‹ค.
public int smsCheckId(ReceivedNumConfReq receivedNumConfReq) {
        String query = "SELECT EXISTS(\n" +
                "    SELECT\n" +
                "        * \n" +
                "    FROM Sms WHERE phone = ?\n" +
                "               AND name = ?\n" +
                "               AND certification_num = ?\n" +
                "               AND status = 'I'\n" +
                "               AND created >= DATE_ADD(NOW(), INTERVAL -3 MINUTE) \n" +
                "            ORDER BY created DESC LIMIT 1" +
                "    )";

        Object[] params = new Object[]{
                receivedNumConfReq.getPhoneNum(),
                receivedNumConfReq.getName(),
                receivedNumConfReq.getCertificationNum()
        };

        return this.jdbcTemplate.queryForObject(query, int.class, params);
    }
// ๋น„๋ฐ€๋ฒˆํ˜ธ ์ฐพ๊ธฐ : ์•„์ด๋”” ์ฐพ๊ธฐ์™€ ๊ฐ™์€ ์‹œ๊ฐ„ ๋ฒ”์œ„์—์„œ ๋งˆ์ง€๋ง‰ ์ธ์ฆ๋ฒˆํ˜ธ๋ฅผ ์กฐํšŒํ•˜์—ฌ ๋น„๊ตํ•œ๋‹ค.
//               ์กด์žฌํ•œ๋‹ค๋ฉด, ๋น„๋ฐ€๋ฒˆํ˜ธ ์žฌ์„ค์ • ๊ฐ€๋Šฅ.
public int smsCheckPw(ReceivedNumConfReq receivedNumConfReq){
        String query = "SELECT EXISTS(\n" +
                "    SELECT\n" +
                "        *\n" +
                "    FROM Sms WHERE phone = ? \n" +
                "               AND uid = ? \n" +
                "               AND certification_num = ? \n" +
                "               AND status = 'P'\n" +
                "               AND created >= DATE_ADD(NOW(), INTERVAL -3 MINUTE) \n" +
                "            ORDER BY created DESC LIMIT 1" +
                "    )";

        Object[] params = new Object[]{
                receivedNumConfReq.getPhoneNum(),
                receivedNumConfReq.getUid(),
                receivedNumConfReq.getCertificationNum()
        };

        return this.jdbcTemplate.queryForObject(query, int.class, params);
    }

7. /jat/sellers/pw-restore

๋น„๋ฐ€๋ฒˆํ˜ธ ์žฌ์„ค์ • ์š”์ฒญ

    1. /jat/sellers/pw-find ์š”์ฒญ ์ดํ›„, ์•Œ๋งž์€ ์ธ์ฆ๋ฒˆํ˜ธ๋กœ ์ธ์ฆ์ด ์™„๋ฃŒ๋˜๋ฉด, ๋น„๋ฐ€๋ฒˆํ˜ธ ์žฌ์„ค์ • ํ™”๋ฉด์œผ๋กœ ๋„˜์–ด๊ฐ€๊ฒŒ ๋œ๋‹ค.
  • ๋งŒ์ผ ํ•ด๋‹น URI๋กœ ์˜๋„์น˜ ์•Š์€ ์ ‘๊ทผ์„ ํ†ตํ•ด ์œ ์ €์˜ PW๋ฅผ ๋‹ค๋ฅธ ์‚ฌ๋žŒ์ด ๋ณ€๊ฒฝํ•˜๋ คํ•œ๋‹ค๋ฉด, ์•ˆ๋˜๊ธฐ ๋•Œ๋ฌธ์— ๋น„๋ฐ€๋ฒˆํ˜ธ ์žฌ์„ค์ • ์ „ ์ธ์ฆ ๊ณผ์ •์—์„œ ๋ฐœํ–‰ํ•œ JWT ํ† ํฐ์„ ํ—ค๋”์— ๋‹ด์•„์„œ ๋ฐ˜๋“œ์‹œ ์š”์ฒญํ•˜๋„๋ก ๊ตฌํ˜„ํ•˜๊ธฐ๋กœ ํ•˜์˜€๋‹ค.

(1) ๋กœ์ง ํ”Œ๋กœ์šฐ
1. ๋ฐ”๊ฟ€ ๋น„๋ฐ€๋ฒˆํ˜ธ์™€, ์˜ฌ๋ฐ”๋ฅด๊ฒŒ ์ž…๋ ฅํ–ˆ๋Š”์ง€ ํ™•์ธ์šฉ ๋น„๋ฐ€๋ฒˆํ˜ธ๋ฅผ Patch๋กœ ์š”์ฒญ๋ฐ›๋Š”๋‹ค.
2. ๋‘ ๋น„๋ฐ€๋ฒˆํ˜ธ ๊ฐ’์ด ๊ฐ™์€์ง€ ๋น„๊ตํ•œ๋‹ค.
3. ๊ฐ™๋‹ค๋ฉด SHA256 ์•”ํ˜ธํ™” ์•Œ๊ณ ๋ฆฌ์ฆ˜์„ ํ†ตํ•ด ๋‹ค์‹œ ์•”ํ˜ธํ™”ํ•˜๊ณ ,
4. DB์— ํ•ด๋‹น ์œ ์ €์˜ password ์นผ๋Ÿผ์˜ ๊ฐ’์„ ์ˆ˜์ •ํ•œ๋‹ค.

  • ์š”์ฒญ ๋ฐ”๋”” [RestorePwReq.java]
  • SellerController.java
 @Transactional(rollbackFor = BaseException.class)
    public RestorePwRes pwRestore(RestorePwReq restorePwReq, int sellerIdx) throws BaseException{
        if (!restorePwReq.getPw().equals(restorePwReq.getPwCheck())){
            throw new BaseException(MODIFY_FAIL_USERPASSWORD); // 4015 : ์œ ์ € ๋น„๋ฐ€๋ฒˆํ˜ธ ์ˆ˜์ • ์‹คํŒจ
        }

        String pwd, salt;
        try{
            salt = SHA256.createSalt(restorePwReq.getPw()); // ๋น„๋ฐ€๋ฒˆํ˜ธ๋ฅผ ์ด์šฉํ•˜์—ฌ salt ์ƒ์„ฑ
            pwd = new SHA256().encrypt(restorePwReq.getPw(), salt); // ๋น„๋ฐ€๋ฒˆํ˜ธ ์•”ํ˜ธํ™”
        }catch(Exception exception){
            throw new BaseException(PASSWORD_ENCRYPTION_ERROR); // 4011 : ๋น„๋ฐ€๋ฒˆํ˜ธ ์•”ํ˜ธํ™”์— ์‹คํŒจํ•˜์˜€์Šต๋‹ˆ๋‹ค.
        }

        try{
            sellerDao.pwRestore(sellerIdx, salt, pwd);
            return new RestorePwRes(0,1);
        }catch(Exception exception){
            throw new BaseException(MODIFY_FAIL_USERPASSWORD); // 4015 : ์œ ์ € ๋น„๋ฐ€๋ฒˆํ˜ธ ์ˆ˜์ • ์‹คํŒจ
        }
    }
  • SellerDao.java
    -> jwt๋ฅผ ํ†ตํ•ด ๋„˜๊ฒจ ๋ฐ›์€ ํŒ๋งค์ž ์‹๋ณ„ Id๋กœ DBํ…Œ์ด๋ธ”์— ๊ฐ’์„ UPDATEํ•˜์˜€๋‹ค.
public void pwRestore(int sellerIdx, String salt, String pwd) {
        String query = "UPDATE Merchandisers\n" +
                "SET salt = ? , password = ?\n" +
                "WHERE sellerIdx = ?";

        Object[] params = new Object[]{
                salt,
                pwd,
                sellerIdx
        };

        this.jdbcTemplate.update(query, params);
    }

์ด์ œ ํšŒ์›์ œ, ๋กœ๊ทธ์ธ์— ๊ด€๋ จ๋œ ๊ธฐ๋Šฅ์€ ๋ชจ๋‘ ํฌ์ŠคํŒ… ์™„๋ฃŒํ•˜์˜€๋‹ค.
๋‹ค์Œ ํฌ์ŠคํŒ…์€ ๋งˆ์ง€๋ง‰์œผ๋กœ ํ•ด๋‹น ํ”Œ๋กœ์šฐ๋ฐ๋กœ ๋ชจ๋‘ API ํ…Œ์ŠคํŠธ๋ฅผ ์ง„ํ–‰ํ•˜๊ณ  DB์— ์ €์žฅ๋˜๋Š” ๊ฐ’๋„ ํ™•์ธํ•ด ๋ณด๊ฒ ์Œ.

0๊ฐœ์˜ ๋Œ“๊ธ€