diff --git a/app.js b/app.js index 6ff705a..abc190f 100644 --- a/app.js +++ b/app.js @@ -5,20 +5,6 @@ const cookieParser = require('cookie-parser'); const morgan = require('morgan'); const {stream} = require('./logger'); const bodyParser = require('body-parser'); -const session = require('express-session'); -const MySQLStore = require('express-mysql-session')(session); -//const logger = require('./logger'); -//const morganFormat = process.env.NODE_ENV !== "production" ? "dev" : "combined"; // NOTE: morgan 출력 형태 - -var options = { - host: '10.19.247.204', - port: 3306, - user: '42seoul', - password: 'kookmin', - database: 'innoacca', -}; - -var sessionStore = new MySQLStore(options); let envPath = ''; process.env.NODE_ENV = ( process.env.NODE_ENV && ( process.env.NODE_ENV ).trim().toLowerCase() == 'production' ) ? 'production' : 'development'; @@ -48,16 +34,6 @@ app.use(express.urlencoded({ extended: false })); app.use(bodyParser.urlencoded({ extended: false })); app.use(bodyParser.json()); app.use(cookieParser()); -app.use(session({ - key: 'sid', - secret: 'secret', - resave: false, - saveUninitialized: true, - store: sessionStore, - cookie: { - maxAge: 24000 * 60 * 60 // 쿠키 유효기간 24시간 - } -})); app.use(express.static(path.join(__dirname, 'public'))); //app.use(morgan(morganFormat, { stream: logger.httpLogStream })); // NOTE: http request 로그 남기기 app.use(morgan('combined', {stream})); diff --git a/config/jwt.js b/config/jwt.js new file mode 100644 index 0000000..8c9b025 --- /dev/null +++ b/config/jwt.js @@ -0,0 +1,3 @@ +let jwtObj = {}; +jwtObj.secret = "apple" +module.exports = jwtObj \ No newline at end of file diff --git a/controllers/auth/authController.js b/controllers/auth/authController.js index 1b53368..94c8b91 100644 --- a/controllers/auth/authController.js +++ b/controllers/auth/authController.js @@ -1,3 +1,6 @@ +let jwt = require("jsonwebtoken"); +let secretObj = require("../../config/jwt"); + const signUpDAO = require('../../models/auth/authDAO'); const userDAO = require('../../models/user/userDAO'); const paramsCheck = require('../../lib/paramsCheck'); @@ -35,8 +38,6 @@ const signUpController = async (req, res, next) => { try { let signUpResult = await signUpDAO.signUpDAO(reqUserDataObject); let authResult = await signUpDAO.authDAO(reqAuthDataObject); - console.log(signUpResult); - console.log(authResult); return res.status(200).send({ signUpResult, authResult }); } catch (err) { return res.status(500).send(err); @@ -59,6 +60,16 @@ const signInController = async (req, res, next) => { let DBPassword = signInResult[0][0].password; let hashPassword = crypto.createHash("sha512").update(password + salt).digest("hex"); + let token = jwt.sign({ + id: id, + password: hashPassword, // 토큰의 내용(payload) + usn: userResult[0][0].USN, + }, + secretObj.secret , // 비밀 키 + { + expiresIn: '60m' // 유효 시간은 5분 + }) + if(paramsCheck.numberCheck([]) === false) { return res.status(500).json({ statusCode: 500, message: `Cotroller: 정수가 아닌 파라미터` }) } @@ -70,15 +81,10 @@ const signInController = async (req, res, next) => { reqDataObject.password = hashPassword; try { if (reqDataObject.password === DBPassword) { - req.session.usn = userResult[0][0].USN; - //res.redirect("/index"); - // return res.status(200).send({statusCode: 202, message: `로그인 성공`}); - req.session.save(() => { - res.send({ - title: "로그인 성공", - session : req.session - }); - }); + res.cookie("token", token); + res.json({ + token: token + }) } else { return res.status(500).json({ statusCode: 502, message: `Controller: 비밀번호 틀림` }); @@ -90,10 +96,6 @@ const signInController = async (req, res, next) => { } const signOutController = async (req, res, next) => { - console.log(req.session.id); - req.session.destroy(); - res.clearCookie('sid'); - res.redirect("/auth/login") } diff --git a/controllers/lib/jwtCheck.js b/controllers/lib/jwtCheck.js new file mode 100644 index 0000000..14a6aae --- /dev/null +++ b/controllers/lib/jwtCheck.js @@ -0,0 +1,15 @@ +let jwt = require("jsonwebtoken"); +let secretObj = require("../../config/jwt"); + +const jwtCheckLogic = (req, res) => { + const token = req.headers['x-access-token'] || req.query.token; + //console.log(token); + + let decoded = jwt.verify(token, secretObj.secret); + + return decoded; +} + +module.exports = { + jwtCheckLogic, +} \ No newline at end of file diff --git a/controllers/lib/keyword.js b/controllers/lib/keyword.js index 872a749..e20009b 100644 --- a/controllers/lib/keyword.js +++ b/controllers/lib/keyword.js @@ -4,7 +4,6 @@ const keywordLogic = (categoryResult, keywordResult) => { let libResult = new Array(); for (i = 0; i < keywordResult[0].length; i++) { - console.log("start: " + start + " category: " + keywordResult[0][i].category_ID); if (start === keywordResult[0][i].category_ID) { keywordList[start].keyword.push({ "keywordId": keywordResult[0][i].keyword_ID, @@ -34,8 +33,6 @@ const keywordLogic = (categoryResult, keywordResult) => { } } - console.log(keywordList); - libResult.push({ allCategory: [], }) diff --git a/controllers/user/userController.js b/controllers/user/userController.js index 59a30ff..f986697 100644 --- a/controllers/user/userController.js +++ b/controllers/user/userController.js @@ -1,9 +1,11 @@ const userDAO = require('../../models/user/userDAO'); const paramsCheck = require('../../lib/paramsCheck'); const lib = require('../lib/createReqDataObject'); +let jwtCheckLogic = require("../lib/jwtCheck"); const getUserController = async (req, res, next) => { - let usn = parseInt(req.params.usn); + let decoded = jwtCheckLogic.jwtCheckLogic(req, res); + let usn = decoded.usn; if(paramsCheck.numberCheck([usn]) === false) { return res.status(500).json({ statusCode: 500, message: `Cotroller: 정수가 아닌 파라미터` }) @@ -13,6 +15,7 @@ const getUserController = async (req, res, next) => { } else { let reqDataObject = lib.createReqDataObject(req.params, req.body); + reqDataObject.usn = usn try { let users = await userDAO.getUserDAO(reqDataObject); return res.status(200).send(users[0][0]); diff --git a/package-lock.json b/package-lock.json index 1c34dae..7aa76cf 100644 --- a/package-lock.json +++ b/package-lock.json @@ -205,6 +205,11 @@ "fill-range": "^7.0.1" } }, + "buffer-equal-constant-time": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/buffer-equal-constant-time/-/buffer-equal-constant-time-1.0.1.tgz", + "integrity": "sha1-+OcRMvf/5uAaXJaXpMbz5I1cyBk=" + }, "bytes": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/bytes/-/bytes-3.1.0.tgz", @@ -491,6 +496,14 @@ "resolved": "https://registry.npmjs.org/duplexer3/-/duplexer3-0.1.4.tgz", "integrity": "sha1-7gHdHKwO08vH/b6jfcCo8c4ALOI=" }, + "ecdsa-sig-formatter": { + "version": "1.0.11", + "resolved": "https://registry.npmjs.org/ecdsa-sig-formatter/-/ecdsa-sig-formatter-1.0.11.tgz", + "integrity": "sha512-nagl3RYrbNv6kQkeJIpt6NJZy8twLB/2vtz6yN9Z4vRKHN4/QZJIEbqohALSgwKdnksuY3k5Addp5lg8sVoVcQ==", + "requires": { + "safe-buffer": "^5.0.1" + } + }, "ee-first": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/ee-first/-/ee-first-1.1.1.tgz", @@ -1000,6 +1013,49 @@ "resolved": "https://registry.npmjs.org/json-buffer/-/json-buffer-3.0.0.tgz", "integrity": "sha1-Wx85evx11ne96Lz8Dkfh+aPZqJg=" }, + "jsonwebtoken": { + "version": "8.5.1", + "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-8.5.1.tgz", + "integrity": "sha512-XjwVfRS6jTMsqYs0EsuJ4LGxXV14zQybNd4L2r0UvbVnSF9Af8x7p5MzbJ90Ioz/9TI41/hTCvznF/loiSzn8w==", + "requires": { + "jws": "^3.2.2", + "lodash.includes": "^4.3.0", + "lodash.isboolean": "^3.0.3", + "lodash.isinteger": "^4.0.4", + "lodash.isnumber": "^3.0.3", + "lodash.isplainobject": "^4.0.6", + "lodash.isstring": "^4.0.1", + "lodash.once": "^4.0.0", + "ms": "^2.1.1", + "semver": "^5.6.0" + }, + "dependencies": { + "ms": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" + } + } + }, + "jwa": { + "version": "1.4.1", + "resolved": "https://registry.npmjs.org/jwa/-/jwa-1.4.1.tgz", + "integrity": "sha512-qiLX/xhEEFKUAJ6FiBMbes3w9ATzyk5W7Hvzpa/SLYdxNtng+gcurvrI7TbACjIXlsJyr05/S1oUhZrc63evQA==", + "requires": { + "buffer-equal-constant-time": "1.0.1", + "ecdsa-sig-formatter": "1.0.11", + "safe-buffer": "^5.0.1" + } + }, + "jws": { + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/jws/-/jws-3.2.2.tgz", + "integrity": "sha512-YHlZCB6lMTllWDtSPHz/ZXTsi8S00usEV6v1tjq8tOUZzw7DpSDWVXjXDre6ed1w/pd495ODpHZYSdkRTsa0HA==", + "requires": { + "jwa": "^1.4.1", + "safe-buffer": "^5.0.1" + } + }, "keyv": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/keyv/-/keyv-3.1.0.tgz", @@ -1021,6 +1077,41 @@ "package-json": "^6.3.0" } }, + "lodash.includes": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/lodash.includes/-/lodash.includes-4.3.0.tgz", + "integrity": "sha1-YLuYqHy5I8aMoeUTJUgzFISfVT8=" + }, + "lodash.isboolean": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/lodash.isboolean/-/lodash.isboolean-3.0.3.tgz", + "integrity": "sha1-bC4XHbKiV82WgC/UOwGyDV9YcPY=" + }, + "lodash.isinteger": { + "version": "4.0.4", + "resolved": "https://registry.npmjs.org/lodash.isinteger/-/lodash.isinteger-4.0.4.tgz", + "integrity": "sha1-YZwK89A/iwTDH1iChAt3sRzWg0M=" + }, + "lodash.isnumber": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/lodash.isnumber/-/lodash.isnumber-3.0.3.tgz", + "integrity": "sha1-POdoEMWSjQM1IwGsKHMX8RwLH/w=" + }, + "lodash.isplainobject": { + "version": "4.0.6", + "resolved": "https://registry.npmjs.org/lodash.isplainobject/-/lodash.isplainobject-4.0.6.tgz", + "integrity": "sha1-fFJqUtibRcRcxpC4gWO+BJf1UMs=" + }, + "lodash.isstring": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/lodash.isstring/-/lodash.isstring-4.0.1.tgz", + "integrity": "sha1-1SfftUVuynzJu5XV2ur4i6VKVFE=" + }, + "lodash.once": { + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/lodash.once/-/lodash.once-4.1.1.tgz", + "integrity": "sha1-DdOXEhPHxW34gJd9UEyI+0cal6w=" + }, "logform": { "version": "2.2.0", "resolved": "https://registry.npmjs.org/logform/-/logform-2.2.0.tgz", diff --git a/package.json b/package.json index 69351e2..80daf63 100644 --- a/package.json +++ b/package.json @@ -16,6 +16,7 @@ "express-mysql-session": "^2.1.4", "express-session": "^1.17.1", "http-errors": "~1.6.3", + "jsonwebtoken": "^8.5.1", "morgan": "~1.9.1", "mysql2": "^2.1.0", "nodemon": "^2.0.4", diff --git a/routes/user.js b/routes/user.js index 4a2e5d2..582db65 100644 --- a/routes/user.js +++ b/routes/user.js @@ -6,7 +6,7 @@ const careerController = require('../controllers/user/careerController'); const matchingController = require('../controllers/user/matchingController'); // USER -router.get('/inform/:usn', userController.getUserController); +router.get('/inform', userController.getUserController); router.put('/inform/:usn', userController.updateUserController); // KEYWORD diff --git a/views/index.ejs b/views/index.ejs index cc258a0..5f32ad8 100644 --- a/views/index.ejs +++ b/views/index.ejs @@ -13,3 +13,5 @@ + +