From 7e4791f27162f17bf41fb60e41f55e5caee31691 Mon Sep 17 00:00:00 2001
From: jungwoo <okjwoo@ajou.ac.kr>
Date: Sat, 23 Jun 2018 14:54:00 +0900
Subject: [PATCH] =?UTF-8?q?secure=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
.gitignore | 3 +-
adapters/allcalorie-db-adapter.js | 13 ++++----
adapters/appdaily-db-adapter.js | 13 ++++----
adapters/appuser-db-adapter.js | 13 ++++----
adapters/appuserjson-db-adapter.js | 13 ++++----
adapters/calorie-db-adapter.js | 13 ++++----
adapters/foodlist-db-adapter.js | 13 ++++----
adapters/login-db-adapter.js | 33 +++++++++++++-------
adapters/signup-db-adapter.js | 45 +++++++++++++++-------------
adapters/trainer-db-adapter.js | 13 ++++----
adapters/trainer-login-db-adapter.js | 13 ++++----
adapters/userinput-db-adapter.js | 13 ++++----
adapters/userupdate-db-adapter.js | 13 ++++----
adapters/webdaily-db-adapter.js | 13 ++++----
adapters/webfood-db-adapter.js | 13 ++++----
adapters/webqa-db-adapter.js | 13 ++++----
adapters/webworkout-db-adapter.js | 13 ++++----
package-lock.json | 5 ++++
package.json | 1 +
routes/login-router.js | 32 ++++++++------------
20 files changed, 166 insertions(+), 135 deletions(-)
diff --git a/.gitignore b/.gitignore
index a5199f6..88069f1 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,3 @@
node_modules/
-.idea
\ No newline at end of file
+.idea
+db-config
\ No newline at end of file
diff --git a/adapters/allcalorie-db-adapter.js b/adapters/allcalorie-db-adapter.js
index 34042ca..cc90e6b 100644
--- a/adapters/allcalorie-db-adapter.js
+++ b/adapters/allcalorie-db-adapter.js
@@ -1,11 +1,12 @@
var mysql = require('mysql');
+var db_config = require('../db-config');
var dbConfig = {
- host: '18.221.204.247',
- port: '3306',
- user: 'root', // mysql user
- password: '5907', // mysql password
- database: 'capstone',
- connectionLimit: 10
+ host: db_config.host,
+ port: db_config.port,
+ user: db_config.user,
+ password: db_config.password,
+ database: db_config.database,
+ connectionLimit: db_config.connectionLimit
}
var dbResult = require('../routes/result');
var pool = mysql.createPool(dbConfig);
diff --git a/adapters/appdaily-db-adapter.js b/adapters/appdaily-db-adapter.js
index 531e5d3..f79e530 100644
--- a/adapters/appdaily-db-adapter.js
+++ b/adapters/appdaily-db-adapter.js
@@ -1,11 +1,12 @@
var mysql = require('mysql');
+var db_config = require('../db-config');
var dbConfig = {
- host: '18.221.204.247',
- port: '3306',
- user: 'root', // mysql user
- password: '5907', // mysql password
- database: 'capstone',
- connectionLimit: 10
+ host: db_config.host,
+ port: db_config.port,
+ user: db_config.user,
+ password: db_config.password,
+ database: db_config.database,
+ connectionLimit: db_config.connectionLimit
}
var dbResult = require('../routes/result');
diff --git a/adapters/appuser-db-adapter.js b/adapters/appuser-db-adapter.js
index 38c4fcd..d81f729 100644
--- a/adapters/appuser-db-adapter.js
+++ b/adapters/appuser-db-adapter.js
@@ -1,11 +1,12 @@
var mysql = require('mysql');
+var db_config = require('../db-config');
var dbConfig = {
- host: '18.221.204.247',
- port: '3306',
- user: 'root', // mysql user
- password: '5907', // mysql password
- database: 'capstone',
- connectionLimit: 10
+ host: db_config.host,
+ port: db_config.port,
+ user: db_config.user,
+ password: db_config.password,
+ database: db_config.database,
+ connectionLimit: db_config.connectionLimit
}
var dbResult = require('../routes/result');
diff --git a/adapters/appuserjson-db-adapter.js b/adapters/appuserjson-db-adapter.js
index e9de807..cc00441 100644
--- a/adapters/appuserjson-db-adapter.js
+++ b/adapters/appuserjson-db-adapter.js
@@ -1,11 +1,12 @@
var mysql = require('mysql');
+var db_config = require('../db-config');
var dbConfig = {
- host: '18.221.204.247',
- port: '3306',
- user: 'root', // mysql user
- password: '5907', // mysql password
- database: 'capstone',
- connectionLimit: 10
+ host: db_config.host,
+ port: db_config.port,
+ user: db_config.user,
+ password: db_config.password,
+ database: db_config.database,
+ connectionLimit: db_config.connectionLimit
}
var dbResult = require('../routes/result');
diff --git a/adapters/calorie-db-adapter.js b/adapters/calorie-db-adapter.js
index cad75f3..4e506e0 100644
--- a/adapters/calorie-db-adapter.js
+++ b/adapters/calorie-db-adapter.js
@@ -1,11 +1,12 @@
var mysql = require('mysql');
+var db_config = require('../db-config');
var dbConfig = {
- host: '18.221.204.247',
- port: '3306',
- user: 'root', // mysql user
- password: '5907', // mysql password
- database: 'capstone',
- connectionLimit: 10
+ host: db_config.host,
+ port: db_config.port,
+ user: db_config.user,
+ password: db_config.password,
+ database: db_config.database,
+ connectionLimit: db_config.connectionLimit
}
var dbResult = require('../routes/result');
var pool = mysql.createPool(dbConfig);
diff --git a/adapters/foodlist-db-adapter.js b/adapters/foodlist-db-adapter.js
index 4988492..3cc8848 100644
--- a/adapters/foodlist-db-adapter.js
+++ b/adapters/foodlist-db-adapter.js
@@ -1,11 +1,12 @@
var mysql = require('mysql');
+var db_config = require('../db-config');
var dbConfig = {
- host: '18.221.204.247',
- port: '3306',
- user: 'root', // mysql user
- password: '5907', // mysql password
- database: 'capstone',
- connectionLimit: 10
+ host: db_config.host,
+ port: db_config.port,
+ user: db_config.user,
+ password: db_config.password,
+ database: db_config.database,
+ connectionLimit: db_config.connectionLimit
}
var dbResult = require('../routes/result');
diff --git a/adapters/login-db-adapter.js b/adapters/login-db-adapter.js
index ce017a7..a6806b7 100644
--- a/adapters/login-db-adapter.js
+++ b/adapters/login-db-adapter.js
@@ -1,18 +1,20 @@
+var bcrypt = require('bcrypt-nodejs');
var mysql = require('mysql');
+var db_config = require('../db-config');
var dbConfig = {
- host: '18.221.204.247',
- port: '3306',
- user: 'root', // mysql user
- password: '5907', // mysql password
- database: 'capstone',
- connectionLimit: 10
+ host: db_config.host,
+ port: db_config.port,
+ user: db_config.user,
+ password: db_config.password,
+ database: db_config.database,
+ connectionLimit: db_config.connectionLimit
}
var dbResult = require('../routes/result');
var pool = mysql.createPool(dbConfig);
var adapter = {};
-var loginSearchQuery = 'SELECT * FROM appuser WHERE id=? AND password=?'; // id/pw를 이용하여 유저 정보 search
+var loginSearchQuery = 'SELECT * FROM appuser WHERE id=?'; // id를 이용하여 유저 정보 search
adapter.loginSearch = function(id, password, cb) {
var resultCode = dbResult.Fail;
@@ -24,16 +26,25 @@ adapter.loginSearch = function(id, password, cb) {
connection.release();
cb(resultCode, []);
} else { // db연결성공
- connection.query(loginSearchQuery, [id, password], function(err, rows) {
+ connection.query(loginSearchQuery, [id], function(err, rows) {
if (err) { // 로그인 실패
console.log(err);
resultCode = dbResult.Fail;
connection.release();
cb(resultCode, []);
} else { // 로그인 성공
- resultCode = dbResult.OK;
- connection.release();
- cb(resultCode, rows);
+ bcrypt.compare(password, rows[0].password, function(err, res) {
+ if (res) {
+ console.log(res);
+ resultCode = dbResult.OK;
+ connection.release();
+ cb(resultCode, rows);
+ } else {
+ resultCode = dbResult.Fail;
+ connection.release();
+ cb(resultCode, []);
+ }
+ });
}
});
}
diff --git a/adapters/signup-db-adapter.js b/adapters/signup-db-adapter.js
index ab2e998..d506c98 100644
--- a/adapters/signup-db-adapter.js
+++ b/adapters/signup-db-adapter.js
@@ -1,11 +1,13 @@
+var bcrypt = require('bcrypt-nodejs');
var mysql = require('mysql');
+var db_config = require('../db-config');
var dbConfig = {
- host: '18.221.204.247',
- port: '3306',
- user: 'root', // mysql user
- password: '5907', // mysql password
- database: 'capstone',
- connectionLimit: 10
+ host: db_config.host,
+ port: db_config.port,
+ user: db_config.user,
+ password: db_config.password,
+ database: db_config.database,
+ connectionLimit: db_config.connectionLimit
}
var dbResult = require('../routes/result');
var pool = mysql.createPool(dbConfig);
@@ -16,7 +18,8 @@ var userWriteQuery = 'INSERT INTO appuser(id, password, name, email) VALUE (?,?,
adapter.signupWrite = function(user, cb) {
var resultCode = dbResult.Fail;
-
+ var password = user.password;
+ console.log(user);
pool.getConnection(function(err, connection) {
if (err) {
console.log(err)
@@ -33,19 +36,21 @@ adapter.signupWrite = function(user, cb) {
connection.release();
cb(resultCode);
} else {
- connection.query(userWriteQuery, [user.id, user.password, user.name, user.email],
- function(err) {
- if (err) {
- console.log(err)
- resultCode = dbResult.Fail;
- connection.release();
- cb(resultCode);
- } else {
- console.log("signup success");
- resultCode = dbResult.OK;
- connection.release();
- cb(resultCode);
- }
+ bcrypt.hash(password, null, null, function(err, hash) {
+ password = hash;
+ connection.query(userWriteQuery, [user.id, password, user.name, user.email], function(err) {
+ if (err) {
+ console.log(err)
+ resultCode = dbResult.Fail;
+ connection.release();
+ cb(resultCode);
+ } else {
+ console.log("signup success");
+ resultCode = dbResult.OK;
+ connection.release();
+ cb(resultCode);
+ }
+ });
});
}
} else { // query가 오지 않는 경우
diff --git a/adapters/trainer-db-adapter.js b/adapters/trainer-db-adapter.js
index c4dc50f..5999afa 100644
--- a/adapters/trainer-db-adapter.js
+++ b/adapters/trainer-db-adapter.js
@@ -1,11 +1,12 @@
var mysql = require('mysql');
+var db_config = require('../db-config');
var dbConfig = {
- host: '18.221.204.247',
- port: '3306',
- user: 'root', // mysql user
- password: '5907', // mysql password
- database: 'capstone',
- connectionLimit: 10
+ host: db_config.host,
+ port: db_config.port,
+ user: db_config.user,
+ password: db_config.password,
+ database: db_config.database,
+ connectionLimit: db_config.connectionLimit
}
var dbResult = require('../routes/result');
diff --git a/adapters/trainer-login-db-adapter.js b/adapters/trainer-login-db-adapter.js
index 37ee209..3cf609f 100644
--- a/adapters/trainer-login-db-adapter.js
+++ b/adapters/trainer-login-db-adapter.js
@@ -1,11 +1,12 @@
var mysql = require('mysql');
+var db_config = require('../db-config');
var dbConfig = {
- host: '18.221.204.247',
- port: '3306',
- user: 'root', // mysql user
- password: '5907', // mysql password
- database: 'capstone',
- connectionLimit: 10
+ host: db_config.host,
+ port: db_config.port,
+ user: db_config.user,
+ password: db_config.password,
+ database: db_config.database,
+ connectionLimit: db_config.connectionLimit
}
var dbResult = require('../routes/result');
diff --git a/adapters/userinput-db-adapter.js b/adapters/userinput-db-adapter.js
index 1d80bc3..c721117 100644
--- a/adapters/userinput-db-adapter.js
+++ b/adapters/userinput-db-adapter.js
@@ -1,11 +1,12 @@
var mysql = require('mysql');
+var db_config = require('../db-config');
var dbConfig = {
- host: '18.221.204.247',
- port: '3306',
- user: 'root', // mysql user
- password: '5907', // mysql password
- database: 'capstone',
- connectionLimit: 10
+ host: db_config.host,
+ port: db_config.port,
+ user: db_config.user,
+ password: db_config.password,
+ database: db_config.database,
+ connectionLimit: db_config.connectionLimit
}
var dbResult = require('../routes/result');
diff --git a/adapters/userupdate-db-adapter.js b/adapters/userupdate-db-adapter.js
index 4f7eeb8..26f5fce 100644
--- a/adapters/userupdate-db-adapter.js
+++ b/adapters/userupdate-db-adapter.js
@@ -1,11 +1,12 @@
var mysql = require('mysql');
+var db_config = require('../db-config');
var dbConfig = {
- host: '18.221.204.247',
- port: '3306',
- user: 'root', // mysql user
- password: '5907', // mysql password
- database: 'capstone',
- connectionLimit: 10
+ host: db_config.host,
+ port: db_config.port,
+ user: db_config.user,
+ password: db_config.password,
+ database: db_config.database,
+ connectionLimit: db_config.connectionLimit
}
var dbResult = require('../routes/result');
diff --git a/adapters/webdaily-db-adapter.js b/adapters/webdaily-db-adapter.js
index 50eeb31..6be8edb 100644
--- a/adapters/webdaily-db-adapter.js
+++ b/adapters/webdaily-db-adapter.js
@@ -1,11 +1,12 @@
var mysql = require('mysql');
+var db_config = require('../db-config');
var dbConfig = {
- host: '18.221.204.247',
- port: '3306',
- user: 'root', // mysql user
- password: '5907', // mysql password
- database: 'capstone',
- connectionLimit: 10
+ host: db_config.host,
+ port: db_config.port,
+ user: db_config.user,
+ password: db_config.password,
+ database: db_config.database,
+ connectionLimit: db_config.connectionLimit
}
var dbResult = require('../routes/result');
diff --git a/adapters/webfood-db-adapter.js b/adapters/webfood-db-adapter.js
index e29871c..669c8f7 100644
--- a/adapters/webfood-db-adapter.js
+++ b/adapters/webfood-db-adapter.js
@@ -1,11 +1,12 @@
var mysql = require('mysql');
+var db_config = require('../db-config');
var dbConfig = {
- host: '18.221.204.247',
- port: '3306',
- user: 'root', // mysql user
- password: '5907', // mysql password
- database: 'capstone',
- connectionLimit: 10
+ host: db_config.host,
+ port: db_config.port,
+ user: db_config.user,
+ password: db_config.password,
+ database: db_config.database,
+ connectionLimit: db_config.connectionLimit
}
var dbResult = require('../routes/result');
diff --git a/adapters/webqa-db-adapter.js b/adapters/webqa-db-adapter.js
index 37ee209..3cf609f 100644
--- a/adapters/webqa-db-adapter.js
+++ b/adapters/webqa-db-adapter.js
@@ -1,11 +1,12 @@
var mysql = require('mysql');
+var db_config = require('../db-config');
var dbConfig = {
- host: '18.221.204.247',
- port: '3306',
- user: 'root', // mysql user
- password: '5907', // mysql password
- database: 'capstone',
- connectionLimit: 10
+ host: db_config.host,
+ port: db_config.port,
+ user: db_config.user,
+ password: db_config.password,
+ database: db_config.database,
+ connectionLimit: db_config.connectionLimit
}
var dbResult = require('../routes/result');
diff --git a/adapters/webworkout-db-adapter.js b/adapters/webworkout-db-adapter.js
index ecf5ebb..66e5b19 100644
--- a/adapters/webworkout-db-adapter.js
+++ b/adapters/webworkout-db-adapter.js
@@ -1,11 +1,12 @@
var mysql = require('mysql');
+var db_config = require('../db-config');
var dbConfig = {
- host: '18.221.204.247',
- port: '3306',
- user: 'root', // mysql user
- password: '5907', // mysql password
- database: 'capstone',
- connectionLimit: 10
+ host: db_config.host,
+ port: db_config.port,
+ user: db_config.user,
+ password: db_config.password,
+ database: db_config.database,
+ connectionLimit: db_config.connectionLimit
}
var dbResult = require('../routes/result');
diff --git a/package-lock.json b/package-lock.json
index 4210ef6..3d6c26c 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -31,6 +31,11 @@
"safe-buffer": "5.1.1"
}
},
+ "bcrypt-nodejs": {
+ "version": "0.0.3",
+ "resolved": "https://registry.npmjs.org/bcrypt-nodejs/-/bcrypt-nodejs-0.0.3.tgz",
+ "integrity": "sha1-xgkX8m3CNWYVZsaBBhwwPCsohCs="
+ },
"bignumber.js": {
"version": "4.0.4",
"resolved": "https://registry.npmjs.org/bignumber.js/-/bignumber.js-4.0.4.tgz",
diff --git a/package.json b/package.json
index 6f3e02b..19c74ef 100644
--- a/package.json
+++ b/package.json
@@ -10,6 +10,7 @@
"url": "http://git.ajou.ac.kr/JINSUYUN/Capstone_Link.git"
},
"dependencies": {
+ "bcrypt-nodejs": "0.0.3",
"body-parser": "^1.18.3",
"cookie-parser": "^1.4.3",
"debug": "~2.6.9",
diff --git a/routes/login-router.js b/routes/login-router.js
index 16ca1fc..51787c4 100644
--- a/routes/login-router.js
+++ b/routes/login-router.js
@@ -22,28 +22,22 @@ router.post('/', function(req, res) {
loginAdapter.loginSearch(userId, userPassword, function(resultCode,rows){
if(resultCode == dbConnection.OK){
if(rows.length > 0){
- if(rows[0].password == obj.password){
- if (resultCode == dbConnection.OK) {
- var response;
- console.log("login success");
- if(rows[0].sex == undefined || rows[0].age == undefined || rows[0].weight == undefined
- || rows[0].height == undefined || rows[0].targetweight == undefined || rows[0].targetperiod == undefined
- || rows[0].workperiod == undefined || rows[0].worklevel == undefined) {
- response = Object.assign(rows[0], {"success":true, "survey":false});
- } else {
- response = Object.assign(rows[0], {"success":true, "survey":true});
- }
- console.log(response);
- res.json(response);
- }
- else {
- console.log("false reason: db disconnected");
- res.json({"success": false});
+ if (resultCode == dbConnection.OK) {
+ var response;
+ console.log("login success");
+ if(rows[0].sex == undefined || rows[0].age == undefined || rows[0].weight == undefined
+ || rows[0].height == undefined || rows[0].targetweight == undefined || rows[0].targetperiod == undefined
+ || rows[0].workperiod == undefined || rows[0].worklevel == undefined) {
+ response = Object.assign(rows[0], {"success":true, "survey":false});
+ } else {
+ response = Object.assign(rows[0], {"success":true, "survey":true});
}
+ console.log(response);
+ res.json(response);
}
else {
- console.log("false reason: wrong pw");
- res.json({"success":false});
+ console.log("false reason: db disconnected");
+ res.json({"success": false});
}
}
else {
--
GitLab