From cd81956d7c518c7668bd2f060d80aac255aea5a4 Mon Sep 17 00:00:00 2001
From: dyhj625 <dyhj625@local-host.co.kr>
Date: Fri, 17 Jan 2025 13:29:19 +0900
Subject: [PATCH] =?UTF-8?q?=EA=B2=8C=EC=8B=9C=ED=8C=90=20=EC=95=94?=
 =?UTF-8?q?=ED=98=B8=ED=99=94=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../controller/api/BoardController.java       | 47 ++++++++++++++-----
 .../localhost/mapper/localbordMapper.java     | 10 ++--
 .../localhost/service/localbordService.java   | 21 ++++-----
 src/main/resources/mapper/localbordMapper.xml | 16 ++++---
 4 files changed, 58 insertions(+), 36 deletions(-)

diff --git a/src/main/java/io/company/localhost/controller/api/BoardController.java b/src/main/java/io/company/localhost/controller/api/BoardController.java
index a707f0a..3bfd031 100644
--- a/src/main/java/io/company/localhost/controller/api/BoardController.java
+++ b/src/main/java/io/company/localhost/controller/api/BoardController.java
@@ -26,6 +26,7 @@ import java.util.List;
 import java.util.Map;
 
 import org.springframework.http.ResponseEntity;
+import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.web.bind.annotation.DeleteMapping;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
@@ -53,6 +54,7 @@ import lombok.extern.slf4j.Slf4j;
 @Slf4j
 public class BoardController {
     private final localbordService boardService;
+    private final PasswordEncoder passwordEncoder;
     
     /**
      * 공지사항 목록 조회
@@ -128,11 +130,18 @@ public class BoardController {
      */
     @PostMapping
     public ApiResponse<?> createBoard(@ReqMap MapDto map) {
-    	 BigInteger createdIdx = boardService.createBoard(map); // 작성된 게시물의 idx를 반환
-    	    Map<String, Object> responseData = new HashMap<>();
-    	    responseData.put("CMNBRDSEQ", createdIdx);
-    	    responseData.put("message", "게시물이 작성되었습니다.");
-    	    return ApiResponse.ok(responseData);
+        // 비밀번호 암호화 (익명 게시판 등 비밀번호가 필요한 경우)
+        if (map.containsKey("LOCBRDPWD")) {
+            String rawPassword = map.getString("LOCBRDPWD");
+            String encodedPassword = passwordEncoder.encode(rawPassword);
+            map.put("LOCBRDPWD", encodedPassword);
+        }
+
+        BigInteger createdIdx = boardService.createBoard(map); // 작성된 게시물의 idx를 반환
+        Map<String, Object> responseData = new HashMap<>();
+        responseData.put("CMNBRDSEQ", createdIdx);
+        responseData.put("message", "게시물이 작성되었습니다.");
+        return ApiResponse.ok(responseData);
     }
     
     /**
@@ -246,8 +255,12 @@ public class BoardController {
      */
     @PostMapping("/{LOCBRDSEQ}/comment")
     public ApiResponse<String> addCommentOrReply(@ReqMap MapDto map) {
-        // 부모 댓글 확인
-        
+        // 비밀번호 암호화 (비밀번호가 있는 경우에만)
+        if (map.containsKey("LOCCMTPWD")) {
+            String rawPassword = map.getString("LOCCMTPWD");
+            String encodedPassword = passwordEncoder.encode(rawPassword);
+            map.put("LOCCMTPWD", encodedPassword);
+        }
 
         boardService.addCommentOrReply(map);
         return ApiResponse.ok("댓글 또는 대댓글이 작성되었습니다.");
@@ -294,10 +307,15 @@ public class BoardController {
      */
     @PostMapping("/comment/{commentId}/password")
     public ApiResponse<Boolean> checkCommentPassword(@PathVariable("commentId") int commentId, @ReqMap MapDto map) {
-    	map.put("LOCCMTSEQ", commentId);
-        return ApiResponse.ok(boardService.checkCommentPassword(map));
+        // DB에서 암호화된 비밀번호 조회
+        String storedPassword = boardService.getCommentPassword(commentId);
+        String rawPassword = map.getString("LOCCMTPWD");
+
+        // 비밀번호 검증
+        boolean isMatch = passwordEncoder.matches(rawPassword, storedPassword);
+        return ApiResponse.ok(isMatch);
     }
-    
+
      /**
      * 게시물 비밀번호 확인
      * @param boardId 게시물 ID
@@ -306,8 +324,13 @@ public class BoardController {
      */
     @PostMapping("/{boardId}/password")
     public ApiResponse<Boolean> checkBoardPassword(@PathVariable("boardId") int boardId, @ReqMap MapDto map) {
-    	map.put("LOCBRDSEQ", boardId);
-        return ApiResponse.ok(boardService.checkBoardPassword(map));
+        // DB에서 암호화된 비밀번호 조회
+        String storedPassword = boardService.getBoardPassword(boardId);
+        String rawPassword = map.getString("LOCBRDPWD");
+
+        // 비밀번호 검증
+        boolean isMatch = passwordEncoder.matches(rawPassword, storedPassword);
+        return ApiResponse.ok(isMatch);
     }
     
 //    /**
diff --git a/src/main/java/io/company/localhost/mapper/localbordMapper.java b/src/main/java/io/company/localhost/mapper/localbordMapper.java
index eae03d2..0bf37d3 100644
--- a/src/main/java/io/company/localhost/mapper/localbordMapper.java
+++ b/src/main/java/io/company/localhost/mapper/localbordMapper.java
@@ -42,12 +42,12 @@ public interface localbordMapper {
 
     // 댓글/대댓글 삭제
     void deleteComment(MapDto map);
+    
+    // 게시물 비밀번호 조회
+    String selectCommentPassword(int commentId);
 
-    // 게시물 비밀번호 확인
-    boolean checkBoardPassword(MapDto map);
-
-    // 댓글 비밀번호 확인
-    boolean checkCommentPassword(MapDto map);
+    // 댓글 비밀번호 조회
+    String selectBoardPassword(int boardId);
 
     // 비밀 게시판 여부 확인
     boolean isSecretBoard(Long boardId);
diff --git a/src/main/java/io/company/localhost/service/localbordService.java b/src/main/java/io/company/localhost/service/localbordService.java
index b584c0d..c8225cd 100644
--- a/src/main/java/io/company/localhost/service/localbordService.java
+++ b/src/main/java/io/company/localhost/service/localbordService.java
@@ -77,21 +77,16 @@ public class localbordService {
         boardMapper.deleteComment(map);
     }
 
-    public boolean checkBoardPassword(MapDto map) {
-        return boardMapper.checkBoardPassword(map);
-    }
-
-    public boolean checkCommentPassword(MapDto map) {
-        return boardMapper.checkCommentPassword(map);
-    }
-  
-
-    public boolean isSecretBoard(Long boardId) {
-        return boardMapper.isSecretBoard(boardId);
+    public String getCommentPassword(int commentId) {
+        return boardMapper.selectCommentPassword(commentId);
     }
     
-    public void reactToComment(MapDto map) {
-        boardMapper.reactToComment(map);
+    public String getBoardPassword(int boardId) {
+        return boardMapper.selectBoardPassword(boardId);
+    }
+  
+    public boolean isSecretBoard(Long boardId) {
+        return boardMapper.isSecretBoard(boardId);
     }
     
     public MapDto getCommentById(int commentId) {
diff --git a/src/main/resources/mapper/localbordMapper.xml b/src/main/resources/mapper/localbordMapper.xml
index bb20a33..eb2ac08 100644
--- a/src/main/resources/mapper/localbordMapper.xml
+++ b/src/main/resources/mapper/localbordMapper.xml
@@ -118,14 +118,18 @@
         WHERE LOCCMTSEQ = #{LOCCMTSEQ}
     </delete>
 
-    <!-- 비밀번호 확인 (게시물) -->
-    <select id="checkBoardPassword" resultType="boolean">
-        SELECT COUNT(*) > 0 FROM localbord WHERE LOCBRDSEQ = #{LOCBRDSEQ} AND LOCBRDPWD = #{LOCBRDPWD}
+    <!-- 댓글 비밀번호 조회 -->
+    <select id="selectCommentPassword" resultType="String">
+        SELECT LOCCMTPWD
+        FROM localcomt
+        WHERE LOCCMTSEQ = #{commentId}
     </select>
 
-    <!-- 비밀번호 확인 (댓글) -->
-    <select id="checkCommentPassword" resultType="boolean">
-        SELECT COUNT(*) > 0 FROM localcomt WHERE LOCCMTSEQ = #{LOCCMTSEQ} AND LOCCMTPWD = #{LOCCMTPWD}
+    <!-- 게시물 비밀번호 조회 -->
+    <select id="selectBoardPassword" resultType="String">
+        SELECT LOCBRDPWD
+        FROM localbord
+        WHERE LOCBRDSEQ = #{boardId}
     </select>
 
     <!-- 비밀 게시판 여부 확인 -->