- 명색이 관리자 화면인데, 아무나 들어와서 조작하면 안되겠지요? 이제는 마지막으로 로그인/로그아웃 처리를 해보겠습니다. 로그인/로그아웃은 세션을 이용해서 구현합니다.
- 로그인 화면을 구성합니다.
xyz/resources/views/mgmt/index.njk을 작성합니다.<!DOCTYPE html> <html lang="ko"> <head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Login</title> <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous"> </head> <body> <div class="container" style="margin-top: 20px"> <form action="/mgmt/login" method="post" class="form-horizontal" style="margin: 0 auto; max-width: 360px;"> {{ csrfField }} <div class="form-group"> <label for="userid" class="col-sm-3 control-label">아이디</label> <div class="col-sm-9"> <input type="text" id="userid" name="userid" class="form-control" placeholder="당신의 ID를 입력하세요..." required autofocus> </div> </div> <div class="form-group"> <label for="passwd" class="col-sm-3 control-label">비밀번호</label> <div class="col-sm-9"> <input type="password" id="passwd" name="passwd" class="form-control" placeholder="비밀번호를 입력하세요..." required> </div> </div> <input type="submit" class="btn btn-primary btn-block" value="로그인" /> </form> </div> <!-- jQuery (necessary for Bootstrap's JavaScript plugins) --> <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js"></script> <!-- Include all compiled plugins (below), or include individual files as needed --> <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha384-Tc5IQib027qvyjSMfHjOMaLkfuWVxZxUPnCJA7l2mCWNIpG9mGCD8wGNIcPD7Txa" crossorigin="anonymous"></script> </body> </html>
xyz/app/Http/Controllers/Mgmt/MainController.js를 생성합니다.'use strict' class MainController { * index (request, response) { yield response.sendView('mgmt/index') } } module.exports = MainController
xyz/app/Http/routes.js다음을 추가합니다.Route.get('/', 'Mgmt/MainController.index').as('mgmt_index')
- http://localhost:3333/mgmt/ 에 접속하면 로그인화면이 나올 것입니다.
xyz/app/Model/Admin.js에 다음을 추가합니다.... static * isMember(userid, password) { const enc_passwd = crypto.createHash('sha256').update(password).digest('base64') const cnt = yield this.query().whereRaw('userid = ? and password = ?', [userid, enc_passwd]).count('id as cnt') return cnt[0]['cnt'] == 0 ? false : true; } ...
xyz/app/Http/Controllers/Mgmt/MainController.js에Admin모델을 포함시키고, 다음을 추가한다.... const Admin = use('App/Model/Admin') ... // 로그인 * login (request, response) { let userid = request.input('userid') let passwd = request.input('passwd') let is_member = yield Admin.isMember(userid, passwd) if (is_member) { yield request.session.put('mgmt-login', true) response.route('mgmt_admin') return } response.route('mgmt_index') } } ...
xyz/app/Http/routes.js에 다음을 추가한다.... Route.post('/login', 'Mgmt/MainController.login').as('mgmt_login') ...
xyz/app/Http/Controllers/Mgmt/MainController.js에 다음을 추가한다.... // 로그아웃 * logout (request, response) { yield request.session.forget('mgmt-login') response.route('mgmt_index') } ...
xyz/app/Http/routes.js에 다음을 추가한다.... Route.get('/logout', 'Mgmt/MainController.logout').as('mgmt_logout') ...
이제, 로그인도 해보고, 로그아웃도 해보세요. ^^
- AuthMgmt 미들웨어를 생성한다.
$ cd xyz $ node ace make:middleware AuthMgmt
xyz/app/Http/Middlware/AuthMgmt.js내용은 아래와 같이 작성한다.'use strict' class AuthMgmt { * handle (request, response, next) { const mgmt_login = yield request.session.get('mgmt-login') if (mgmt_login != true) { response.route('mgmt_index') return } yield next } } module.exports = AuthMgmt
xyz/app/Http/kernel.js에 AuthMgmt 를 추가한다.... const namedMiddleware = { ... auth_mgmt: 'App/Http/Middleware/AuthMgmt' ... } ...
xyz/app/Http/routes.js파일을 아래처럼 수정한다.const Route = use('Route') Route.group('mgmt', function () { Route.get('/', 'Mgmt/MainController.index').as('mgmt_index') Route.post('/login', 'Mgmt/MainController.login').as('mgmt_login') Route.get('/logout', 'Mgmt/MainController.logout').as('mgmt_logout') }).prefix('/mgmt') Route.group('mgmt_secure', function () { Route.get('/admin', 'Mgmt/AdminController.index').as('mgmt_admin') Route.get('/admin/insert_form', 'Mgmt/AdminController.insert_form').as('mgmt_admin_insert_form') Route.post('/admin/insert', 'Mgmt/AdminController.insert').as('mgmt_admin_insert') Route.get('/admin/chg_passwd_form/:id', 'Mgmt/AdminController.chg_passwd_form').as('mgmt_admin_chg_passwd_form') Route.post('/admin/chg_passwd', 'Mgmt/AdminController.chg_passwd').as('mgmt_admin_chg_passwd') Route.get('/admin/update_form/:id', 'Mgmt/AdminController.update_form').as('mgmt_admin_update_form') Route.post('/admin/update', 'Mgmt/AdminController.update').as('mgmt_admin_update') Route.get('/admin/delete/:id', 'Mgmt/AdminController.delete').as('mgmt_admin_delete') }).prefix('/mgmt').middleware('auth_mgmt')
- 여기까지 작성하면, 로그인해야만 http://localhost:3333/mgmt/admin 을 접근할 수 있게 된다.
댓글 없음:
댓글 쓰기