Skip to content

Commit f5a1762

Browse files
authored
fix(admin): 운영 서버 관리자 로그인 실패 대응 (#181)
관리자 비밀번호 비교 시 앞뒤 공백을 제거하고, 로그인 실패 기본 메시지에 HTTP 상태 코드를 표시하도록 수정
1 parent 77edb0b commit f5a1762

4 files changed

Lines changed: 5 additions & 5 deletions

File tree

.github/workflows/deploy-to-dev-ec2.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -147,7 +147,7 @@ jobs:
147147
ANTHROPIC_API_KEY="${{ secrets.ANTHROPIC_API_KEY }}" \
148148
GOOGLE_GENAI_API_KEY="${{ secrets.GOOGLE_GENAI_API_KEY }}" \
149149
FIREBASE_ADMIN_KEY="${{ secrets.FIREBASE_ADMIN_KEY }}" \
150-
ADMIN_PAGE_PASSWORD="${{ secrets.ADMIN_PAGE_PASSWORD }}" \
150+
ADMIN_PAGE_PASSWORD='${{ secrets.ADMIN_PAGE_PASSWORD }}' \
151151
DEV_TEST_ACCOUNT_PASSWORD="${{ secrets.DEV_TEST_ACCOUNT_PASSWORD }}" \
152152
nohup java -jar "$JAR_PATH" \
153153
--spring.profiles.active=dev > app.log 2>&1 &

.github/workflows/deploy-to-prod-ec2.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -144,7 +144,7 @@ jobs:
144144
ANTHROPIC_API_KEY="${{ secrets.ANTHROPIC_API_KEY }}" \
145145
GOOGLE_GENAI_API_KEY="${{ secrets.GOOGLE_GENAI_API_KEY }}" \
146146
FIREBASE_ADMIN_KEY="${{ secrets.FIREBASE_ADMIN_KEY }}" \
147-
ADMIN_PAGE_PASSWORD="${{ secrets.ADMIN_PAGE_PASSWORD }}" \
147+
ADMIN_PAGE_PASSWORD='${{ secrets.ADMIN_PAGE_PASSWORD }}' \
148148
nohup java -jar "$JAR_PATH" \
149149
--spring.profiles.active=prod > app-prod.log 2>&1 &
150150

src/main/java/com/devkor/ifive/nadab/domain/admin/application/AdminPageAuthCommandService.java

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -16,8 +16,8 @@ public class AdminPageAuthCommandService {
1616
private final AdminPageProperties adminPageProperties;
1717

1818
public void validatePassword(String rawPassword) {
19-
byte[] input = rawPassword.getBytes(StandardCharsets.UTF_8);
20-
byte[] expected = adminPageProperties.getPassword().getBytes(StandardCharsets.UTF_8);
19+
byte[] input = rawPassword.strip().getBytes(StandardCharsets.UTF_8);
20+
byte[] expected = adminPageProperties.getPassword().strip().getBytes(StandardCharsets.UTF_8);
2121

2222
if (!MessageDigest.isEqual(input, expected)) {
2323
throw new UnauthorizedException(ErrorCode.ADMIN_PAGE_INVALID_PASSWORD);

src/main/resources/templates/admin/login.html

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -133,7 +133,7 @@ <h1 class="title">관리자 로그인</h1>
133133
return;
134134
}
135135

136-
let message = '로그인에 실패했습니다.';
136+
let message = `로그인에 실패했습니다. (HTTP ${response.status})`;
137137
try {
138138
const errorBody = await response.json();
139139
if (errorBody && errorBody.message) {

0 commit comments

Comments
 (0)