member password security
This commit is contained in:
parent
ba809a27f5
commit
081326b1ab
|
@ -15,7 +15,6 @@ public class Member {
|
|||
private long id;
|
||||
private String email;
|
||||
private String pw;
|
||||
private String pwSalt;
|
||||
private String name;
|
||||
private String phone;
|
||||
private String companyName;
|
||||
|
@ -59,16 +58,6 @@ public class Member {
|
|||
this.pw = pw;
|
||||
}
|
||||
|
||||
@Basic
|
||||
@Column(name = "PW_SALT", nullable = true, length = 32)
|
||||
public String getPwSalt() {
|
||||
return pwSalt;
|
||||
}
|
||||
|
||||
public void setPwSalt(String pwSalt) {
|
||||
this.pwSalt = pwSalt;
|
||||
}
|
||||
|
||||
@Basic
|
||||
@Column(name = "NAME", nullable = true, length = 50)
|
||||
public String getName() {
|
||||
|
|
|
@ -3,6 +3,7 @@ package com.loafle.overflow.module.member.service;
|
|||
import com.loafle.overflow.module.member.dao.MemberDAO;
|
||||
import com.loafle.overflow.module.member.model.Member;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
/**
|
||||
|
@ -13,6 +14,8 @@ public class MemberService {
|
|||
|
||||
@Autowired
|
||||
private MemberDAO memberDAO;
|
||||
@Autowired
|
||||
private BCryptPasswordEncoder passwordEncoder;
|
||||
|
||||
public Member signin(Member member) throws Exception {
|
||||
Member m = this.memberDAO.findByEmail(member);
|
||||
|
@ -25,14 +28,15 @@ public class MemberService {
|
|||
throw new Exception("Email Auth Confirm Check");
|
||||
}
|
||||
|
||||
// Todo member.pw m.pw compare
|
||||
Boolean match = this.passwordEncoder.matches(member.getPw(), m.getPw());
|
||||
if(!match) return null;
|
||||
|
||||
return m;
|
||||
}
|
||||
|
||||
public Member signup(Member member) {
|
||||
|
||||
|
||||
member.setPw(this.passwordEncoder.encode(member.getPw()));
|
||||
return this.memberDAO.save(member);
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue
Block a user