member password security

src/main/java/com/loafle/overflow/module/member/model/Member.java

@@ -15,7 +15,6 @@ public class Member {
     private long id;
     private String email;
     private String pw;
-    private String pwSalt;
     private String name;
     private String phone;
     private String companyName;
@@ -59,16 +58,6 @@ public class Member {
         this.pw = pw;
     }
 
-    @Basic
-    @Column(name = "PW_SALT", nullable = true, length = 32)
-    public String getPwSalt() {
-        return pwSalt;
-    }
-
-    public void setPwSalt(String pwSalt) {
-        this.pwSalt = pwSalt;
-    }
-
     @Basic
     @Column(name = "NAME", nullable = true, length = 50)
     public String getName() {

src/main/java/com/loafle/overflow/module/member/service/MemberService.java

@@ -3,6 +3,7 @@ package com.loafle.overflow.module.member.service;
 import com.loafle.overflow.module.member.dao.MemberDAO;
 import com.loafle.overflow.module.member.model.Member;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.stereotype.Service;
 
 /**
@@ -13,6 +14,8 @@ public class MemberService {
 
     @Autowired
     private MemberDAO memberDAO;
+    @Autowired
+    private BCryptPasswordEncoder passwordEncoder;
 
     public Member signin(Member member) throws Exception {
         Member m = this.memberDAO.findByEmail(member);
@@ -25,14 +28,15 @@ public class MemberService {
             throw new Exception("Email Auth Confirm Check");
         }
 
-        // Todo member.pw m.pw compare
+        Boolean match = this.passwordEncoder.matches(member.getPw(), m.getPw());
+        if(!match) return null;
 
         return m;
     }
 
     public Member signup(Member member) {
 
-
+        member.setPw(this.passwordEncoder.encode(member.getPw()));
         return this.memberDAO.save(member);
     }