관리자 관리수정, 에러코드 공통 추가

src/main/java/com/kamco/cd/kamcoback/auth/AuthFailureEventListener.java

@@ -1,31 +0,0 @@
-package com.kamco.cd.kamcoback.auth;
-
-import com.kamco.cd.kamcoback.members.service.AuthService;
-import java.util.UUID;
-import lombok.RequiredArgsConstructor;
-import org.springframework.context.ApplicationListener;
-import org.springframework.security.authentication.event.AbstractAuthenticationFailureEvent;
-import org.springframework.stereotype.Component;
-
-@Component
-@RequiredArgsConstructor
-public class AuthFailureEventListener implements ApplicationListener<AbstractAuthenticationFailureEvent> {
-
-  private final AuthService authService;
-
-  @Override
-  public void onApplicationEvent(AbstractAuthenticationFailureEvent event) {
-    // 로그인 시도에 사용된 (username)
-    Object principal = event.getAuthentication().getPrincipal();
-
-    if (principal instanceof String username) {
-      // 로그인 실패 카운트 증가 로직 호출
-      authService.loginFail(UUID.fromString(username));
-    }
-  }
-
-  @Override
-  public boolean supportsAsyncExecution() {
-    return ApplicationListener.super.supportsAsyncExecution();
-  }
-}

src/main/java/com/kamco/cd/kamcoback/auth/CustomAuthenticationProvider.java

@@ -1,11 +1,13 @@
 package com.kamco.cd.kamcoback.auth;
 
+import com.kamco.cd.kamcoback.common.enums.error.AuthErrorCode;
+import com.kamco.cd.kamcoback.common.exception.CustomApiException;
 import com.kamco.cd.kamcoback.postgres.entity.MemberEntity;
 import com.kamco.cd.kamcoback.postgres.repository.members.MembersRepository;
+import java.time.ZonedDateTime;
 import lombok.RequiredArgsConstructor;
 import org.mindrot.jbcrypt.BCrypt;
 import org.springframework.security.authentication.AuthenticationProvider;
-import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
@@ -28,14 +30,34 @@ public class CustomAuthenticationProvider implements AuthenticationProvider {
     MemberEntity member =
       membersRepository
         .findByUserId(username)
-        .orElseThrow(() -> new BadCredentialsException("ID 또는 비밀번호가 일치하지 않습니다."));
+        .orElseThrow(() -> new CustomApiException(AuthErrorCode.LOGIN_ID_NOT_FOUND));
 
     // 2. jBCrypt + 커스텀 salt 로 저장된 패스워드 비교
     if (!BCrypt.checkpw(rawPassword, member.getPassword())) {
-      throw new BadCredentialsException("ID 또는 비밀번호가 일치하지 않습니다.");
+      // 실패 카운트 저장
+      int cnt = member.getLoginFailCount() + 1;
+      if (cnt >= 5) {
+        member.setStatus("INACTIVE");
+      }
+      member.setLoginFailCount(cnt);
+      membersRepository.save(member);
+      throw new CustomApiException(AuthErrorCode.LOGIN_PASSWORD_MISMATCH);
     }
 
-    // 3. 인증 성공 → UserDetails 생성
+    // 3. 패스워드 실패 횟수 체크
+    if (member.getLoginFailCount() >= 5) {
+      throw new CustomApiException(AuthErrorCode.LOGIN_PASSWORD_EXCEEDED);
+    }
+
+    // 4. 인증 성공 로그인 시간 저장
+    if (member.getFirstLoginDttm() == null) {
+      member.setFirstLoginDttm(ZonedDateTime.now());
+    }
+    member.setLastLoginDttm(ZonedDateTime.now());
+    member.setLoginFailCount(0);
+    membersRepository.save(member);
+
+    // 5. 인증 성공 → UserDetails 생성
     CustomUserDetails userDetails = new CustomUserDetails(member);
 
     return new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());