관리자 관리수정, 에러코드 공통 추가

2025-12-11 12:27:20 +09:00
parent 2b38a317ba
commit ed0159edda
16 changed files with 222 additions and 133 deletions
--- a/src/main/java/com/kamco/cd/kamcoback/auth/CustomAuthenticationProvider.java
+++ b/src/main/java/com/kamco/cd/kamcoback/auth/CustomAuthenticationProvider.java
@@ -1,11 +1,13 @@
 package com.kamco.cd.kamcoback.auth;

+import com.kamco.cd.kamcoback.common.enums.error.AuthErrorCode;
+import com.kamco.cd.kamcoback.common.exception.CustomApiException;
 import com.kamco.cd.kamcoback.postgres.entity.MemberEntity;
 import com.kamco.cd.kamcoback.postgres.repository.members.MembersRepository;
+import java.time.ZonedDateTime;
 import lombok.RequiredArgsConstructor;
 import org.mindrot.jbcrypt.BCrypt;
 import org.springframework.security.authentication.AuthenticationProvider;
-import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
@@ -28,14 +30,34 @@ public class CustomAuthenticationProvider implements AuthenticationProvider {
    MemberEntity member =
      membersRepository
        .findByUserId(username)
-        .orElseThrow(() -> new BadCredentialsException("ID 또는 비밀번호가 일치하지 않습니다."));
+        .orElseThrow(() -> new CustomApiException(AuthErrorCode.LOGIN_ID_NOT_FOUND));

    // 2. jBCrypt + 커스텀 salt 로 저장된 패스워드 비교
    if (!BCrypt.checkpw(rawPassword, member.getPassword())) {
-      throw new BadCredentialsException("ID 또는 비밀번호가 일치하지 않습니다.");
+      // 실패 카운트 저장
+      int cnt = member.getLoginFailCount() + 1;
+      if (cnt >= 5) {
+        member.setStatus("INACTIVE");
+      }
+      member.setLoginFailCount(cnt);
+      membersRepository.save(member);
+      throw new CustomApiException(AuthErrorCode.LOGIN_PASSWORD_MISMATCH);
    }

-    // 3. 인증 성공 → UserDetails 생성
+    // 3. 패스워드 실패 횟수 체크
+    if (member.getLoginFailCount() >= 5) {
+      throw new CustomApiException(AuthErrorCode.LOGIN_PASSWORD_EXCEEDED);
+    }
+
+    // 4. 인증 성공 로그인 시간 저장
+    if (member.getFirstLoginDttm() == null) {
+      member.setFirstLoginDttm(ZonedDateTime.now());
+    }
+    member.setLastLoginDttm(ZonedDateTime.now());
+    member.setLoginFailCount(0);
+    membersRepository.save(member);
+
+    // 5. 인증 성공 → UserDetails 생성
    CustomUserDetails userDetails = new CustomUserDetails(member);

    return new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());