package com.kamco.cd.kamcoback.auth; import com.kamco.cd.kamcoback.postgres.entity.MemberEntity; import com.kamco.cd.kamcoback.postgres.repository.members.MembersRepository; import lombok.RequiredArgsConstructor; import org.mindrot.jbcrypt.BCrypt; import org.springframework.security.authentication.AuthenticationProvider; import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.authentication.DisabledException; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.stereotype.Component; @Component @RequiredArgsConstructor public class CustomAuthenticationProvider implements AuthenticationProvider { private final MembersRepository membersRepository; private final UserDetailsService userDetailsService; @Override public Authentication authenticate(Authentication authentication) throws AuthenticationException { String username = authentication.getName(); String rawPassword = authentication.getCredentials().toString(); // 1. 유저 조회 MemberEntity member = membersRepository .findByUserId(username) .orElseThrow(() -> new BadCredentialsException("ID 또는 비밀번호가 일치하지 않습니다.")); // 2. jBCrypt + 커스텀 salt 로 저장된 패스워드 비교 if (!BCrypt.checkpw(rawPassword, member.getPassword())) { throw new BadCredentialsException("ID 또는 비밀번호가 일치하지 않습니다."); } // 3. 인증 성공 → UserDetails 생성 CustomUserDetails userDetails = new CustomUserDetails(member); // 4. 상태값 확인 if (!userDetails.isEnabled()) { throw new DisabledException("비활성화된 계정입니다."); } return new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities()); } @Override public boolean supports(Class authentication) { return UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication); } }