![[Spring Boot] 61. 스프링부트 블로그 v3 (RestAPI) (6) SHA-256 기반 비밀번호 해싱 실습](https://image.inblog.dev?url=https%3A%2F%2Fsource.inblog.dev%2Ffeatured_image%2F2025-11-28T20%3A49%3A04.912Z-4dc9d95c-957d-4609-a717-a11472ae55cc&w=3840&q=75)
checkpw
util에 있는걸로
더미데이터도 해시로
회원정보 수정할때도 해시로
package com.example.loginapp.user;
import com.example.loginapp._core.util.SHA256Util;
import org.mindrot.jbcrypt.BCrypt;
import com.example.loginapp._core.error.ex.Exception400;
import com.example.loginapp._core.error.ex.Exception401;
import com.example.loginapp._core.error.ex.Exception404;
import lombok.RequiredArgsConstructor;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import java.util.HashMap;
import java.util.Map;
@RequiredArgsConstructor
@Service
// 책임 : 트랜잭션 처리, 비지니스 로직, DTO 완료
public class UserService {
private final UserRepository userRepository;
@Transactional
public void join(UserRequest.JoinDTO joinDTO) {
try {
String encPassword = SHA256Util.encrypt(joinDTO.getPassword());
joinDTO.setPassword(encPassword);
userRepository.save(joinDTO.toEntity());
} catch (Exception e) {
throw new Exception400("이미 존재하는 아이디로 회원가입 하지 마세요. postman도 쓰지 마세요.");
}
}
public User login(UserRequest.LoginDTO loginDTO) {
// 1. username 일치 검사
User user = userRepository.findByUsername(loginDTO.getUsername());
// 2. username 불일치 -> Exception
if (user == null) throw new Exception401("username 혹은 password가 틀렸습니다.");
// 3. password 불일치 -> Exception
String encPassword = SHA256Util.encrypt(loginDTO.getPassword());
if (!encPassword.equals(user.getPassword())) {
throw new Exception401("username 혹은 password가 틀렸습니다.");
}
// 4. username & password 전부 일치
return user;
}
public Map<String, Object> 유저네임중복체크(String username) {
User user = userRepository.findByUsername(username);
Map<String, Object> dto = new HashMap<>();
if (user == null) {
dto.put("available", true);
} else {
dto.put("available", false);
}
return dto;
}
@Transactional
public User 회원정보수정(UserRequest.UpdateDTO updateDTO, Integer id) {
User user = userRepository.findById(id);
if (user == null) throw new Exception404("회원을 찾을 수 없습니다.");
user.update(updateDTO.getPassword(), updateDTO.getEmail());
return user;
}
}
package com.example.loginapp._core.util;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
public class SHA256Util {
public static String encrypt(String rawPassword) {
try {
MessageDigest digest = MessageDigest.getInstance("SHA-256");
byte[] hash = digest.digest(rawPassword.getBytes(StandardCharsets.UTF_8));
StringBuilder hexString = new StringBuilder();
for (byte b : hash) {
String hex = Integer.toHexString(0xff & b);
if (hex.length() == 1) hexString.append('0');
hexString.append(hex);
}
return hexString.toString();
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException("SHA-256 해싱 오류 발생", e);
}
}
}
insert into user_tb(username, password, email, created_at)
values ('ssar', '03ac674216f3e15c761ee1a5e255f067953623c8b388b4459e13f978d7c846f4', 'ssar@nate.com', now());
insert into user_tb(username, password, email, created_at)
values ('cos', '03ac674216f3e15c761ee1a5e255f067953623c8b388b4459e13f978d7c846f4', 'cos@nate.com', now());
insert into user_tb(username, password, email, created_at)
values ('love', '03ac674216f3e15c761ee1a5e255f067953623c8b388b4459e13f978d7c846f4', 'love@nate.com', now());
insert into board_tb(title, content, user_id, created_at)
values ('제목1', '내용1', 1, now());
insert into board_tb(title, content, user_id, created_at)
values ('제목2', '내용2', 1, now());
insert into board_tb(title, content, user_id, created_at)
values ('제목3', '내용3', 2, now());
insert into board_tb(title, content, user_id, created_at)
values ('제목4', '내용4', 3, now());
insert into board_tb(title, content, user_id, created_at)
values ('제목5', '내용5', 1, now());Share article