77 lines
2.4 KiB
PHP
77 lines
2.4 KiB
PHP
<?php
|
|
|
|
namespace App\Providers;
|
|
|
|
use App\Actions\Fortify\CreateNewUser;
|
|
use App\Actions\Fortify\ResetUserPassword;
|
|
use App\Actions\Fortify\UpdateUserPassword;
|
|
use App\Actions\Fortify\UpdateUserProfileInformation;
|
|
use App\Models\Member;
|
|
use Illuminate\Cache\RateLimiting\Limit;
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Support\Facades\RateLimiter;
|
|
use Illuminate\Support\ServiceProvider;
|
|
use Illuminate\Support\Str;
|
|
use Laravel\Fortify\Fortify;
|
|
|
|
use App\Models\User;
|
|
use Illuminate\Support\Facades\Auth;
|
|
use Illuminate\Support\Facades\Hash;
|
|
use Illuminate\Support\Facades\Log;
|
|
|
|
use Laravel\Fortify\Contracts\LoginResponse;
|
|
use App\Http\Responses\CustomLoginResponse;
|
|
|
|
class FortifyServiceProvider extends ServiceProvider
|
|
{
|
|
/**
|
|
* Register any application services.
|
|
*/
|
|
public function register(): void
|
|
{
|
|
// ✅ 커스텀 로그인 응답 등록
|
|
$this->app->singleton(LoginResponse::class, CustomLoginResponse::class);
|
|
}
|
|
|
|
/**
|
|
* Bootstrap any application services.
|
|
*/
|
|
public function boot(): void
|
|
{
|
|
|
|
Fortify::createUsersUsing(CreateNewUser::class);
|
|
Fortify::updateUserProfileInformationUsing(UpdateUserProfileInformation::class);
|
|
Fortify::updateUserPasswordsUsing(UpdateUserPassword::class);
|
|
Fortify::resetUserPasswordsUsing(ResetUserPassword::class);
|
|
|
|
// ✅ 로그인 시 `USER_ID`를 사용하도록 변경
|
|
Fortify::authenticateUsing(function (Request $request) {
|
|
|
|
$user = Member::where('mb_id', $request->USER_ID)->first();
|
|
if(!$user) return null;
|
|
|
|
if (Str::startsWith($user->mb_pass, '$2y$')) {
|
|
// bcrypt로 해싱된 경우
|
|
if(Hash::check($request->password, $user->mb_pass)) return $user;
|
|
} else {
|
|
// sha256으로 해싱된 경우
|
|
if(strtoupper(hash('sha256', $request->password))) return $user;;
|
|
}
|
|
|
|
return null;
|
|
});
|
|
|
|
Fortify::loginView(fn() => view('auth.login')); // 로그인 페이지 지정
|
|
|
|
RateLimiter::for('login', function (Request $request) {
|
|
$throttleKey = Str::transliterate(Str::lower($request->input('USER_ID')).'|'.$request->ip());
|
|
|
|
return Limit::perMinute(5)->by($throttleKey);
|
|
});
|
|
|
|
RateLimiter::for('two-factor', function (Request $request) {
|
|
return Limit::perMinute(5)->by($request->session()->get('login.id'));
|
|
});
|
|
}
|
|
}
|