From f62e73aaaf8ae779d843f0e1bc059c650801c3bf Mon Sep 17 00:00:00 2001
From: chu eun ju <chueunju130@gmail.com>
Date: Fri, 12 Dec 2025 14:20:41 +0900
Subject: [PATCH] =?UTF-8?q?=EB=B9=84=EB=B0=80=EB=B2=88=ED=98=B8=20?=
 =?UTF-8?q?=ED=95=B4=EC=8B=9C=EA=B0=92=20=EB=8B=A4=EC=8B=9C=20=20=EB=B0=98?=
 =?UTF-8?q?=EC=98=81?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 backend/src/auth/auth.service.ts | 21 ++++++++++-----------
 1 file changed, 10 insertions(+), 11 deletions(-)

diff --git a/backend/src/auth/auth.service.ts b/backend/src/auth/auth.service.ts
index e0224d4..e00e5de 100644
--- a/backend/src/auth/auth.service.ts
+++ b/backend/src/auth/auth.service.ts
@@ -57,9 +57,8 @@ export class AuthService {
     if (!user) {
       throw new UnauthorizedException('아이디 또는 비밀번호가 틀렸습니다'); //HTTP 401 상태 코드 예외
     }
-    // 3. 비밀번호 비교 (bcrypt) - TODO: 나중에 해시 적용
-    // const isPasswordValid = await bcrypt.compare(userPassword, user.userPw);
-    const isPasswordValid = userPassword === user.userPw; // 평문 비교 (임시)
+    // 3. 비밀번호 비교 (bcrypt)
+    const isPasswordValid = await bcrypt.compare(userPassword, user.userPw);
     if (!isPasswordValid) {
       throw new UnauthorizedException('아이디 또는 비밀번호가 틀렸습니다');
     }
@@ -138,13 +137,13 @@ export class AuthService {
       
     }
 
-    // 2. 비밀번호 해싱 (bcrypt) - TODO: 나중에 해시 적용
-    // const saltRounds = parseInt(this.configService.get<string>('BCRYPT_SALT_ROUNDS') || '10', 10);
-    // const hashedPassword = await bcrypt.hash(signupDto.userPassword, saltRounds);
+    // 2. 비밀번호 해싱 (bcrypt)
+    const saltRounds = parseInt(this.configService.get<string>('BCRYPT_SALT_ROUNDS') || '10', 10);
+    const hashedPassword = await bcrypt.hash(signupDto.userPassword, saltRounds);
     // 3. 사용자 생성
     const newUser = this.userRepository.create({
       userId: signupDto.userId,
-      userPw: signupDto.userPassword, // 평문 저장 (임시)
+      userPw: hashedPassword,
       userName: signupDto.userName,
       userPhone: signupDto.userPhone,
       userEmail: signupDto.userEmail,
@@ -479,12 +478,12 @@ export class AuthService {
       throw new NotFoundException('사용자를 찾을 수 없습니다');
     }
 
-    // 3. 새 비밀번호 해싱 - TODO: 나중에 해시 적용
-    // const saltRounds = parseInt(this.configService.get<string>('BCRYPT_SALT_ROUNDS') || '10', 10);
-    // const hashedPassword = await bcrypt.hash(newPassword, saltRounds);
+    // 3. 새 비밀번호 해싱
+    const saltRounds = parseInt(this.configService.get<string>('BCRYPT_SALT_ROUNDS') || '10', 10);
+    const hashedPassword = await bcrypt.hash(newPassword, saltRounds);
 
     // 4. 비밀번호 업데이트
-    user.userPw = newPassword; // 평문 저장 (임시)
+    user.userPw = hashedPassword;
     await this.userRepository.save(user);
 
     return {