LoginController.java

package nextstep.app.ui;

import nextstep.app.domain.MemberRepository;
import nextstep.security.authentication.AuthenticationException;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.RestController;

@RestController
public class LoginController {
    public static final String SPRING_SECURITY_CONTEXT_KEY = "SPRING_SECURITY_CONTEXT";

    private final MemberRepository memberRepository;

    public LoginController(MemberRepository memberRepository) {
        this.memberRepository = memberRepository;
    }

//    @PostMapping("/login")
//    public ResponseEntity<Void> login(HttpServletRequest request, HttpSession session) {
//        Map<String, String[]> parameterMap = request.getParameterMap();
//        String username = parameterMap.get("username")[0];
//        String password = parameterMap.get("password")[0];
//        Member member = memberRepository.findByEmail(username)
//                .orElseThrow(AuthenticationException::new);
//        member.checkPassword(password);
//        session.setAttribute(SPRING_SECURITY_CONTEXT_KEY, member);
//        return ResponseEntity.ok().build();
//    }

    @ExceptionHandler(AuthenticationException.class)
    public ResponseEntity<Void> handleAuthenticationException() {
        return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build();
    }
}