🚀 [Deploy] - 소셜 로그인 및 ResponseDto 변경사항 반영 (#13)

* Feat: customException 구현 * Feat: responseDto 구현 * Feat: Spring Security, JWT Cookie, 소셜 로그인 기능 구현 * Feat: Spring Security, JWT Cookie, 소셜 로그인 기능 구현 * Fix: 코드 에러 수정 * Refactor: 아직 사용하지 않는 코드 삭제 * Feat: oauth2 의존성 추가 * Chore: Credentials 추가 --------- Co-authored-by: Jang99u <[email protected]> Co-authored-by: 민장규 <[email protected]>
Dongguk-ICE · May 6, 2024 · 0985de4 · 0985de4
1 parent 5237ca3
commit 0985de4
Show file tree

Hide file tree

Showing 44 changed files with 1,520 additions and 3 deletions.
diff --git a/build.gradle b/build.gradle
@@ -30,6 +30,7 @@ dependencies {
 	// spring security
 	implementation 'org.springframework.boot:spring-boot-starter-security'
 	testImplementation 'org.springframework.security:spring-security-test'
+	implementation 'org.springframework.boot:spring-boot-starter-oauth2-client'
 
 	// spring boot
 	implementation 'org.springframework.boot:spring-boot-starter-web'

diff --git a/spot-server-properties b/spot-server-properties
diff --git a/src/main/java/ice/spot/annotation/UserId.java b/src/main/java/ice/spot/annotation/UserId.java
@@ -0,0 +1,11 @@
+package ice.spot.annotation;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+@Target(ElementType.PARAMETER)
+@Retention(RetentionPolicy.RUNTIME)
+public @interface UserId {
+}
diff --git a/src/main/java/ice/spot/config/WebMVCConfig.java b/src/main/java/ice/spot/config/WebMVCConfig.java
@@ -0,0 +1,33 @@
+package ice.spot.config;
+
+import ice.spot.constant.Constants;
+import ice.spot.interceptor.pre.UserIdArgumentResolver;
+import ice.spot.interceptor.pre.UserIdInterceptor;
+import lombok.RequiredArgsConstructor;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.web.method.support.HandlerMethodArgumentResolver;
+import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+import java.util.List;
+
+@Configuration
+@EnableWebSecurity
+@RequiredArgsConstructor
+public class WebMVCConfig implements WebMvcConfigurer {
+    private final UserIdArgumentResolver userIdArgumentResolver;
+
+    @Override
+    public void addArgumentResolvers(List<HandlerMethodArgumentResolver> resolvers) {
+        WebMvcConfigurer.super.addArgumentResolvers(resolvers);
+        resolvers.add(this.userIdArgumentResolver);
+    }
+
+    @Override
+    public void addInterceptors(InterceptorRegistry registry) {
+        registry.addInterceptor(new UserIdInterceptor())
+                .addPathPatterns("/**")
+                .excludePathPatterns(Constants.NO_NEED_AUTH);
+    }
+}
diff --git a/src/main/java/ice/spot/constant/Constants.java b/src/main/java/ice/spot/constant/Constants.java
@@ -0,0 +1,16 @@
+package ice.spot.constant;
+
+import java.util.List;
+
+public class Constants {
+    public static String CLAIM_USER_ID = "uuid";
+    public static String CLAIM_USER_ROLE = "role";
+    public static String PREFIX_BEARER = "Bearer ";
+    public static String PREFIX_AUTH = "authorization";
+    public static String ACCESS_COOKIE_NAME = "access_token";
+    public static String REFRESH_COOKIE_NAME = "refresh_token";
+    public static List<String> NO_NEED_AUTH = List.of(
+            "/api/auth/sign-up",
+            "/api/auth/sign-in"
+    );
+}
diff --git a/src/main/java/ice/spot/controller/AuthController.java b/src/main/java/ice/spot/controller/AuthController.java
@@ -0,0 +1,27 @@
+package ice.spot.controller;
+
+import ice.spot.annotation.UserId;
+import ice.spot.dto.global.ResponseDto;
+import ice.spot.dto.request.OauthSignUpDto;
+import ice.spot.service.AuthService;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@Slf4j
+@RestController
+@RequestMapping("/api")
+@RequiredArgsConstructor
+public class AuthController {
+
+    private final AuthService authService;
+
+    @PostMapping("/oauth2/sign-up")
+    public ResponseDto<?> signUp(@UserId Long userId, @RequestBody OauthSignUpDto oauthSignUpDto) {
+        authService.signUp(userId, oauthSignUpDto);
+        return ResponseDto.ok(null);
+    }
+}
diff --git a/src/main/java/ice/spot/domain/User.java b/src/main/java/ice/spot/domain/User.java
@@ -1,18 +1,23 @@
 package ice.spot.domain;
 
+import ice.spot.dto.type.EProvider;
+import ice.spot.dto.type.ERole;
 import jakarta.persistence.*;
 import lombok.AccessLevel;
+import lombok.Builder;
 import lombok.Getter;
 import lombok.NoArgsConstructor;
+import org.hibernate.annotations.DynamicUpdate;
 
 import java.time.LocalDate;
 import java.util.ArrayList;
 import java.util.List;
 
 @Entity
 @Getter
-@NoArgsConstructor(access = AccessLevel.PROTECTED)
 @Table(name = "user")
+@NoArgsConstructor(access = AccessLevel.PROTECTED)
+@DynamicUpdate
 public class User {
     @Id
     @GeneratedValue(strategy = GenerationType.IDENTITY)
@@ -31,17 +36,41 @@ public class User {
     @Column(name = "point")
     private Long point;
 
+    @Column(name = "role", nullable = false)
+    @Enumerated(EnumType.STRING)
+    private ERole role;
+
+    @Column(name = "provider", nullable = false)
+    @Enumerated(EnumType.STRING)
+    private EProvider provider;
+
     @Column(name = "created_at")
     private LocalDate createdAt;
 
     @OneToMany(mappedBy = "user", cascade = CascadeType.ALL, fetch = FetchType.LAZY)
     private List<BoardingRecord> boardingRecords = new ArrayList<>();
 
-    public User(String serialId, String password, String nickname, Long point) {
+    @Column(name = "refresh_token")
+    private String refreshToken;
+
+    @Builder
+    public User(String serialId, String password, String nickname, ERole role, EProvider provider, Long point) {
         this.serialId = serialId;
         this.password = password;
         this.nickname = nickname;
+        this.role = role;
+        this.provider = provider;
         this.point = point;
         this.createdAt = LocalDate.now();
     }
+
+    public void register(String nickname) {
+        this.nickname = nickname;
+        this.createdAt = LocalDate.now();
+        this.role = ERole.USER;
+    }
+
+    public void updateRefreshToken(String refreshToken) {
+        this.refreshToken = refreshToken;
+    }
 }
diff --git a/src/main/java/ice/spot/dto/global/ExceptionDto.java b/src/main/java/ice/spot/dto/global/ExceptionDto.java
@@ -0,0 +1,16 @@
+package ice.spot.dto.global;
+
+import ice.spot.exeption.ErrorCode;
+
+public record ExceptionDto(
+        Integer code,
+        String message
+) {
+    public ExceptionDto(ErrorCode errorCode) {
+        this(errorCode.getCode(), errorCode.getMessage());
+    }
+
+    public static ExceptionDto of(ErrorCode errorCode) {
+        return new ExceptionDto(errorCode);
+    }
+}
diff --git a/src/main/java/ice/spot/dto/global/ResponseDto.java b/src/main/java/ice/spot/dto/global/ResponseDto.java
@@ -0,0 +1,60 @@
+package ice.spot.dto.global;
+
+import ice.spot.exeption.CommonException;
+import ice.spot.exeption.ErrorCode;
+import jakarta.annotation.Nullable;
+import jakarta.validation.constraints.NotNull;
+import net.minidev.json.annotate.JsonIgnore;
+import org.springframework.http.HttpStatus;
+import org.springframework.web.bind.MissingServletRequestParameterException;
+import org.springframework.web.method.annotation.MethodArgumentTypeMismatchException;
+
+public record ResponseDto<T> (
+    @JsonIgnore HttpStatus httpStatus,
+    boolean success,
+    @Nullable T data,
+    @Nullable ExceptionDto exceptionDto
+) {
+    public static <T> ResponseDto<T> ok(T data){
+        return new ResponseDto<>(
+                HttpStatus.OK,
+                true,
+                data,
+                null
+        );
+    }
+    public static ResponseDto<Boolean> created(Boolean data){
+        return new ResponseDto<>(
+                HttpStatus.CREATED,
+                true,
+                data,
+                null
+        );
+    }
+    public static ResponseDto<?> fail(@NotNull CommonException e){
+        return new ResponseDto<>(
+                e.getErrorCode().getHttpStatus(),
+                false,
+                null,
+                new ExceptionDto(e.getErrorCode())
+        );
+    }
+
+    public static ResponseDto<?> fail(final MissingServletRequestParameterException e) {
+        return new ResponseDto<>(
+                HttpStatus.BAD_REQUEST,
+                false,
+                null,
+                new ExceptionDto(ErrorCode.MISSING_REQUEST_PARAMETER)
+        );
+    }
+
+    public static ResponseDto<?> fail(final MethodArgumentTypeMismatchException e) {
+        return new ResponseDto<>(
+                HttpStatus.INTERNAL_SERVER_ERROR,
+                false,
+                null,
+                new ExceptionDto(ErrorCode.INVALID_PARAMETER_FORMAT)
+        );
+    }
+}
diff --git a/src/main/java/ice/spot/dto/request/OauthSignUpDto.java b/src/main/java/ice/spot/dto/request/OauthSignUpDto.java
@@ -0,0 +1,9 @@
+package ice.spot.dto.request;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+
+public record OauthSignUpDto(
+        @JsonProperty("nickname")
+        String nickname
+) {
+}
diff --git a/src/main/java/ice/spot/dto/response/JwtTokenDto.java b/src/main/java/ice/spot/dto/response/JwtTokenDto.java
@@ -0,0 +1,18 @@
+package ice.spot.dto.response;
+
+import lombok.Builder;
+
+import java.io.Serializable;
+
+@Builder
+public record JwtTokenDto(
+        String accessToken,
+        String refreshToken
+) implements Serializable {
+    public static JwtTokenDto of(String accessToken, String refreshToken) {
+        return JwtTokenDto.builder()
+                .accessToken(accessToken)
+                .refreshToken(refreshToken)
+                .build();
+    }
+}
diff --git a/src/main/java/ice/spot/dto/type/EProvider.java b/src/main/java/ice/spot/dto/type/EProvider.java
@@ -0,0 +1,13 @@
+package ice.spot.dto.type;
+
+import lombok.Getter;
+import lombok.RequiredArgsConstructor;
+
+@Getter
+@RequiredArgsConstructor
+public enum EProvider {
+
+    KAKAO("KAKAO");
+
+    private final String name;
+}
diff --git a/src/main/java/ice/spot/dto/type/ERole.java b/src/main/java/ice/spot/dto/type/ERole.java
@@ -0,0 +1,16 @@
+package ice.spot.dto.type;
+
+import lombok.Getter;
+import lombok.RequiredArgsConstructor;
+
+@Getter
+@RequiredArgsConstructor
+public enum ERole {
+
+    GUEST("GUEST", "ROLE_GUEST"),
+    USER("USER", "ROLE_USER"),
+    ADMIN("ADMIN", "ROLE_ADMIN");
+
+    private final String role;
+    private final String securityRole;
+}
diff --git a/src/main/java/ice/spot/exeption/CommonException.java b/src/main/java/ice/spot/exeption/CommonException.java
@@ -0,0 +1,11 @@
+package ice.spot.exeption;
+
+import lombok.Getter;
+import lombok.RequiredArgsConstructor;
+
+@Getter
+@RequiredArgsConstructor
+public class CommonException extends RuntimeException {
+    private final ErrorCode errorCode;
+    public String getMessage() { return this.errorCode.getMessage(); }
+}
diff --git a/src/main/java/ice/spot/exeption/ErrorCode.java b/src/main/java/ice/spot/exeption/ErrorCode.java
@@ -0,0 +1,40 @@
+package ice.spot.exeption;
+
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import org.springframework.http.HttpStatus;
+
+@Getter
+@AllArgsConstructor
+public enum ErrorCode {
+    //400
+    WRONG_ENTRY_POINT(40000, HttpStatus.BAD_REQUEST, "잘못된 접근입니다"),
+    MISSING_REQUEST_PARAMETER(40001, HttpStatus.BAD_REQUEST, "필수 요청 파라미터가 누락되었습니다."),
+    INVALID_PARAMETER_FORMAT(40002, HttpStatus.BAD_REQUEST, "요청에 유효하지 않은 인자 형식입니다."),
+    BAD_REQUEST_JSON(40003, HttpStatus.BAD_REQUEST, "잘못된 JSON 형식입니다."),
+
+    //401
+    INVALID_HEADER_VALUE(40100, HttpStatus.UNAUTHORIZED, "올바르지 않은 헤더값입니다."),
+    EXPIRED_TOKEN_ERROR(40101, HttpStatus.UNAUTHORIZED, "만료된 토큰입니다."),
+    INVALID_TOKEN_ERROR(40102, HttpStatus.UNAUTHORIZED, "유효하지 않은 토큰입니다."),
+    TOKEN_MALFORMED_ERROR(40103, HttpStatus.UNAUTHORIZED, "토큰이 올바르지 않습니다."),
+    TOKEN_TYPE_ERROR(40104, HttpStatus.UNAUTHORIZED, "토큰 타입이 일치하지 않거나 비어있습니다."),
+    TOKEN_UNSUPPORTED_ERROR(40105, HttpStatus.UNAUTHORIZED, "지원하지않는 토큰입니다."),
+    TOKEN_GENERATION_ERROR(40106, HttpStatus.UNAUTHORIZED, "토큰 생성에 실패하였습니다."),
+    TOKEN_UNKNOWN_ERROR(40107, HttpStatus.UNAUTHORIZED, "알 수 없는 토큰입니다."),
+    LOGIN_FAILURE(40108, HttpStatus.UNAUTHORIZED, "로그인에 실패했습니다"),
+
+    //403
+    FORBIDDEN_ROLE(40300, HttpStatus.FORBIDDEN, "권한이 존재하지 않습니다."),
+
+    //404
+    NOT_FOUND_USER(40400, HttpStatus.NOT_FOUND, "존재하지 않는 사용자입니다."),
+
+    //500
+    INTERNAL_SERVER_ERROR(50000, HttpStatus.INTERNAL_SERVER_ERROR, "서버 내부 오류입니다"),
+    ;
+
+    private final Integer code;
+    private final HttpStatus httpStatus;
+    private final String message;
+}