[BE] feat: 학생 인증 메일 전송 잦은 재요청시 예외처리 (#466)

backend/src/main/java/com/festago/common/exception/ErrorCode.java

@@ -25,6 +25,8 @@ public enum ErrorCode {
     DUPLICATE_STUDENT_EMAIL("이미 인증된 이메일입니다."),
     TICKET_CANNOT_RESERVE_STAGE_START("공연의 시작 시간 이후로 예매할 수 없습니다."),
     INVALID_STUDENT_VERIFICATION_CODE("올바르지 않은 학생 인증 코드입니다."),
+    TOO_FREQUENT_REQUESTS("너무 잦은 요청입니다. 잠시 후 다시 시도해주세요."),
+
 
     // 401
     EXPIRED_AUTH_TOKEN("만료된 로그인 토큰입니다."),

backend/src/main/java/com/festago/student/application/StudentService.java

@@ -15,6 +15,8 @@
 import com.festago.student.dto.StudentVerificateRequest;
 import com.festago.student.repository.StudentCodeRepository;
 import com.festago.student.repository.StudentRepository;
+import java.time.Clock;
+import java.time.LocalDateTime;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
@@ -28,29 +30,54 @@ public class StudentService {
     private final SchoolRepository schoolRepository;
     private final MemberRepository memberRepository;
     private final StudentRepository studentRepository;
+    private final Clock clock;
 
     public StudentService(MailClient mailClient, VerificationCodeProvider codeProvider,
                           StudentCodeRepository studentCodeRepository, SchoolRepository schoolRepository,
-                          MemberRepository memberRepository, StudentRepository studentRepository) {
+                          MemberRepository memberRepository, StudentRepository studentRepository, Clock clock) {
         this.mailClient = mailClient;
         this.codeProvider = codeProvider;
         this.studentCodeRepository = studentCodeRepository;
         this.schoolRepository = schoolRepository;
         this.memberRepository = memberRepository;
         this.studentRepository = studentRepository;
+        this.clock = clock;
     }
 
     public void sendVerificationMail(Long memberId, StudentSendMailRequest request) {
-        validateStudent(memberId);
-        validateDuplicateEmail(request);
         Member member = findMember(memberId);
         School school = findSchool(request.schoolId());
+        validate(memberId, request);
         VerificationCode code = codeProvider.provide();
-        studentCodeRepository.deleteByMember(member);
-        studentCodeRepository.save(new StudentCode(code, school, member, request.username()));
+        saveStudentCode(code, member, school, request.username());
         mailClient.send(new VerificationMailPayload(code, request.username(), school.getDomain()));
     }
 
+    private Member findMember(Long memberId) {
+        return memberRepository.findById(memberId)
+            .orElseThrow(() -> new NotFoundException(ErrorCode.MEMBER_NOT_FOUND));
+    }
+
+    private School findSchool(Long schoolId) {
+        return schoolRepository.findById(schoolId)
+            .orElseThrow(() -> new NotFoundException(ErrorCode.SCHOOL_NOT_FOUND));
+    }
+
+    private void validate(Long memberId, StudentSendMailRequest request) {
+        validateFrequentRequest(memberId);
+        validateStudent(memberId);
+        validateDuplicateEmail(request);
+    }
+
+    private void validateFrequentRequest(Long memberId) {
+        studentCodeRepository.findByMemberId(memberId)
+            .ifPresent(code -> {
+                if (!code.canReissue(LocalDateTime.now(clock))) {
+                    throw new BadRequestException(ErrorCode.TOO_FREQUENT_REQUESTS);
+                }
+            });
+    }
+
     private void validateStudent(Long memberId) {
         if (studentRepository.existsByMemberId(memberId)) {
             throw new BadRequestException(ErrorCode.ALREADY_STUDENT_VERIFIED);
@@ -63,20 +90,19 @@ private void validateDuplicateEmail(StudentSendMailRequest request) {
         }
     }
 
-    private Member findMember(Long memberId) {
-        return memberRepository.findById(memberId)
-            .orElseThrow(() -> new NotFoundException(ErrorCode.MEMBER_NOT_FOUND));
-    }
-
-    private School findSchool(Long schoolId) {
-        return schoolRepository.findById(schoolId)
-            .orElseThrow(() -> new NotFoundException(ErrorCode.SCHOOL_NOT_FOUND));
+    private void saveStudentCode(VerificationCode code, Member member, School school, String username) {
+        studentCodeRepository.findByMemberId(member.getId())
+            .ifPresentOrElse(
+                studentCode -> studentCode.reissue(code, school, username),
+                () -> studentCodeRepository.save(new StudentCode(code, school, member, username))
+            );
     }
 
     public void verificate(Long memberId, StudentVerificateRequest request) {
         validateStudent(memberId);
         Member member = findMember(memberId);
-        StudentCode studentCode = studentCodeRepository.findByCodeAndMember(new VerificationCode(request.code()), member)
+        StudentCode studentCode = studentCodeRepository.findByCodeAndMember(new VerificationCode(request.code()),
+                member)
             .orElseThrow(() -> new BadRequestException(ErrorCode.INVALID_STUDENT_VERIFICATION_CODE));
         studentRepository.save(new Student(member, studentCode.getSchool(), studentCode.getUsername()));
         studentCodeRepository.deleteByMember(member);

backend/src/main/java/com/festago/student/domain/StudentCode.java

@@ -1,22 +1,33 @@
 package com.festago.student.domain;
 
-import com.festago.common.domain.BaseTimeEntity;
+import static java.time.temporal.ChronoUnit.SECONDS;
+
 import com.festago.common.exception.ErrorCode;
 import com.festago.common.exception.InternalServerException;
 import com.festago.member.domain.Member;
 import com.festago.school.domain.School;
 import jakarta.persistence.Embedded;
 import jakarta.persistence.Entity;
+import jakarta.persistence.EntityListeners;
 import jakarta.persistence.FetchType;
 import jakarta.persistence.GeneratedValue;
 import jakarta.persistence.GenerationType;
 import jakarta.persistence.Id;
+import jakarta.persistence.JoinColumn;
 import jakarta.persistence.ManyToOne;
 import jakarta.persistence.OneToOne;
+import jakarta.validation.constraints.NotNull;
+import java.time.LocalDateTime;
+import org.springframework.data.annotation.LastModifiedDate;
+import org.springframework.data.jpa.domain.support.AuditingEntityListener;
 import org.springframework.util.StringUtils;
 
+
 @Entity
-public class StudentCode extends BaseTimeEntity {
+@EntityListeners(AuditingEntityListener.class)
+public class StudentCode {
+
+    private static final int MIN_REQUEST_TERM_SECONDS = 30;
 
     @Id
     @GeneratedValue(strategy = GenerationType.IDENTITY)
@@ -29,24 +40,31 @@ public class StudentCode extends BaseTimeEntity {
     private School school;
 
     @OneToOne(fetch = FetchType.LAZY)
+    @JoinColumn(unique = true)
     private Member member;
 
     private String username;
 
+    @NotNull
+    @LastModifiedDate
+    private LocalDateTime issuedAt;
+
     protected StudentCode() {
     }
 
     public StudentCode(VerificationCode code, School school, Member member, String username) {
-        this(null, code, school, member, username);
+        this(null, code, school, member, username, null);
     }
 
-    public StudentCode(Long id, VerificationCode code, School school, Member member, String username) {
+    public StudentCode(Long id, VerificationCode code, School school, Member member, String username,
+                       LocalDateTime issuedAt) {
         validate(username);
         this.id = id;
         this.code = code;
         this.school = school;
         this.member = member;
         this.username = username;
+        this.issuedAt = issuedAt;
     }
 
     private void validate(String username) {
@@ -59,6 +77,16 @@ private void validate(String username) {
         }
     }
 
+    public boolean canReissue(LocalDateTime currentTime) {
+        return SECONDS.between(issuedAt, currentTime) > MIN_REQUEST_TERM_SECONDS;
+    }
+
+    public void reissue(VerificationCode code, School school, String username) {
+        this.code = code;
+        this.school = school;
+        this.username = username;
+    }
+
     public Long getId() {
         return id;
     }
@@ -78,4 +106,8 @@ public Member getMember() {
     public String getUsername() {
         return username;
     }
+
+    public LocalDateTime getIssuedAt() {
+        return issuedAt;
+    }
 }

backend/src/main/java/com/festago/student/repository/StudentCodeRepository.java

@@ -11,4 +11,6 @@ public interface StudentCodeRepository extends JpaRepository<StudentCode, Long>
     void deleteByMember(Member member);
 
     Optional<StudentCode> findByCodeAndMember(VerificationCode code, Member member);
+
+    Optional<StudentCode> findByMemberId(Long memberId);
 }

backend/src/main/resources/db/migration/V6__studnet_code__unique.sql

@@ -0,0 +1,25 @@
+-- issued_at 칼럼 추가 (NOT NULL)
+alter table student_code
+    add column issued_at datetime(6) not null
+    default '1999-12-31 00:00:00';
+
+alter table student_code
+    alter column issued_at drop default;
+
+-- 기존 created_at updated_at 삭제
+alter table student_code
+    drop column created_at;
+
+alter table student_code
+    drop column updated_at;
+
+-- StudentCode의 member_id UNIQUE 제약조건 추가
+create index temp_member_index
+    on student_code (member_id);
+
+drop index fk_student_code__member on student_code;
+
+create unique index fk_student_code__member
+    on student_code (member_id);
+
+drop index temp_member_index on student_code;