feat : 로그인 기능 및 api key 등록기능추가 (#9)

* feat : ApiKey 엔티티 추가 #6

* feat : Domain 추가 #6

* fix : 토큰 관련 위치 변경 #6

* feat : 약관 동의 항목 1개 추가 #6

* feat : BaseTimeEntity 추가 #6

* feat : 생일 파싱 기능 추가 #6

* fix : 유저 인증 기능 수정 #6

* fix : 파일 위치 변경#6

* feat : 로그아웃, 회원탈퇴, 회원 정보 수정 기능 추가 #6

* feat : API 키 클래스 명 변경 #6

* feat : 회원정보 조회 기능 추가 #6

* feat : 일반 로그인 기능 구현 #6

* feat : 토큰 재발급 기능 추가 #6

* feat : 아이디 찾기 기능 구현 #6

* feat : 비밀번호 변경 구현 #6

* feat : APIKEY 등록,삭제,조회 기능 추가 #6

* feat : swagger에 토큰 검증 추가 #6

* feat : 레디스 설정 추가 #6

* feat : 로그인 용 security 뚫어두기 #6

* feat : 이메일 인증 기능 추가 #6

* feat : 이메일 인증을 위한 gradle 수정 #6

* feat : 회원가입 단계에 이메일 otp 인증 부분 추가 #6

* fix : API key관련 문제 생기는 부분 수정 #6

Author: minhyuk2

build.gradle

@@ -40,7 +40,16 @@ dependencies {
     implementation 'org.slf4j:slf4j-api:2.0.9'
     implementation 'org.springframework.boot:spring-boot-starter-logging'
 
+    //레디스
+    implementation 'org.springframework.boot:spring-boot-starter-data-redis-reactive'
 
+    //메일 전송
+    implementation 'org.springframework.boot:spring-boot-starter-validation'
+    implementation 'org.springframework.security:spring-security-crypto'
+    implementation 'com.fasterxml.jackson.core:jackson-databind'
+
+    implementation "org.springframework.boot:spring-boot-starter-mail"   // JavaMailSender
+    implementation "org.springframework.boot:spring-boot-starter-validation"
     testImplementation 'io.projectreactor:reactor-test'
     testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
 

src/main/java/com/backend/crame/domain/apikey/controller/ApiKeyController.java

@@ -0,0 +1,66 @@
+package com.backend.crame.domain.apikey.controller;
+
+import java.util.List;
+
+import org.springframework.http.ResponseEntity;
+import org.springframework.security.core.annotation.AuthenticationPrincipal;
+import org.springframework.web.bind.annotation.DeleteMapping;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.RestController;
+
+import com.backend.crame.domain.apikey.dto.ApiKeyDeleteResponse;
+import com.backend.crame.domain.apikey.dto.ApiKeyRequest;
+import com.backend.crame.domain.apikey.dto.ApiKeyResponse;
+import com.backend.crame.domain.apikey.service.ApiKeyService;
+import com.backend.crame.domain.token.dto.TokenResponse;
+import com.backend.crame.domain.token.entity.CustomPrincipal;
+import com.backend.crame.domain.user.dto.SignUpRequest;
+import com.backend.crame.global.response.BaseResponse;
+import com.backend.crame.global.response.dto.ResponseDto;
+import com.backend.crame.global.response.enums.SuccessCode;
+
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.tags.Tag;
+import lombok.RequiredArgsConstructor;
+import reactor.core.publisher.Mono;
+
+@RestController
+@RequestMapping("/api/v1/apikey")
+@Tag(name = "APIKEY 관련 API")
+@RequiredArgsConstructor
+public class ApiKeyController {
+
+	private final ApiKeyService apiKeyService;
+
+	//API KEY 추가
+	@PostMapping()
+	@Operation(summary = "APIKEY를 추가 API")
+	public Mono<ResponseEntity<ResponseDto<ApiKeyResponse>>> makeKey(@AuthenticationPrincipal CustomPrincipal customPrincipal, @RequestBody
+		ApiKeyRequest request) {
+		return apiKeyService.postNewKey(customPrincipal,request)
+			.map(data -> BaseResponse.success(SuccessCode.API_KEY_MAKE_SUCCESS, data));
+	}
+
+	//API KEY 삭제
+	@DeleteMapping()
+	@Operation(summary = "APIKEY를 삭제 API")
+	public Mono<ResponseEntity<ResponseDto<ApiKeyDeleteResponse>>> deleteKey(@AuthenticationPrincipal CustomPrincipal customPrincipal,@RequestParam String publicKey) {
+		return apiKeyService.deleteApiKey(customPrincipal,publicKey)
+			.map(data -> BaseResponse.success(SuccessCode.API_KEY_DELETE_SUCCESS, data));
+	}
+
+
+	//API KEY 가져오기
+	@GetMapping()
+	@Operation(summary = "가지고 있는 APIKEY 가져오는 API -> pageable 필요 없을 것 같아서 그냥 list로 보냄")
+	public Mono<ResponseEntity<ResponseDto<List<ApiKeyResponse>>>> getKeys(@AuthenticationPrincipal CustomPrincipal customPrincipal) {
+		return apiKeyService.getKeysByUser(customPrincipal)
+			.map(data -> BaseResponse.success(SuccessCode.API_KEY_GET_SUCCESS, data));
+	}
+
+
+}

src/main/java/com/backend/crame/domain/apikey/dto/ApiKeyDeleteResponse.java

@@ -0,0 +1,4 @@
+package com.backend.crame.domain.apikey.dto;
+
+public record ApiKeyDeleteResponse(String message) {
+}

src/main/java/com/backend/crame/domain/apikey/dto/ApiKeyRequest.java

@@ -0,0 +1,4 @@
+package com.backend.crame.domain.apikey.dto;
+
+public record ApiKeyRequest(String publicKey, String secretKey, String nickName) {
+}

src/main/java/com/backend/crame/domain/apikey/dto/ApiKeyResponse.java

@@ -0,0 +1,4 @@
+package com.backend.crame.domain.apikey.dto;
+
+public record ApiKeyResponse(String nickName, String publicKey, String secretKey) {
+}

src/main/java/com/backend/crame/domain/apikey/entitiy/ApiKey.java

@@ -0,0 +1,47 @@
+package com.backend.crame.domain.apikey.entitiy;
+
+import org.springframework.data.annotation.Id;
+import org.springframework.data.mongodb.core.mapping.Document;
+import org.springframework.data.mongodb.core.mapping.Field;
+
+import com.backend.crame.global.utils.BaseTimeEntity;
+
+import lombok.AccessLevel;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+
+@Document(collection = "apikey")
+@Getter
+@NoArgsConstructor(access =  AccessLevel.PROTECTED)
+public class ApiKey extends BaseTimeEntity {
+	@Id
+	private String uuid;
+
+	private String userId;
+
+	@Setter
+	private String nickname;
+
+	@Field("public_key")
+	private String publicKey;
+
+	@Setter
+	private String keyVersion;
+
+	private String secretKey;
+
+	@Builder
+	private ApiKey(String key_uuid, String user_uuid, String nickname, String publicKey, String secretKey,String keyVersion){
+		this.uuid = key_uuid;
+		this.userId = user_uuid;
+		this.nickname = nickname;
+		this.publicKey = publicKey;
+		this.secretKey = secretKey;
+		this.keyVersion = keyVersion;
+	}
+
+
+}

src/main/java/com/backend/crame/domain/apikey/repository/ApiKeyRepository.java

@@ -0,0 +1,17 @@
+package com.backend.crame.domain.apikey.repository;
+
+
+
+import org.springframework.data.mongodb.repository.ReactiveMongoRepository;
+
+import com.backend.crame.domain.apikey.entitiy.ApiKey;
+
+import reactor.core.publisher.Flux;
+import reactor.core.publisher.Mono;
+
+public interface ApiKeyRepository extends ReactiveMongoRepository<ApiKey,String> {
+
+	Mono<Long> deleteByUserIdAndPublicKey(String userId,String publicKey);
+	Flux<ApiKey> findAllByUserId(String userId);
+	Mono<Boolean> existsByUserIdAndPublicKey(String userUuid, String publicKey);
+}

src/main/java/com/backend/crame/domain/apikey/service/ApiKeyService.java

@@ -0,0 +1,104 @@
+package com.backend.crame.domain.apikey.service;
+
+import java.util.List;
+import java.util.UUID;
+
+import org.springframework.stereotype.Service;
+
+import com.backend.crame.domain.apikey.dto.ApiKeyDeleteResponse;
+import com.backend.crame.domain.apikey.dto.ApiKeyRequest;
+import com.backend.crame.domain.apikey.dto.ApiKeyResponse;
+import com.backend.crame.domain.apikey.entitiy.ApiKey;
+import com.backend.crame.domain.apikey.repository.ApiKeyRepository;
+import com.backend.crame.domain.token.entity.CustomPrincipal;
+import com.backend.crame.domain.user.repository.UserRepository;
+import com.backend.crame.global.exception.BaseException;
+import com.backend.crame.global.exception.ErrorCode;
+import com.backend.crame.global.utils.AesGcmCrypto;
+
+import lombok.RequiredArgsConstructor;
+import reactor.core.publisher.Mono;
+
+@Service
+@RequiredArgsConstructor
+public class ApiKeyService {
+
+	private final ApiKeyRepository apiKeyRepository;
+	private final UserRepository userRepository;
+	private final AesGcmCrypto aesGcmCrypto;
+
+	public Mono<ApiKeyResponse> postNewKey(CustomPrincipal principal, ApiKeyRequest request) {
+		final String uuid = UUID.randomUUID().toString();
+		final String userId = principal.getUserId();
+		final String publicKey = request.publicKey();
+
+		return userRepository.findById(userId)
+			.switchIfEmpty(Mono.error(new BaseException(ErrorCode.USER_NOT)))
+			.then(apiKeyRepository.existsByUserIdAndPublicKey(userId, publicKey))
+			.flatMap(exists -> {
+				if (exists) {
+					return Mono.error(new BaseException(ErrorCode.API_KEY_ALREADY_EXISTS));
+				}
+				String enc = aesGcmCrypto.encrypt(request.secretKey());
+				ApiKey entity = ApiKey.builder()
+					.key_uuid(uuid)
+					.nickname(request.nickName())
+					.publicKey(publicKey)
+					.keyVersion(aesGcmCrypto.getKeyVersion())
+					.secretKey(enc)
+					.user_uuid(userId)
+					.build();
+				return apiKeyRepository.save(entity);
+			})
+			.onErrorMap(
+				ex -> ex instanceof org.springframework.dao.DuplicateKeyException,
+				ex -> new BaseException(ErrorCode.API_KEY_ALREADY_EXISTS)
+			)
+			.map(key -> {
+				String decrypted = aesGcmCrypto.decrypt(key.getSecretKey());
+				String masked = maskSecret(decrypted);
+				return new ApiKeyResponse(key.getNickname(), key.getPublicKey(), masked);
+			});
+	}
+
+
+
+	public Mono<ApiKeyDeleteResponse> deleteApiKey(CustomPrincipal principal, String keyPublicKey) {
+		final String userId = principal.getUserId();
+
+		return userRepository.findById(userId)
+			.switchIfEmpty(Mono.error(new BaseException(ErrorCode.USER_NOT)))
+			.flatMap(u -> apiKeyRepository.deleteByUserIdAndPublicKey(userId, keyPublicKey))
+			.flatMap(deleted -> {
+				if (deleted > 0) {
+					return Mono.just(new ApiKeyDeleteResponse("API KEY가 삭제되었습니다."));
+				} else {
+					return Mono.error(new BaseException(ErrorCode.API_KEY_NOT_FOUND));
+				}
+			});
+	}
+
+
+	public Mono<List<ApiKeyResponse>> getKeysByUser(CustomPrincipal customPrincipal) {
+		return apiKeyRepository.findAllByUserId(customPrincipal.getUserId())
+			.map(key -> {
+				String decrypted = aesGcmCrypto.decrypt(key.getSecretKey());
+				String masked = maskSecret(decrypted);
+				return new ApiKeyResponse(
+					key.getNickname(),
+					key.getPublicKey(),
+					masked
+				);
+			})
+			.collectList();
+	}
+
+	private String maskSecret(String secret) {
+		if (secret == null || secret.isEmpty()) {
+			return "";
+		}
+		int visible = Math.min(2, secret.length()); // 앞 2자리만 노출
+		return secret.substring(0, visible) + "*".repeat(secret.length() - visible);
+	}
+
+}

src/main/java/com/backend/crame/domain/google/controller/GoogleController.java

@@ -3,54 +3,32 @@
 import java.util.Map;
 
 import org.springframework.http.ResponseEntity;
-import org.springframework.web.bind.annotation.DeleteMapping;
-import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.PutMapping;
-import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestParam;
-import org.springframework.web.bind.annotation.ResponseStatus;
 import org.springframework.web.bind.annotation.RestController;
 
-import com.backend.crame.domain.google.dto.SignUpRequest;
 import com.backend.crame.domain.google.service.GoogleOAuthService;
-import com.backend.crame.global.exception.BaseException;
-import com.backend.crame.global.exception.ErrorCode;
-import com.backend.crame.global.response.BaseResponse;
-import com.backend.crame.global.response.enums.SuccessCode;
 
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.RequiredArgsConstructor;
 import reactor.core.publisher.Mono;
 
 @RestController
-@RequestMapping("/api/login/google")
+@RequestMapping("/api/v1/google")
 @Tag(name = "구글 로그인 API", description = "구글 로그인 관련 API입니다.")
 @RequiredArgsConstructor
 public class GoogleController {
 
 	private final GoogleOAuthService googleOAuthService;
 
-	@PostMapping("")
+	@PostMapping("/login")
 	public Mono<ResponseEntity<Map<String, Object>>> loginWithGoogle(@RequestParam("code") String code) {
 		return googleOAuthService.loginWithGoogle(code)
 			.map(response -> ResponseEntity.ok().body(response))
 			.onErrorMap(e -> new IllegalArgumentException(e.getMessage()));
 	}
 
-	@PutMapping("/signup")
-	public Mono<ResponseEntity<?>> completeSignup(@RequestBody SignUpRequest request) {
-		return googleOAuthService.completeSignup(request)
-			.map(data -> BaseResponse.success(SuccessCode.SIGNUP_SUCCESS, data));
-	}
-
-
-	@DeleteMapping("/logout")
-	public Mono<ResponseEntity<?>> logout(@RequestParam("userId") String userId){
-		return googleOAuthService.logOut(userId)
-			.map(data->BaseResponse.success(SuccessCode.LOGOUT_SUCCESS,data));
-	}
 
 
 }