현재 인증된 사용자 조회 및 비밀번호 변경 API 구현

.env.example

@@ -8,4 +8,8 @@ DB_USER=string
 DB_PASSWORD=string
 REDIS_HOST=string
 REDIS_PORT=number
-REDIS_PASSWORD=string
+REDIS_PASSWORD=string
+EMAIL_HOST=string
+EMAIL_PORT=number
+EMAIL_USERNAME=string
+EMAIL_PASSWORD=string

src/main/java/com/ampersand/groom/domain/auth/application/port/AuthenticationPersistencePort.java

@@ -0,0 +1,12 @@
+package com.ampersand.groom.domain.auth.application.port;
+
+import com.ampersand.groom.domain.auth.domain.Authentication;
+
+public interface AuthenticationPersistencePort {
+
+    Boolean existsAuthenticationByEmail(String email);
+
+    Authentication findAuthenticationByEmail(String email);
+
+    void saveAuthentication(Authentication authentication);
+}

src/main/java/com/ampersand/groom/domain/auth/application/port/EmailVerificationPort.java

@@ -1,21 +1,18 @@
 package com.ampersand.groom.domain.auth.application.port;
 
-import com.ampersand.groom.domain.auth.persistence.EmailVerification;
-
-import java.time.LocalDateTime;
-import java.util.Optional;
+import com.ampersand.groom.domain.auth.domain.AuthCode;
 
 public interface EmailVerificationPort {
 
-    // 인증 정보 저장
-    EmailVerification save(EmailVerification emailVerification);
+    // 코드로 인증 코드 존재 여부 조회
+    Boolean existsAuthCodeByCode(String code);
 
-    // 인증 코드로 이메일 조회
-    Optional<EmailVerification> findByCode(String code);
+    // 코드로 인증 코드 조회
+    AuthCode findAuthCodeByCode(String code);
 
-    // 이메일로 인증 정보 조회
-    Optional<EmailVerification> findByEmail(String email);
+    // 인증 코드 저장
+    void saveAuthCode(AuthCode authCode);
 
-    // 만료된 인증 정보 삭제
-    void deleteAllExpired(LocalDateTime now);
+    // 인증 코드 삭제
+    void deleteAuthCodeByCode(String code);
 }

src/main/java/com/ampersand/groom/domain/auth/application/service/AuthService.java

@@ -1,6 +1,7 @@
 package com.ampersand.groom.domain.auth.application.service;
 
 import com.ampersand.groom.domain.auth.application.port.AuthPort;
+import com.ampersand.groom.domain.auth.application.port.AuthenticationPersistencePort;
 import com.ampersand.groom.domain.auth.domain.JwtToken;
 import com.ampersand.groom.domain.auth.exception.*;
 import com.ampersand.groom.domain.auth.presentation.data.request.SignupRequest;
@@ -22,6 +23,7 @@ public class AuthService {
     private final JwtService jwtService;
     private final PasswordEncoder passwordEncoder;
     private final AuthPort authPort;
+    private final AuthenticationPersistencePort authenticationPersistencePort;
 
     @Value("${spring.jwt.token.access-expiration}")
     private long accessTokenExpiration;
@@ -46,6 +48,10 @@ public JwtToken refreshToken(String refreshToken) {
 
     public void signup(SignupRequest request) {
         checkUserExists(request.getEmail());
+        if(!authenticationPersistencePort.existsAuthenticationByEmail(request.getEmail())
+                || !authenticationPersistencePort.findAuthenticationByEmail(request.getEmail()).getVerified()) {
+            throw new UserForbiddenException();
+        }
         MemberJpaEntity newUser = createNewUser(request, calculateGenerationFromEmail(request.getEmail()));
         authPort.save(newUser);
     }

src/main/java/com/ampersand/groom/domain/auth/application/service/EmailVerificationService.java

@@ -1,36 +1,42 @@
 package com.ampersand.groom.domain.auth.application.service;
 
+import com.ampersand.groom.domain.auth.application.port.AuthenticationPersistencePort;
 import com.ampersand.groom.domain.auth.application.port.EmailVerificationPort;
+import com.ampersand.groom.domain.auth.domain.AuthCode;
+import com.ampersand.groom.domain.auth.domain.Authentication;
+import com.ampersand.groom.domain.auth.exception.EmailAuthRateLimitException;
 import com.ampersand.groom.domain.auth.exception.EmailFormatInvalidException;
 import com.ampersand.groom.domain.auth.exception.VerificationCodeFormatInvalidException;
 import com.ampersand.groom.domain.auth.exception.VerificationCodeExpiredOrInvalidException;
-import com.ampersand.groom.domain.auth.persistence.EmailVerification;
 import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.mail.SimpleMailMessage;
 import org.springframework.mail.javamail.JavaMailSender;
 import org.springframework.stereotype.Service;
 
 import java.util.Random;
 
+@Slf4j
 @Service
 @RequiredArgsConstructor
 public class EmailVerificationService {
 
+    private final AuthenticationPersistencePort authenticationPersistencePort;
     private final EmailVerificationPort emailVerificationPort;
     private final JavaMailSender javaMailSender;
 
     private static final int MAX_EMAIL_LENGTH = 16;
     private static final int CODE_LENGTH = 8;
+    private static final int MAX_ATTEMPT_COUNT = 5;
+    private static final long TTL = 300L;
 
-
-    //8자리 숫자 인증 코드 생성
+    // 인증 코드 생성
     private String generateVerificationCode() {
-        Random random = new Random();
-        int code = 10000000 + random.nextInt(90000000);
+        int code = 10000000 + new Random().nextInt(90000000);
         return String.valueOf(code);
     }
 
-    // 이메일 전송 메서드
+    // 이메일 전송
     private void sendEmail(String to, String subject, String text) {
         SimpleMailMessage message = new SimpleMailMessage();
         message.setTo(to);
@@ -39,47 +45,101 @@ private void sendEmail(String to, String subject, String text) {
         javaMailSender.send(message);
     }
 
-    // 회원가입 인증 이메일 전송
-    public void sendSignupVerificationEmail(String email) {
-        verifyEmail(email);
+    // 인증 이메일 전송 (회원가입 / 비밀번호 재설정 공통 처리)
+    private void sendVerificationEmail(String email, String subject) {
+        validateEmailFormat(email);
+        checkAttemptCount(email);
+        increaseAttemptCount(email);
+
         String code = generateVerificationCode();
-        sendEmail(email, "회원가입 인증", "귀하의 인증 코드는: " + code);
+        sendEmail(email, subject, "귀하의 인증 코드는: " + code);
 
-        EmailVerification emailVerification = new EmailVerification(email, code);
-
-        emailVerificationPort.save(emailVerification);
+        AuthCode authCode = AuthCode.builder()
+                .email(email)
+                .code(code)
+                .ttl(TTL)
+                .build();
+
+        emailVerificationPort.saveAuthCode(authCode);
     }
 
-    // 비밀번호 변경을 위한 인증 이메일 전송
-    public void sendPasswordResetEmail(String email) {
-        verifyEmail(email);
-        String code = generateVerificationCode();
-        sendEmail(email, "비밀번호 변경 인증", "귀하의 인증 코드는: " + code);
+    // 회원가입용 인증 메일 전송
+    public void sendSignupVerificationEmail(String email) {
+        sendVerificationEmail(email, "회원가입 인증");
+    }
 
-        EmailVerification emailVerification = new EmailVerification(email, code);
-        
-        emailVerificationPort.save(emailVerification);
+    // 비밀번호 재설정 인증 메일 전송
+    public void sendPasswordResetEmail(String email) {
+        sendVerificationEmail(email, "비밀번호 변경 인증");
     }
 
     // 인증 코드 검증
     public void verifyCode(String code) {
-        if(code == null || code.length() != CODE_LENGTH) {
+        if (code == null || code.length() != CODE_LENGTH) {
             throw new VerificationCodeFormatInvalidException();
         }
 
-        EmailVerification emailVerification = emailVerificationPort.findByCode(code)
-                .orElseThrow(VerificationCodeExpiredOrInvalidException::new);
-
+        if (!emailVerificationPort.existsAuthCodeByCode(code)) {
+            throw new VerificationCodeExpiredOrInvalidException();
+        }
 
-        emailVerification.setIsVerified(true);
-        emailVerificationPort.save(emailVerification);
+        AuthCode authCode = emailVerificationPort.findAuthCodeByCode(code);
+        emailVerificationPort.deleteAuthCodeByCode(code);
+        markEmailVerified(authCode.getEmail());
     }
 
-    // 이메일 검증
-    public void verifyEmail(String email) {
-        if(email == null || email.length() != MAX_EMAIL_LENGTH) {
+    // 이메일 형식 검증
+    private void validateEmailFormat(String email) {
+        if (email == null || email.length() != MAX_EMAIL_LENGTH) {
             throw new EmailFormatInvalidException();
         }
+    }
+
+    // 인증 시도 횟수 초과 체크
+    private void checkAttemptCount(String email) {
+        if (authenticationPersistencePort.existsAuthenticationByEmail(email)) {
+            int attempts = authenticationPersistencePort.findAuthenticationByEmail(email).getAttemptCount();
+            if (attempts >= MAX_ATTEMPT_COUNT) {
+                throw new EmailAuthRateLimitException();
+            }
+        }
+    }
+
+    // 인증 시도 횟수 증가
+    private void increaseAttemptCount(String email) {
+        Authentication existingAuth = authenticationPersistencePort.existsAuthenticationByEmail(email)
+                ? authenticationPersistencePort.findAuthenticationByEmail(email)
+                : null;
+        Authentication updatedAuth;
+        if(existingAuth != null) {
+            updatedAuth = Authentication.builder()
+                    .email(email)
+                    .attemptCount(existingAuth.getAttemptCount() + 1)
+                    .verified(existingAuth.getVerified())
+                    .ttl(existingAuth.getTtl())
+                    .build();
+        } else {
+            updatedAuth = Authentication.builder()
+                    .email(email)
+                    .attemptCount(1)
+                    .verified(false)
+                    .ttl(TTL)
+                    .build();
+        }
+        authenticationPersistencePort.saveAuthentication(updatedAuth);
+    }
+
+    // 인증 완료 처리
+    private void markEmailVerified(String email) {
+        Authentication authentication = authenticationPersistencePort.findAuthenticationByEmail(email);
+
+        Authentication updatedAuth = Authentication.builder()
+                .email(email)
+                .attemptCount(authentication.getAttemptCount())
+                .verified(true)
+                .ttl(authentication.getTtl())
+                .build();
 
+        authenticationPersistencePort.saveAuthentication(updatedAuth);
     }
-}
+}

src/main/java/com/ampersand/groom/domain/auth/domain/AuthCode.java

@@ -0,0 +1,12 @@
+package com.ampersand.groom.domain.auth.domain;
+
+import lombok.Builder;
+import lombok.Getter;
+
+@Getter
+@Builder
+public class AuthCode {
+    private final String email;
+    private final String code;
+    private final Long ttl;
+}

src/main/java/com/ampersand/groom/domain/auth/domain/Authentication.java

@@ -0,0 +1,13 @@
+package com.ampersand.groom.domain.auth.domain;
+
+import lombok.Builder;
+import lombok.Getter;
+
+@Getter
+@Builder
+public class Authentication {
+    private String email;
+    private int attemptCount;
+    private Boolean verified;
+    private Long ttl;
+}

src/main/java/com/ampersand/groom/domain/auth/exception/AuthenticationNotFoundException.java

@@ -0,0 +1,10 @@
+package com.ampersand.groom.domain.auth.exception;
+
+import com.ampersand.groom.global.error.ErrorCode;
+import com.ampersand.groom.global.error.exception.GroomException;
+
+public class AuthenticationNotFoundException extends GroomException {
+    public AuthenticationNotFoundException() {
+        super(ErrorCode.AUTHENTICATION_NOT_FOUND);
+    }
+}

src/main/java/com/ampersand/groom/domain/auth/exception/EmailAuthRateLimitException.java

@@ -0,0 +1,10 @@
+package com.ampersand.groom.domain.auth.exception;
+
+import com.ampersand.groom.global.error.ErrorCode;
+import com.ampersand.groom.global.error.exception.GroomException;
+
+public class EmailAuthRateLimitException extends GroomException {
+    public EmailAuthRateLimitException() {
+        super(ErrorCode.EMAIL_AUTHENTICATION_TOO_MANY_REQUESTS);
+    }
+}

src/main/java/com/ampersand/groom/domain/auth/persistence/adapter/email/AuthenticationPersistenceAdapter.java

@@ -0,0 +1,33 @@
+package com.ampersand.groom.domain.auth.persistence.adapter.email;
+
+import com.ampersand.groom.domain.auth.application.port.AuthenticationPersistencePort;
+import com.ampersand.groom.domain.auth.domain.Authentication;
+import com.ampersand.groom.domain.auth.exception.AuthenticationNotFoundException;
+import com.ampersand.groom.domain.auth.persistence.mapper.AuthenticationMapper;
+import com.ampersand.groom.domain.auth.persistence.repository.AuthenticationRedisRepository;
+import com.ampersand.groom.global.annotation.adapter.Adapter;
+import com.ampersand.groom.global.annotation.adapter.constant.AdapterType;
+import lombok.RequiredArgsConstructor;
+
+@Adapter(AdapterType.OUTBOUND)
+@RequiredArgsConstructor
+public class AuthenticationPersistenceAdapter implements AuthenticationPersistencePort {
+
+    private final AuthenticationRedisRepository authenticationRedisRepository;
+    private final AuthenticationMapper authenticationMapper;
+
+    @Override
+    public Boolean existsAuthenticationByEmail(String email) {
+        return authenticationRedisRepository.existsById(email);
+    }
+
+    @Override
+    public Authentication findAuthenticationByEmail(String email) {
+        return authenticationMapper.toDomain(authenticationRedisRepository.findById(email).orElseThrow(AuthenticationNotFoundException::new));
+    }
+
+    @Override
+    public void saveAuthentication(Authentication authentication) {
+        authenticationRedisRepository.save(authenticationMapper.toEntity(authentication));
+    }
+}