[10주차/여니] 워크북 제출합니다

.gitignore

@@ -4,7 +4,6 @@ build/
 !gradle/wrapper/gradle-wrapper.jar
 !**/src/main/**/build/
 !**/src/test/**/build/
-
 ### STS ###
 .apt_generated
 .classpath

build.gradle

@@ -40,6 +40,16 @@ dependencies {
 
     // Validation
     implementation 'org.springframework.boot:spring-boot-starter-validation'
+
+    // Security
+    implementation 'org.springframework.boot:spring-boot-starter-security'
+    testImplementation 'org.springframework.security:spring-security-test'
+
+    // Jwt
+    implementation 'io.jsonwebtoken:jjwt-api:0.12.3'
+    implementation 'io.jsonwebtoken:jjwt-impl:0.12.3'
+    implementation 'io.jsonwebtoken:jjwt-jackson:0.12.3'
+    implementation 'org.springframework.boot:spring-boot-configuration-processor'
 }
 
 tasks.named('test') {

src/main/java/umc/domain/member/controller/MemberController.java

@@ -78,4 +78,20 @@ public ApiResponse<PageResponse<MissionChallengeListDto>> getAvailableMissions(
 
         return ApiResponse.onSuccess(GeneralSuccessCode.OK, missionList);
     }
+
+    // 회원가입
+    @PostMapping("/sign-up")
+    public ApiResponse<MemberResDTO.JoinDTO> signUp2(
+            @RequestBody @Valid MemberReqDTO.JoinDTO dto
+    ) {
+        return ApiResponse.onSuccess(MemberSuccessCode.FOUND, memberCommandService.signUp(dto));
+    }
+
+    // 로그인
+    @PostMapping("/login")
+    public ApiResponse<MemberResDTO.LoginDTO> login2(
+            @RequestBody @Valid MemberReqDTO.LoginDTO dto
+    ) {
+        return ApiResponse.onSuccess(MemberSuccessCode.FOUND, memberQueryService.login(dto));
+    }
 }

src/main/java/umc/domain/member/converter/MemberConverter.java

@@ -3,6 +3,7 @@
 import umc.domain.member.dto.member.MemberReqDTO;
 import umc.domain.member.dto.member.MemberResDTO;
 import umc.domain.member.entity.Member;
+import umc.global.auth.enums.Role;
 
 public class MemberConverter {
 
@@ -13,13 +14,22 @@ public static MemberResDTO.JoinDTO toJoinDTO(Member member) {
                 .build();
     }
 
-    public static Member toMember(MemberReqDTO.JoinDTO dto) {
+    public static Member toMember(MemberReqDTO.JoinDTO dto, String password, Role role) {
         return Member.builder()
                 .name(dto.name())
-                .password(dto.password())
+                .email(dto.email())
+                .password(password)
+                .role(role)
                 .birth(dto.birth())
                 .address(dto.address())
                 .gender(dto.gender())
                 .build();
     }
+
+    public static MemberResDTO.LoginDTO toLoginDTO(Member member, String accessToken) {
+        return MemberResDTO.LoginDTO.builder()
+                .memberId(member.getId())
+                .accessToken(accessToken)
+                .build();
+    }
 }

src/main/java/umc/domain/member/dto/member/MemberReqDTO.java

@@ -1,5 +1,6 @@
 package umc.domain.member.dto.member;
 
+import jakarta.validation.constraints.Email;
 import jakarta.validation.constraints.NotBlank;
 import jakarta.validation.constraints.NotNull;
 import java.time.LocalDate;
@@ -12,6 +13,8 @@ public class MemberReqDTO {
     public record JoinDTO(
             @NotBlank
             String name,
+            @Email
+            String email,
             @NotBlank
             String password,
             @NotNull
@@ -24,4 +27,13 @@ public record JoinDTO(
             List<Long> preferCategory
     ) {
     }
+
+    // 로그인
+    public record LoginDTO(
+            @NotBlank
+            String email,
+            @NotBlank
+            String password
+    ) {
+    }
 }

src/main/java/umc/domain/member/dto/member/MemberResDTO.java

@@ -11,4 +11,12 @@ public record JoinDTO(
             LocalDateTime createdAt
     ) {
     }
+
+    // 로그인
+    @Builder
+    public record LoginDTO(
+            Long memberId,
+            String accessToken
+    ) {
+    }
 }

src/main/java/umc/domain/member/entity/Member.java

@@ -23,6 +23,7 @@
 import umc.domain.member.entity.mapping.MemberMission;
 import umc.domain.member.enums.Gender;
 import umc.domain.member.enums.SnsType;
+import umc.global.auth.enums.Role;
 import umc.global.entity.BaseEntity;
 
 @Entity
@@ -46,7 +47,10 @@ public class Member extends BaseEntity {
     @Column(name = "password", nullable = false, length = 255)
     private String password;
 
-    @Column(name = "email", length = 255)
+    @Enumerated(EnumType.STRING)
+    private Role role;
+
+    @Column(name = "email", nullable = false, length = 255)
     private String email;
 
     @Column(name = "phone_number", length = 11)

src/main/java/umc/domain/member/exception/member/code/MemberErrorCode.java

@@ -12,7 +12,9 @@ public enum MemberErrorCode implements BaseErrorCode {
     NOT_FOUND(HttpStatus.NOT_FOUND,
             "MEMBER404_1",
             "해당 사용자를 찾지 못했습니다."),
-    ;
+    INVALID(HttpStatus.UNAUTHORIZED,
+            "MEMBER401_1",
+            "비밀번호가 일치하지 않습니다.");
 
     private final HttpStatus status;
     private final String code;

src/main/java/umc/domain/member/repository/MemberRepository.java

@@ -1,5 +1,6 @@
 package umc.domain.member.repository;
 
+import java.util.Optional;
 import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.data.jpa.repository.Query;
 import org.springframework.data.repository.query.Param;
@@ -21,4 +22,6 @@ public interface MemberRepository extends JpaRepository<Member, Long> {
             where m.id = :id
             """)
     MyPageDto findMyPageById(@Param("id") long id);
+
+    Optional<Member> findByEmail(String email);
 }

src/main/java/umc/domain/member/service/command/MemberCommandServiceImpl.java

@@ -2,6 +2,7 @@
 
 import java.util.List;
 import lombok.RequiredArgsConstructor;
+import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Service;
 import umc.domain.member.converter.MemberConverter;
 import umc.domain.member.dto.member.MemberReqDTO;
@@ -13,6 +14,7 @@
 import umc.domain.member.repository.FoodRepository;
 import umc.domain.member.repository.MemberFoodRepository;
 import umc.domain.member.repository.MemberRepository;
+import umc.global.auth.enums.Role;
 
 @Service
 @RequiredArgsConstructor
@@ -21,12 +23,15 @@ public class MemberCommandServiceImpl implements MemberCommandService {
     private final MemberRepository memberRepository;
     private final FoodRepository foodRepository;
     private final MemberFoodRepository memberFoodRepository;
+    private final PasswordEncoder passwordEncoder;
 
     @Override
     public MemberResDTO.JoinDTO signUp(
             MemberReqDTO.JoinDTO dto
     ) {
-        Member member = MemberConverter.toMember(dto);
+        String salt = passwordEncoder.encode(dto.password());
+
+        Member member = MemberConverter.toMember(dto, salt, Role.ROLE_USER);
         memberRepository.save(member);
 
         if (dto.preferCategory().size() > 1) {

src/main/java/umc/domain/member/service/query/MemberQueryService.java

@@ -1,9 +1,12 @@
 package umc.domain.member.service.query;
 
+import jakarta.validation.Valid;
 import org.springframework.data.domain.Pageable;
 import umc.domain.member.dto.MissionChallengeListDto;
 import umc.domain.member.dto.MissionListDto;
 import umc.domain.member.dto.MyPageDto;
+import umc.domain.member.dto.member.MemberReqDTO;
+import umc.domain.member.dto.member.MemberResDTO;
 import umc.domain.member.enums.Status;
 import umc.global.dto.PageResponse;
 
@@ -18,4 +21,6 @@ PageResponse<MissionChallengeListDto> getAvailableMissions(Long memberId,
                                                                String regionName,
                                                                Long lastMissionId,
                                                                Pageable pageable);
+
+    MemberResDTO.LoginDTO login(MemberReqDTO.@Valid LoginDTO dto);
 }

src/main/java/umc/domain/member/service/query/MemberQueryServiceImpl.java

@@ -1,15 +1,25 @@
 package umc.domain.member.service.query;
 
+import jakarta.validation.Valid;
 import lombok.RequiredArgsConstructor;
 import org.springframework.data.domain.Page;
 import org.springframework.data.domain.Pageable;
+import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Service;
+import umc.domain.member.converter.MemberConverter;
 import umc.domain.member.dto.MissionChallengeListDto;
 import umc.domain.member.dto.MissionListDto;
 import umc.domain.member.dto.MyPageDto;
+import umc.domain.member.dto.member.MemberReqDTO;
+import umc.domain.member.dto.member.MemberResDTO;
+import umc.domain.member.entity.Member;
 import umc.domain.member.enums.Status;
+import umc.domain.member.exception.member.MemberException;
+import umc.domain.member.exception.member.code.MemberErrorCode;
 import umc.domain.member.repository.MemberRepository;
 import umc.domain.member.repository.membermission.MemberMissionRepository;
+import umc.global.auth.CustomUserDetails;
+import umc.global.auth.JwtUtil;
 import umc.global.dto.PageResponse;
 
 @Service
@@ -18,6 +28,8 @@ public class MemberQueryServiceImpl implements MemberQueryService {
 
     private final MemberRepository memberRepository;
     private final MemberMissionRepository memberMissionRepository;
+    private final JwtUtil jwtUtil;
+    private final PasswordEncoder encoder;
 
     @Override
     public MyPageDto getMyPage(Long memberId) {
@@ -43,5 +55,29 @@ public PageResponse<MissionChallengeListDto> getAvailableMissions(Long memberId,
                 .findAvailableMissionsByMemberIdAndRegion(regionName, memberId, lastMissionId, pageable);
         return PageResponse.of(page);
     }
+
+    @Override
+    public MemberResDTO.LoginDTO login(
+            MemberReqDTO.@Valid LoginDTO dto
+    ) {
+
+        // Member 조회
+        Member member = memberRepository.findByEmail(dto.email())
+                .orElseThrow(() -> new MemberException(MemberErrorCode.NOT_FOUND));
+
+        // 비밀번호 검증
+        if (!encoder.matches(dto.password(), member.getPassword())) {
+            throw new MemberException(MemberErrorCode.INVALID);
+        }
+
+        // JWT 토큰 발급용 UserDetails
+        CustomUserDetails userDetails = new CustomUserDetails(member);
+
+        // 엑세스 토큰 발급
+        String accessToken = jwtUtil.createAccessToken(userDetails);
+
+        // DTO 조립
+        return MemberConverter.toLoginDTO(member, accessToken);
+    }
 }
 

src/main/java/umc/domain/misson/controller/MissionController.java

@@ -1,5 +1,6 @@
 package umc.domain.misson.controller;
 
+import jakarta.validation.constraints.NotBlank;
 import lombok.RequiredArgsConstructor;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
@@ -12,6 +13,7 @@
 import umc.domain.misson.exception.code.MissionSuccessCode;
 import umc.domain.misson.service.command.MissionCommandService;
 import umc.domain.misson.service.query.MissionQueryService;
+import umc.global.annotation.PageParam;
 import umc.global.apiPayload.ApiResponse;
 
 @RestController
@@ -24,8 +26,8 @@ public class MissionController implements MissionControllerDocs {
     @GetMapping("/missions")
     @Override
     public ApiResponse<MissionPreviewListDTO> getMissionsByStore(
-            @RequestParam String storeName,
-            @RequestParam Integer page
+            @RequestParam @NotBlank String storeName,
+            @RequestParam @PageParam Integer page
     ) {
         MissionSuccessCode code = MissionSuccessCode.FOUND;
         return ApiResponse.onSuccess(code, missionQueryService.findMissionsByStore(storeName, page));
@@ -34,8 +36,8 @@ public ApiResponse<MissionPreviewListDTO> getMissionsByStore(
     @GetMapping("/{memberId}/missions/ongoing")
     @Override
     public ApiResponse<MissionPreviewListDTO> getOngoingMissions(
-            @PathVariable Long memberId,
-            @RequestParam Integer page
+            @PathVariable @NotBlank Long memberId,
+            @RequestParam @PageParam Integer page
     ) {
         MemberMissionSuccessCode code = MemberMissionSuccessCode.FOUND;
         return ApiResponse.onSuccess(code, missionQueryService.findOngoingMissions(memberId, page));

src/main/java/umc/global/auth/AuthenticationEntryPointImpl.java

@@ -0,0 +1,32 @@
+package umc.global.auth;
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.web.AuthenticationEntryPoint;
+import umc.global.apiPayload.ApiResponse;
+import umc.global.apiPayload.code.GeneralErrorCode;
+
+public class AuthenticationEntryPointImpl implements AuthenticationEntryPoint {
+    private final ObjectMapper objectMapper = new ObjectMapper();
+
+
+    @Override
+    public void commence(
+            HttpServletRequest request,
+            HttpServletResponse response,
+            AuthenticationException authException
+    ) throws IOException {
+        response.setContentType("application/json;charset=UTF-8");
+        response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+
+        ApiResponse<Void> errorResponse = ApiResponse.onFailure(
+                GeneralErrorCode.UNAUTHORIZED,
+                null
+        );
+
+        objectMapper.writeValue(response.getOutputStream(), errorResponse);
+    }
+}

src/main/java/umc/global/auth/CustomUserDetails.java

@@ -0,0 +1,29 @@
+package umc.global.auth;
+
+import java.util.Collection;
+import java.util.List;
+import lombok.RequiredArgsConstructor;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+import umc.domain.member.entity.Member;
+
+@RequiredArgsConstructor
+public class CustomUserDetails implements UserDetails {
+
+    private final Member member;
+
+    @Override
+    public Collection<? extends GrantedAuthority> getAuthorities() {
+        return List.of(() -> member.getRole().toString());
+    }
+
+    @Override
+    public String getPassword() {
+        return member.getPassword();
+    }
+
+    @Override
+    public String getUsername() {
+        return member.getEmail();
+    }
+}