Merge branch 'develop' into feat/#15

Author: weeast1521

build.gradle

@@ -56,6 +56,9 @@ dependencies {
 	implementation 'io.jsonwebtoken:jjwt-api:0.11.5'
 	runtimeOnly 'io.jsonwebtoken:jjwt-impl:0.11.5'
 	runtimeOnly 'io.jsonwebtoken:jjwt-jackson:0.11.5'
+
+	// Mail
+	implementation 'org.springframework.boot:spring-boot-starter-mail'
 }
 
 tasks.named('test') {

docker-compose.yml

@@ -2,7 +2,7 @@ services:
   app:
     build: .
     ports:
-      - "8080:8080"
+      - "8081:8080"
     env_file:
       - .env
     depends_on:

src/main/java/UMC/news/newsIntelligent/domain/mail/dto/EmailRequestDto.java

@@ -0,0 +1,6 @@
+package UMC.news.newsIntelligent.domain.mail.dto;
+
+import jakarta.validation.constraints.Email;
+
+public record EmailRequestDto(@Email String email) {
+}

src/main/java/UMC/news/newsIntelligent/domain/mail/dto/VerifyRequestDto.java

@@ -0,0 +1,8 @@
+package UMC.news.newsIntelligent.domain.mail.dto;
+
+import jakarta.validation.constraints.Email;
+import jakarta.validation.constraints.Size;
+
+public record VerifyRequestDto(@Email String email,
+                               @Size(min = 6, max = 6) String code) {
+}

src/main/java/UMC/news/newsIntelligent/domain/mail/entity/OtpCode.java

@@ -0,0 +1,51 @@
+package UMC.news.newsIntelligent.domain.mail.entity;
+
+import UMC.news.newsIntelligent.global.apiPayload.code.error.GeneralErrorCode;
+import UMC.news.newsIntelligent.global.apiPayload.exception.CustomException;
+import jakarta.persistence.*;
+import lombok.*;
+
+import java.io.Serializable;
+import java.time.LocalDateTime;
+
+@Entity
+@Getter
+@NoArgsConstructor(access = AccessLevel.PROTECTED)
+@AllArgsConstructor
+@Builder
+@IdClass(OtpCode.PK.class)
+public class OtpCode {
+
+    @Id
+    private String email;
+    @Id @Enumerated(EnumType.STRING)
+    private Type type;      // SIGNUP, LOGIN
+    private String code;    // 6자리 인증 코드
+    private String token;    // 매직링크용 토큰
+    private LocalDateTime expiresAt;
+
+    /** 완료 플래그:
+     * otp code나 매직링크 둘 중 하나로 검증되면 true
+     * → 재사용 방지 */
+    @Column(nullable = false) @Builder.Default
+    private Boolean verified = false;
+
+    public enum Type { SIGNUP, LOGIN; }
+
+    @Getter @Setter
+    @NoArgsConstructor @AllArgsConstructor
+    public static class PK implements Serializable {
+        private String email;
+        private Type type;
+    }
+
+    public void validateUsable() {
+        if (Boolean.TRUE.equals(verified))
+            throw new CustomException(GeneralErrorCode.OTP_WRONG);   // 불일치
+        if (expiresAt.isBefore(LocalDateTime.now()))
+            throw new CustomException(GeneralErrorCode.OTP_EXPIRED);   // 만료
+    }
+
+    public void markVerified() { this.verified = true; }
+
+}

src/main/java/UMC/news/newsIntelligent/domain/mail/repository/OtpCodeRepository.java

@@ -0,0 +1,10 @@
+package UMC.news.newsIntelligent.domain.mail.repository;
+
+import UMC.news.newsIntelligent.domain.mail.entity.OtpCode;
+import org.springframework.data.jpa.repository.JpaRepository;
+
+import java.util.Optional;
+
+public interface OtpCodeRepository extends JpaRepository<OtpCode, OtpCode.PK> {
+    Optional<OtpCode> findByToken(String token);
+}

src/main/java/UMC/news/newsIntelligent/domain/mail/service/MailService.java

@@ -0,0 +1,54 @@
+package UMC.news.newsIntelligent.domain.mail.service;
+
+import UMC.news.newsIntelligent.domain.mail.entity.OtpCode;
+import jakarta.mail.Message;
+import jakarta.mail.internet.InternetAddress;
+import jakarta.mail.internet.MimeMessage;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.mail.javamail.JavaMailSender;
+import org.springframework.stereotype.Service;
+import java.security.SecureRandom;
+import java.util.UUID;
+
+@Slf4j
+@Service
+@RequiredArgsConstructor
+public class MailService {
+
+    private final JavaMailSender mailSender;
+    @Value("${spring.mail.username}") private String from;
+
+    public String generateCode() {
+        return String.format("%06d", new SecureRandom().nextInt(1_000_000));
+    }
+    public String generateToken() {
+        return UUID.randomUUID().toString().replace("-", "");   // 32 hex
+    }
+
+    public void sendOtpMail(String to, String code, String token, OtpCode.Type type) {
+        String path  = (type == OtpCode.Type.SIGNUP) ? "signup" : "login";
+        String link  = "https://newsintelligent.io/%s/magic?token=%s".formatted(path, token);
+
+        String html = """
+            <div style='margin:80px;font-family:Verdana'>
+              <h2>NewsIntelligent 인증 메일입니다.</h2>
+              <p>아래 <b>코드</b>를 입력하거나 <b>매직링크</b>를 클릭하세요.</p>
+              <h1 style='color:#3366ff'>%s</h1>
+              <p><a href='%s'>➡️ 매직링크 바로가기</a> · 5분 내 1회 사용</p>
+            </div>
+            """.formatted(code, link);
+
+        try {
+            MimeMessage msg = mailSender.createMimeMessage();
+            msg.addRecipients(Message.RecipientType.TO, to);
+            msg.setSubject("[NewsIntelligent] 인증 메일");
+            msg.setText(html, "utf-8", "html");
+            msg.setFrom(new InternetAddress(from, "NewsIntelligent"));
+            mailSender.send(msg);
+        } catch (Exception e) {
+            throw new IllegalStateException("메일 발송 실패", e);
+        }
+    }
+}

src/main/java/UMC/news/newsIntelligent/domain/member/controller/AuthController.java

@@ -0,0 +1,101 @@
+package UMC.news.newsIntelligent.domain.member.controller;
+
+import UMC.news.newsIntelligent.domain.mail.dto.EmailRequestDto;
+import UMC.news.newsIntelligent.domain.mail.dto.VerifyRequestDto;
+import UMC.news.newsIntelligent.domain.mail.entity.OtpCode;
+import UMC.news.newsIntelligent.domain.member.dto.MemberResponseDto;
+import UMC.news.newsIntelligent.domain.member.dto.TokenResponseDto;
+import UMC.news.newsIntelligent.domain.member.entity.Member;
+import UMC.news.newsIntelligent.domain.member.repository.MemberRepository;
+import UMC.news.newsIntelligent.domain.member.service.AuthService;
+import UMC.news.newsIntelligent.domain.member.service.MemberService;
+import UMC.news.newsIntelligent.global.apiPayload.CustomResponse;
+import UMC.news.newsIntelligent.global.apiPayload.code.success.GeneralSuccessCode;
+import UMC.news.newsIntelligent.global.config.security.jwt.JwtTokenProvider;
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.tags.Tag;
+import jakarta.servlet.http.HttpServletRequest;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.security.core.annotation.AuthenticationPrincipal;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.web.bind.annotation.*;
+import org.springframework.web.servlet.view.RedirectView;
+
+@Slf4j
+@RestController
+@RequiredArgsConstructor
+@RequestMapping("/api/members")
+@Tag(name="사용자 및 인증 관련 API", description = "사용자 인증 및 가입/로그인/로그아웃/탈퇴")
+public class AuthController {
+
+    private final AuthService auth;
+    private final MemberService memberService;
+    private final MemberRepository memberRepository;
+
+    /* --- 메일 발송 --- */
+    @Operation(summary = "회원가입 인증번호 전송", description = "회원가입 시 사용자에게 이메일로 인증번호를 전송하는 API입니다.")
+    @PostMapping("/signup/email")
+    public CustomResponse<?> signupEmail(@RequestBody EmailRequestDto request) {
+        auth.sendCode(request.email(), OtpCode.Type.SIGNUP);
+        return CustomResponse.onSuccess(GeneralSuccessCode.EMAIL_SENT);
+    }
+
+    @Operation(summary = "로그인 인증번호 전송", description = "로그인 시 사용자에게 이메일로 인증번호를 전송하는 API입니다.")
+    @PostMapping("/login/email")
+    public CustomResponse<?> loginEmail(@RequestBody EmailRequestDto request) {
+        auth.sendCode(request.email(), OtpCode.Type.LOGIN);
+        return CustomResponse.onSuccess(GeneralSuccessCode.EMAIL_SENT);
+    }
+
+    /* --- 인증 코드 검증 --- */
+    @Operation(summary = "회원가입 인증코드 검증", description = "회원가입 시 전송된 6자리 코드를 검증하는  API입니다.")
+    @PostMapping("/signup/verify")
+    public CustomResponse<MemberResponseDto>  signupVerify(@RequestBody VerifyRequestDto request) {
+        MemberResponseDto responseDto = MemberResponseDto.from(auth.signupByCode(request.email(), request.code()));
+        return CustomResponse.onSuccess(GeneralSuccessCode.SIGNUP_SUCCESS, responseDto);
+    }
+    @Operation(summary = "로그인 인증코드 검증", description = "로그인 시 전송된 6자리 코드를 검증하는  API입니다.")
+    @PostMapping("/login/verify")
+    public CustomResponse<TokenResponseDto> loginVerify(@RequestBody VerifyRequestDto request) {
+        TokenResponseDto responseDto =  auth.loginByCode(request.email(), request.code());
+        return CustomResponse.onSuccess(GeneralSuccessCode.LOGIN_SUCCESS, responseDto);
+    }
+
+    /* --- 로그아웃 --- */
+    @Operation(summary = "로그아웃", description = "액세스 토큰을 무효화하는 API입니다.")
+    @PostMapping("/logout")
+    public CustomResponse<?> logout(HttpServletRequest request,
+                                       @AuthenticationPrincipal UserDetails userDetails) {
+        String token = JwtTokenProvider.resolveToken(request);
+        memberService.logout(token);
+        return CustomResponse.onSuccess(GeneralSuccessCode.LOGOUT_SUCCESS);
+    }
+
+    /* --- 회원 탈퇴 --- */
+    @Operation(summary = "회원 탈퇴", description = "회원 탈퇴 후 액세스 토큰을 무효화하는 API입니다.")
+    @DeleteMapping("/withdraw")
+    public CustomResponse<?> withdraw(HttpServletRequest request,
+                                      @AuthenticationPrincipal UserDetails userDetails) {
+        String token = JwtTokenProvider.resolveToken(request);
+        Member member = memberRepository.findByEmail(userDetails.getUsername())
+                .orElseThrow();
+        memberService.withdraw(member, token);
+        return CustomResponse.onSuccess(GeneralSuccessCode.WITHDRAW_SUCCESS);
+    }
+
+
+    /* --- 매직 링크 --- */
+    @Operation(summary = "리다이렉트용", description = "프론트엔드에서 구현 필요 X")
+    @GetMapping("/signup/magic")
+    public RedirectView signupMagic(@RequestParam String token) {
+        auth.signupByToken(token);
+        return new RedirectView("/signup/success");
+    }
+    @Operation(summary = "리다이렉트용", description = "프론트엔드에서 구현 필요 X")
+    @GetMapping("/login/magic")
+    public RedirectView loginMagic(@RequestParam String token) {
+        TokenResponseDto tr = auth.loginByToken(token);
+        return new RedirectView("/login/magic-success#" + tr.accessToken());
+    }
+}

src/main/java/UMC/news/newsIntelligent/domain/member/controller/MemberController.java

@@ -0,0 +1,36 @@
+package UMC.news.newsIntelligent.domain.member.controller;
+
+import UMC.news.newsIntelligent.domain.member.dto.MemberInfoDto;
+import UMC.news.newsIntelligent.domain.member.service.MemberQueryService;
+import UMC.news.newsIntelligent.global.apiPayload.CustomResponse;
+import UMC.news.newsIntelligent.global.apiPayload.code.success.GeneralSuccessCode;
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.tags.Tag;
+import lombok.RequiredArgsConstructor;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import java.util.List;
+
+@RestController
+@RequiredArgsConstructor
+@RequestMapping("/api/members")
+@Tag(name="회원 관련 API", description = "회원 정보 조회/수정")
+public class MemberController {
+    private final MemberQueryService memberQueryService;
+
+    /* --- 회원 정보 조회 --- */
+    @Operation(summary = "회원 정보 조회", description = "회원정보를 리스트로 반환하는 API입니다.")
+    @GetMapping("/info/{memberId}")
+    public CustomResponse<List<MemberInfoDto>> getInfo(@PathVariable Long memberId) {
+
+        MemberInfoDto dto = memberQueryService.getInfo(memberId);
+
+        return CustomResponse.onSuccess(
+                GeneralSuccessCode.OK,
+                List.of(dto)
+        );
+    }
+}

src/main/java/UMC/news/newsIntelligent/domain/member/converter/MemberInfoConverter.java

@@ -0,0 +1,30 @@
+package UMC.news.newsIntelligent.domain.member.converter;
+
+import UMC.news.newsIntelligent.domain.member.dto.MemberInfoDto;
+import UMC.news.newsIntelligent.domain.member.entity.Member;
+
+import java.util.List;
+import java.util.stream.Collectors;
+
+public class MemberInfoConverter {
+    private MemberInfoConverter() {}   // 인스턴스화 방지
+
+    public static MemberInfoDto toDto(Member member) {
+        return new MemberInfoDto(
+                member.getEmail(),
+                member.getSubscribeTopicAlert(),
+                member.getReadTopicAlert(),
+                member.getDailyReportAlert(),
+                member.getCreatedAt(),
+                member.getUpdatedAt(),
+                member.getIsDeactivated()
+        );
+    }
+
+    /* entity -> dto  */
+    public static List<MemberInfoDto> toDtoList(List<Member> members) {
+        return members.stream()
+                .map(MemberInfoConverter::toDto)
+                .collect(Collectors.toList());
+    }
+}