Merge pull request #63 from Dalguring/feature/change-password

Dalguring · web-flow · commit a7162ee5a3d2 · 2026-02-23T10:35:53.000+09:00
Feature/change password
diff --git a/src/main/java/com/rentify/rentify_api/rental/service/RentalService.java b/src/main/java/com/rentify/rentify_api/rental/service/RentalService.java
@@ -15,16 +15,15 @@
 import com.rentify.rentify_api.user.entity.User;
 import com.rentify.rentify_api.user.exception.UserNotFoundException;
 import com.rentify.rentify_api.user.repository.UserRepository;
+import java.time.LocalDate;
+import java.time.temporal.ChronoUnit;
+import java.util.List;
 import lombok.RequiredArgsConstructor;
 import org.springframework.data.domain.Page;
 import org.springframework.data.domain.Pageable;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
-import java.time.LocalDate;
-import java.time.temporal.ChronoUnit;
-import java.util.List;
-
 @Service
 @RequiredArgsConstructor
 @Transactional(readOnly = true)
@@ -198,21 +197,18 @@ public RentalResponse cancelRental(Long userId, Long rentalId) {
     // 내가 빌리는 대여 목록
     @Transactional(readOnly = true)
     public Page<RentalResponse> getMyBorrowedRentals(Long userId, Pageable pageable) {
-        Page<RentalResponse> rentals = rentalRepository.findByUserId(userId, pageable);
-        return rentals;
+        return rentalRepository.findByUserId(userId, pageable);
     }
 
     // 내가 빌려준 대여 목록
     @Transactional(readOnly = true)
     public Page<RentalResponse> getMyLendedRentals(Long userId, Pageable pageable) {
-        Page<RentalResponse> rentals = rentalRepository.findByPostOwnerId(userId, pageable);
-        return rentals;
+        return rentalRepository.findByPostOwnerId(userId, pageable);
     }
 
     // 나의 모든 대여 목록
     @Transactional(readOnly = true)
     public Page<RentalResponse> getMyAllRentals(Long userId, Pageable pageable) {
-        Page<RentalResponse> rentals = rentalRepository.findByUserIdOrPostOwnerId(userId, pageable);
-        return rentals;
+        return rentalRepository.findByUserIdOrPostOwnerId(userId, pageable);
     }
 }
diff --git a/src/main/java/com/rentify/rentify_api/user/controller/UserApiDocs.java b/src/main/java/com/rentify/rentify_api/user/controller/UserApiDocs.java
@@ -4,6 +4,7 @@
 import com.rentify.rentify_api.rental.dto.RentalResponse;
 import com.rentify.rentify_api.user.dto.CreateUserRequest;
 import com.rentify.rentify_api.user.dto.LoginRequest;
+import com.rentify.rentify_api.user.dto.PasswordUpdateRequest;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.Parameters;
@@ -22,11 +23,11 @@
 import org.springdoc.core.annotations.ParameterObject;
 import org.springframework.data.domain.Page;
 import org.springframework.data.domain.Pageable;
-import org.springframework.data.domain.Sort;
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.core.annotation.AuthenticationPrincipal;
 import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PatchMapping;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestHeader;
 import org.springframework.web.bind.annotation.RequestParam;
@@ -409,10 +410,64 @@ ResponseEntity<com.rentify.rentify_api.common.response.ApiResponse<Page<RentalRe
             @Parameter(
                     name = "role",
                     description = "조회 역할 필터 (예: LENDER(빌려준 내역), BORROWER(빌린 내역))",
-                    example = "BORROWER",
-                    required = false
+                    example = "BORROWER"
             )
             @RequestParam(required = false) String role,
             @ParameterObject Pageable pageable
     );
+
+    @Operation(summary = "패스워드 변경", description = "사용자의 패스워드를 변경합니다.")
+    @ApiResponses(value = {
+        @ApiResponse(
+            responseCode = "200",
+            description = "패스워드 변경 성공",
+            content = @Content(
+                mediaType = "application/json",
+                examples = @ExampleObject(
+                    value = "{\"success\": true, \"code\": \"200\", \"message\": \"패스워드 변경 성공\", \"data\": null}"
+                )
+            )
+        ),
+        @ApiResponse(
+            responseCode = "400",
+            description = "동일한 패스워드로 변경 요청",
+            content = @Content(
+                mediaType = "application/json",
+                examples = @ExampleObject(
+                    value = "{\"success\": false, \"code\": \"401\", \"message\": \"기존과 동일한 비밀번호로 변경할 수 없습니다.\", \"data\": null}"
+                )
+            )
+        ),
+        @ApiResponse(
+            responseCode = "401",
+            description = "패스워드 인증 실패",
+            content = @Content(
+                mediaType = "application/json",
+                examples = @ExampleObject(
+                    value = "{\"success\": false, \"code\": \"401\", \"message\": \"패스워드가 일치하지 않습니다.\", \"data\": null}"
+                )
+            )
+        )
+    })
+    @PatchMapping("/me/password")
+    ResponseEntity<com.rentify.rentify_api.common.response.ApiResponse<Void>> changePassword(
+        @AuthenticationPrincipal Long userId,
+        @RequestBody(
+            description = "패스워드 변경 요청 데이터",
+            required = true,
+            content = @Content(
+                mediaType = "application/json",
+                schema = @Schema(implementation = PasswordUpdateRequest.class),
+                examples = @ExampleObject(
+                    value = """
+                        {
+                            "currentPassword": "old_pass",
+                            "newPassword": "new_pass"
+                        }
+                        """
+                )
+            )
+        )
+        @Valid @org.springframework.web.bind.annotation.RequestBody PasswordUpdateRequest request
+    );
 }
diff --git a/src/main/java/com/rentify/rentify_api/user/controller/UserController.java b/src/main/java/com/rentify/rentify_api/user/controller/UserController.java
@@ -5,6 +5,7 @@
 import com.rentify.rentify_api.rental.dto.RentalResponse;
 import com.rentify.rentify_api.user.dto.CreateUserRequest;
 import com.rentify.rentify_api.user.dto.LoginRequest;
+import com.rentify.rentify_api.user.dto.PasswordUpdateRequest;
 import com.rentify.rentify_api.user.dto.UserResponse;
 import com.rentify.rentify_api.user.entity.LoginResponse;
 import com.rentify.rentify_api.user.service.UserService;
@@ -25,6 +26,7 @@
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.core.annotation.AuthenticationPrincipal;
 import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PatchMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
@@ -136,4 +138,13 @@ public ResponseEntity<ApiResponse<Page<RentalResponse>>> getMyRentals(
         return ResponseEntity.ok(ApiResponse.success(HttpStatus.OK, rentals));
     }
 
+    @Override
+    @PatchMapping("/me/password")
+    public ResponseEntity<ApiResponse<Void>> changePassword(
+        @AuthenticationPrincipal Long userId,
+        @Valid @RequestBody PasswordUpdateRequest request
+    ) {
+        userService.changePassword(userId, request);
+        return ResponseEntity.ok(ApiResponse.success(HttpStatus.OK, "패스워드 변경 성공"));
+    }
 }
diff --git a/src/main/java/com/rentify/rentify_api/user/dto/PasswordUpdateRequest.java b/src/main/java/com/rentify/rentify_api/user/dto/PasswordUpdateRequest.java
@@ -0,0 +1,8 @@
+package com.rentify.rentify_api.user.dto;
+
+import jakarta.validation.constraints.NotBlank;
+
+public record PasswordUpdateRequest(
+    @NotBlank String currentPassword,
+    @NotBlank String newPassword
+) {}
diff --git a/src/main/java/com/rentify/rentify_api/user/entity/User.java b/src/main/java/com/rentify/rentify_api/user/entity/User.java
@@ -37,10 +37,10 @@ public class User {
     @Column(name = "email", nullable = false, length = 100, unique = true)
     private String email;
 
-    @Column(name = "password", nullable = false, length = 255)
+    @Column(name = "password", nullable = false)
     private String password;
 
-    @Column(name = "address", length = 255)
+    @Column(name = "address")
     private String address;
 
     @Column(name = "bank", length = 20)
@@ -89,4 +89,8 @@ public void usePoint(int amount) {
         }
         this.point -= amount;
     }
+
+    public void updatePassword(String hashedPassword) {
+        this.password = hashedPassword;
+    }
 }
diff --git a/src/main/java/com/rentify/rentify_api/user/service/UserService.java b/src/main/java/com/rentify/rentify_api/user/service/UserService.java
@@ -3,6 +3,7 @@
 import com.rentify.rentify_api.common.exception.AccountDeactivatedException;
 import com.rentify.rentify_api.common.exception.IdempotencyException;
 import com.rentify.rentify_api.common.exception.InvalidPasswordException;
+import com.rentify.rentify_api.common.exception.InvalidValueException;
 import com.rentify.rentify_api.common.exception.NotFoundException;
 import com.rentify.rentify_api.common.idempotency.IdempotencyKey;
 import com.rentify.rentify_api.common.idempotency.IdempotencyKeyRepository;
@@ -15,6 +16,7 @@
 import com.rentify.rentify_api.rental.service.RentalService;
 import com.rentify.rentify_api.user.dto.CreateUserRequest;
 import com.rentify.rentify_api.user.dto.LoginRequest;
+import com.rentify.rentify_api.user.dto.PasswordUpdateRequest;
 import com.rentify.rentify_api.user.dto.UserResponse;
 import com.rentify.rentify_api.user.entity.LoginResponse;
 import com.rentify.rentify_api.user.entity.RefreshToken;
@@ -216,4 +218,20 @@ public Page<RentalResponse> getMyRentals(Long userId, String role, Pageable page
             default -> throw new IllegalArgumentException("Invalid role parameter. Use 'borrower' or 'lender'");
         };
     }
+
+    @Transactional
+    public void changePassword(Long userId, PasswordUpdateRequest request) {
+        User user = userRepository.findById(userId).orElseThrow(UserNotFoundException::new);
+
+        if (!passwordEncoder.matches(request.currentPassword(), user.getPassword())) {
+            throw new InvalidPasswordException("패스워드가 일치하지 않습니다.");
+        }
+
+        if (passwordEncoder.matches(request.newPassword(), user.getPassword())) {
+            throw new InvalidValueException("기존과 동일한 비밀번호로 변경할 수 없습니다.");
+        }
+
+        String hashedPassword = passwordEncoder.encode(request.newPassword());
+        user.updatePassword(hashedPassword);
+    }
 }
diff --git a/src/test/java/com/rentify/rentify_api/user/service/UserServiceTest.java b/src/test/java/com/rentify/rentify_api/user/service/UserServiceTest.java

Original file line number	Diff line number	Diff line change
`@@ -37,10 +37,10 @@ public class User {`
`37`	`37`	`@Column(name = "email", nullable = false, length = 100, unique = true)`
`38`	`38`	`private String email;`
`39`	`39`
`40`		`- @Column(name = "password", nullable = false, length = 255)`
	`40`	`+ @Column(name = "password", nullable = false)`
`41`	`41`	`private String password;`
`42`	`42`
`43`		`- @Column(name = "address", length = 255)`
	`43`	`+ @Column(name = "address")`
`44`	`44`	`private String address;`
`45`	`45`
`46`	`46`	`@Column(name = "bank", length = 20)`
`@@ -89,4 +89,8 @@ public void usePoint(int amount) {`
`89`	`89`	`}`
`90`	`90`	`this.point -= amount;`
`91`	`91`	`}`
	`92`	`+`
	`93`	`+ public void updatePassword(String hashedPassword) {`
	`94`	`+ this.password = hashedPassword;`
	`95`	`+ }`
`92`	`96`	`}`