-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathUserService.java
More file actions
443 lines (373 loc) · 17.8 KB
/
UserService.java
File metadata and controls
443 lines (373 loc) · 17.8 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
package com.gamzabat.algohub.feature.user.service;
import static com.gamzabat.algohub.constants.ApiConstants.*;
import java.security.SecureRandom;
import java.time.Duration;
import java.time.LocalDateTime;
import java.util.Base64;
import java.util.List;
import java.util.regex.Pattern;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.http.HttpStatus;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.core.Authentication;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.client.HttpClientErrorException;
import org.springframework.web.client.HttpServerErrorException;
import org.springframework.web.client.RestClient;
import org.springframework.web.client.RestTemplate;
import org.springframework.web.multipart.MultipartFile;
import com.gamzabat.algohub.common.jwt.TokenProvider;
import com.gamzabat.algohub.common.jwt.dto.JwtDTO;
import com.gamzabat.algohub.common.jwt.dto.ReissueTokenRequest;
import com.gamzabat.algohub.common.logging.DiscordWebhookService;
import com.gamzabat.algohub.common.redis.RedisService;
import com.gamzabat.algohub.enums.EmailType;
import com.gamzabat.algohub.enums.ImageType;
import com.gamzabat.algohub.enums.Role;
import com.gamzabat.algohub.exception.UserValidationException;
import com.gamzabat.algohub.feature.group.studygroup.exception.CannotFoundUserException;
import com.gamzabat.algohub.feature.image.service.ImageService;
import com.gamzabat.algohub.feature.solution.repository.SolutionRepository;
import com.gamzabat.algohub.feature.user.domain.ResetPassword;
import com.gamzabat.algohub.feature.user.domain.User;
import com.gamzabat.algohub.feature.user.dto.DeleteUserRequest;
import com.gamzabat.algohub.feature.user.dto.EditUserPasswordRequest;
import com.gamzabat.algohub.feature.user.dto.GetSolutionCommentActivity;
import com.gamzabat.algohub.feature.user.dto.GetSolutionCommentActivityList;
import com.gamzabat.algohub.feature.user.dto.RegisterBjNickNameRequest;
import com.gamzabat.algohub.feature.user.dto.RegisterRequest;
import com.gamzabat.algohub.feature.user.dto.ResetPasswordRequest;
import com.gamzabat.algohub.feature.user.dto.SignInRequest;
import com.gamzabat.algohub.feature.user.dto.TokenResponse;
import com.gamzabat.algohub.feature.user.dto.UpdateUserRequest;
import com.gamzabat.algohub.feature.user.dto.UserInfoResponse;
import com.gamzabat.algohub.feature.user.exception.BOJServerErrorException;
import com.gamzabat.algohub.feature.user.exception.CheckBjNicknameValidationException;
import com.gamzabat.algohub.feature.user.exception.CheckEmailFormException;
import com.gamzabat.algohub.feature.user.exception.CheckNicknameValidationException;
import com.gamzabat.algohub.feature.user.exception.CheckPasswordFormException;
import com.gamzabat.algohub.feature.user.exception.InvalidDeleteUserRequestException;
import com.gamzabat.algohub.feature.user.exception.InvalidEmailException;
import com.gamzabat.algohub.feature.user.exception.ResetPasswordValidationError;
import com.gamzabat.algohub.feature.user.exception.UncorrectedPasswordException;
import com.gamzabat.algohub.feature.user.repository.ResetPasswordRepository;
import com.gamzabat.algohub.feature.user.repository.UserRepository;
import jakarta.servlet.http.HttpServletRequest;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
@Slf4j
@Service
@RequiredArgsConstructor
public class UserService {
private final UserRepository userRepository;
private final PasswordEncoder passwordEncoder;
private final ImageService imageService;
private final TokenProvider tokenProvider;
private final AuthenticationManagerBuilder authManager;
private final RedisService redisService;
private final RestTemplate restTemplate;
private final ResetPasswordRepository resetPasswordRepository;
private final EmailService emailService;
private final DiscordWebhookService webhookService;
private final SolutionRepository solutionRepository;
private final RestClient.Builder builder;
@Transactional
public void register(RegisterRequest request, MultipartFile profileImage, String token) {
String email = redisService.getValues(token);
checkNickname(request.nickname());
checkEmailForm(email);
checkPasswordForm(request.password());
validateBjNickname(request.bjNickname());
String encodedPassword = passwordEncoder.encode(request.password());
User user = userRepository.save(User.builder()
.email(email)
.password(encodedPassword)
.nickname(request.nickname())
.bjNickname(request.bjNickname())
.role(Role.USER)
.build());
saveProfileImage(profileImage, user);
log.info("success to register user_id={}", user.getId());
webhookService.sendRegisterMessage(user.getNickname(), "SignUp", user.getId());
}
private void saveProfileImage(MultipartFile profileImage, User user) {
String imagePrefix = imageService.createImagePrefix(user.getId(), user.getEmail());
String imageUrl = imageService.saveImage(ImageType.USER, imagePrefix, profileImage);
user.editProfileImage(imageUrl);
}
@Transactional
public TokenResponse signIn(SignInRequest request) {
UsernamePasswordAuthenticationToken authenticationToken
= new UsernamePasswordAuthenticationToken(request.identifier(), request.password());
Authentication authenticate;
try {
authenticate = authManager.getObject().authenticate(authenticationToken);
} catch (BadCredentialsException e) {
throw new UncorrectedPasswordException("비밀번호가 틀렸습니다.");
}
JwtDTO result = tokenProvider.generateTokens(authenticate);
log.info("success to sign in identifier = {}", request.identifier());
return new TokenResponse(result.getAccessToken(), result.getRefreshToken());
}
@Transactional(readOnly = true)
public UserInfoResponse userInfo(User user) {
return new UserInfoResponse(
user.getEmail(),
user.getNickname(),
user.getProfileImage(),
user.getBjNickname(),
user.getGithubName(),
user.getDescription());
}
@Transactional
public void userUpdate(User user, UpdateUserRequest updateUserRequest, MultipartFile profileImage) {
editUserProfileImage(user, profileImage, updateUserRequest.getIsDefaultImage());
checkNickname(updateUserRequest.getNickname());
if (updateUserRequest.getNickname() != null && !updateUserRequest.getNickname().isEmpty()) {
user.editNickname(updateUserRequest.getNickname());
}
if (updateUserRequest.getBjNickname() != null && !updateUserRequest.getBjNickname().isEmpty()) {
user.editBjNickname(updateUserRequest.getBjNickname());
}
if (updateUserRequest.getDescription() != null && !updateUserRequest.getDescription().isEmpty()) {
user.editDescription(updateUserRequest.getDescription());
}
userRepository.save(user);
log.info("success to update user user_id={}", user.getId());
}
private void editUserProfileImage(User user, MultipartFile inputImage, Boolean isDefaultImage) {
if (inputImage != null) {
if (user.getProfileImage() != null) {
imageService.deleteImage(user.getProfileImage());
}
saveProfileImage(inputImage, user);
log.info("success to update user profile image. profile image : {}", user.getProfileImage());
return;
}
if (isDefaultImage) {
handleNullInputImage(user);
}
}
private void handleNullInputImage(User user) {
if (user.getProfileImage() != null) {
imageService.deleteImage(user.getProfileImage());
user.editProfileImage(null);
}
}
@Transactional
public void deleteUser(User user, DeleteUserRequest deleteUserRequest) {
if (user.getGithubName() != null) {
validateOAuthUserRequest(deleteUserRequest);
} else {
validateNormalUserRequest(user, deleteUserRequest);
}
userRepository.delete(user);
log.info("success to delete user user_id={}", user.getId());
}
private void validateOAuthUserRequest(DeleteUserRequest deleteUserRequest) {
if (deleteUserRequest.password() != null) {
throw new InvalidDeleteUserRequestException("소셜 로그인 회원의 비밀번호는 존재하지 않습니다.");
}
}
private void validateNormalUserRequest(User user, DeleteUserRequest deleteUserRequest) {
if (deleteUserRequest.password() == null) {
throw new InvalidDeleteUserRequestException("일반 회원 탈퇴 시 비밀번호 입력이 필요합니다.");
}
if (!passwordEncoder.matches(deleteUserRequest.password(), user.getPassword())) {
throw new UncorrectedPasswordException("비밀번호가 틀렸습니다.");
}
}
@Transactional
public void logout(HttpServletRequest request) {
String accessToken = tokenProvider.resolveToken(request);
long tokenExpiration = tokenProvider.getAccessTokenExpirationTime();
redisService.setValues(accessToken, "logout", Duration.ofMillis(tokenExpiration));
log.info("success to logout");
}
@Transactional
public void editPassword(User user, EditUserPasswordRequest request) {
if (!passwordEncoder.matches(request.currentPassword(), user.getPassword())) {
throw new UncorrectedPasswordException("비밀번호가 틀렸습니다.");
}
String encodedPassword = passwordEncoder.encode(request.newPassword());
user.editPassword(encodedPassword);
userRepository.save(user);
log.info("success to edit password user_id={}", user.getId());
}
@Transactional
public void registerBjNickname(User user, RegisterBjNickNameRequest request) {
validateBjNickname(request.bjNickName());
user.editBjNickname(request.bjNickName());
userRepository.save(user);
log.info("success to register baekjoon-nickname user_id = {}", user.getId());
}
@Transactional(readOnly = true)
public void checkBjNickname(String bjNickname) {
validateBjNickname(bjNickname);
log.info("success to check baekjoon nickname validity nickname = {}", bjNickname);
}
@Transactional
public void deleteBjNickname(User user) {
if (user.getBjNickname() == null) {
throw new CheckBjNicknameValidationException(HttpStatus.BAD_REQUEST.value(), "백준 아이디가 등록되어 있지 않습니다.");
}
user.editBjNickname(null);
userRepository.save(user);
log.info("succes to delete user baekjoon nickname user_id = {}", user.getId());
}
@Transactional(readOnly = true)
public void checkEmailDuplication(String email) {
if (userRepository.existsByEmail(email))
throw new UserValidationException("이미 사용 중인 이메일 입니다.");
log.info("success to validity email = {}", email);
}
@Transactional(readOnly = true)
public void checkNickname(String nickname) {
if (nickname == null)
return;
if (isInvalidNicknameForm(nickname))
throw new CheckNicknameValidationException(HttpStatus.BAD_REQUEST.value(),
"닉네임은 영문과 숫자로 구성된 3~16글자여야 합니다.");
if (userRepository.existsByNickname(nickname))
throw new CheckNicknameValidationException(HttpStatus.CONFLICT.value(), "이미 사용 중인 닉네임입니다.");
log.info("success to check nickname validity nickname={}", nickname);
}
@Transactional(readOnly = true)
public UserInfoResponse otherUserInfo(String userNickname) {
User targetUser = userRepository.findByNickname(userNickname)
.orElseThrow(() -> new CannotFoundUserException(HttpStatus.NOT_FOUND.value(), "해당 유저는 존재하지 않습니다."));
return new UserInfoResponse(targetUser.getEmail(), targetUser.getNickname(), targetUser.getProfileImage(),
targetUser.getBjNickname(),
targetUser.getGithubName(),
targetUser.getDescription());
}
private boolean isInvalidNicknameForm(String nickname) {
String regex = "[^a-zA-Z0-9]";
return nickname.length() < 3 || nickname.length() > 16 || Pattern.compile(regex).matcher(nickname).find();
}
@Transactional
public TokenResponse reissueToken(ReissueTokenRequest request) {
String expiredToken = request.expiredAccessToken();
String refreshToken = request.refreshToken();
TokenResponse response = tokenProvider.reissueTokens(expiredToken, refreshToken);
log.info("success to reissue tokens");
return response;
}
@Transactional
public void sendResetPasswordMail(String email) {
User user = userRepository.findByEmail(email)
.orElseThrow(() -> new CannotFoundUserException(HttpStatus.NOT_FOUND.value(), "존재하지 않는 이메일의 유저입니다."));
String token = UserService.generateSecureToken();
ResetPassword resetPassword = ResetPassword.builder()
.user(user)
.token(token)
.build();
resetPasswordRepository.save(resetPassword);
log.info("success to create reset password token. Token: {}", resetPassword.getToken());
emailService.sendVerificationMail(user.getEmail(), token, EmailType.RESET_PASSWORD).thenAccept(unused ->
log.info("success to send reset password mail.")
);
}
public void sendEmailVerificationMail(String email) {
checkEmailDuplication(email);
String token = UserService.generateSecureToken();
log.info("success to create email verification token. Token: {}", token);
redisService.setValues(token, email, Duration.ofMinutes(3));
emailService.sendVerificationMail(email, token, EmailType.EMAIL_VALIDATION).thenAccept(unused ->
log.info("success to send email validation mail.")
).exceptionally(e -> {
redisService.deleteValues(token);
return null;
});
}
@Transactional
public void resetPassword(ResetPasswordRequest request) {
ResetPassword resetPassword = getValidatedResetPassword(request.token());
checkPasswordForm(request.password());
String encodedPassword = passwordEncoder.encode(request.password());
resetPassword.getUser().editPassword(encodedPassword);
resetPassword.makeDone();
log.info("success to reset password.");
}
@Transactional
public GetSolutionCommentActivityList getSolutionCommentActivity(User user) {
List<GetSolutionCommentActivity> solutionCommentActivityList = solutionRepository.findFeedSolutionsByUserOrdered(user);
GetSolutionCommentActivityList response = GetSolutionCommentActivityList.builder().solutionCommentActivityList(solutionCommentActivityList).build();
return response;
}
public void validateResetPasswordToken(String token) {
this.getValidatedResetPassword(token);
}
private ResetPassword getValidatedResetPassword(String token) {
ResetPassword resetPassword = resetPasswordRepository.findByToken(token)
.orElseThrow(() -> new ResetPasswordValidationError(HttpStatus.BAD_REQUEST.value(), "유효하지 않은 요청입니다."));
if (resetPassword.getExpiredAt().isBefore(LocalDateTime.now()))
throw new ResetPasswordValidationError(HttpStatus.GONE.value(), "기한이 만료된 비밀번호 수정 요청입니다.");
if (resetPassword.getDone())
throw new ResetPasswordValidationError(HttpStatus.CONFLICT.value(), "이미 수정이 완료된 요청입니다.");
return resetPassword;
}
private void checkEmailForm(String email) {
if (!isValidEmailForm(email))
throw new CheckEmailFormException(HttpStatus.BAD_REQUEST.value(), "이메일 형식이 아닙니다");
}
private boolean isValidEmailForm(String email) {
String EMAIL_REGEX = "^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$"; // 문자 사이에 @를 포함하고 최상위 도메인은 2글자 이상이어야 함
Pattern EMAIL_PATTERN = Pattern.compile(EMAIL_REGEX);
if (email == null || email.isEmpty()) {
return false;
}
return EMAIL_PATTERN.matcher(email).matches();
}
private void checkPasswordForm(String password) {
if (!isValidPasswordForm(password))
throw new CheckPasswordFormException(HttpStatus.BAD_REQUEST.value(), "올바르지 않은 비밀번호 형식입니다");
}
private boolean isValidPasswordForm(String password) {
String passwordPattern = "^(?=.*[A-Za-z])(?=.*\\d)(?=.*[~!@#$%^&*])[A-Za-z\\d~!@#$%^&*]{8,15}$"; // 영문,숫자,특수문자 만으로 이루어져야 하며 모두 포함하여야 하고 8~15글자 사이여야 함
if (password == null || password.isEmpty()) {
return false;
}
return password.matches(passwordPattern);
}
private static String generateSecureToken() {
final int TOKEN_LENGTH = 32;
byte[] bytes = new byte[TOKEN_LENGTH];
new SecureRandom().nextBytes(bytes);
return Base64.getUrlEncoder().withoutPadding().encodeToString(bytes);
}
public void checkEmailVerification(String token) {
boolean isTokenExist = redisService.checkExistsValue(token);
if (!isTokenExist) {
throw new InvalidEmailException("토큰이 유효하지 않습니다.");
}
String email = redisService.getValues(token);
redisService.deleteValues(token);
redisService.setValues(token, email, Duration.ofMinutes(30));
}
private void validateBjNickname(String bjNickname) {
String bjUserUrl = BOJ_USER_PROFILE_URL + bjNickname;
HttpHeaders headers = new HttpHeaders();
headers.set("User-Agent",
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36");
HttpEntity<String> entity = new HttpEntity<>(headers);
try {
restTemplate.exchange(bjUserUrl, HttpMethod.GET, entity, String.class);
// TODO : 백준 본인 인증 관련 사항 확정 후 로직 수정
// if (userRepository.existsByBjNickname(bjNickname))
// throw new CheckBjNicknameValidationException(HttpStatus.CONFLICT.value(), "이미 가입된 백준 닉네임 입니다.");
} catch (HttpClientErrorException e) {
if (e.getStatusCode() == HttpStatus.NOT_FOUND)
throw new CheckBjNicknameValidationException(HttpStatus.NOT_FOUND.value(), "백준 닉네임이 유효하지 않습니다.");
} catch (HttpServerErrorException e) {
log.error("BOJ server error occurred : " + e.getMessage());
throw new BOJServerErrorException("현재 백준 서버 오류가 발생했습니다. 잠시 후 다시 시도해주세요.");
}
}
}