MT-TEAM-Org · net79736 · Jan 3, 2025 · Jan 3, 2025
diff --git a/build.gradle b/build.gradle
@@ -64,6 +64,11 @@ dependencies {
     // mysql-connector 추가
     implementation group: 'com.mysql', name: 'mysql-connector-j', version: '8.3.0'
 
+    // imgscalr-lib
+    implementation group: 'org.imgscalr', name: 'imgscalr-lib', version: '4.2'
+
+    // commons-io
+    implementation 'commons-io:commons-io:2.14.0'
 
     // Swagger
     implementation group: 'org.springdoc', name: 'springdoc-openapi-starter-webmvc-ui', version: '2.6.0'

diff --git a/src/main/java/org/myteam/server/auth/controller/ReIssueController.java b/src/main/java/org/myteam/server/auth/controller/ReIssueController.java
@@ -16,7 +16,7 @@
 
 import static org.myteam.server.global.exception.ErrorCode.INTERNAL_SERVER_ERROR;
 import static org.myteam.server.global.security.jwt.JwtProvider.*;
-import static org.myteam.server.util.cookie.CookieUtil.createCookie;
+import static org.myteam.server.global.util.cookie.CookieUtil.createCookie;
 
 /**
  * TODO_ : 리프레시 토큰에 대한 블랙 리스트 작성

diff --git a/src/main/java/org/myteam/server/board/entity/Category.java b/src/main/java/org/myteam/server/board/entity/Category.java
@@ -6,6 +6,7 @@
 import lombok.Getter;
 import lombok.NoArgsConstructor;
 import org.myteam.server.board.dto.CategorySaveRequest;
+import org.myteam.server.global.domain.Base;
 
 import java.util.ArrayList;
 import java.util.List;
@@ -14,7 +15,7 @@
 @Entity
 @NoArgsConstructor(access = AccessLevel.PROTECTED)
 @Table(name = "p_categories")
-public class Category {
+public class Category extends Base {
     @Id
     @GeneratedValue(strategy = GenerationType.IDENTITY)
     private Long id;

diff --git a/src/main/java/org/myteam/server/board/service/CategoryService.java b/src/main/java/org/myteam/server/board/service/CategoryService.java
@@ -57,7 +57,6 @@ public CategoryResponse create(CategorySaveRequest categorySaveRequest) {
             }
 
             categoryEntity.updateOrderIndex(calculateOrderIndex(categoryJpaRepository.findByParentIsNull()));
-            // categoryEntity.updateOrderIndex();
         }
 
         Category savedEntity = categoryJpaRepository.save(categoryEntity);

diff --git a/src/main/java/org/myteam/server/global/domain/Base.java b/src/main/java/org/myteam/server/global/domain/Base.java
@@ -13,9 +13,10 @@
 @Getter
 public class Base extends BaseTime {
     @CreatedBy
-    @Column(updatable = false)
+    @Column(name = "created_by", updatable = false)
     private String createdBy;
 
     @LastModifiedBy
+    @Column(name = "last_modified_by")
     private String lastModifiedBy;
 }
diff --git a/src/main/java/org/myteam/server/global/domain/BaseTime.java b/src/main/java/org/myteam/server/global/domain/BaseTime.java
@@ -14,11 +14,11 @@
 @MappedSuperclass
 @Getter
 public class BaseTime {
-
     @CreatedDate
-    @Column(updatable = false)
+    @Column(name = "create_date", updatable = false)
     private LocalDateTime createDate;
+
     @LastModifiedDate
+    @Column(name = "last_modified_date")
     private LocalDateTime lastModifiedDate;
-
 }
diff --git a/src/main/java/org/myteam/server/global/domain/PlayHive.java b/src/main/java/org/myteam/server/global/domain/PlayHive.java
@@ -1,6 +1,7 @@
 package org.myteam.server.global.domain;
 
 public class PlayHive {
+    public static final String PLAYHIVE_HOME = "playhive.home";
     public static final String CLIENT_ID_KEY = "PLAYHIVE_CLIENT_ID";
     public static final String CLIENT_SECRET_KEY = "PLAYHIVE_CLIENT_SECRET";
 

diff --git a/src/main/java/org/myteam/server/global/exception/ErrorCode.java b/src/main/java/org/myteam/server/global/exception/ErrorCode.java
@@ -9,12 +9,14 @@ public enum ErrorCode {
     // 500 Server Error
     INTERNAL_SERVER_ERROR(HttpStatus.INTERNAL_SERVER_ERROR, "PlayHive Server Error"),
     API_SERVER_ERROR(HttpStatus.INTERNAL_SERVER_ERROR, "API Server Error"),
+    IO_EXCEPTION(HttpStatus.INTERNAL_SERVER_ERROR, "File I/O operation failed"),
 
     // 400 Bad Request
     INVALID_CREDENTIALS(HttpStatus.BAD_REQUEST, "Invalid password"),
     UNSUPPORTED_OAUTH_PROVIDER(HttpStatus.BAD_REQUEST, "Not Supported OAuth2 provider"),
     INVALID_PARAMETER(HttpStatus.BAD_REQUEST, "Invalid parameter value"),
     EMPTY_COOKIE(HttpStatus.BAD_REQUEST, "Cookie value is empty"),
+    INVALID_TYPE(HttpStatus.BAD_REQUEST, "Invalid type provided"),
 
     // 401 Unauthorized,
     UNAUTHORIZED(HttpStatus.UNAUTHORIZED, "Unauthorized"),

diff --git a/src/main/java/org/myteam/server/global/security/config/SecurityConfig.java b/src/main/java/org/myteam/server/global/security/config/SecurityConfig.java
@@ -122,6 +122,8 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
 
                     .requestMatchers("/h2-console").permitAll()       // H2 콘솔 접근 허용
                     .requestMatchers("/api/members/get-token/**").permitAll()       // 테스트용 토큰 발급용
+                    .requestMatchers("/api/attachments/**").permitAll()       // 테스트용
+                    .requestMatchers("/api/posts/**").permitAll()       // 테스트용
 
                     .requestMatchers("/api/admin/**").hasAnyAuthority(MemberRole.ADMIN.name())
                     .requestMatchers(HttpMethod.POST, "/api/me/create").permitAll()

diff --git a/src/main/java/org/myteam/server/global/security/filter/JwtAuthenticationFilter.java b/src/main/java/org/myteam/server/global/security/filter/JwtAuthenticationFilter.java
@@ -29,7 +29,7 @@
 import static org.myteam.server.auth.controller.ReIssueController.TOKEN_REISSUE_PATH;
 import static org.myteam.server.global.security.jwt.JwtProvider.*;
 import static org.myteam.server.member.domain.MemberStatus.*;
-import static org.myteam.server.util.cookie.CookieUtil.createCookie;
+import static org.myteam.server.global.util.cookie.CookieUtil.createCookie;
 
 @Slf4j
 public class JwtAuthenticationFilter extends UsernamePasswordAuthenticationFilter {
@@ -87,7 +87,7 @@ protected void successfulAuthentication(HttpServletRequest request, HttpServletR
             if (status.equals(PENDING.name())) {
                 log.warn("PENDING 상태인 경우 로그인이 불가능합니다");
                 // X-Refresh-Token
-                String refreshToken = jwtProvider.generateToken(TOKEN_CATEGORY_REFRESH, Duration.ofHours(24), publicId, auth.getAuthority(), status);
+                String refreshToken = jwtProvider.generateToken(TOKEN_CATEGORY_REFRESH, Duration.ofMinutes(5), publicId, auth.getAuthority(), status);
                 String cookieValue = URLEncoder.encode(TOKEN_PREFIX + refreshToken, StandardCharsets.UTF_8);
 
                 response.addCookie(createCookie(REFRESH_TOKEN_KEY, cookieValue, TOKEN_REISSUE_PATH, 5 * 60, true));
@@ -109,7 +109,7 @@ protected void successfulAuthentication(HttpServletRequest request, HttpServletR
             // Authorization
             String accessToken = jwtProvider.generateToken(TOKEN_CATEGORY_ACCESS, Duration.ofMinutes(10), publicId, role, status);
             // X-Refresh-Token
-            String refreshToken = jwtProvider.generateToken(TOKEN_CATEGORY_REFRESH, Duration.ofHours(24), publicId, role, status);
+            String refreshToken = jwtProvider.generateToken(TOKEN_CATEGORY_REFRESH, Duration.ofDays(1), publicId, role, status);
             // URLEncoder.encode: 공백을 %2B 로 처리
             String cookieValue = URLEncoder.encode(TOKEN_PREFIX + refreshToken, StandardCharsets.UTF_8);
 

diff --git a/src/main/java/org/myteam/server/member/service/MemberService.java b/src/main/java/org/myteam/server/member/service/MemberService.java
@@ -56,17 +56,17 @@ public MemberResponse create(MemberSaveRequest memberSaveRequest) throws PlayHiv
     }
 
     @Transactional
-    public MemberResponse update(String email, MemberUpdateRequest memberUpdateRequest) {
+    public MemberResponse update(String loginUserEmail, MemberUpdateRequest memberUpdateRequest) {
         // 1. 동일한 유저 이름 존재 검사
-        Optional<Member> memberOP = memberRepository.findByEmail(email);
+        Optional<Member> memberOP = memberRepository.findByEmail(loginUserEmail);
 
         // 2. 아이디 미존재 체크
         if (memberOP.isEmpty()) {
             throw new PlayHiveException(ErrorCode.USER_NOT_FOUND);
         }
 
         // 3. 자신의 계정이 아닌 다른 계정을 수정하려고 함
-        if (!memberOP.get().verifyOwnEmail(email)) {
+        if (!memberOP.get().verifyOwnEmail(memberUpdateRequest.getEmail())) {
             throw new PlayHiveException(NO_PERMISSION);
         }
 
@@ -107,11 +107,11 @@ public MemberResponse getByNickname(String nickname) {
     }
 
     @Transactional
-    public void delete(String email, String password) {
-        Member findMember = memberRepository.getByEmail(email);
+    public void delete(String requestEmail, String loginUserEmail, String password) {
+        Member findMember = memberRepository.getByEmail(loginUserEmail);
 
         // 자신의 계정인지 체크
-        boolean isOwnValid = findMember.verifyOwnEmail(email);
+        boolean isOwnValid = findMember.verifyOwnEmail(requestEmail);
         if (!isOwnValid) throw new PlayHiveException(NO_PERMISSION);
 
         // 비밀번호 일치 여부 확인
@@ -179,6 +179,7 @@ public void updateStatus(String targetEmail, MemberStatusUpdateRequest memberSta
         // 1. 요청자가 본인의 상태를 변경하려는 경우
         if (requester.verifyOwnEmail(memberStatusUpdateRequest.getEmail())) {
             log.info("사용자가 자신의 상태를 변경 중: {}", targetEmail);
+            if (!requester.getStatus().equals(MemberStatus.PENDING)) throw new PlayHiveException(NO_PERMISSION); // PENDING 인 경우에만 본인의 상태 변경 가능하도록 처리
             requester.updateStatus(memberStatusUpdateRequest.getStatus());
             return;
         }

diff --git a/src/main/java/org/myteam/server/oauth2/handler/CustomOauth2SuccessHandler.java b/src/main/java/org/myteam/server/oauth2/handler/CustomOauth2SuccessHandler.java
@@ -25,7 +25,7 @@
 import static org.myteam.server.auth.controller.ReIssueController.TOKEN_REISSUE_PATH;
 import static org.myteam.server.global.security.jwt.JwtProvider.*;
 import static org.myteam.server.member.domain.MemberStatus.*;
-import static org.myteam.server.util.cookie.CookieUtil.createCookie;
+import static org.myteam.server.global.util.cookie.CookieUtil.createCookie;
 
 @Slf4j
 @Component
@@ -65,7 +65,7 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo
             log.warn("PENDING 상태인 경우 로그인이 불가능합니다");
             // sendErrorResponse(response, HttpStatus.FORBIDDEN, "PENDING 상태인 경우 로그인이 불가능합니다");
             // X-Refresh-Token
-            String refreshToken = jwtProvider.generateToken(TOKEN_CATEGORY_REFRESH, Duration.ofDays(7), member.getPublicId(), member.getRole().name(), member.getStatus().name());
+            String refreshToken = jwtProvider.generateToken(TOKEN_CATEGORY_REFRESH, Duration.ofMinutes(5), member.getPublicId(), member.getRole().name(), member.getStatus().name());
             String cookieValue = URLEncoder.encode(TOKEN_PREFIX + refreshToken, StandardCharsets.UTF_8);
 
             response.addCookie(createCookie(REFRESH_TOKEN_KEY, cookieValue, TOKEN_REISSUE_PATH, 5 * 60, true));
@@ -86,7 +86,7 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo
         // Authorization
         String accessToken = jwtProvider.generateToken(TOKEN_CATEGORY_ACCESS, Duration.ofHours(1), member.getPublicId(), member.getRole().name(), member.getStatus().name());
         // X-Refresh-Token
-        String refreshToken = jwtProvider.generateToken(TOKEN_CATEGORY_REFRESH, Duration.ofDays(7), member.getPublicId(), member.getRole().name(), member.getStatus().name());
+        String refreshToken = jwtProvider.generateToken(TOKEN_CATEGORY_REFRESH, Duration.ofDays(1), member.getPublicId(), member.getRole().name(), member.getStatus().name());
         String cookieValue = URLEncoder.encode(TOKEN_PREFIX + refreshToken, StandardCharsets.UTF_8);
 
         // redirect 순간 Header 값 날아감
-Original file line number
+Diff line change
@@ Expand Up @@
                 }
                 categoryEntity.updateOrderIndex(calculateOrderIndex(categoryJpaRepository.findByParentIsNull()));
-                // categoryEntity.updateOrderIndex();
             }
             Category savedEntity = categoryJpaRepository.save(categoryEntity);
@@ Expand Down @@