Merge pull request #468 from boostcampwm-2024/feat/delete-user

✨ feat: 회원 탈퇴 기능 구현

Author: asn6878

server/src/common/email/email.service.ts

@@ -8,6 +8,7 @@ import {
   createRssRegistrationContent,
   createRssRemoveCertificateContent,
   createVerificationMailContent,
+  createDeleteAccountContent,
   PRODUCT_DOMAIN,
 } from './mailContent';
 import { Rss } from '../../rss/entity/rss.entity';
@@ -162,4 +163,28 @@ export class EmailService {
       ),
     };
   }
+
+  async sendDeleteAccountMail(user: User, token: string): Promise<void> {
+    const mailOptions = this.createDeleteAccountMail(user, token);
+
+    await this.sendMail(mailOptions);
+  }
+
+  private createDeleteAccountMail(
+    user: User,
+    token: string,
+  ): nodemailer.SendMailOptions {
+    const redirectUrl = `${PRODUCT_DOMAIN}/user/delete-account?token=${token}`;
+
+    return {
+      from: `Denamu<${this.emailUser}>`,
+      to: user.email,
+      subject: `[🎋 Denamu] 회원탈퇴 확인 메일`,
+      html: createDeleteAccountContent(
+        user.userName,
+        redirectUrl,
+        this.emailUser,
+      ),
+    };
+  }
 }

server/src/common/email/mailContent.ts

@@ -165,3 +165,42 @@ export function createPasswordResetMailContent(
   </div>
 `;
 }
+
+export function createDeleteAccountContent(
+  userName: string,
+  verificationLink: string,
+  serviceAddress: string,
+) {
+  return `
+  <div style="font-family: 'Apple SD Gothic Neo', 'Malgun Gothic', '맑은 고딕', sans-serif; margin: 0; padding: 1px; background-color: #f4f4f4;">
+    <div style="max-width: 600px; margin: 20px auto; background-color: #ffffff; padding: 20px; border-radius: 8px; box-shadow: 0 2px 4px rgba(0, 0, 0, 0.1);">
+      <div style="text-align: center; padding: 20px 0; border-bottom: 2px solid #f0f0f0;">
+        <img src="https://denamu.site/files/Denamu_Logo_KOR.png" alt="Denamu Logo" width="244" height="120">
+      </div>
+      <div style="padding: 20px 0;">
+        <div style="color: #dc3545; font-size: 24px; font-weight: bold; margin-bottom: 20px; text-align: center;">회원탈퇴 요청을 확인해주세요</div>
+          <div style="background-color: #f8f9fa; padding: 15px; border-radius: 4px; margin: 15px 0;">
+            <p><strong>안녕하세요, ${userName}님!</strong></p>
+            <p>Denamu 서비스 회원탈퇴 요청이 접수되었습니다.</p>
+            <p>정말 탈퇴하시려면 아래 버튼을 클릭하여 회원탈퇴를 완료해 주세요.</p>
+            <p style="color: #dc3545; font-weight: bold; margin-top: 15px;">⚠️ 탈퇴 시 모든 개인정보와 활동 내역을 복구할 수 없습니다.</p>
+          </div>
+          <center>
+            <a href="${verificationLink}" style="display: inline-block; padding: 12px 24px; background-color: #dc3545; color: #ffffff; text-decoration: none; border-radius: 4px; margin: 20px 0; font-weight: bold;">회원탈퇴 확인</a>
+          </center>
+          <div style="font-size: 14px; color: #6c757d; margin-top: 20px; text-align: center;">
+            <p>버튼이 작동하지 않는 경우, 아래 링크를 복사하여 브라우저에 붙여넣기 해주세요:</p>
+            <p style="word-break: break-all; background-color: #f8f9fa; padding: 10px; border-radius: 4px;">${verificationLink}</p>
+            <p>이 링크는 10분 동안 유효합니다.</p>
+            <p style="margin-top: 15px;">본인이 요청하지 않은 경우, 이 메일을 무시하시기 바랍니다.</p>
+          </div>
+        </div>
+      </div>
+      <div style="display: flex; flex-direction: column; justify-content: center; align-items: center; border-top: 2px solid #f0f0f0; color: #6c757d; font-size: 14px; height: 100px;">
+        <p>본 메일은 발신전용입니다.</p>
+        <p>문의사항이 있으시다면 ${serviceAddress}로 연락주세요.</p>
+      </div>
+    </div>
+  </div>
+`;
+}

server/src/common/redis/redis.constant.ts

@@ -11,5 +11,6 @@ export const REDIS_KEYS = {
   RSS_REMOVE_KEY: 'rss:remove',
   CHAT_HISTORY_KEY: 'chat:history',
   FULL_FEED_CRAWL_QUEUE: `feed:full-crawl:queue`,
+  USER_DELETE_ACCOUNT_KEY: 'user:delete-account',
   USER_RESET_PASSWORD_KEY: 'user:password_reset',
 };

server/src/user/api-docs/confirmDeleteAccount.api-docs.ts

@@ -0,0 +1,40 @@
+import { applyDecorators } from '@nestjs/common';
+import {
+  ApiBadRequestResponse,
+  ApiNotFoundResponse,
+  ApiOkResponse,
+  ApiOperation,
+} from '@nestjs/swagger';
+
+export function ApiConfirmDeleteAccount() {
+  return applyDecorators(
+    ApiOperation({
+      summary: '회원탈퇴 확정 API',
+    }),
+    ApiOkResponse({
+      description: 'Ok',
+      schema: {
+        properties: {
+          message: {
+            type: 'string',
+          },
+        },
+      },
+      example: {
+        message: '회원탈퇴가 완료되었습니다.',
+      },
+    }),
+    ApiBadRequestResponse({
+      description: 'Bad Request',
+      example: {
+        message: '오류 메세지',
+      },
+    }),
+    ApiNotFoundResponse({
+      description: 'Not Found',
+      example: {
+        message: '유효하지 않거나 만료된 토큰입니다.',
+      },
+    }),
+  );
+}

server/src/user/api-docs/requestDeleteAccount.api-docs.ts

@@ -0,0 +1,49 @@
+import { applyDecorators } from '@nestjs/common';
+import {
+  ApiBadRequestResponse,
+  ApiNotFoundResponse,
+  ApiOkResponse,
+  ApiOperation,
+  ApiUnauthorizedResponse,
+} from '@nestjs/swagger';
+
+export function ApiRequestDeleteAccount() {
+  return applyDecorators(
+    ApiOperation({
+      summary: '회원탈퇴 신청 API',
+      description:
+        '인증된 사용자의 회원탈퇴를 신청합니다. 이메일로 확인 링크가 발송됩니다.',
+    }),
+    ApiOkResponse({
+      description: 'Ok',
+      schema: {
+        properties: {
+          message: {
+            type: 'string',
+          },
+        },
+      },
+      example: {
+        message: '회원탈퇴 신청이 성공적으로 처리되었습니다.',
+      },
+    }),
+    ApiBadRequestResponse({
+      description: 'Bad Request',
+      example: {
+        message: '오류 메세지',
+      },
+    }),
+    ApiUnauthorizedResponse({
+      description: 'Unauthorized',
+      example: {
+        message: '인증이 필요합니다.',
+      },
+    }),
+    ApiNotFoundResponse({
+      description: 'Not Found',
+      example: {
+        message: '존재하지 않는 사용자입니다.',
+      },
+    }),
+  );
+}

server/src/user/controller/user.controller.ts

@@ -28,6 +28,9 @@ import { ApiRefreshToken } from '../api-docs/refreshToken.api-docs';
 import { ApiLogoutUser } from '../api-docs/logoutUser.api-docs';
 import { UpdateUserRequestDto } from '../dto/request/updateUser.dto';
 import { ApiUpdateUser } from '../api-docs/updateUser.api-docs';
+import { ConfirmDeleteAccountDto } from '../dto/request/confirmDeleteAccount.dto';
+import { ApiRequestDeleteAccount } from '../api-docs/requestDeleteAccount.api-docs';
+import { ApiConfirmDeleteAccount } from '../api-docs/confirmDeleteAccount.api-docs';
 import { ResetPasswordRequestDto } from '../dto/request/resetPassword.dto';
 import { ForgotPasswordRequestDto } from '../dto/request/forgotPassword.dto';
 import { ApiForgotPassword } from '../api-docs/forgotPassword.api-docs';
@@ -118,6 +121,25 @@ export class UserController {
     );
   }
 
+  @ApiRequestDeleteAccount()
+  @Post('/delete-account/request')
+  @HttpCode(HttpStatus.OK)
+  @UseGuards(JwtGuard)
+  async requestDeleteAccount(@Req() req) {
+    await this.userService.requestDeleteAccount(req.user.id);
+    return ApiResponse.responseWithNoContent(
+      '회원탈퇴 신청이 성공적으로 처리되었습니다. 이메일을 확인해주세요.',
+    );
+  }
+
+  @ApiConfirmDeleteAccount()
+  @Post('/delete-account/confirm')
+  @HttpCode(HttpStatus.OK)
+  async confirmDeleteAccount(@Body() confirmDto: ConfirmDeleteAccountDto) {
+    await this.userService.confirmDeleteAccount(confirmDto.token);
+    return ApiResponse.responseWithNoContent('회원탈퇴가 완료되었습니다.');
+  }
+
   @ApiForgotPassword()
   @Post('/password-reset')
   @HttpCode(HttpStatus.OK)

server/src/user/dto/request/confirmDeleteAccount.dto.ts

@@ -0,0 +1,20 @@
+import { ApiProperty } from '@nestjs/swagger';
+import { IsNotEmpty, IsString } from 'class-validator';
+
+export class ConfirmDeleteAccountDto {
+  @ApiProperty({
+    example: 'd2ba0d98-95ce-4905-87fc-384965ffe7c9',
+    description: '회원탈퇴 인증 토큰을 입력해주세요.',
+  })
+  @IsNotEmpty({
+    message: '인증 토큰을 입력해주세요.',
+  })
+  @IsString({
+    message: '문자열로 입력해주세요.',
+  })
+  token: string;
+
+  constructor(partial: Partial<ConfirmDeleteAccountDto>) {
+    Object.assign(this, partial);
+  }
+}

server/src/user/service/user.service.ts

@@ -234,4 +234,42 @@ export class UserService {
     );
     await this.userRepository.save(user);
   }
+
+  async requestDeleteAccount(userId: number): Promise<void> {
+    const user = await this.getUser(userId);
+
+    const token = uuidv4();
+    await this.redisService.set(
+      `${REDIS_KEYS.USER_DELETE_ACCOUNT_KEY}:${token}`,
+      user.id.toString(),
+      'EX',
+      600,
+    );
+
+    this.emailService.sendDeleteAccountMail(user, token);
+  }
+
+  async confirmDeleteAccount(token: string): Promise<void> {
+    const userIdString = await this.redisService.get(
+      `${REDIS_KEYS.USER_DELETE_ACCOUNT_KEY}:${token}`,
+    );
+
+    if (!userIdString) {
+      throw new NotFoundException('유효하지 않거나 만료된 토큰입니다.');
+    }
+
+    const userId = parseInt(userIdString, 10);
+
+    const user = await this.getUser(userId);
+
+    if (user.profileImage) {
+      await this.fileService.deleteByPath(user.profileImage);
+    }
+
+    await this.userRepository.remove(user);
+
+    await this.redisService.del(
+      `${REDIS_KEYS.USER_DELETE_ACCOUNT_KEY}:${token}`,
+    );
+  }
 }

server/test/user/dto/confirmDeleteAccount.dto.spec.ts

@@ -0,0 +1,46 @@
+import { validate } from 'class-validator';
+import { ConfirmDeleteAccountDto } from '../../../src/user/dto/request/confirmDeleteAccount.dto';
+
+describe('ConfirmDeleteAccountDto Test', () => {
+  let dto: ConfirmDeleteAccountDto;
+
+  beforeEach(() => {
+    dto = new ConfirmDeleteAccountDto({
+      token: 'd2ba0d98-95ce-4905-87fc-384965ffe7c9',
+    });
+  });
+
+  it('토큰이 유효할 경우 유효성 검사에 성공한다.', async () => {
+    // when
+    const errors = await validate(dto);
+
+    // then
+    expect(errors).toHaveLength(0);
+  });
+
+  describe('token', () => {
+    it('토큰이 빈 문자열일 경우 유효성 검사에 실패한다.', async () => {
+      // given
+      dto.token = '';
+
+      // when
+      const errors = await validate(dto);
+
+      // then
+      expect(errors).toHaveLength(1);
+      expect(errors[0].constraints).toHaveProperty('isNotEmpty');
+    });
+
+    it('토큰이 문자열이 아니고 정수일 경우 유효성 검사에 실패한다.', async () => {
+      // given
+      dto.token = 1 as any;
+
+      // when
+      const errors = await validate(dto);
+
+      // then
+      expect(errors).toHaveLength(1);
+      expect(errors[0].constraints).toHaveProperty('isString');
+    });
+  });
+});