Merge branch 'main' into chore/self-hosted-runner

asn6878 · web-flow · commit 97aa756dac09 · 2025-10-20T17:14:11.000+09:00
diff --git a/server/src/common/email/email.service.ts b/server/src/common/email/email.service.ts
@@ -4,6 +4,7 @@ import { ConfigService } from '@nestjs/config';
 import { WinstonLoggerService } from '../logger/logger.service';
 import SMTPTransport from 'nodemailer/lib/smtp-transport';
 import {
+  createPasswordResetMailContent,
   createRssRegistrationContent,
   createRssRemoveCertificateContent,
   createVerificationMailContent,
@@ -138,4 +139,27 @@ export class EmailService {
       ),
     };
   }
+
+  async sendPasswordResetEmail(user: User, uuid: string): Promise<void> {
+    const mailOptions = this.createPasswordResetEmail(user, uuid);
+
+    await this.sendMail(mailOptions);
+  }
+
+  private createPasswordResetEmail(
+    user: User,
+    uuid: string,
+  ): nodemailer.SendMailOptions {
+    const redirectUrl = `${PRODUCT_DOMAIN}/user/password?token=${uuid}`;
+    return {
+      from: `Denamu<${this.emailUser}>`,
+      to: user.email,
+      subject: `[🎋 Denamu] 비밀번호 재설정`,
+      html: createPasswordResetMailContent(
+        user.userName,
+        redirectUrl,
+        this.emailUser,
+      ),
+    };
+  }
 }
diff --git a/server/src/common/email/mailContent.ts b/server/src/common/email/mailContent.ts
@@ -1,4 +1,5 @@
 import { Rss } from '../../rss/entity/rss.entity';
+
 export const PRODUCT_DOMAIN = 'https://denamu.site';
 
 export function createRssRegistrationContent(
@@ -126,3 +127,41 @@ export function createRssRemoveCertificateContent(
           </div>
 `;
 }
+
+export function createPasswordResetMailContent(
+  userName: string,
+  passwordResetLink: string,
+  serviceAddress: string,
+) {
+  return `
+  <div style="font-family: 'Apple SD Gothic Neo', 'Malgun Gothic', '맑은 고딕', sans-serif; margin: 0; padding: 1px; background-color: #f4f4f4;">
+    <div style="max-width: 600px; margin: 20px auto; background-color: #ffffff; padding: 20px; border-radius: 8px; box-shadow: 0 2px 4px rgba(0, 0, 0, 0.1);">
+      <div style="text-align: center; padding: 20px 0; border-bottom: 2px solid #f0f0f0;">
+        <img src="https://denamu.site/files/Denamu_Logo_KOR.png" alt="Denamu Logo" width="244" height="120">
+      </div>
+      <div style="padding: 20px 0;">
+        <div style="color: #007bff; font-size: 24px; font-weight: bold; margin-bottom: 20px; text-align: center;">비밀번호 재설정</div>
+          <div style="background-color: #f8f9fa; padding: 15px; border-radius: 4px; margin: 15px 0;">
+            <p><strong>안녕하세요, ${userName}님!</strong></p>
+            <p>비밀번호 재설정을 요청하셨습니다.</p>
+            <p>아래 버튼을 클릭하여 새로운 비밀번호를 설정해 주세요.</p>
+          </div>
+          <center>
+            <a href="${passwordResetLink}" style="display: inline-block; padding: 12px 24px; background-color: #007bff; color: #ffffff; text-decoration: none; border-radius: 4px; margin: 20px 0; font-weight: bold;">비밀번호 재설정하기</a>
+          </center>
+          <div style="font-size: 14px; color: #6c757d; margin-top: 20px; text-align: center;">
+            <p>버튼이 작동하지 않는 경우, 아래 링크를 복사하여 브라우저에 붙여넣기 해주세요:</p>
+            <p style="word-break: break-all; background-color: #f8f9fa; padding: 10px; border-radius: 4px;">${passwordResetLink}</p>
+            <p>이 링크는 10분 동안 유효합니다.</p>
+            <p style="color: #dc3545; font-weight: bold;">만약 비밀번호 재설정을 요청하지 않으셨다면, 이 메일을 무시하셔도 됩니다.</p>
+          </div>
+        </div>  
+      </div>
+      <div style="display: flex; flex-direction: column; justify-content: center; align-items: center; border-top: 2px solid #f0f0f0; color: #6c757d; font-size: 14px; height: 100px;">
+        <p>본 메일은 발신전용입니다.</p>
+        <p>문의사항이 있으시다면 ${serviceAddress}로 연락주세요.</p>
+      </div>
+    </div>
+  </div>
+`;
+}
diff --git a/server/src/common/redis/redis.constant.ts b/server/src/common/redis/redis.constant.ts
@@ -11,4 +11,5 @@ export const REDIS_KEYS = {
   RSS_REMOVE_KEY: 'rss:remove',
   CHAT_HISTORY_KEY: 'chat:history',
   FULL_FEED_CRAWL_QUEUE: `feed:full-crawl:queue`,
+  USER_RESET_PASSWORD_KEY: 'user:password_reset',
 };
diff --git a/server/src/user/api-docs/forgotPassword.api-docs.ts b/server/src/user/api-docs/forgotPassword.api-docs.ts
@@ -0,0 +1,23 @@
+import { applyDecorators } from '@nestjs/common';
+import { ApiOkResponse, ApiOperation } from '@nestjs/swagger';
+
+export function ApiForgotPassword() {
+  return applyDecorators(
+    ApiOperation({
+      summary: '비밀번호 변경 요청 API',
+    }),
+    ApiOkResponse({
+      description: 'Ok',
+      schema: {
+        properties: {
+          message: {
+            type: 'string',
+          },
+        },
+      },
+      example: {
+        message: '비밀번호 재설정 링크를 이메일로 발송했습니다.',
+      },
+    }),
+  );
+}
diff --git a/server/src/user/api-docs/resetPassword.api-docs.ts b/server/src/user/api-docs/resetPassword.api-docs.ts
@@ -0,0 +1,33 @@
+import { applyDecorators } from '@nestjs/common';
+import {
+  ApiNotFoundResponse,
+  ApiOkResponse,
+  ApiOperation,
+} from '@nestjs/swagger';
+
+export function ApiResetPassword() {
+  return applyDecorators(
+    ApiOperation({
+      summary: '비밀번호 변경 API',
+    }),
+    ApiOkResponse({
+      description: 'Ok',
+      schema: {
+        properties: {
+          message: {
+            type: 'string',
+          },
+        },
+      },
+      example: {
+        message: '비밀번호가 성공적으로 수정되었습니다.',
+      },
+    }),
+    ApiNotFoundResponse({
+      description: 'Not Found',
+      example: {
+        message: '인증에 실패했습니다.',
+      },
+    }),
+  );
+}
diff --git a/server/src/user/controller/user.controller.ts b/server/src/user/controller/user.controller.ts
@@ -28,6 +28,10 @@ import { ApiRefreshToken } from '../api-docs/refreshToken.api-docs';
 import { ApiLogoutUser } from '../api-docs/logoutUser.api-docs';
 import { UpdateUserRequestDto } from '../dto/request/updateUser.dto';
 import { ApiUpdateUser } from '../api-docs/updateUser.api-docs';
+import { ResetPasswordRequestDto } from '../dto/request/resetPassword.dto';
+import { ForgotPasswordRequestDto } from '../dto/request/forgotPassword.dto';
+import { ApiForgotPassword } from '../api-docs/forgotPassword.api-docs';
+import { ApiResetPassword } from '../api-docs/resetPassword.api-docs';
 
 @ApiTags('User')
 @Controller('user')
@@ -113,4 +117,29 @@ export class UserController {
       '사용자 프로필 정보가 성공적으로 수정되었습니다.',
     );
   }
+
+  @ApiForgotPassword()
+  @Post('/password-reset')
+  @HttpCode(HttpStatus.OK)
+  async forgotPassword(@Body() forgotPasswordDto: ForgotPasswordRequestDto) {
+    await this.userService.forgotPassword(forgotPasswordDto.email);
+    return ApiResponse.responseWithNoContent(
+      '비밀번호 재설정 링크를 이메일로 발송했습니다.',
+    );
+  }
+
+  @ApiResetPassword()
+  @Patch('/password')
+  @HttpCode(HttpStatus.OK)
+  async resetPassword(
+    @Body() resetPasswordRequestDto: ResetPasswordRequestDto,
+  ) {
+    await this.userService.resetPassword(
+      resetPasswordRequestDto.uuid,
+      resetPasswordRequestDto.password,
+    );
+    return ApiResponse.responseWithNoContent(
+      '비밀번호가 성공적으로 수정되었습니다.',
+    );
+  }
 }
diff --git a/server/src/user/dto/request/forgotPassword.dto.ts b/server/src/user/dto/request/forgotPassword.dto.ts
@@ -0,0 +1,23 @@
+import { IsEmail, IsNotEmpty } from 'class-validator';
+import { ApiProperty } from '@nestjs/swagger';
+
+export class ForgotPasswordRequestDto {
+  @ApiProperty({
+    example: 'example@example.com',
+    description: '이메일을 입력해주세요.',
+  })
+  @IsEmail(
+    {},
+    {
+      message: '이메일 주소 형식에 맞춰서 작성해주세요.',
+    },
+  )
+  @IsNotEmpty({
+    message: '이메일이 없습니다.',
+  })
+  email: string;
+
+  constructor(partial: Partial<ForgotPasswordRequestDto>) {
+    Object.assign(this, partial);
+  }
+}
diff --git a/server/src/user/dto/request/resetPassword.dto.ts b/server/src/user/dto/request/resetPassword.dto.ts
@@ -0,0 +1,33 @@
+import { ApiProperty } from '@nestjs/swagger';
+import { IsNotEmpty, Matches } from 'class-validator';
+
+export class ResetPasswordRequestDto {
+  @ApiProperty({
+    example: 'd2ba0d98-95ce-4905-87fc-384965ffe7c9',
+    description: '인증 코드를 입력해주세요.',
+  })
+  @IsNotEmpty({
+    message: '인증 코드를 입력해주세요.',
+  })
+  uuid: string;
+
+  @ApiProperty({
+    example: 'example1234!',
+    description: '비밀번호를 입력해주세요.',
+  })
+  @IsNotEmpty({
+    message: '비밀번호가 없습니다.',
+  })
+  @Matches(
+    /^(?=.{8,32}$)(?:(?=.*[a-z])(?=.*[A-Z])|(?=.*[a-z])(?=.*\d)|(?=.*[a-z])(?=.*[^A-Za-z0-9])|(?=.*[A-Z])(?=.*\d)|(?=.*[A-Z])(?=.*[^A-Za-z0-9])|(?=.*\d)(?=.*[^A-Za-z0-9])).*$/,
+    {
+      message:
+        '비밀번호는 8~32자이며, 영문(대문자/소문자), 숫자, 특수문자 중 2종류 이상을 포함해야 합니다.',
+    },
+  )
+  password: string;
+
+  constructor(partial: Partial<ResetPasswordRequestDto>) {
+    Object.assign(this, partial);
+  }
+}
diff --git a/server/src/user/service/user.service.ts b/server/src/user/service/user.service.ts
@@ -83,7 +83,7 @@ export class UserService {
     if (!user) {
       throw new NotFoundException('인증에 실패했습니다.');
     }
-    this.redisService.del(`${REDIS_KEYS.USER_AUTH_KEY}:${uuid}`);
+    await this.redisService.del(`${REDIS_KEYS.USER_AUTH_KEY}:${uuid}`);
     await this.userRepository.save(JSON.parse(user));
   }
 
@@ -192,4 +192,46 @@ export class UserService {
 
     await this.userRepository.save(user);
   }
+
+  async forgotPassword(email: string) {
+    const user = await this.userRepository.findOne({
+      where: { email: email },
+    });
+
+    if (!user) {
+      return;
+    }
+
+    const uuid = uuidv4();
+    await this.redisService.set(
+      `${REDIS_KEYS.USER_RESET_PASSWORD_KEY}:${uuid}`,
+      JSON.stringify(user.id),
+      'EX',
+      600,
+    );
+
+    this.emailService.sendPasswordResetEmail(user, uuid);
+  }
+
+  async resetPassword(uuid: string, password: string): Promise<void> {
+    const userId = Number(
+      await this.redisService.get(
+        `${REDIS_KEYS.USER_RESET_PASSWORD_KEY}:${uuid}`,
+      ),
+    );
+
+    if (isNaN(userId) || userId === 0) {
+      throw new NotFoundException('인증에 실패했습니다.');
+    }
+
+    const user = await this.userRepository.findOne({
+      where: { id: userId },
+    });
+    user.password = await this.createHashedPassword(password);
+
+    await this.redisService.del(
+      `${REDIS_KEYS.USER_RESET_PASSWORD_KEY}:${uuid}`,
+    );
+    await this.userRepository.save(user);
+  }
 }
diff --git a/server/test/user/dto/forgotPassword.dto.spec.ts b/server/test/user/dto/forgotPassword.dto.spec.ts
@@ -0,0 +1,56 @@
+import { validate } from 'class-validator';
+import { ForgotPasswordRequestDto } from '../../../src/user/dto/request/forgotPassword.dto';
+
+describe('ForgotPasswordRequestDto Test', () => {
+  let dto: ForgotPasswordRequestDto;
+
+  beforeEach(() => {
+    dto = new ForgotPasswordRequestDto({ email: 'test1234@test.com' });
+  });
+
+  it('email 경로가 올바를 경우 유효성 검사에 성공한다.', async () => {
+    // when
+    const errors = await validate(dto);
+
+    // then
+    expect(errors).toHaveLength(0);
+  });
+
+  describe('email', () => {
+    it('이메일 형식이 아니라면 유효성 검사에 실패한다.', async () => {
+      // given
+      dto.email = 'invalid-email';
+
+      // when
+      const errors = await validate(dto);
+
+      // then
+      expect(errors).not.toHaveLength(0);
+      expect(errors[0].constraints).toHaveProperty('isEmail');
+    });
+
+    it('빈 문자열을 입력하면 유효성 검사에 실패한다.', async () => {
+      // given
+      dto.email = '';
+
+      // when
+      const errors = await validate(dto);
+
+      // then
+      expect(errors).not.toHaveLength(0);
+      expect(errors[0].constraints).toHaveProperty('isNotEmpty');
+    });
+
+    it('이메일을 입력하지 않는다면 유효성 검사에 실패한다.', async () => {
+      // given
+      dto.email = null;
+
+      // when
+      const errors = await validate(dto);
+
+      // then
+      expect(errors).not.toHaveLength(0);
+      expect(errors[0].constraints).toHaveProperty('isNotEmpty');
+    });
+  });
+});
diff --git a/server/test/user/dto/resetPassword.dto.spec.ts b/server/test/user/dto/resetPassword.dto.spec.ts
diff --git a/server/test/user/e2e/resetPassword.e2e-spec.ts b/server/test/user/e2e/resetPassword.e2e-spec.ts
