Merge branch 'bug-be-#253' into feature-shared-#211

Author: yewonJin

apps/backend/package.json

@@ -24,6 +24,7 @@
     "@nestjs/common": "^10.0.0",
     "@nestjs/config": "^3.3.0",
     "@nestjs/core": "^10.0.0",
+    "@nestjs/jwt": "^10.2.0",
     "@nestjs/mapped-types": "*",
     "@nestjs/passport": "^10.0.3",
     "@nestjs/platform-express": "^10.0.0",

apps/backend/src/auth/auth.controller.spec.ts

@@ -1,25 +1,80 @@
 import { Test, TestingModule } from '@nestjs/testing';
 import { AuthController } from './auth.controller';
 import { AuthService } from './auth.service';
-
+import { JwtService } from '@nestjs/jwt';
+import { InvalidTokenException } from '../exception/invalid.exception';
+// import { LoginRequiredException } from '../exception/login.exception';
+// TODO: 테스트 코드 개선
 describe('AuthController', () => {
-  let controller: AuthController;
+  let authController: AuthController;
 
   beforeEach(async () => {
     const module: TestingModule = await Test.createTestingModule({
       controllers: [AuthController],
       providers: [
+        AuthService,
+        JwtService,
         {
           provide: AuthService,
-          useValue: {},
+          useValue: {
+            findUser: jest.fn(),
+            createUser: jest.fn(),
+            findUserById: jest.fn(),
+          },
+        },
+        {
+          provide: JwtService,
+          useValue: {
+            sign: jest.fn().mockReturnValue('test-token'),
+            verify: jest.fn((token: string) => {
+              if (token === 'invalid-token') {
+                throw new InvalidTokenException();
+              }
+              return { sub: 1, provider: 'naver' };
+            }),
+          },
         },
       ],
     }).compile();
 
-    controller = module.get<AuthController>(AuthController);
+    authController = module.get<AuthController>(AuthController);
   });
 
-  it('should be defined', () => {
-    expect(controller).toBeDefined();
+  it('컨트롤러 클래스가 정상적으로 인스턴스화된다.', () => {
+    expect(authController).toBeDefined();
+  });
+
+  describe('getProfile', () => {
+    it('JWT 토큰이 유효한 경우 profile을 return한다.', async () => {
+      const req = {
+        user: { sub: 1, email: '[email protected]', provider: 'naver' },
+      } as any;
+      const result = await authController.getProfile(req);
+      expect(result).toEqual({
+        message: '인증된 사용자 정보',
+        user: req.user,
+      });
+    });
+
+    // it('JWT 토큰이 유효가지 않은 경우 InvalidTokenException을 throw한다.', async () => {
+    //   const req = {
+    //     headers: { authorization: 'Bearer invalid-token' },
+    //     user: undefined,
+    //   } as any;
+    //   try {
+    //     await authController.getProfile(req);
+    //   } catch (error) {
+    //     expect(error).toBeInstanceOf(InvalidTokenException);
+    //   }
+    // });
+
+    // it('JWT 토큰이 없는 경우 LoginRequiredException을 throw한다.', async () => {
+    //   const req = { headers: {}, user: undefined } as any;
+    //   try {
+    //     await authController.getProfile(req);
+    //   } catch (error) {
+    //     expect(error).toBeInstanceOf(LoginRequiredException);
+    //   }
+    // });
   });
 });

apps/backend/src/auth/auth.controller.ts

@@ -1,10 +1,15 @@
 import { Controller, Get, UseGuards, Req } from '@nestjs/common';
 import { AuthGuard } from '@nestjs/passport';
 import { AuthService } from './auth.service';
+import { JwtService } from '@nestjs/jwt';
+import { JwtAuthGuard } from './guards/jwt-auth.guard';
 
 @Controller('auth')
 export class AuthController {
-  constructor(private readonly authService: AuthService) {}
+  constructor(
+    private readonly authService: AuthService,
+    private readonly jwtService: JwtService,
+  ) {}
 
   @Get('naver')
   @UseGuards(AuthGuard('naver'))
@@ -17,9 +22,14 @@ export class AuthController {
   @UseGuards(AuthGuard('naver'))
   async naverCallback(@Req() req) {
     // 네이버 인증 후 사용자 정보 반환
+    const user = req.user;
+    // TODO: 후에 권한 (workspace 조회, 편집 기능)도 payload에 추가
+    const payload = { sub: user.id, provider: user.provider };
+    const token = this.jwtService.sign(payload);
     return {
       message: '네이버 로그인 성공',
-      user: req.user,
+      user,
+      accessToken: token,
     };
   }
 
@@ -34,8 +44,25 @@ export class AuthController {
   @UseGuards(AuthGuard('kakao'))
   async kakaoCallback(@Req() req) {
     // 카카오 인증 후 사용자 정보 반환
+    const user = req.user;
+    // TODO: 후에 권한 (workspace 조회, 편집 기능)도 payload에 추가
+    const payload = { sub: user.id, provider: user.provider };
+    const token = this.jwtService.sign(payload);
     return {
       message: '카카오 로그인 성공',
+      user,
+      accessToken: token,
+    };
+  }
+
+  // Example: 로그인한 사용자만 접근할 수 있는 엔드포인트
+  // auth/profile
+  @Get('profile')
+  @UseGuards(JwtAuthGuard) // JWT 인증 검사
+  async getProfile(@Req() req) {
+    // JWT 토큰을 검증하고 사용자 정보 반환
+    return {
+      message: '인증된 사용자 정보',
       user: req.user,
     };
   }

apps/backend/src/auth/auth.module.ts

@@ -5,9 +5,30 @@ import { AuthService } from './auth.service';
 import { AuthController } from './auth.controller';
 import { NaverStrategy } from './strategies/naver.strategy';
 import { KakaoStrategy } from './strategies/kakao.strategy';
+import { JwtModule } from '@nestjs/jwt';
+import { JwtAuthGuard } from './guards/jwt-auth.guard';
+import { ConfigModule, ConfigService } from '@nestjs/config';
+
 @Module({
-  imports: [UserModule],
+  imports: [
+    UserModule,
+    ConfigModule.forRoot({ isGlobal: true }),
+    JwtModule.registerAsync({
+      imports: [ConfigModule],
+      inject: [ConfigService],
+      useFactory: async (configService: ConfigService) => ({
+        secret: configService.get<string>('JWT_SECRET'),
+        signOptions: { expiresIn: '1h' },
+      }),
+    }),
+  ],
   controllers: [AuthController],
-  providers: [AuthService, NaverStrategy, KakaoStrategy, UserRepository],
+  providers: [
+    AuthService,
+    NaverStrategy,
+    KakaoStrategy,
+    UserRepository,
+    JwtAuthGuard,
+  ],
 })
 export class AuthModule {}

apps/backend/src/auth/auth.service.spec.ts

@@ -1,25 +1,78 @@
 import { Test, TestingModule } from '@nestjs/testing';
 import { AuthService } from './auth.service';
 import { UserRepository } from '../user/user.repository';
+import { CreateUserDto } from './dto/createUser.dto';
+import { User } from '../user/user.entity';
 
 describe('AuthService', () => {
-  let service: AuthService;
+  let authService: AuthService;
+  let userRepository: UserRepository;
 
   beforeEach(async () => {
     const module: TestingModule = await Test.createTestingModule({
       providers: [
         AuthService,
         {
           provide: UserRepository,
-          useValue: {},
+          useValue: {
+            findOne: jest.fn(),
+            create: jest.fn(),
+            save: jest.fn(),
+          },
         },
       ],
     }).compile();
 
-    service = module.get<AuthService>(AuthService);
+    authService = module.get<AuthService>(AuthService);
+    userRepository = module.get<UserRepository>(UserRepository);
   });
 
-  it('should be defined', () => {
-    expect(service).toBeDefined();
+  it('서비스 클래스가 정상적으로 인스턴스화된다.', () => {
+    expect(authService).toBeDefined();
+  });
+
+  describe('findUser', () => {
+    it('id에 해당하는 사용자를 찾아 성공적으로 반환한다.', async () => {
+      const dto: CreateUserDto = {
+        providerId: 'test-provider-id',
+        provider: 'naver',
+        email: '[email protected]',
+      };
+      const user = new User();
+      jest.spyOn(userRepository, 'findOne').mockResolvedValue(user);
+
+      const result = await authService.findUser(dto);
+      expect(result).toEqual(user);
+    });
+
+    it('id에 해당하는 사용자가 없을 경우 null을 return한다.', async () => {
+      jest.spyOn(userRepository, 'findOne').mockResolvedValue(null);
+      const dto: CreateUserDto = {
+        providerId: 'unknown-id',
+        provider: 'naver',
+        email: '[email protected]',
+      };
+
+      const result = await authService.findUser(dto);
+      expect(result).toBeNull();
+    });
+  });
+
+  describe('createUser', () => {
+    it('사용자를 성공적으로 생성한다', async () => {
+      const dto: CreateUserDto = {
+        providerId: 'new-provider-id',
+        provider: 'naver',
+        email: '[email protected]',
+      };
+      const user = new User();
+      jest.spyOn(userRepository, 'create').mockReturnValue(user);
+      jest.spyOn(userRepository, 'save').mockResolvedValue(user);
+
+      const result = await authService.createUser(dto);
+      expect(result).toEqual(user);
+      expect(userRepository.create).toHaveBeenCalledWith(dto);
+      expect(userRepository.save).toHaveBeenCalledWith(user);
+    });
   });
 });

apps/backend/src/auth/guards/jwt-auth.guard.ts

@@ -0,0 +1,32 @@
+import { Injectable, CanActivate, ExecutionContext } from '@nestjs/common';
+import { JwtService } from '@nestjs/jwt';
+import { LoginRequiredException } from '../../exception/login.exception';
+import { InvalidTokenException } from '../../exception/invalid.exception';
+
+@Injectable()
+export class JwtAuthGuard implements CanActivate {
+  constructor(private readonly jwtService: JwtService) {}
+
+  async canActivate(context: ExecutionContext): Promise<boolean> {
+    const request = context.switchToHttp().getRequest();
+    const authorizationHeader = request.headers['authorization'];
+
+    if (!authorizationHeader) {
+      //   console.log('Authorization header missing');
+      throw new LoginRequiredException();
+    }
+
+    const token = authorizationHeader.split(' ')[1];
+
+    try {
+      const decodedToken = this.jwtService.verify(token, {
+        secret: process.env.JWT_SECRET,
+      });
+      request.user = decodedToken;
+      return true;
+    } catch (error) {
+      //   console.log('Invalid token');
+      throw new InvalidTokenException();
+    }
+  }
+}

apps/backend/src/exception/invalid.exception.ts

@@ -0,0 +1,7 @@
+import { ForbiddenException } from '@nestjs/common';
+
+export class InvalidTokenException extends ForbiddenException {
+  constructor() {
+    super(`유효하지 않은 JWT 토큰입니다.`);
+  }
+}

apps/backend/src/exception/login.exception.ts

@@ -0,0 +1,7 @@
+import { ForbiddenException } from '@nestjs/common';
+
+export class LoginRequiredException extends ForbiddenException {
+  constructor() {
+    super(`로그인이 필요한 서비스입니다.`);
+  }
+}