merge: pull request #14 from feat/login/1

[feat] login/logout

Author: HYEONSIKOH

build.gradle.kts

@@ -45,9 +45,9 @@ dependencies {
     runtimeOnly ("org.mariadb.jdbc:mariadb-java-client")
 
     // JWT
-//    implementation ("io.jsonwebtoken:jjwt-api:0.11.5")
-//    implementation ("io.jsonwebtoken:jjwt-impl:0.11.5")
-//    implementation ("io.jsonwebtoken:jjwt-jackson:0.11.5")
+    implementation ("io.jsonwebtoken:jjwt-api:0.11.5")
+    implementation ("io.jsonwebtoken:jjwt-impl:0.11.5")
+    implementation ("io.jsonwebtoken:jjwt-jackson:0.11.5")
 
     // Redis
     implementation("org.springframework.boot:spring-boot-starter-data-redis")

src/main/java/org/dfbf/soundlink/domain/user/controller/UserController.java

@@ -3,12 +3,15 @@
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 
+import jakarta.servlet.http.HttpServletResponse;
 import lombok.AllArgsConstructor;
+import org.dfbf.soundlink.domain.user.dto.request.LoginReqDto;
 import org.dfbf.soundlink.global.exception.ErrorCode;
 import org.dfbf.soundlink.domain.user.dto.request.UserSignUpDto;
 import org.dfbf.soundlink.domain.user.dto.request.UserUpdateDto;
 import org.dfbf.soundlink.domain.user.service.UserService;
 import org.dfbf.soundlink.global.exception.ResponseResult;
+import org.springframework.security.core.annotation.AuthenticationPrincipal;
 import org.springframework.web.bind.annotation.*;
 
 @RestController
@@ -26,27 +29,36 @@ public class UserController {
     @GetMapping("/checkNickName")
     @Operation(summary = "닉네임 중복 확인", description = "닉네임이 이미 사용중인지 확인.")
     public ResponseResult checkNickName(@RequestParam String nickName){
-        boolean exists = userService.checkNickName(nickName);
-        return exists
-                ? new ResponseResult(ErrorCode.DUPLICATE_NICKNAME) //중복 닉네임
-                : new ResponseResult(ErrorCode.NOT_DUPLICATE_NICKNAME);
+        return userService.checkNickName(nickName);
     }
 
     @GetMapping
     @Operation(summary = "유저 조회", description = "유저 조회 API")
-    public ResponseResult getUser(/*@AuthenticationPrincipal id: Long*/) { return userService.getUser(1L); }
+    public ResponseResult getUser(@AuthenticationPrincipal Long id) { return userService.getUser(id); }
 
     @PutMapping
     @Operation(summary = "유저 수정", description = "유저 수정 API")
-    public ResponseResult updateUser(/*@AuthenticationPrincipal id: Long, */@RequestBody UserUpdateDto userUpdateDto) {
-        return userService.updateUser(1L, userUpdateDto);
+    public ResponseResult updateUser(@AuthenticationPrincipal Long id,@RequestBody UserUpdateDto userUpdateDto) {
+        return userService.updateUser(id, userUpdateDto);
     }
 
     @DeleteMapping
     @Operation(summary = "유저 삭제", description = "회원 탈퇴하는 API (탈퇴시 프로필 정보도 삭제됩니다.)")
-    public ResponseResult deleteUser(/*@AuthenticationPrincipal id: Long*/) { return userService.deleteUser(1L); }
+    public ResponseResult deleteUser(@AuthenticationPrincipal Long id) { return userService.deleteUser(id); }
 
     @GetMapping("/mypage")
     @Operation(summary = "마이 페이지", description = "마이 페이지 조회 API")
-    public ResponseResult getMyPage(/*@AuthenticationPrincipal id: Long*/) { return userService.getMyPage(1L); }
+    public ResponseResult getMyPage(@AuthenticationPrincipal Long id) { return userService.getMyPage(id); }
+
+    @PostMapping("/login")
+    @Operation(summary = "로그인", description = "로그인 API")
+    public ResponseResult login(@RequestBody LoginReqDto loginReqDto, HttpServletResponse response) {
+        return userService.login(loginReqDto, response);
+    }
+
+    @PostMapping("/logout")
+    @Operation(summary = "로그아웃", description = "로그아웃 API")
+    public ResponseResult logout(HttpServletResponse response) {
+        return userService.logout(response);
+    }
 }

src/main/java/org/dfbf/soundlink/domain/user/dto/request/LoginReqDto.java

@@ -0,0 +1,3 @@
+package org.dfbf.soundlink.domain.user.dto.request;
+
+public record LoginReqDto(String loginId, String password) { }

src/main/java/org/dfbf/soundlink/domain/user/entity/User.java

@@ -30,7 +30,9 @@ public class User {
     @Column(nullable = true)
     private Long socialId;
 
+    @Column(name="login_id")
     private String loginId;
+
     private String password;
     private String email;
 

src/main/java/org/dfbf/soundlink/domain/user/repository/UserRepository.java

@@ -26,4 +26,16 @@ public interface UserRepository extends JpaRepository<User, Long> {
                     "WHERE u = :user"
     )
     UserMyPageDto findMyPageDtoByUserId(@Param("user") User user);
+
+    //로그인관련
+    boolean existsByLoginId(String loginId);
+
+    Optional<User> findByLoginId(String loginId);
+
+    @Query("Select u.password from User u  where u.loginId =:loginId ")
+    String findByPassword(@Param("loginId")String loginId);
+
+
+
+
 }

src/main/java/org/dfbf/soundlink/domain/user/service/UserService.java

@@ -1,12 +1,14 @@
 package org.dfbf.soundlink.domain.user.service;
 
 import jakarta.mail.MessagingException;
+import jakarta.servlet.http.HttpServletResponse;
 import jakarta.transaction.Transactional;
 import lombok.AllArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.dfbf.soundlink.domain.emotionRecord.entity.SpotifyMusic;
 import org.dfbf.soundlink.domain.emotionRecord.repository.EmotionRecordRepository;
 import org.dfbf.soundlink.domain.emotionRecord.repository.SpotifyMusicRepository;
+import org.dfbf.soundlink.domain.user.dto.request.LoginReqDto;
 import org.dfbf.soundlink.domain.user.dto.request.UserSignUpDto;
 import org.dfbf.soundlink.domain.user.dto.request.UserUpdateDto;
 import org.dfbf.soundlink.domain.user.dto.response.UserGetDto;
@@ -16,12 +18,18 @@
 import org.dfbf.soundlink.domain.user.exception.NoUserDataException;
 import org.dfbf.soundlink.domain.user.repository.ProfileMusicRepository;
 import org.dfbf.soundlink.domain.user.repository.UserRepository;
+import org.dfbf.soundlink.global.auth.JwtProvider;
+import org.dfbf.soundlink.global.auth.TokenProperties;
 import org.dfbf.soundlink.global.exception.ErrorCode;
 import org.dfbf.soundlink.global.exception.ResponseResult;
+import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.http.ResponseCookie;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.stereotype.Service;
 
 import javax.naming.AuthenticationException;
+import java.util.HashMap;
+import java.util.Map;
 
 @Slf4j
 @Service
@@ -35,6 +43,10 @@ public class UserService {
     private final BCryptPasswordEncoder passwordEncoder;
     private final MailService mailService;
     private final RedisService redisService;
+    private final JwtProvider jwtProvider;
+    private final TokenProperties tokenProperties;
+    private RedisTemplate<String, String> redisTemplate;
+
 
     // 회원가입
     public ResponseResult signUp(UserSignUpDto userSignUpDto) {
@@ -92,9 +104,6 @@ public ResponseResult updateUser(Long userId, UserUpdateDto userUpdateDto) {
     public ResponseResult deleteUser(Long userId) {
         try {
             User user = userRepository.findById(userId).orElseThrow(() -> new NoUserDataException());
-
-//            profileMusicRepository.deleteByUser(user);  // 유저 프로필 음악 삭제
-//            emotionRecordRepository.deleteByUser(user); // 유저 감정 기록 삭제
             userRepository.deleteById(userId);          // 유저 삭제
 
             return new ResponseResult(ErrorCode.SUCCESS);
@@ -159,7 +168,77 @@ public ResponseResult checkEmail(String email){
     }
 
     //닉네임 중복 확인
-    public boolean checkNickName(String nickName){
-        return userRepository.existsByNickName(nickName);
+    public ResponseResult checkNickName(String nickName){
+        boolean exists =userRepository.existsByNickName(nickName);
+        if(exists){
+            return new ResponseResult(ErrorCode.DUPLICATE_NICKNAME);
+        }
+        return new ResponseResult(ErrorCode.NOT_DUPLICATE_NICKNAME);
     }
+
+    //refreshToken을 쿠키로 설정
+    private ResponseCookie getRefreshToken(String refreshToken) {
+        return ResponseCookie
+                .from("REFRESHTOKEN", refreshToken)
+                .domain("localhost")
+                .path("/")
+                .httpOnly(true)
+                .maxAge(tokenProperties.getRefreshTokenExpirationTime()) //만료시간 설정
+                .build();
+    }
+
+    //로그인
+    public ResponseResult login(LoginReqDto loginReqDto, HttpServletResponse response) {
+        try {
+            if(!userRepository.existsByLoginId(loginReqDto.loginId())) {
+                return new ResponseResult(ErrorCode.FAIL_TO_FIND_USER, "계정을 찾을 수 없습니다.");
+            }
+            // 비밀번호 검증(암호화 된 비밀번호 비교)
+            if(!passwordEncoder.matches(loginReqDto.password(), userRepository.findByPassword(loginReqDto.loginId()))){
+                return new ResponseResult( ErrorCode.NOT_EQUALS_PASSWORD,"잘못된 비밀번호 입니다.");
+            }
+
+            User user = userRepository.findByLoginId(loginReqDto.loginId())
+                    .orElseThrow(NoUserDataException::new);
+
+            String accessToken = jwtProvider.createAccessToken(user.getUserId());
+            String refreshToken = jwtProvider.createRefreshToken(user.getUserId());
+
+            //refreshToken - 쿠키
+            ResponseCookie refreshCookie = getRefreshToken(refreshToken);
+            response.setHeader("Set-Cookie", refreshCookie.toString());
+
+            //accessToken - 바디
+            Map<String, String> responseBody = new HashMap<>();
+            responseBody.put("accessToken", accessToken);
+
+            return new ResponseResult(responseBody);
+        } catch (Exception e) {
+            System.out.println("[ERROR] " + e.getMessage());
+            return new ResponseResult(ErrorCode. INTERNAL_SERVER_ERROR);
+        }
+    }
+
+    //로그아웃
+    public ResponseResult logout(HttpServletResponse response) {
+        try {
+            //클라이언트 - 토큰 삭제
+            ResponseCookie refreshCookie = ResponseCookie
+                    .from("REFRESHTOKEN", "") // 추후 토큰값 추가
+                    .domain("localhost")
+                    .path("/")
+                    .httpOnly(true)
+                    .maxAge(0)
+                    .build();
+            response.setHeader("Set-Cookie", refreshCookie.toString());//쿠키 삭제 요청
+
+            return new ResponseResult(ErrorCode.SUCCESS);
+
+        } catch (Exception e) {
+            return new ResponseResult(ErrorCode. INTERNAL_SERVER_ERROR,"로그아웃 중 오류가 발생했습니다.");
+        }
+    }
+
+
+
 }

src/main/java/org/dfbf/soundlink/global/auth/CustomUserDetails.java

@@ -0,0 +1,58 @@
+package org.dfbf.soundlink.global.auth;
+
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+
+import java.util.Collection;
+import java.util.List;
+
+public class CustomUserDetails implements UserDetails{
+    private final Long userId;
+
+    public CustomUserDetails(Long userId) {
+        if (userId == null) {
+            throw new IllegalArgumentException("userId cannot be null");
+        }
+        this.userId = userId;
+    }
+
+    public Long getUserId() {
+        return userId;
+    }
+
+
+    @Override
+    public Collection<? extends GrantedAuthority> getAuthorities() {
+        return List.of(); //사용자의 권한 정보 반환
+    }
+
+    @Override
+    public String getPassword() {
+        return null;
+    }
+
+    @Override
+    public String getUsername() {
+        return String.valueOf(userId);//로그인할때 ID
+    }
+
+    @Override
+    public boolean isAccountNonExpired() {
+        return true;    //계정 만료 여부(만료 x)
+    }
+
+    @Override
+    public boolean isAccountNonLocked() {
+        return true;    //계정이 잠겨있는지 확인.
+    }
+
+    @Override
+    public boolean isCredentialsNonExpired() {
+        return true;    //비밀번호 유효기간 확인
+    }
+
+    @Override
+    public boolean isEnabled() {
+        return true;    //계정활성화 여부 확인
+    }
+}

src/main/java/org/dfbf/soundlink/global/auth/JwtAuthenticationFilter.java

@@ -0,0 +1,46 @@
+package org.dfbf.soundlink.global.auth;
+
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import lombok.RequiredArgsConstructor;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+import java.io.IOException;
+
+@RequiredArgsConstructor
+public class JwtAuthenticationFilter extends OncePerRequestFilter {
+    private final JwtProvider jwtProvider;
+
+    @Override
+    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
+    String accessToken = jwtProvider.resolveAccessToken(request);       //1.Access Token 추출
+
+    if(accessToken !=null && jwtProvider.validateToken(accessToken)) {  //2.유효성 검사
+        this.setAuthentication(accessToken);                            //3.유저정보 저장
+        }
+    filterChain.doFilter(request, response); //필터 체인 진행(전달)
+    }
+
+    //유저정보 저장
+    public void setAuthentication(String token) {
+        Long userId = jwtProvider.getUserId(token); //userId 추출
+
+        if (userId == null) {
+            throw new IllegalArgumentException("userId cannot be null");
+        }
+
+        CustomUserDetails userDetails = new CustomUserDetails(userId);
+
+        // 인증토큰 생성
+        UsernamePasswordAuthenticationToken authentication =
+                new UsernamePasswordAuthenticationToken(userId, null, userDetails.getAuthorities());
+
+        // 인증정보 설정
+        SecurityContextHolder.getContext().setAuthentication(authentication);
+    }
+
+}