Merge pull request #175 from prgrms-web-devcourse-final-project/feature/EA3-173-user-mail

[EA3-173] 회원가입 시 메일을 통한 인증 기능 추가

Author: pia01190

build.gradle

@@ -91,6 +91,9 @@ dependencies {
 
     // WebSocket + STOMP 통신용
     implementation 'org.springframework.boot:spring-boot-starter-websocket'
+
+	// 이메일 전송 의존성
+	implementation 'org.springframework.boot:spring-boot-starter-mail'
 }
 
 tasks.named('test') {

src/main/java/grep/neogul_coder/domain/users/controller/UserController.java

@@ -4,25 +4,36 @@
 import grep.neogul_coder.domain.users.controller.dto.request.SignUpRequest;
 import grep.neogul_coder.domain.users.controller.dto.request.UpdatePasswordRequest;
 import grep.neogul_coder.domain.users.controller.dto.response.UserResponse;
+import grep.neogul_coder.domain.users.service.EmailVerificationService;
 import grep.neogul_coder.domain.users.service.UserService;
 import grep.neogul_coder.global.auth.Principal;
 import grep.neogul_coder.global.response.ApiResponse;
 import jakarta.validation.Valid;
+import java.io.IOException;
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
 import org.springframework.security.core.annotation.AuthenticationPrincipal;
-import org.springframework.web.bind.annotation.*;
+import org.springframework.web.bind.annotation.DeleteMapping;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.PutMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.RequestPart;
+import org.springframework.web.bind.annotation.ResponseStatus;
+import org.springframework.web.bind.annotation.RestController;
 import org.springframework.web.multipart.MultipartFile;
 
-import java.io.IOException;
-
 @RestController
 @RequiredArgsConstructor
 @RequestMapping("/api/users")
 public class UserController implements UserSpecification {
 
     private final UserService usersService;
+    private final EmailVerificationService verificationService;
 
     @GetMapping("/me")
     public ApiResponse<UserResponse> get(@AuthenticationPrincipal Principal principal) {
@@ -38,24 +49,25 @@ public ApiResponse<UserResponse> get(@PathVariable("userid") Long userId) {
 
     @PutMapping(value = "/update/profile", consumes = MediaType.MULTIPART_FORM_DATA_VALUE)
     public ApiResponse<Void> updateProfile(
-            @AuthenticationPrincipal Principal principal,
-            @RequestPart("nickname") String nickname,
-            @RequestPart(value = "profileImage", required = false) MultipartFile profileImage
+        @AuthenticationPrincipal Principal principal,
+        @RequestPart("nickname") String nickname,
+        @RequestPart(value = "profileImage", required = false) MultipartFile profileImage
     ) throws IOException {
         usersService.updateProfile(principal.getUserId(), nickname, profileImage);
         return ApiResponse.noContent();
     }
 
     @PutMapping("/update/password")
     public ApiResponse<Void> updatePassword(@AuthenticationPrincipal Principal principal,
-                                            @Valid @RequestBody UpdatePasswordRequest request) {
-        usersService.updatePassword(principal.getUserId(), request.getPassword(), request.getNewPassword(), request.getNewPasswordCheck());
+        @Valid @RequestBody UpdatePasswordRequest request) {
+        usersService.updatePassword(principal.getUserId(), request.getPassword(),
+            request.getNewPassword(), request.getNewPasswordCheck());
         return ApiResponse.noContent();
     }
 
     @DeleteMapping("/delete/me")
     public ApiResponse<Void> delete(@AuthenticationPrincipal Principal principal,
-                                    @RequestBody @Valid PasswordRequest request) {
+        @RequestBody @Valid PasswordRequest request) {
         usersService.deleteUser(principal.getUserId(), request.getPassword());
         return ApiResponse.noContent();
     }
@@ -67,4 +79,21 @@ public ApiResponse<Void> signUp(@Valid @RequestBody SignUpRequest request) {
         return ApiResponse.noContent();
     }
 
+    @PostMapping("/mail/send")
+    public ApiResponse<Void> sendCode(@RequestParam String email) {
+        verificationService.sendVerificationEmail(email);
+        return ApiResponse.noContent();
+    }
+
+    @PostMapping("/mail/verify")
+    public ApiResponse<Void> verifyCode(
+        @RequestParam String email,
+        @RequestParam String code
+    ) {
+        boolean result = verificationService.verifyCode(email, code);
+        return result ?
+            ApiResponse.noContent() :
+            ApiResponse.badRequest();
+    }
+
 }

src/main/java/grep/neogul_coder/domain/users/controller/UserSpecification.java

@@ -7,10 +7,12 @@
 import grep.neogul_coder.global.auth.Principal;
 import grep.neogul_coder.global.response.ApiResponse;
 import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.parameters.RequestBody;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import java.io.IOException;
 import org.springframework.security.core.annotation.AuthenticationPrincipal;
+import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RequestPart;
 import org.springframework.web.multipart.MultipartFile;
 
@@ -36,4 +38,19 @@ ApiResponse<Void> updatePassword(@AuthenticationPrincipal Principal principal,
     @Operation(summary = "회원 상태 삭제로 변경", description = "회원 상태를 삭제로 변경합니다.")
     ApiResponse<Void> delete(@AuthenticationPrincipal Principal principal,
         @RequestBody PasswordRequest request);
+
+    @Operation(summary = "이메일 인증 코드 발송", description = "입력한 이메일 주소로 인증 코드를 발송합니다.")
+    ApiResponse<Void> sendCode(
+        @Parameter(description = "인증 코드를 보낼 이메일 주소", required = true, example = "[email protected]")
+        @RequestParam String email
+    );
+
+    @Operation(summary = "이메일 인증 코드 검증", description = "사용자가 입력한 인증 코드가 올바른지 검증합니다.")
+    ApiResponse<Void> verifyCode(
+        @Parameter(description = "인증 요청한 이메일 주소", required = true, example = "[email protected]")
+        @RequestParam String email,
+
+        @Parameter(description = "사용자가 입력한 인증 코드", required = true, example = "123456")
+        @RequestParam String code
+    );
 }

src/main/java/grep/neogul_coder/domain/users/controller/dto/response/UserResponse.java

@@ -20,24 +20,29 @@ public class UserResponse {
     @Schema(description = "회원 프로필 이미지", example = "profileImageUrl")
     private String profileImageUrl;
 
+    @Schema(description = "회원 OAuth 정보", example = "Google")
+    private String oauth;
+
     @Schema(description = "Role")
     private Role role;
 
     @Builder
-    private UserResponse(Long id, String email, String nickname,String profileImageUrl, Role role) {
+    private UserResponse(Long id, String email, String nickname,String profileImageUrl, String oauth ,Role role) {
         this.id = id;
         this.email = email;
         this.nickname = nickname;
         this.profileImageUrl = profileImageUrl;
+        this.oauth = oauth;
         this.role = role;
     }
 
-    public static UserResponse toUserResponse(Long id, String email, String nickname,String profileImageUrl, Role role){
+    public static UserResponse toUserResponse(Long id, String email, String nickname,String profileImageUrl, String oauth, Role role){
         return UserResponse.builder()
             .id(id)
             .email(email)
             .nickname(nickname)
             .profileImageUrl(profileImageUrl)
+            .oauth(oauth)
             .role(role)
             .build();
     }

src/main/java/grep/neogul_coder/domain/users/entity/User.java

@@ -2,7 +2,13 @@
 
 import grep.neogul_coder.global.auth.code.Role;
 import grep.neogul_coder.global.entity.BaseEntity;
-import jakarta.persistence.*;
+import jakarta.persistence.Entity;
+import jakarta.persistence.EnumType;
+import jakarta.persistence.Enumerated;
+import jakarta.persistence.GeneratedValue;
+import jakarta.persistence.GenerationType;
+import jakarta.persistence.Id;
+import jakarta.persistence.Table;
 import jakarta.validation.constraints.Email;
 import lombok.Builder;
 import lombok.Getter;
@@ -34,11 +40,12 @@ public class User extends BaseEntity {
 
     public static User UserInit(String email, String password, String nickname) {
         return User.builder()
-                .email(email)
-                .password(password)
-                .nickname(nickname)
-                .role(Role.ROLE_USER)
-                .build();
+            .email(email)
+            .password(password)
+            .nickname(nickname)
+            .role(Role.ROLE_USER)
+            .activated(true)
+            .build();
     }
 
     public void updateProfile(String nickname, String profileImageUrl) {
@@ -58,14 +65,15 @@ public void delete() {
 
     @Builder
     private User(Long id, String oauthId, String oauthProvider, String email, String password,
-                 String nickname, String profileImageUrl, Role role) {
+        String nickname, String profileImageUrl, Boolean activated, Role role) {
         this.id = id;
         this.oauthId = oauthId;
         this.oauthProvider = oauthProvider;
         this.email = email;
         this.password = password;
         this.nickname = nickname;
         this.profileImageUrl = profileImageUrl;
+        this.activated = activated;
         this.role = role;
     }
 

src/main/java/grep/neogul_coder/domain/users/exception/NotVerifiedEmailException.java

@@ -0,0 +1,11 @@
+package grep.neogul_coder.domain.users.exception;
+
+import grep.neogul_coder.global.exception.business.BusinessException;
+import grep.neogul_coder.global.response.code.ErrorCode;
+
+public class NotVerifiedEmailException extends BusinessException {
+
+    public NotVerifiedEmailException(ErrorCode errorCode) {
+        super(errorCode);
+    }
+}

src/main/java/grep/neogul_coder/domain/users/exception/UnActivatedUserException.java

@@ -0,0 +1,11 @@
+package grep.neogul_coder.domain.users.exception;
+
+import grep.neogul_coder.global.exception.business.BusinessException;
+import grep.neogul_coder.global.response.code.ErrorCode;
+
+public class UnActivatedUserException extends BusinessException {
+
+    public UnActivatedUserException(ErrorCode errorCode) {
+        super(errorCode);
+    }
+}

src/main/java/grep/neogul_coder/domain/users/exception/advice/UserAdvice.java

@@ -2,6 +2,7 @@
 
 import grep.neogul_coder.domain.users.exception.EmailDuplicationException;
 import grep.neogul_coder.domain.users.exception.NicknameDuplicatedException;
+import grep.neogul_coder.domain.users.exception.NotVerifiedEmailException;
 import grep.neogul_coder.domain.users.exception.PasswordNotMatchException;
 import grep.neogul_coder.domain.users.exception.PasswordUncheckException;
 import grep.neogul_coder.domain.users.exception.UserNotFoundException;
@@ -50,4 +51,11 @@ public ResponseEntity<ApiResponse<Void>> nicknameDuplicationException(NicknameDu
             .body(ApiResponse.errorWithoutData(UserErrorCode.IS_DUPLICATED_NICKNAME));
     }
 
+    @ ExceptionHandler(NotVerifiedEmailException.class)
+    public ResponseEntity<ApiResponse<Void>> notVerifiedEmailException(NotVerifiedEmailException ex) {
+        return ResponseEntity
+            .status(HttpStatus.BAD_REQUEST)
+            .body(ApiResponse.errorWithoutData(UserErrorCode.NOT_VERIFIED_EMAIL));
+    }
+
 }

src/main/java/grep/neogul_coder/domain/users/exception/code/UserErrorCode.java

@@ -11,7 +11,9 @@ public enum UserErrorCode implements ErrorCode {
     PASSWORD_MISMATCH("U002", HttpStatus.BAD_REQUEST, "비밀번호를 다시 확인해주세요."),
     PASSWORD_UNCHECKED("U003", HttpStatus.BAD_REQUEST, "비밀번호와 비밀번호 확인이 다릅니다"),
     IS_DUPLICATED_MALI("U004", HttpStatus.BAD_REQUEST,"이미 존재하는 이메일입니다."),
-    IS_DUPLICATED_NICKNAME("U005", HttpStatus.BAD_REQUEST,"이미 존재하는 닉네임입니다.");
+    IS_DUPLICATED_NICKNAME("U005", HttpStatus.BAD_REQUEST,"이미 존재하는 닉네임입니다."),
+    UNACTIVATED_USER("U006", HttpStatus.BAD_REQUEST,"탈퇴된 회원입니다."),
+    NOT_VERIFIED_EMAIL("U007", HttpStatus.BAD_REQUEST, "메일 인증이 되지 않은 이메일입니다.");
 
 
     private final String code;

src/main/java/grep/neogul_coder/domain/users/service/EmailVerificationService.java

@@ -0,0 +1,74 @@
+package grep.neogul_coder.domain.users.service;
+
+import java.time.Duration;
+import java.util.Random;
+import lombok.RequiredArgsConstructor;
+import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.mail.SimpleMailMessage;
+import org.springframework.mail.javamail.JavaMailSender;
+import org.springframework.stereotype.Service;
+
+@Service
+@RequiredArgsConstructor
+public class EmailVerificationService  {
+
+    private final JavaMailSender mailSender;
+    private final RedisTemplate<String, Object> redisTemplate;
+
+    private static final long CODE_TTL_SECONDS = 300;
+
+    public void sendVerificationEmail(String email) {
+        String code = generateRandomCode();
+
+        sendEmail(email,code);
+
+        redisTemplate.opsForValue().set(getRedisKey(email), code, Duration.ofSeconds(CODE_TTL_SECONDS));
+    }
+
+    public boolean verifyCode(String email, String inputCode) {
+        String redisKey = getRedisKey(email);
+        Object storedCode = redisTemplate.opsForValue().get(getRedisKey(email));
+
+
+        if (isValidCode(storedCode,inputCode)) {
+            redisTemplate.delete(redisKey);
+
+            redisTemplate.opsForValue().set(getVerifiedKey(email), "true", Duration.ofMinutes(10));
+            return true;
+        }
+        return false;
+    }
+
+    public boolean isNotEmailVerified(String email) {
+        Object value = redisTemplate.opsForValue().get(getVerifiedKey(email));
+        return !"true".equals(value);
+    }
+
+    public void clearVerifiedStatus(String email) {
+        redisTemplate.delete(getVerifiedKey(email));
+    }
+
+    private void sendEmail(String to, String code) {
+        SimpleMailMessage message = new SimpleMailMessage();
+        message.setTo(to);
+        message.setSubject("[wibby] 이메일 인증 코드");
+        message.setText("인증 코드: " + code + "\n5분 안에 입력해주세요.");
+        mailSender.send(message);
+    }
+
+    private String generateRandomCode() {
+        return String.format("%06d", new Random().nextInt(1000000));
+    }
+
+    private String getRedisKey(String email) {
+        return "email_verification:" + email;
+    }
+
+    private String getVerifiedKey(String email) {
+        return "email_verified:" + email;
+    }
+
+    private boolean isValidCode(Object storedCode, String inputCode) {
+        return storedCode != null && storedCode.equals(inputCode);
+    }
+}