refactor : 리프레시 토큰 구조 개선

- user id만 사용(email제거)
- 토큰 갱신할떄 상태관리를 위해 유저 정보 제공
- 테스트하지않고 애플리케이션 빌드(cicd)

Author: seungwookc97

Dockerfile

@@ -17,7 +17,8 @@ COPY .env .
 COPY src src
 
 # 애플리케이션 빌드
-RUN gradle build --no-daemon
+#RUN gradle build --no-daemon
+RUN gradle build -x test --no-daemon
 
 # 두 번째 스테이지: 실행 스테이지
 FROM container-registry.oracle.com/graalvm/jdk:21

src/main/java/com/back/domain/user/controller/UserAuthController.java

@@ -1,5 +1,6 @@
 package com.back.domain.user.controller;
 
+import com.back.domain.user.dto.RefreshTokenResDto;
 import com.back.domain.user.service.UserAuthService;
 import com.back.global.rsData.RsData;
 import io.swagger.v3.oas.annotations.Operation;
@@ -17,7 +18,7 @@
 @Tag(name = "UserAuth", description = "사용자 인증 API")
 @Slf4j
 @RestController
-@RequestMapping("/api/user/auth")
+@RequestMapping("/user/auth")
 @RequiredArgsConstructor
 public class UserAuthController {
 
@@ -32,11 +33,11 @@ public class UserAuthController {
             @ApiResponse(responseCode = "401", description = "토큰이 유효하지 않거나 만료됨")
     })
     @PostMapping("/refresh")
-    public RsData<Void> refreshToken(HttpServletRequest request, HttpServletResponse response) {
-        boolean success = userAuthService.refreshTokens(request, response);
+    public RsData<RefreshTokenResDto> refreshToken(HttpServletRequest request, HttpServletResponse response) {
+        RefreshTokenResDto refreshToken = userAuthService.refreshTokens(request, response);
 
-        if (success) {
-            return RsData.of(200, "토큰이 성공적으로 갱신되었습니다.");
+        if (refreshToken != null) {
+            return RsData.of(200, "토큰이 갱신 성공.", refreshToken);
         } else {
             return RsData.of(401, "토큰 갱신에 실패했습니다. 다시 로그인해주세요.");
         }

src/main/java/com/back/domain/user/dto/RefreshTokenResDto.java

@@ -0,0 +1,21 @@
+package com.back.domain.user.dto;
+
+import lombok.Builder;
+import lombok.Getter;
+
+@Getter
+@Builder
+public class RefreshTokenResDto {
+    private final String accessToken;
+    private final UserInfoDto user;
+
+    @Getter
+    @Builder
+    public static class UserInfoDto {
+        private final String id;
+        private final String nickname;
+        private final Boolean isFirstLogin;
+        private final Double abvDgree;
+
+    }
+}

src/main/java/com/back/domain/user/service/UserAuthService.java

@@ -1,5 +1,6 @@
 package com.back.domain.user.service;
 
+import com.back.domain.user.dto.RefreshTokenResDto;
 import com.back.domain.user.entity.User;
 import com.back.domain.user.repository.UserRepository;
 import com.back.global.exception.ServiceException;
@@ -134,46 +135,58 @@ public String generateNickname(String baseNickname) {
 
     public void issueTokens(HttpServletResponse response, Long userId, String email, String nickname) {
         String accessToken = jwtUtil.generateAccessToken(userId, email, nickname);
-        String refreshToken = refreshTokenService.generateRefreshToken(userId, email);
+        String refreshToken = refreshTokenService.generateRefreshToken(userId);
 
         jwtUtil.addAccessTokenToCookie(response, accessToken);
         jwtUtil.addRefreshTokenToCookie(response, refreshToken);
     }
 
-    public boolean refreshTokens(HttpServletRequest request, HttpServletResponse response) {
+    public RefreshTokenResDto refreshTokens(HttpServletRequest request, HttpServletResponse response) {
         try {
             String oldRefreshToken = jwtUtil.getRefreshTokenFromCookie(request);
 
             if (oldRefreshToken == null || !refreshTokenService.validateToken(oldRefreshToken)) {
-                return false;
+                return null;
             }
 
             Optional<RefreshToken> tokenData = refreshTokenRepository.findByToken(oldRefreshToken);
             if (tokenData.isEmpty()) {
-                return false;
+                return null;
             }
 
             RefreshToken refreshTokenEntity = tokenData.get();
             Long userId = refreshTokenEntity.getUserId();
-            String email = refreshTokenEntity.getEmail();
 
-            // DB에서 현재 nickname 조회
-            Optional<User> user = userRepository.findById(userId);
-            if (user.isEmpty()) {
-                return false;
+            // DB에서 사용자 정보 조회
+            Optional<User> userOpt = userRepository.findById(userId);
+            if (userOpt.isEmpty()) {
+                return null;
             }
-            String nickname = user.get().getNickname();
+
+            User user = userOpt.get();
+            String nickname = user.getNickname();
+            String email = user.getEmail();
 
             String newRefreshToken = refreshTokenService.rotateToken(oldRefreshToken);
             String newAccessToken = jwtUtil.generateAccessToken(userId, email, nickname);
 
             jwtUtil.addAccessTokenToCookie(response, newAccessToken);
             jwtUtil.addRefreshTokenToCookie(response, newRefreshToken);
 
-            return true;
+            return RefreshTokenResDto.builder()
+                    .accessToken(newAccessToken)
+                    .user(
+                            RefreshTokenResDto.UserInfoDto.builder()
+                                    .id(user.getId().toString())
+                                    .nickname(nickname)
+                                    .isFirstLogin(user.isFirstLogin())
+                                    .abvDgree(user.getAbvDegree())
+                                    .build()
+                    )
+                    .build();
         } catch (Exception e) {
             log.error("토큰 갱신 중 오류 발생: {}", e.getMessage());
-            return false;
+            return null;
         }
     }
 

src/main/java/com/back/global/jwt/refreshToken/entity/RefreshToken.java

@@ -20,21 +20,18 @@ public class RefreshToken {
     @Column(nullable = false)
     private Long userId;
 
-    @Column(nullable = false)
-    private String email;
-
     @Column(nullable = false)
     private LocalDateTime createdAt;
 
     @Column(nullable = false)
     private LocalDateTime expiresAt;
 
-    public static RefreshToken create(String token, Long userId, String email, long ttlSeconds) {
+
+    public static RefreshToken create(String token, Long userId, long ttlSeconds) {
         LocalDateTime now = LocalDateTime.now();
         return RefreshToken.builder()
                 .token(token)
                 .userId(userId)
-                .email(email)
                 .createdAt(now)
                 .expiresAt(now.plusSeconds(ttlSeconds))
                 .build();

src/main/java/com/back/global/jwt/refreshToken/service/RefreshTokenService.java

@@ -5,14 +5,14 @@
 import com.back.global.jwt.refreshToken.repository.RefreshTokenRepository;
 import lombok.RequiredArgsConstructor;
 import org.springframework.beans.factory.annotation.Value;
+import org.springframework.scheduling.annotation.Scheduled;
 import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
 
 import java.security.SecureRandom;
 import java.time.LocalDateTime;
 import java.util.Base64;
 import java.util.Optional;
-import org.springframework.scheduling.annotation.Scheduled;
-import org.springframework.transaction.annotation.Transactional;
 
 @Service
 @RequiredArgsConstructor
@@ -26,12 +26,12 @@ public class RefreshTokenService {
 
     // 기존 리프레시 토큰 삭제하고 생성
     @Transactional
-    public String generateRefreshToken(Long userId, String email) {
+    public String generateRefreshToken(Long userId) {
         // 기존 토큰 삭제
         refreshTokenRepository.deleteByUserId(userId);
 
         String token = generateSecureToken();
-        RefreshToken refreshToken = RefreshToken.create(token, userId, email, refreshTokenExpiration);
+        RefreshToken refreshToken = RefreshToken.create(token, userId, refreshTokenExpiration);
         refreshTokenRepository.save(refreshToken);
 
         return token;
@@ -65,7 +65,7 @@ public String rotateToken(String oldToken) {
         RefreshToken tokenData = oldRefreshToken.get();
         revokeToken(oldToken);
 
-        return generateRefreshToken(tokenData.getUserId(), tokenData.getEmail());
+        return generateRefreshToken(tokenData.getUserId());
     }
 
     //삭제