Merge pull request #40 from asowjdan/feat/23-member

Feat[member]: 로컬 로그인 회원가입 기능 추가

Author: GarakChoi

backend/build.gradle

@@ -37,6 +37,11 @@ dependencies {
     implementation 'org.apache.commons:commons-lang3:3.18.0'
     implementation 'org.springdoc:springdoc-openapi-starter-webmvc-ui:2.8.9'
 
+    // JWT (JSON Web Token)
+    implementation 'io.jsonwebtoken:jjwt-api:0.11.5'
+    runtimeOnly 'io.jsonwebtoken:jjwt-impl:0.11.5'
+    runtimeOnly 'io.jsonwebtoken:jjwt-jackson:0.11.5'
+
     // Database (데이터베이스)
     runtimeOnly 'com.h2database:h2'
     runtimeOnly 'com.mysql:mysql-connector-j'

backend/src/main/java/com/ai/lawyer/domain/member/controller/MemberController.java

@@ -35,7 +35,7 @@ public class MemberController {
             @ApiResponse(responseCode = "400", description = "잘못된 요청 (중복 이메일/닉네임, 유효성 검증 실패)")
     })
     public ResponseEntity<MemberResponse> signup(@Valid @RequestBody MemberSignupRequest request) {
-        log.info("회원가입 요청: email={}, nickname={}", request.getLoginId(), request.getNickname());
+        log.info("회원가입 요청: email={}, name={}", request.getLoginId(), request.getName());
 
         try {
             MemberResponse response = memberService.signup(request);
@@ -72,11 +72,19 @@ public ResponseEntity<MemberResponse> login(@Valid @RequestBody MemberLoginReque
     @ApiResponses({
             @ApiResponse(responseCode = "200", description = "로그아웃 성공")
     })
-    public ResponseEntity<Void> logout(HttpServletResponse response) {
+    public ResponseEntity<Void> logout(Authentication authentication, HttpServletResponse response) {
         log.info("로그아웃 요청");
 
-        memberService.logout(response);
-        log.info("로그아웃 완료");
+        if (authentication != null && authentication.getName() != null) {
+            String loginId = authentication.getName();
+            memberService.logout(loginId, response);
+            log.info("로그아웃 완료: email={}", loginId);
+        } else {
+            // 인증 정보가 없어도 쿠키는 클리어
+            memberService.logout("", response);
+            log.info("인증 정보 없이 로그아웃 완료");
+        }
+
         return ResponseEntity.ok().build();
     }
 
@@ -128,7 +136,7 @@ public ResponseEntity<Void> withdraw(Authentication authentication, HttpServletR
             // loginId로 Member를 조회하여 실제 memberId 사용
             Member member = memberService.findByLoginId(loginId);
             memberService.withdraw(member.getMemberId());
-            memberService.logout(response); // 탈퇴 후 로그아웃 처리
+            memberService.logout(loginId, response); // 탈퇴 후 로그아웃 처리
             log.info("회원탈퇴 성공: email={}, memberId={}", loginId, member.getMemberId());
             return ResponseEntity.ok().build();
         } catch (IllegalArgumentException e) {

backend/src/main/java/com/ai/lawyer/domain/member/dto/MemberResponse.java

@@ -14,7 +14,6 @@ public class MemberResponse {
 
     private Long memberId;
     private String loginId;
-    private String nickname;
     private Integer age;
     private Member.Gender gender;
     private Member.Role role;
@@ -26,7 +25,6 @@ public static MemberResponse from(Member member) {
         return MemberResponse.builder()
                 .memberId(member.getMemberId())
                 .loginId(member.getLoginId())
-                .nickname(member.getNickname())
                 .age(member.getAge())
                 .gender(member.getGender())
                 .role(member.getRole())

backend/src/main/java/com/ai/lawyer/domain/member/dto/MemberSignupRequest.java

@@ -16,13 +16,8 @@ public class MemberSignupRequest {
     private String loginId;
 
     @NotBlank(message = "비밀번호는 필수입니다")
-    @Size(min = 8, message = "비밀번호는 최소 8자 이상이어야 합니다")
     private String password;
 
-    @NotBlank(message = "닉네임은 필수입니다")
-    @Size(max = 50, message = "닉네임은 50자 이하여야 합니다")
-    private String nickname;
-
     @NotNull(message = "나이는 필수입니다")
     @Min(value = 14, message = "최소 14세 이상이어야 합니다")
     private Integer age;

backend/src/main/java/com/ai/lawyer/domain/member/entity/Member.java

@@ -36,10 +36,6 @@ public class Member {
     @NotBlank(message = "비밀번호는 필수입니다")
     private String password;
 
-    @Column(name = "nickname", nullable = false, length = 50)
-    @NotBlank(message = "닉네임은 필수입니다")
-    private String nickname;
-
     @Column(name = "age", nullable = false)
     @NotNull(message = "나이는 필수입니다")
     @Min(value = 14, message = "최소 14세 이상이어야 합니다")

backend/src/main/java/com/ai/lawyer/domain/member/repositories/MemberRepository.java

@@ -12,6 +12,4 @@ public interface MemberRepository extends JpaRepository<Member, Long> {
     Optional<Member> findByLoginId(String loginId);
 
     boolean existsByLoginId(String loginId);
-
-    boolean existsByNickname(String nickname);
 }

backend/src/main/java/com/ai/lawyer/domain/member/service/MemberService.java

@@ -24,12 +24,10 @@ public class MemberService {
     @Transactional
     public MemberResponse signup(MemberSignupRequest request) {
         validateDuplicateLoginId(request.getLoginId());
-        validateDuplicateNickname(request.getNickname());
 
         Member member = Member.builder()
                 .loginId(request.getLoginId())
                 .password(passwordEncoder.encode(request.getPassword()))
-                .nickname(request.getNickname())
                 .age(request.getAge())
                 .gender(request.getGender())
                 .name(request.getName())
@@ -58,34 +56,40 @@ public MemberResponse login(MemberLoginRequest request, HttpServletResponse resp
         return MemberResponse.from(member);
     }
 
-    public void logout(HttpServletResponse response) {
+    public void logout(String loginId, HttpServletResponse response) {
+        // Redis에서 리프레시 토큰 삭제
+        tokenProvider.deleteRefreshToken(loginId);
+
         // 쿠키 삭제
         cookieUtil.clearTokenCookies(response);
-
-        // TODO: 추후 레디스에서 토큰 무효화
     }
 
     public MemberResponse refreshToken(String refreshToken, HttpServletResponse response) {
-        // 리프레시 토큰 유효성 검증
-        if (!tokenProvider.validateToken(refreshToken)) {
+        // Redis에서 리프레시 토큰으로 사용자를 찾기 (Redis 키 패턴: refresh_token:loginId)
+        String username = tokenProvider.findUsernameByRefreshToken(refreshToken);
+        if (username == null) {
+            throw new IllegalArgumentException("유효하지 않은 리프레시 토큰입니다.");
+        }
+
+        // Redis에서 리프레시 토큰 유효성 검증
+        if (!tokenProvider.validateRefreshToken(username, refreshToken)) {
             throw new IllegalArgumentException("유효하지 않은 리프레시 토큰입니다.");
         }
 
-        // TODO: 추후 레디스에서 리프레시 토큰과 매핑된 회원 정보 조회
-        // 현재는 임시로 토큰에서 사용자명 추출 후 DB 조회
-        String username = tokenProvider.getUsernameFromToken(refreshToken);
+        // 회원 정보 조회
         Member member = memberRepository.findByLoginId(username)
                 .orElseThrow(() -> new IllegalArgumentException("존재하지 않는 회원입니다."));
 
+        // 기존 리프레시 토큰 Redis에서 삭제 (RTR 패턴)
+        tokenProvider.deleteRefreshToken(username);
+
         // 새로운 액세스 토큰과 리프레시 토큰 생성
         String newAccessToken = tokenProvider.generateAccessToken(member);
         String newRefreshToken = tokenProvider.generateRefreshToken(member);
 
         // 새로운 토큰들을 쿠키로 설정
         cookieUtil.setTokenCookies(response, newAccessToken, newRefreshToken);
 
-        // TODO: 추후 레디스에서 기존 토큰 무효화 및 새 토큰 저장
-
         return MemberResponse.from(member);
     }
 
@@ -114,10 +118,4 @@ private void validateDuplicateLoginId(String loginId) {
             throw new IllegalArgumentException("이미 존재하는 이메일입니다.");
         }
     }
-
-    private void validateDuplicateNickname(String nickname) {
-        if (memberRepository.existsByNickname(nickname)) {
-            throw new IllegalArgumentException("이미 존재하는 닉네임입니다.");
-        }
-    }
 }

backend/src/main/java/com/ai/lawyer/global/config/EmbeddedRedisConfig.java

@@ -3,10 +3,15 @@
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.event.ContextClosedEvent;
 import org.springframework.context.event.ContextRefreshedEvent;
 import org.springframework.context.event.EventListener;
+import org.springframework.data.redis.connection.RedisConnectionFactory;
+import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
+import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.data.redis.serializer.StringRedisSerializer;
 import redis.embedded.RedisServer;
 
 import jakarta.annotation.PreDestroy;
@@ -16,11 +21,32 @@
 @ConditionalOnProperty(name = "spring.data.redis.embedded", havingValue = "true", matchIfMissing = true)
 public class EmbeddedRedisConfig {
 
+    @Value("${spring.data.redis.host:localhost}")
+    private String redisHost;
+
     @Value("${spring.data.redis.port:6379}")
     private int redisPort;
 
     private RedisServer redisServer;
 
+    @Bean
+    public RedisConnectionFactory redisConnectionFactory() {
+        return new LettuceConnectionFactory(redisHost, redisPort);
+    }
+
+    @Bean
+    public RedisTemplate<String, Object> redisTemplate() {
+        RedisTemplate<String, Object> redisTemplate = new RedisTemplate<>();
+        redisTemplate.setConnectionFactory(redisConnectionFactory());
+
+        redisTemplate.setKeySerializer(new StringRedisSerializer());
+        redisTemplate.setValueSerializer(new StringRedisSerializer());
+        redisTemplate.setHashKeySerializer(new StringRedisSerializer());
+        redisTemplate.setHashValueSerializer(new StringRedisSerializer());
+
+        return redisTemplate;
+    }
+
     @EventListener(ContextRefreshedEvent.class)
     public void startRedis() {
         try {

backend/src/main/java/com/ai/lawyer/global/config/RedisConfig.java

@@ -0,0 +1,39 @@
+package com.ai.lawyer.global.config;
+
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.data.redis.connection.RedisConnectionFactory;
+import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
+import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.data.redis.serializer.StringRedisSerializer;
+
+@Configuration
+@ConditionalOnProperty(name = "spring.data.redis.embedded", havingValue = "false")
+public class RedisConfig {
+
+    @Value("${spring.data.redis.host:localhost}")
+    private String redisHost;
+
+    @Value("${spring.data.redis.port:6379}")
+    private int redisPort;
+
+    @Bean
+    public RedisConnectionFactory redisConnectionFactory() {
+        return new LettuceConnectionFactory(redisHost, redisPort);
+    }
+
+    @Bean
+    public RedisTemplate<String, Object> redisTemplate() {
+        RedisTemplate<String, Object> redisTemplate = new RedisTemplate<>();
+        redisTemplate.setConnectionFactory(redisConnectionFactory());
+
+        redisTemplate.setKeySerializer(new StringRedisSerializer());
+        redisTemplate.setValueSerializer(new StringRedisSerializer());
+        redisTemplate.setHashKeySerializer(new StringRedisSerializer());
+        redisTemplate.setHashValueSerializer(new StringRedisSerializer());
+
+        return redisTemplate;
+    }
+}

backend/src/main/java/com/ai/lawyer/global/jwt/TokenProvider.java

@@ -2,45 +2,111 @@
 
 import com.ai.lawyer.domain.member.entity.Member;
 import com.ai.lawyer.global.config.JwtProperties;
+import io.jsonwebtoken.*;
+import io.jsonwebtoken.security.Keys;
 import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.stereotype.Component;
 
-import java.util.Map;
+import javax.crypto.SecretKey;
+import java.time.Duration;
+import java.util.Date;
 import java.util.UUID;
-import java.util.concurrent.ConcurrentHashMap;
 
 @Component
 @RequiredArgsConstructor
+@Slf4j
 public class TokenProvider {
 
     private final JwtProperties jwtProperties;
+    private final RedisTemplate<String, Object> redisTemplate;
 
-    // 임시로 토큰과 사용자 정보를 매핑하는 메모리 저장소 (추후 레디스로 대체)
-    private final Map<String, String> tokenToLoginIdMap = new ConcurrentHashMap<>();
+    private static final String REFRESH_TOKEN_PREFIX = "refresh_token:";
+    private static final long REFRESH_TOKEN_EXPIRE_TIME = 7 * 24 * 60 * 60; // 7일
+
+    private SecretKey getSigningKey() {
+        return Keys.hmacShaKeyFor(jwtProperties.getSecretKey().getBytes());
+    }
 
     public String generateAccessToken(Member member) {
-        // TODO: JWT 의존성 추가 후 실제 JWT 토큰 생성로직으로 변경
-        // 현재는 임시로 UUID 사용 (추후 레디스에서 매핑 관리)
-        String token = "access_" + UUID.randomUUID();
-        tokenToLoginIdMap.put(token, member.getLoginId());
-        return token;
+        Date now = new Date();
+        Date expiry = new Date(now.getTime() + jwtProperties.getAccessToken().getExpirationSeconds() * 1000);
+
+        return Jwts.builder()
+                .setSubject(member.getLoginId())
+                .setIssuedAt(now)
+                .setExpiration(expiry)
+                .claim("memberId", member.getMemberId())
+                .signWith(getSigningKey(), SignatureAlgorithm.HS256)
+                .compact();
     }
 
     public String generateRefreshToken(Member member) {
-        // TODO: JWT 의존성 추가 후 실제 JWT 토큰 생성로직으로 변경
-        // 현재는 임시로 UUID 사용 (추후 레디스에서 매핑 관리)
-        String token = "refresh_" + UUID.randomUUID();
-        tokenToLoginIdMap.put(token, member.getLoginId());
-        return token;
+        String refreshToken = UUID.randomUUID().toString();
+
+        // Redis에 리프레시 토큰 저장
+        String redisKey = REFRESH_TOKEN_PREFIX + member.getLoginId();
+        redisTemplate.opsForValue().set(redisKey, refreshToken, Duration.ofSeconds(REFRESH_TOKEN_EXPIRE_TIME));
+
+        return refreshToken;
     }
 
     public boolean validateToken(String token) {
-        // TODO: JWT 의존성 추가 후 실제 토큰 검증 로직으로 변경
-        return token != null && !token.isEmpty() && tokenToLoginIdMap.containsKey(token);
+        try {
+            Jwts.parserBuilder()
+                    .setSigningKey(getSigningKey())
+                    .build()
+                    .parseClaimsJws(token);
+            return true;
+        } catch (MalformedJwtException e) {
+            log.warn("잘못된 JWT 토큰: {}", e.getMessage());
+        } catch (ExpiredJwtException e) {
+            log.warn("만료된 JWT 토큰: {}", e.getMessage());
+        } catch (UnsupportedJwtException e) {
+            log.warn("지원되지 않는 JWT 토큰: {}", e.getMessage());
+        } catch (IllegalArgumentException e) {
+            log.warn("JWT 토큰이 잘못되었습니다: {}", e.getMessage());
+        } catch (SecurityException e) {
+            log.warn("JWT 서명이 잘못되었습니다: {}", e.getMessage());
+        }
+        return false;
     }
 
     public String getUsernameFromToken(String token) {
-        // TODO: JWT 의존성 추가 후 실제 토큰에서 사용자 정보 추출 로직으로 변경
-        return tokenToLoginIdMap.get(token);
+        try {
+            Claims claims = Jwts.parserBuilder()
+                    .setSigningKey(getSigningKey())
+                    .build()
+                    .parseClaimsJws(token)
+                    .getBody();
+            return claims.getSubject();
+        } catch (Exception e) {
+            log.warn("토큰에서 사용자 정보 추출 실패: {}", e.getMessage());
+            return null;
+        }
+    }
+
+    public boolean validateRefreshToken(String loginId, String refreshToken) {
+        String redisKey = REFRESH_TOKEN_PREFIX + loginId;
+        String storedToken = (String) redisTemplate.opsForValue().get(redisKey);
+        return refreshToken.equals(storedToken);
+    }
+
+    public void deleteRefreshToken(String loginId) {
+        String redisKey = REFRESH_TOKEN_PREFIX + loginId;
+        redisTemplate.delete(redisKey);
+    }
+
+    public String findUsernameByRefreshToken(String refreshToken) {
+        String pattern = REFRESH_TOKEN_PREFIX + "*";
+        var keys = redisTemplate.keys(pattern);
+        for (String key : keys) {
+            String storedToken = (String) redisTemplate.opsForValue().get(key);
+            if (refreshToken.equals(storedToken)) {
+                return key.substring(REFRESH_TOKEN_PREFIX.length());
+            }
+        }
+        return null;
     }
 }