Merge branch 'develop' into feature/ringus-31

Author: jbh010204

src/main/java/es/princip/ringus/application/auth/service/AuthService.java

@@ -1,13 +1,14 @@
 package es.princip.ringus.application.auth.service;
 
+
+import es.princip.ringus.application.member.service.MemberService;
 import es.princip.ringus.application.serviceTerm.ServiceTermAgreementService;
-import es.princip.ringus.domain.serviceTerm.ServiceTermAgreement;
+import es.princip.ringus.domain.email.EmailSessionRepository;
+import es.princip.ringus.domain.member.Member;
 import es.princip.ringus.presentation.auth.dto.request.LoginRequest;
-import es.princip.ringus.presentation.auth.dto.response.LoginResponse;
 import es.princip.ringus.presentation.auth.dto.request.SignUpRequest;
+import es.princip.ringus.presentation.auth.dto.response.LoginResponse;
 import es.princip.ringus.presentation.auth.dto.response.SignUpResponse;
-import es.princip.ringus.application.member.service.MemberService;
-import es.princip.ringus.domain.member.Member;
 import jakarta.servlet.http.HttpSession;
 import lombok.RequiredArgsConstructor;
 import org.springframework.stereotype.Service;
@@ -24,14 +25,17 @@ public class AuthService {
     private final EmailVerificationService verificationService;
     private final MemberService memberService;
     private final ServiceTermAgreementService serviceTermAgreementService;
+    private final EmailSessionRepository emailSessionRepository;
 
     @Transactional
-    public SignUpResponse signUp(SignUpRequest request){
-        verificationService.verifySession(request.email());
+    public SignUpResponse signUp(SignUpRequest request, HttpSession session){
+        String sessionId = session.getId();
+
+        verificationService.verifySession(request.email(), session);
 
-        Set<ServiceTermAgreement> serviceTerm = serviceTermAgreementService.validateAndCreateAgreements(request.serviceTerms());
+        Member member = memberService.createMember(request, serviceTermAgreementService.validateAndCreateAgreements(request.serviceTerms()));
 
-        Member member = memberService.createMember(request, serviceTerm);
+        emailSessionRepository.deleteById(sessionId);
 
         return new SignUpResponse(member.getId());
     }

src/main/java/es/princip/ringus/application/auth/service/EmailVerificationService.java

@@ -2,16 +2,21 @@
 
 import es.princip.ringus.domain.email.EmailSession;
 import es.princip.ringus.domain.email.EmailSessionRepository;
-import es.princip.ringus.domain.email.EmailVerificationRepository;
 import es.princip.ringus.domain.email.EmailVerification;
+import es.princip.ringus.domain.email.EmailVerificationRepository;
 import es.princip.ringus.domain.exception.EmailErrorCode;
 import es.princip.ringus.domain.exception.SignUpErrorCode;
 import es.princip.ringus.domain.member.MemberRepository;
 import es.princip.ringus.global.exception.CustomRuntimeException;
+import jakarta.annotation.PostConstruct;
+import jakarta.servlet.http.HttpSession;
 import jakarta.transaction.Transactional;
 import lombok.RequiredArgsConstructor;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Service;
 
+import java.util.Objects;
+
 @Service
 @RequiredArgsConstructor
 public class EmailVerificationService {
@@ -21,6 +26,14 @@ public class EmailVerificationService {
     private final MemberRepository memberRepository;
     private final EmailSendService emailSendService;
 
+    @Value("${verification.max-failed-attempts}")
+    private int maxFailedAttempts;
+
+    @PostConstruct
+    public void init(){
+        EmailVerification.setMaxFailedAttempts(maxFailedAttempts);
+    }
+
     @Transactional
     public void generateVerificationCode(String email) {
         if(memberRepository.existsByEmail(email)){
@@ -42,7 +55,7 @@ public void generateVerificationCode(String email) {
      * @throws CustomRuntimeException
      */
     @Transactional
-    public void verifyCode(String email, String inputCode){
+    public void verifyCode(String email, String inputCode, HttpSession session){
         EmailVerification verification = verificationRepository.findById(email)
                 .orElseThrow(() -> new CustomRuntimeException(EmailErrorCode.TTL_EXPIRED));
 
@@ -57,7 +70,11 @@ public void verifyCode(String email, String inputCode){
         }
 
         verificationRepository.delete(verification);
-        sessionRepository.save(EmailSession.of(email));
+
+        String sessionId = session.getId();
+
+        sessionRepository.save(EmailSession.of(email, sessionId));
+
     }
 
     /**
@@ -66,8 +83,14 @@ public void verifyCode(String email, String inputCode){
      * @throws CustomRuntimeException
      */
     @Transactional
-    public void verifySession(String email){
-        EmailSession emailSession = sessionRepository.findByEmail(email)
+    public void verifySession(String email, HttpSession session){
+        EmailSession emailSession = sessionRepository.findById(email)
                 .orElseThrow(() -> new CustomRuntimeException(EmailErrorCode.TTL_EXPIRED));
+
+        if(!Objects.equals(emailSession.getSessionId(), session.getId())){
+            throw new CustomRuntimeException(EmailErrorCode.SESSION_EMAIL_MISMATCH);
+        }
+
+        sessionRepository.delete(emailSession);
     }
 }

src/main/java/es/princip/ringus/application/member/service/MemberService.java

@@ -1,11 +1,14 @@
 package es.princip.ringus.application.member.service;
 
-import es.princip.ringus.domain.serviceTerm.ServiceTermAgreement;
-import es.princip.ringus.presentation.auth.dto.request.SignUpRequest;
+import es.princip.ringus.domain.exception.MemberErrorCode;
 import es.princip.ringus.domain.exception.SignUpErrorCode;
 import es.princip.ringus.domain.member.Member;
 import es.princip.ringus.domain.member.MemberRepository;
+import es.princip.ringus.domain.serviceTerm.ServiceTermAgreement;
 import es.princip.ringus.global.exception.CustomRuntimeException;
+import es.princip.ringus.global.util.UniversityDomainUtil;
+import es.princip.ringus.presentation.auth.dto.request.SignUpRequest;
+import es.princip.ringus.presentation.member.dto.MemberResponse;
 import lombok.RequiredArgsConstructor;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Service;
@@ -31,14 +34,19 @@ public Member createMember(SignUpRequest request, Set<ServiceTermAgreement> serv
             throw new CustomRuntimeException(SignUpErrorCode.DUPLICATE_EMAIL);
         }
 
-        Member member = Member.of(request.email(), request.password(), passwordEncoder, request.memberType(), serviceTerm);
+        boolean isUniversityVerified = UniversityDomainUtil.isUniversityVerified(request.email());
+
+        Member member = Member.of(request.email(), request.password(), passwordEncoder, request.memberType(), serviceTerm, isUniversityVerified);
+
         memberRepository.save(member);
 
         return member;
     }
 
-    public Member getByMemberId(Long memberId) {
-        return memberRepository.findById(memberId).orElseThrow();
-    }
+    public MemberResponse getMemberById(Long memberId){
+        Member member = memberRepository.findById(memberId)
+                .orElseThrow(() -> new CustomRuntimeException(MemberErrorCode.MEMBER_NOT_FOUND));
 
+        return MemberResponse.from(member);
+    }
 }

src/main/java/es/princip/ringus/domain/email/EmailSession.java

@@ -15,12 +15,14 @@ public class EmailSession implements Serializable {
 
     @Id
     private String email;
+    private String sessionId;
 
-    public static EmailSession of(String email) {
-        return new EmailSession(email);
+    public static EmailSession of(String email, String sessionId) {
+        return new EmailSession(email, sessionId);
     }
 
-    private EmailSession(String email) {
+    private EmailSession(String email, String sessionId) {
         this.email = email;
+        this.sessionId = sessionId;
     }
 }

src/main/java/es/princip/ringus/domain/email/EmailVerification.java

@@ -5,6 +5,7 @@
 import lombok.NoArgsConstructor;
 import org.springframework.data.annotation.Id;
 import org.springframework.data.redis.core.RedisHash;
+
 import java.io.Serializable;
 import java.util.Random;
 
@@ -26,6 +27,8 @@ public class EmailVerification implements Serializable {
 
     private int failedAttempts;
 
+    private static int maxFailedAttempts;
+
     public static EmailVerification of(String email) {
         return new EmailVerification(email, generateVerificationCode());
     }
@@ -45,10 +48,14 @@ public void plusFailedAttempts() {
     }
 
     public boolean hasVerificationAttemptsLeft() {
-        return failedAttempts < 5;
+        return failedAttempts < maxFailedAttempts;
     }
 
     public boolean isValid(String inputCode) {
         return this.verificationCode.equals(inputCode);
     }
+
+    public static void setMaxFailedAttempts(int maxFailedAttempts) {
+        EmailVerification.maxFailedAttempts = maxFailedAttempts;
+    }
 }

src/main/java/es/princip/ringus/domain/exception/EmailErrorCode.java

@@ -8,7 +8,9 @@ public enum EmailErrorCode implements ErrorCode {
     SUCESSS_VALILDATION(HttpStatus.OK, "성공적으로 인증되었습니다"),
     TTL_EXPIRED(HttpStatus.FORBIDDEN, "TTL 만료"),
     ERROR_EXCEEDED_ATTEMPTS(HttpStatus.FORBIDDEN, "인증번호 틀림 횟수 5회 이상, 새로운 인증번호를 발급 받아주세요"),
-    ERROR_INVALID_CODE(HttpStatus.BAD_REQUEST, "인증번호가 틀립니다");
+    ERROR_INVALID_CODE(HttpStatus.BAD_REQUEST, "인증번호가 틀립니다"),
+    SESSION_NOT_FOUND(HttpStatus.NOT_FOUND, "세션을 찾을 수 없음"),
+    SESSION_EMAIL_MISMATCH(HttpStatus.BAD_REQUEST, "요청된 이메일과 인증된 이메일이 다름");
 
     EmailErrorCode(HttpStatus status, String message) {
         this.status = status;

src/main/java/es/princip/ringus/domain/exception/MemberErrorCode.java

@@ -0,0 +1,33 @@
+package es.princip.ringus.domain.exception;
+
+import es.princip.ringus.global.exception.ErrorCode;
+import org.springframework.http.HttpStatus;
+
+public enum MemberErrorCode implements ErrorCode {
+
+    SESSION_EXPIRED(HttpStatus.UNAUTHORIZED, "세션이 거부됨"),
+    MEMBER_NOT_FOUND(HttpStatus.NOT_FOUND, "멤버를 찾을 수 없음");
+
+    MemberErrorCode(HttpStatus status, String message) {
+        this.status = status;
+        this.message = message;
+    }
+
+    private final HttpStatus status;
+    private final String message;
+
+    @Override
+    public HttpStatus status() {
+        return this.status;
+    }
+
+    @Override
+    public String message() {
+        return this.message;
+    }
+
+    @Override
+    public String code() {
+        return this.name();
+    }
+}

src/main/java/es/princip/ringus/domain/member/Member.java

@@ -30,22 +30,33 @@ public class Member extends BaseTimeEntity {
     @Enumerated(EnumType.STRING)
     private MemberType memberType;
 
-    @ElementCollection(fetch = FetchType.EAGER)
+    @ElementCollection(fetch = FetchType.LAZY)
     @CollectionTable(name = "service_term_agreement", joinColumns = @JoinColumn(name = "member_id"))
     private Set<ServiceTermAgreement> serviceTerms;
 
+    private boolean isFileVerified;
+
+    private boolean isProfileRegistered;
+
+    private boolean isUniversityVerified;
+
+    @OneToOne(mappedBy = "member", cascade = CascadeType.ALL, orphanRemoval = true)
+    private User user;
+
     public static Member of(
         final String email,
         final String password,
         final PasswordEncoder passwordEncoder,
         final String memberType,
-        final Set<ServiceTermAgreement> serviceTerms
+        final Set<ServiceTermAgreement> serviceTerms,
+        final boolean isUniversityVerified
     ) {
         return new Member(
             MemberType.valueOf(memberType),
             passwordEncoder.encode(password),
             email,
-            serviceTerms
+            serviceTerms,
+            isUniversityVerified
         );
     }
 
@@ -54,12 +65,27 @@ public Member(
         final MemberType memberType,
         final String password,
         final String email,
-        final Set<ServiceTermAgreement> serviceTerms
-
+        final Set<ServiceTermAgreement> serviceTerms,
+        final Boolean isUniversityVerified
     ) {
         this.memberType = memberType;
         this.password = password;
         this.email = email;
         this.serviceTerms = serviceTerms;
+        this.isFileVerified = false;
+        this.isProfileRegistered = false;
+        this.isUniversityVerified = isUniversityVerified;
+    }
+
+    public void verifyFile() {
+        this.isFileVerified = true;
+    }
+
+    public void registerProfile() {
+        this.isProfileRegistered = true;
+    }
+
+    public void confirmUniversity() {
+        this.isUniversityVerified = true;
     }
 }

src/main/java/es/princip/ringus/global/interceptor/SessionInterceptor.java

@@ -0,0 +1,23 @@
+package es.princip.ringus.global.interceptor;
+
+import es.princip.ringus.domain.exception.MemberErrorCode;
+import es.princip.ringus.global.exception.CustomRuntimeException;
+import es.princip.ringus.global.util.CookieUtil;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import jakarta.servlet.http.HttpSession;
+import org.springframework.stereotype.Component;
+import org.springframework.web.servlet.HandlerInterceptor;
+
+@Component
+public class SessionInterceptor implements HandlerInterceptor {
+    @Override
+    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler){
+        HttpSession session = request.getSession(false);
+        if(session == null){
+            throw new CustomRuntimeException(MemberErrorCode.SESSION_EXPIRED);
+        }
+        CookieUtil.addSessionCookie(response, session.getId());
+        return true;
+    }
+}