Refactor : user테이블 AuthType 분리 (#72)

* refactor : SecurityPath 클래스로 public 경로 한곳에서 관리

* feature : userAuthType 테이블 생성

* feature : user-userAuthType 테이블 분리 및 연관관계 설정

* 중복 가입시, UserAuthType테이블에 Authtype만 추가

* refator : User의 AuthType을 UserAuthType 테이블로 분리

이메일, 소셜로그인 모두 해도, 이메일이 같다면 동일유저로 취급

* refactor : dev 머지

* refactor : 회원 가입 유형에 따른  비밀번호 변경 로직 변경

소셜 가입만 한 회원은 비번 변경 불가, 이메일 가입이 되어있으면 변경 가능. 이메일 가입을 한 경우에 비번이 회원이 설정한 비번으로 들어가게 됨. 소셜만 가입하면 UUID로 랜덤값 지정

* refactor : 코드래빗 의견 반영하여 자잘한 코드 변경

* refactor : 로그아웃 요청 경로 수정 '/api/auth/logout' -> '/api/logout'

Author: minjee2758

src/main/java/org/ezcode/codetest/application/usermanagement/auth/service/AuthService.java

@@ -1,5 +1,6 @@
 package org.ezcode.codetest.application.usermanagement.auth.service;
 
+import java.util.List;
 import java.util.concurrent.TimeUnit;
 
 import org.ezcode.codetest.application.usermanagement.auth.dto.response.RefreshTokenResponse;
@@ -11,6 +12,7 @@
 import org.ezcode.codetest.domain.user.exception.AuthException;
 import org.ezcode.codetest.domain.user.exception.AuthExceptionCode;
 import org.ezcode.codetest.domain.user.model.entity.User;
+import org.ezcode.codetest.domain.user.model.entity.UserAuthType;
 import org.ezcode.codetest.domain.user.model.enums.AuthType;
 import org.ezcode.codetest.domain.user.service.UserDomainService;
 import org.ezcode.codetest.common.security.util.JwtUtil;
@@ -40,6 +42,7 @@ public class AuthService {
 	 */
 	@Transactional
 	public SignupResponse signup(SignupRequest signupRequest) {
+
 		userDomainService.checkEmailUnique(signupRequest.getEmail());
 
 		if (!signupRequest.getPassword().equals(signupRequest.getPasswordConfirm())){
@@ -48,23 +51,46 @@ public SignupResponse signup(SignupRequest signupRequest) {
 
 		String encodedPassword = userDomainService.encodePassword(signupRequest.getPassword());
 
+		User existUser = userDomainService.getUserByEmail(signupRequest.getEmail());
 
-		User newUser = User.emailUser(
-			signupRequest.getEmail(),
-			encodedPassword,
-			signupRequest.getUsername(),
-			signupRequest.getNickname(),
-			signupRequest.getAge()
-		);
-
-		userDomainService.createUser(newUser);
+		String bearToken;
 
-		String bearToken = jwtUtil.createToken(
-			newUser.getId(),
-			newUser.getEmail(),
-			newUser.getRole(),
-			newUser.getUsername(),newUser.getNickname(),
-			newUser.getTier());
+		//만약 아예 유저 테이블에 없으면 둘 다 저장
+		if (existUser == null) {
+			User newUser = User.emailUser(
+				signupRequest.getEmail(),
+				encodedPassword,
+				signupRequest.getUsername(),
+				signupRequest.getNickname(),
+				signupRequest.getAge()
+			);
+			UserAuthType userAuthType = new UserAuthType(newUser, AuthType.EMAIL);
+			userDomainService.createUser(newUser);
+			userDomainService.createUserAuthType(userAuthType);
+
+			bearToken = jwtUtil.createToken(
+				newUser.getId(),
+				newUser.getEmail(),
+				newUser.getRole(),
+				newUser.getUsername(),newUser.getNickname(),
+				newUser.getTier());
+		} else {
+			//유저 테이블에는 존재하다면 AuthType만 추가
+			UserAuthType userAuthType = new UserAuthType(existUser, AuthType.EMAIL);
+			userDomainService.createUserAuthType(userAuthType);
+
+			//로컬 가입(이메일)은 안되어있는데 소셜은 되어있는 경우이므로, UUID 비번을 사용자가 지정한 비번으로 변경한다. -> 이후 비번 변경하면 User테이블에서 변경하면됨.
+			existUser.modifyPassword(encodedPassword);
+			log.info("유저 타입 저장 완료 {}", userAuthType);
+
+			bearToken = jwtUtil.createToken(
+				existUser.getId(),
+				existUser.getEmail(),
+				existUser.getRole(),
+				existUser.getUsername(),
+				existUser.getNickname(),
+				existUser.getTier());
+		}
 
 		return SignupResponse.from(bearToken);
 	}
@@ -81,9 +107,10 @@ public SigninResponse signin(@Valid SigninRequest signinRequest) {
     	User loginUser = userDomainService.getUser(signinRequest.getEmail());
 
 		userDomainService.isDeletedUser(loginUser);
+		List<AuthType> userAuthTypes = userDomainService.getUserAuthTypes(loginUser);
 
 		//OAuth 가입 유저는 일반 로그인 불가능(향후 이메일과 소셜 모두 가입되어있는 회원의 경우 로그인 가능할 수 있도록 리팩토링)
-		if (!loginUser.getAuthType().equals(AuthType.EMAIL)) {
+		if (!userAuthTypes.contains(AuthType.EMAIL)) {
 			throw new AuthException(AuthExceptionCode.AUTH_TYPE_MISMATCH);
 		}
 
@@ -115,6 +142,7 @@ public SigninResponse signin(@Valid SigninRequest signinRequest) {
 		return SigninResponse.from(bearToken, refreshToken);
 	}
 
+
 	public LogoutResponse logout(Long userId, String token) {
 
 		Long expiration = jwtUtil.getRemainingTime(token);

src/main/java/org/ezcode/codetest/application/usermanagement/user/service/UserService.java

@@ -79,7 +79,7 @@ public ChangeUserPasswordResponse modifyUserPassword(AuthUser authUser, ChangeUs
 		User user = userDomainService.getUserById(authUser.getId());
 
 		//소셜로그인 회원은 변경 불가
-		if (!user.getAuthType().equals(AuthType.EMAIL)) {
+		if (!userDomainService.getUserAuthTypes(user).contains(AuthType.EMAIL)) {
 			throw new AuthException(AuthExceptionCode.NOT_EMAIL_USER);
 		}
 
@@ -104,7 +104,6 @@ public WithdrawUserResponse withdrawUser(AuthUser authUser) {
 
 		user.setDeleted();
 
-
 		redisTemplate.delete("RefreshToken:"+authUser.getId());
 
 		return new WithdrawUserResponse("탈퇴가 완료되었습니다");

src/main/java/org/ezcode/codetest/common/security/config/SecurityConfig.java

@@ -1,10 +1,12 @@
 package org.ezcode.codetest.common.security.config;
 
+import org.ezcode.codetest.common.security.util.SecurityPath;
 import org.ezcode.codetest.domain.user.service.CustomOAuth2UserService;
 import org.ezcode.codetest.common.security.hander.CustomSuccessHandler;
 import org.ezcode.codetest.common.security.util.ExceptionHandlingFilter;
 import org.ezcode.codetest.common.security.util.JwtFilter;
 import org.ezcode.codetest.common.security.util.JwtUtil;
+import org.springframework.boot.web.servlet.FilterRegistrationBean;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.data.redis.core.RedisTemplate;
@@ -44,13 +46,11 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
 			.formLogin(AbstractHttpConfigurer::disable)
 			.httpBasic(AbstractHttpConfigurer::disable)
 			.logout(AbstractHttpConfigurer::disable)
-			.oauth2Login(outh2 -> outh2
-				.userInfoEndpoint(userInfoEndpointConfig ->
-					userInfoEndpointConfig.userService(customOAuth2UserService))
-				.successHandler(customSuccessHandler)
-				.loginPage("/login")
-			)
-			// JWT 사용을 위해 세션을 STATELESS로 설정
+			.oauth2Login((outh2)-> outh2
+				.userInfoEndpoint((userInfoEndpointConfig ->
+					userInfoEndpointConfig.userService(customOAuth2UserService)))
+				.successHandler(customSuccessHandler))
+			// JWT 사용을 위해 세션을 STATELESS로 설정 (세션 정보 저장 x)
 			.sessionManagement(session -> session
 				.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
 			)
@@ -63,32 +63,13 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
 				authorizeRequests
 					.requestMatchers(new DispatcherTypeRequestMatcher(DispatcherType.ASYNC)).permitAll()
 					.requestMatchers(
-						"/api/auth/**",
-						"/login",
-						"/ezlogin",
-						"/login/**",
-						"/oauth2/**",
-						"/login/oauth",
-						"/login/oauth2/**",
-						"/actuator/**",
-						"/chatting",
-						"/submit-test",
-						"/problems/**",
-						"/ws/**",
-						"/swagger-ui/**",
-						"/swagger-resources/**",
-						"/v2/**",
-						"/v3/**",
-						"/webjars/**",
-						"/searching",
-						"/css/**",
-						"/images/**"
-					).permitAll()
-					.requestMatchers("/admin/**").hasRole("ADMIN")
-					.anyRequest().authenticated()
+						SecurityPath.PUBLIC_PATH).permitAll()
+					.requestMatchers("/admin/**").hasRole("ADMIN") //어드민 권한 필요 (문제 생성, 관리 등)
+					.anyRequest().authenticated() //나머지는 일반 인증
 			)
 			.addFilterBefore(jwtFilter, UsernamePasswordAuthenticationFilter.class)
 			.addFilterBefore(exceptionFilter, JwtFilter.class)
+
 			.build();
 	}
 

src/main/java/org/ezcode/codetest/common/security/hander/CustomSuccessHandler.java

@@ -43,7 +43,8 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo
 		//OAuth2User
 		CustomOAuth2User customUserDetails = (CustomOAuth2User) authentication.getPrincipal();
 
-		User loginUser = userDomainService.getOAuthUser(customUserDetails.getEmail(), customUserDetails.getProvider());
+		User loginUser = userDomainService.getUserByEmail(customUserDetails.getEmail());
+		log.info("loginUser: {}", loginUser);
 
 		String accessToken = jwtUtil.createToken(
 			loginUser.getId(),

src/main/java/org/ezcode/codetest/common/security/util/JwtFilter.java

@@ -32,27 +32,17 @@ public class JwtFilter extends OncePerRequestFilter {
 	private final JwtUtil jwtUtil;
 	private final RedisTemplate<String, String> redisTemplate;
 
-	// 토큰 검증을 건너뛸 경로들
-	private static final String[] WHITE_LIST = {
-		"/api/auth/signin",
-		"/api/auth/signup",
-		"/api/auth/refresh",
-		"/swagger-ui",
-		"/v3/api-docs",
-	};
-
-
 	@Override
 	protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
 									FilterChain filterChain) throws ServletException, IOException {
 
-		String requestURI = request.getRequestURI();
-
-		//whiteList 등록
-		if (shouldSkipFilter(requestURI)) {
-			filterChain.doFilter(request, response);
-			return;
-		}
+		// String requestURI = request.getRequestURI();
+		//
+		// //whiteList 등록
+		// if (shouldNotFilter(requestURI)) {
+		// 	filterChain.doFilter(request, response);
+		// 	return;
+		// }
 
 		String bearerToken = request.getHeader("Authorization");
 
@@ -101,9 +91,19 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
 		filterChain.doFilter(request, response);
 		}
 
-	private boolean shouldSkipFilter(String requestURI){
-		return Arrays.stream(WHITE_LIST).anyMatch(requestURI::startsWith);
+	// 필터링 제외할 경로 지정
+	@Override
+	protected boolean shouldNotFilter(HttpServletRequest request) {
+		String requestURI = request.getRequestURI();
+		return Arrays.stream(SecurityPath.PUBLIC_PATH)
+			.anyMatch(path -> {
+				if (path.endsWith("/**")) {
+					return requestURI.startsWith(path.substring(0, path.length() - 3));
+				}
+				return requestURI.startsWith(path);
+			});
 	}
 
+
 	}
 

src/main/java/org/ezcode/codetest/common/security/util/SecurityPath.java

@@ -0,0 +1,29 @@
+package org.ezcode.codetest.common.security.util;
+
+import org.springframework.stereotype.Component;
+
+@Component
+public class SecurityPath {
+	public static final String[] PUBLIC_PATH = {
+		"/api/auth/**",
+		"/login",
+		"/ezlogin",
+		"/login/**",
+		"/oauth2/**",
+		"/login/oauth",
+		"/login/oauth2/**", //OAuth로그인 접근
+		"/actuator/**",
+		"/chatting",
+		"/submit-test",
+		"/problems/**",
+		"/ws/**",
+		"/swagger-ui/**",
+		"/swagger-resources/**",
+		"/v2/**",
+		"/v3/**",
+		"/webjars/**",
+		"/searching",
+		"/css/**", //html 화면 구성 접근
+		"/images/**"
+	};
+}