feat: 이메일 인증 코드 검증 후 리디렉션 기능 추가 #208
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- verifyEmailCode 메서드를 수정하여 이메일 인증 후 성공 및 실패 시 각각 다른 URL로 리디렉션하도록 구현 - UserException 발생 시 에러 메시지를 포함한 실패 리디렉션 추가 - HttpServletResponse를 사용하여 클라이언트에게 직접 리디렉션 응답 전송
Walkthrough사용자 이메일 검증 엔드포인트의 응답 방식이 JSON 응답에서 HTTP 리다이렉트로 변경되었습니다. 성공 시 성공 페이지로, 실패 시 에러 메시지를 포함하여 실패 페이지로 리다이렉트됩니다. Changes
Sequence DiagramsequenceDiagram
participant Client
participant UserVerifyController
participant AuthService
participant ExternalRedirect
Client->>UserVerifyController: GET /verify?email=...&key=...
UserVerifyController->>AuthService: verifyEmailCode(email, key)
alt Success
AuthService-->>UserVerifyController: Verification successful
UserVerifyController->>ExternalRedirect: Redirect to https://ezcode.my/email-verify-success?status=success
ExternalRedirect-->>Client: 302 Redirect
else UserException
AuthService-->>UserVerifyController: Throws UserException
UserVerifyController->>ExternalRedirect: Redirect to https://ezcode.my/email-verify-failure?status=failure&message=...
ExternalRedirect-->>Client: 302 Redirect
end
Estimated code review effort🎯 2 (Simple) | ⏱️ ~10 minutes Possibly related PRs
Suggested reviewers
Poem
🚥 Pre-merge checks | ✅ 3✅ Passed checks (3 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing touches
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 3
🤖 Fix all issues with AI agents
In
@src/main/java/org/ezcode/codetest/presentation/usermanagement/UserVerifyController.java:
- Around line 64-68: The redirect URL in UserVerifyController is hardcoded into
the redirectUrl assignment; inject configurable properties instead (e.g. add
@Value("${app.email-verify.success-url}") private String successRedirectUrl and
@Value("${app.email-verify.failure-url}") private String failureRedirectUrl to
the controller) and replace the
UriComponentsBuilder.fromUriString("https://ezcode.my/...") call with
UriComponentsBuilder.fromUriString(successRedirectUrl) (and similarly use
failureRedirectUrl for the failure path), and add the corresponding keys
(app.email-verify.success-url and app.email-verify.failure-url) to
application.yml for environment-specific values.
- Around line 73-79: Remove the manual URLEncoder.encode usage: don't set
errorMessage = URLEncoder.encode(...); instead pass the raw e.getMessage() (or a
sanitized message variable) into UriComponentsBuilder.queryParam("message", ...)
and call .encode() on the UriComponentsBuilder chain to let it perform proper
encoding; update the redirectUrl construction that uses UriComponentsBuilder to
call .encode() before .toUriString() and remove the now-unneeded
URLEncoder/StandardCharsets usage.
- Around line 71-82: The current try/catch in UserVerifyController only handles
UserException, so add a fallback catch for Exception to ensure
DB/network/runtime errors also redirect to the failure page; inside the new
catch(Exception e) log the error and build the same redirect URL (use
URLEncoder.encode(e.getMessage(), StandardCharsets.UTF_8) or a generic message
if null) and call response.sendRedirect(redirectUrl), or alternatively implement
a @ControllerAdvice global handler for this endpoint that performs the same
redirect behavior for uncaught exceptions.
🧹 Nitpick comments (2)
src/main/java/org/ezcode/codetest/presentation/usermanagement/UserVerifyController.java (2)
71-72: 예외 발생 시 로깅이 누락되었습니다.
UserException발생 시 로그를 남기지 않으면, 인증 실패 원인을 추적하기 어렵습니다. 디버깅 및 모니터링을 위해 로그를 추가하세요.♻️ 로깅 추가 제안
} catch (UserException e) { + log.warn("이메일 인증 실패: email={}, reason={}", email, e.getMessage()); // 실패 시 프론트엔드로 리디렉션 (에러 메시지 포함)
64-68: 성공 URL의status=success쿼리 파라미터가 중복되어 보입니다.URL 경로가 이미
/email-verify-success로 성공을 나타내고 있어,status=success파라미터는 불필요해 보입니다. 프론트엔드에서 실제로 이 파라미터를 사용하는지 확인해 주세요.
📜 Review details
Configuration used: Repository UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (1)
src/main/java/org/ezcode/codetest/presentation/usermanagement/UserVerifyController.java
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)
- GitHub Check: build
Comment on lines
+64
to
+68
| String redirectUrl = UriComponentsBuilder | ||
| .fromUriString("https://ezcode.my/email-verify-success") | ||
| .queryParam("status", "success") | ||
| .build() | ||
| .toUriString(); |
There was a problem hiding this comment.
🛠️ Refactor suggestion | 🟠 Major
하드코딩된 리디렉션 URL을 설정으로 분리하세요.
https://ezcode.my/... URL이 하드코딩되어 있습니다. 개발/스테이징/프로덕션 환경에 따라 다른 URL을 사용해야 할 가능성이 높으므로, application.yml 또는 @Value를 통해 외부 설정으로 분리하는 것이 좋습니다.
♻️ 설정 분리 예시
// Controller에 추가
@Value("${app.email-verify.success-url}")
private String successRedirectUrl;
@Value("${app.email-verify.failure-url}")
private String failureRedirectUrl;# application.yml
app:
email-verify:
success-url: https://ezcode.my/email-verify-success
failure-url: https://ezcode.my/email-verify-failure🤖 Prompt for AI Agents
In
@src/main/java/org/ezcode/codetest/presentation/usermanagement/UserVerifyController.java
around lines 64 - 68, The redirect URL in UserVerifyController is hardcoded into
the redirectUrl assignment; inject configurable properties instead (e.g. add
@Value("${app.email-verify.success-url}") private String successRedirectUrl and
@Value("${app.email-verify.failure-url}") private String failureRedirectUrl to
the controller) and replace the
UriComponentsBuilder.fromUriString("https://ezcode.my/...") call with
UriComponentsBuilder.fromUriString(successRedirectUrl) (and similarly use
failureRedirectUrl for the failure path), and add the corresponding keys
(app.email-verify.success-url and app.email-verify.failure-url) to
application.yml for environment-specific values.
Comment on lines
+71
to
+82
| } catch (UserException e) { | ||
| // 실패 시 프론트엔드로 리디렉션 (에러 메시지 포함) | ||
| String errorMessage = URLEncoder.encode(e.getMessage(), StandardCharsets.UTF_8); | ||
| String redirectUrl = UriComponentsBuilder | ||
| .fromUriString("https://ezcode.my/email-verify-failure") | ||
| .queryParam("status", "failure") | ||
| .queryParam("message", errorMessage) | ||
| .build() | ||
| .toUriString(); | ||
|
|
||
| response.sendRedirect(redirectUrl); | ||
| } |
There was a problem hiding this comment.
UserException 외의 예외 처리가 누락되었습니다.
UserException만 catch하고 있어, 다른 런타임 예외(DB 오류, 네트워크 오류 등)가 발생하면 사용자에게 적절한 리디렉션 없이 500 에러가 노출될 수 있습니다. 일반 예외에 대한 fallback 처리를 추가하거나, @ControllerAdvice에서 이 엔드포인트에 대한 예외 처리를 별도로 구현하는 것을 권장합니다.
🐛 예외 처리 보완 예시
} catch (UserException e) {
// 실패 시 프론트엔드로 리디렉션 (에러 메시지 포함)
- String errorMessage = URLEncoder.encode(e.getMessage(), StandardCharsets.UTF_8);
String redirectUrl = UriComponentsBuilder
.fromUriString("https://ezcode.my/email-verify-failure")
.queryParam("status", "failure")
- .queryParam("message", errorMessage)
- .build()
+ .queryParam("message", e.getMessage())
+ .encode()
+ .build()
.toUriString();
response.sendRedirect(redirectUrl);
+ } catch (Exception e) {
+ log.error("이메일 인증 중 예외 발생: email={}", email, e);
+ String redirectUrl = UriComponentsBuilder
+ .fromUriString("https://ezcode.my/email-verify-failure")
+ .queryParam("status", "failure")
+ .queryParam("message", "인증 처리 중 오류가 발생했습니다.")
+ .encode()
+ .build()
+ .toUriString();
+
+ response.sendRedirect(redirectUrl);
}🤖 Prompt for AI Agents
In
@src/main/java/org/ezcode/codetest/presentation/usermanagement/UserVerifyController.java
around lines 71 - 82, The current try/catch in UserVerifyController only handles
UserException, so add a fallback catch for Exception to ensure
DB/network/runtime errors also redirect to the failure page; inside the new
catch(Exception e) log the error and build the same redirect URL (use
URLEncoder.encode(e.getMessage(), StandardCharsets.UTF_8) or a generic message
if null) and call response.sendRedirect(redirectUrl), or alternatively implement
a @ControllerAdvice global handler for this endpoint that performs the same
redirect behavior for uncaught exceptions.
Comment on lines
+73
to
+79
| String errorMessage = URLEncoder.encode(e.getMessage(), StandardCharsets.UTF_8); | ||
| String redirectUrl = UriComponentsBuilder | ||
| .fromUriString("https://ezcode.my/email-verify-failure") | ||
| .queryParam("status", "failure") | ||
| .queryParam("message", errorMessage) | ||
| .build() | ||
| .toUriString(); |
There was a problem hiding this comment.
URL 이중 인코딩 문제가 발생할 수 있습니다.
URLEncoder.encode()로 인코딩한 후 UriComponentsBuilder.queryParam()에 전달하면, queryParam()이 다시 인코딩을 수행하여 이중 인코딩 문제가 발생합니다.
🐛 수정 제안
- String errorMessage = URLEncoder.encode(e.getMessage(), StandardCharsets.UTF_8);
String redirectUrl = UriComponentsBuilder
.fromUriString("https://ezcode.my/email-verify-failure")
.queryParam("status", "failure")
- .queryParam("message", errorMessage)
- .build()
+ .queryParam("message", e.getMessage())
+ .encode()
+ .build()
.toUriString();UriComponentsBuilder.encode()를 사용하면 쿼리 파라미터가 적절히 인코딩됩니다. URLEncoder.encode()는 제거하세요.
🤖 Prompt for AI Agents
In
@src/main/java/org/ezcode/codetest/presentation/usermanagement/UserVerifyController.java
around lines 73 - 79, Remove the manual URLEncoder.encode usage: don't set
errorMessage = URLEncoder.encode(...); instead pass the raw e.getMessage() (or a
sanitized message variable) into UriComponentsBuilder.queryParam("message", ...)
and call .encode() on the UriComponentsBuilder chain to let it perform proper
encoding; update the redirectUrl construction that uses UriComponentsBuilder to
call .encode() before .toUriString() and remove the now-unneeded
URLEncoder/StandardCharsets usage.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
작업 내용
Summary by CodeRabbit
릴리스 노트
✏️ Tip: You can customize this high-level summary in your review settings.