diff --git a/.gitignore b/.gitignore index c2065bc..ce9b259 100644 --- a/.gitignore +++ b/.gitignore @@ -35,3 +35,7 @@ out/ ### VS Code ### .vscode/ + +### .env file ### +*.env + diff --git a/src/main/java/com/WhoIsRoom/WhoIs_Server/domain/auth/controller/AuthController.java b/src/main/java/com/WhoIsRoom/WhoIs_Server/domain/auth/controller/AuthController.java index 5cd7dd2..d02073f 100644 --- a/src/main/java/com/WhoIsRoom/WhoIs_Server/domain/auth/controller/AuthController.java +++ b/src/main/java/com/WhoIsRoom/WhoIs_Server/domain/auth/controller/AuthController.java @@ -1,15 +1,19 @@ package com.WhoIsRoom.WhoIs_Server.domain.auth.controller; +import com.WhoIsRoom.WhoIs_Server.domain.auth.dto.request.CodeCheckRequest; +import com.WhoIsRoom.WhoIs_Server.domain.auth.dto.request.MailRequest; +import com.WhoIsRoom.WhoIs_Server.domain.auth.dto.request.PasswordRequest; +import com.WhoIsRoom.WhoIs_Server.domain.auth.dto.request.RefreshTokenRequest; +import com.WhoIsRoom.WhoIs_Server.domain.auth.dto.response.ReissueResponse; import com.WhoIsRoom.WhoIs_Server.domain.auth.service.JwtService; +import com.WhoIsRoom.WhoIs_Server.domain.auth.service.MailService; +import com.WhoIsRoom.WhoIs_Server.domain.user.service.UserService; +import com.WhoIsRoom.WhoIs_Server.global.common.resolver.CurrentUserId; import com.WhoIsRoom.WhoIs_Server.global.common.response.BaseResponse; import jakarta.servlet.http.HttpServletRequest; -import jakarta.servlet.http.HttpServletResponse; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; -import org.springframework.web.bind.annotation.PostMapping; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RequestParam; -import org.springframework.web.bind.annotation.RestController; +import org.springframework.web.bind.annotation.*; @Slf4j @RestController @@ -18,16 +22,44 @@ public class AuthController { private final JwtService jwtService; + private final MailService mailService; + private final UserService userService; @PostMapping("/logout") - public BaseResponse logout(HttpServletRequest request){ - jwtService.logout(request); + public BaseResponse logout(HttpServletRequest request, + @RequestBody RefreshTokenRequest tokenRequest){ + jwtService.logout(request, tokenRequest); return BaseResponse.ok(null); } @PostMapping("/reissue") - public BaseResponse reissueTokens(HttpServletRequest request, HttpServletResponse response) { - jwtService.reissueTokens(request, response); + public BaseResponse reissueTokens(@RequestBody RefreshTokenRequest tokenRequest) { + ReissueResponse response = jwtService.reissueTokens(tokenRequest); + return BaseResponse.ok(response); + } + + @PostMapping("/email/send") + public BaseResponse sendAuthCodeMail(@RequestBody MailRequest request) { + mailService.sendMail(request); + return BaseResponse.ok(null); + } + + @PostMapping("/email/validation") + public BaseResponse checkAuthCode(@RequestBody CodeCheckRequest request) { + mailService.checkAuthCode(request); + return BaseResponse.ok(null); + } + + @PostMapping("/email/find-password") + public BaseResponse findPassword(@RequestBody MailRequest request) { + userService.sendNewPassword(request); + return BaseResponse.ok(null); + } + + @PatchMapping("/password") + public BaseResponse updatePassword(@CurrentUserId Long userId, + @RequestBody PasswordRequest request) { + userService.updateMyPassword(userId, request); return BaseResponse.ok(null); } } diff --git a/src/main/java/com/WhoIsRoom/WhoIs_Server/domain/auth/dto/request/CodeCheckRequest.java b/src/main/java/com/WhoIsRoom/WhoIs_Server/domain/auth/dto/request/CodeCheckRequest.java new file mode 100644 index 0000000..a93c232 --- /dev/null +++ b/src/main/java/com/WhoIsRoom/WhoIs_Server/domain/auth/dto/request/CodeCheckRequest.java @@ -0,0 +1,15 @@ +package com.WhoIsRoom.WhoIs_Server.domain.auth.dto.request; + +import io.swagger.v3.oas.annotations.media.Schema; +import jakarta.validation.constraints.NotNull; +import lombok.AccessLevel; +import lombok.Getter; +import lombok.NoArgsConstructor; + +@NoArgsConstructor(access = AccessLevel.PROTECTED) +@Getter +public class CodeCheckRequest { + private String email; + private String authCode; +} + diff --git a/src/main/java/com/WhoIsRoom/WhoIs_Server/domain/auth/dto/request/MailRequest.java b/src/main/java/com/WhoIsRoom/WhoIs_Server/domain/auth/dto/request/MailRequest.java new file mode 100644 index 0000000..f4ce932 --- /dev/null +++ b/src/main/java/com/WhoIsRoom/WhoIs_Server/domain/auth/dto/request/MailRequest.java @@ -0,0 +1,13 @@ +package com.WhoIsRoom.WhoIs_Server.domain.auth.dto.request; + +import io.swagger.v3.oas.annotations.media.Schema; +import jakarta.validation.constraints.NotNull; +import lombok.AccessLevel; +import lombok.Getter; +import lombok.NoArgsConstructor; + +@Getter +@NoArgsConstructor(access = AccessLevel.PROTECTED) +public class MailRequest { + private String email; +} \ No newline at end of file diff --git a/src/main/java/com/WhoIsRoom/WhoIs_Server/domain/auth/dto/request/PasswordRequest.java b/src/main/java/com/WhoIsRoom/WhoIs_Server/domain/auth/dto/request/PasswordRequest.java new file mode 100644 index 0000000..a02532c --- /dev/null +++ b/src/main/java/com/WhoIsRoom/WhoIs_Server/domain/auth/dto/request/PasswordRequest.java @@ -0,0 +1,12 @@ +package com.WhoIsRoom.WhoIs_Server.domain.auth.dto.request; + +import lombok.AccessLevel; +import lombok.Getter; +import lombok.NoArgsConstructor; + +@Getter +@NoArgsConstructor(access = AccessLevel.PROTECTED) +public class PasswordRequest { + private String prePassword; + private String newPassword; +} diff --git a/src/main/java/com/WhoIsRoom/WhoIs_Server/domain/auth/dto/request/RefreshTokenRequest.java b/src/main/java/com/WhoIsRoom/WhoIs_Server/domain/auth/dto/request/RefreshTokenRequest.java new file mode 100644 index 0000000..7002cbc --- /dev/null +++ b/src/main/java/com/WhoIsRoom/WhoIs_Server/domain/auth/dto/request/RefreshTokenRequest.java @@ -0,0 +1,11 @@ +package com.WhoIsRoom.WhoIs_Server.domain.auth.dto.request; + +import lombok.AccessLevel; +import lombok.Getter; +import lombok.NoArgsConstructor; + +@Getter +@NoArgsConstructor(access = AccessLevel.PROTECTED) +public class RefreshTokenRequest { + private String refreshToken; +} diff --git a/src/main/java/com/WhoIsRoom/WhoIs_Server/domain/auth/dto/response/ReissueResponse.java b/src/main/java/com/WhoIsRoom/WhoIs_Server/domain/auth/dto/response/ReissueResponse.java new file mode 100644 index 0000000..2bb775a --- /dev/null +++ b/src/main/java/com/WhoIsRoom/WhoIs_Server/domain/auth/dto/response/ReissueResponse.java @@ -0,0 +1,11 @@ +package com.WhoIsRoom.WhoIs_Server.domain.auth.dto.response; + +import lombok.Builder; +import lombok.Getter; + +@Getter +@Builder +public class ReissueResponse { + private String accessToken; + private String refreshToken; +} diff --git a/src/main/java/com/WhoIsRoom/WhoIs_Server/domain/auth/handler/success/CustomAuthenticationSuccessHandler.java b/src/main/java/com/WhoIsRoom/WhoIs_Server/domain/auth/handler/success/CustomAuthenticationSuccessHandler.java index 24cd7f8..fe2be56 100644 --- a/src/main/java/com/WhoIsRoom/WhoIs_Server/domain/auth/handler/success/CustomAuthenticationSuccessHandler.java +++ b/src/main/java/com/WhoIsRoom/WhoIs_Server/domain/auth/handler/success/CustomAuthenticationSuccessHandler.java @@ -47,8 +47,6 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo jwtService.storeRefreshToken(refreshToken); log.info("[CustomAuthenticationSuccessHandler], refreshToken={}", refreshToken); - jwtService.sendTokens(response, accessToken, refreshToken); - LoginResponse data = LoginResponse.builder() .accessToken(accessToken) .refreshToken(refreshToken) diff --git a/src/main/java/com/WhoIsRoom/WhoIs_Server/domain/auth/service/JwtService.java b/src/main/java/com/WhoIsRoom/WhoIs_Server/domain/auth/service/JwtService.java index a20d69b..35e392e 100644 --- a/src/main/java/com/WhoIsRoom/WhoIs_Server/domain/auth/service/JwtService.java +++ b/src/main/java/com/WhoIsRoom/WhoIs_Server/domain/auth/service/JwtService.java @@ -1,17 +1,24 @@ package com.WhoIsRoom.WhoIs_Server.domain.auth.service; +import com.WhoIsRoom.WhoIs_Server.domain.auth.dto.request.RefreshTokenRequest; +import com.WhoIsRoom.WhoIs_Server.domain.auth.dto.response.LoginResponse; +import com.WhoIsRoom.WhoIs_Server.domain.auth.dto.response.ReissueResponse; import com.WhoIsRoom.WhoIs_Server.domain.auth.exception.CustomAuthenticationException; import com.WhoIsRoom.WhoIs_Server.domain.auth.exception.CustomJwtException; import com.WhoIsRoom.WhoIs_Server.domain.auth.util.JwtUtil; import com.WhoIsRoom.WhoIs_Server.global.common.redis.RedisService; +import com.WhoIsRoom.WhoIs_Server.global.common.response.BaseResponse; import com.WhoIsRoom.WhoIs_Server.global.common.response.ErrorCode; +import com.fasterxml.jackson.databind.ObjectMapper; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Value; +import org.springframework.http.MediaType; import org.springframework.stereotype.Service; +import java.io.IOException; import java.time.Duration; @Slf4j @@ -37,27 +44,30 @@ public class JwtService { private final RedisService redisService; private final JwtUtil jwtUtil; + private final ObjectMapper objectMapper; - public void logout(HttpServletRequest request) { + public void logout(HttpServletRequest request, RefreshTokenRequest tokenRequest) { String accessToken = jwtUtil.extractAccessToken(request) .orElseThrow(() -> new CustomAuthenticationException(ErrorCode.SECURITY_INVALID_ACCESS_TOKEN)); - String refreshToken = jwtUtil.extractRefreshToken(request) - .orElseThrow(() -> new CustomAuthenticationException(ErrorCode.SECURITY_INVALID_REFRESH_TOKEN)); + + String refreshToken = tokenRequest.getRefreshToken(); + jwtUtil.validateToken(refreshToken); + if (!"refresh".equals(jwtUtil.getTokenType(refreshToken))) { + throw new CustomJwtException(ErrorCode.INVALID_TOKEN_TYPE); + } deleteRefreshToken(refreshToken); //access token blacklist 처리 -> 로그아웃한 사용자가 요청 시 access token이 redis에 존재하면 jwtAuthenticationFilter에서 인증처리 거부 invalidAccessToken(accessToken); } - public void reissueTokens(HttpServletRequest request, HttpServletResponse response) { - String refreshToken = jwtUtil.extractRefreshToken(request) - .orElseThrow(() -> new CustomAuthenticationException(ErrorCode.SECURITY_INVALID_REFRESH_TOKEN)); - + public ReissueResponse reissueTokens(RefreshTokenRequest tokenRequest) { + String refreshToken = tokenRequest.getRefreshToken(); jwtUtil.validateToken(refreshToken); if (!"refresh".equals(jwtUtil.getTokenType(refreshToken))) { throw new CustomJwtException(ErrorCode.INVALID_TOKEN_TYPE); } - reissueAndSendTokens(response, refreshToken); + return reissueAndSendTokens(refreshToken); } public void checkLogout(String accessToken) { @@ -83,7 +93,7 @@ private void invalidAccessToken(String accessToken) { Duration.ofMillis(ACCESS_TOKEN_EXPIRED_IN)); } - private void reissueAndSendTokens(HttpServletResponse response, String refreshToken) { + private ReissueResponse reissueAndSendTokens(String refreshToken) { // 새로운 Refresh Token 발급 String reissuedAccessToken = jwtUtil.createAccessToken(jwtUtil.getUserId(refreshToken), jwtUtil.getProviderId(refreshToken), jwtUtil.getRole(refreshToken), jwtUtil.getName(refreshToken)); @@ -95,12 +105,9 @@ private void reissueAndSendTokens(HttpServletResponse response, String refreshTo // 기존 Refresh Token 폐기 (DB나 Redis에서 삭제) deleteRefreshToken(refreshToken); - sendTokens(response, reissuedAccessToken, reissuedRefreshToken); - } - - public void sendTokens(HttpServletResponse response, String accessToken, - String refreshToken) { - response.setHeader(ACCESS_HEADER, BEARER_PREFIX + accessToken); - response.setHeader(REFRESH_HEADER, BEARER_PREFIX + refreshToken); + return ReissueResponse.builder() + .accessToken(reissuedAccessToken) + .refreshToken(reissuedRefreshToken) + .build(); } } diff --git a/src/main/java/com/WhoIsRoom/WhoIs_Server/domain/auth/service/MailService.java b/src/main/java/com/WhoIsRoom/WhoIs_Server/domain/auth/service/MailService.java new file mode 100644 index 0000000..6d913b9 --- /dev/null +++ b/src/main/java/com/WhoIsRoom/WhoIs_Server/domain/auth/service/MailService.java @@ -0,0 +1,171 @@ +package com.WhoIsRoom.WhoIs_Server.domain.auth.service; + +import com.WhoIsRoom.WhoIs_Server.domain.auth.dto.request.CodeCheckRequest; +import com.WhoIsRoom.WhoIs_Server.domain.auth.dto.request.MailRequest; +import com.WhoIsRoom.WhoIs_Server.domain.auth.exception.CustomAuthenticationException; +import com.WhoIsRoom.WhoIs_Server.domain.user.repository.UserRepository; +import com.WhoIsRoom.WhoIs_Server.domain.user.service.UserService; +import com.WhoIsRoom.WhoIs_Server.global.common.exception.BusinessException; +import com.WhoIsRoom.WhoIs_Server.global.common.redis.RedisService; +import com.WhoIsRoom.WhoIs_Server.global.common.response.ErrorCode; +import jakarta.mail.MessagingException; +import jakarta.mail.internet.MimeMessage; +import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; +import org.springframework.mail.MailException; +import org.springframework.mail.javamail.JavaMailSender; +import org.springframework.mail.javamail.MimeMessageHelper; +import org.springframework.stereotype.Service; +import org.springframework.transaction.annotation.Transactional; +import org.thymeleaf.context.Context; +import org.thymeleaf.spring6.SpringTemplateEngine; + +import java.time.Duration; +import java.util.Random; + +@Slf4j +@Transactional +@Service +@RequiredArgsConstructor +public class MailService { + + private static final long VERIFICATION_CODE_EXPIRY_MINUTES = 5; + + private static final long VERIFIED_TTL_SECONDS = 1800; // 30분 + + private static final String EMAIL_KEY_PREFIX = "auth:email:"; + + private final JavaMailSender javaMailSender; + + private final SpringTemplateEngine templateEngine; + + private final UserRepository userRepository; + + private final RedisService redisService; + + public void sendMail(MailRequest request) { + if (userRepository.findByEmail(request.getEmail()).isPresent()) { + throw new BusinessException(ErrorCode.USER_DUPLICATE_EMAIL); + } + + String authCode = createCode(); + MimeMessage mimeMessage = createEmailMessage(request.getEmail(), authCode); + + try { + javaMailSender.send(mimeMessage); + + String key = EMAIL_KEY_PREFIX + request.getEmail(); + redisService.setValues(key, authCode, Duration.ofMinutes(VERIFICATION_CODE_EXPIRY_MINUTES)); + } catch (MailException e) { //JavaMailSender의 전송과정에서 오류 발생 시 + throw new BusinessException(ErrorCode.MAIL_SEND_FAILED); + } + } + + public String sendPasswordMail(MailRequest request) { + String password = createNewPassword(); + MimeMessage mimeMessage = createPasswordEmailMessage(request.getEmail(), password); + try { + javaMailSender.send(mimeMessage); + } catch (MailException e) { //JavaMailSender의 전송과정에서 오류 발생 시 + throw new BusinessException(ErrorCode.MAIL_SEND_FAILED); + } + return password; + } + + // 인증 번호 6자리를 구현하는 메서드 + public String createCode() { + Random random = new Random(); + StringBuilder key = new StringBuilder(); + + for (int i = 0; i < 6; i++) { + key.append(random.nextInt(10)); // 0~9 숫자 + } + + return key.toString(); + } + + // 임시 비밀번호를 구현하는 메서드 + public String createNewPassword() { + Random random = new Random(); + StringBuffer key = new StringBuffer(); + + for (int i = 0; i < 8; i++) { + int index = random.nextInt(4); + + switch (index) { + case 0: key.append((char) ((int) random.nextInt(26) + 97)); break; + case 1: key.append((char) ((int) random.nextInt(26) + 65)); break; + default: key.append(random.nextInt(9)); + } + } + return key.toString(); + } + + private MimeMessage createEmailMessage(String recipient, String authCode) { + try { + MimeMessage mimeMessage = javaMailSender.createMimeMessage(); + MimeMessageHelper mimeMessageHelper = new MimeMessageHelper(mimeMessage, false, "UTF-8"); + + mimeMessageHelper.setTo(recipient); + mimeMessageHelper.setSubject("[동방에누구] 이메일 인증을 위한 인증 코드 발송"); + mimeMessageHelper.setText(setContext(authCode), true); + + return mimeMessage; + } catch (MessagingException e) { // SMTP 전송 오류, 포맷 오류 발생 시 + throw new BusinessException(ErrorCode.MAIL_SEND_FAILED); + } + } + + private MimeMessage createPasswordEmailMessage(String recipient, String password) { + try { + MimeMessage mimeMessage = javaMailSender.createMimeMessage(); + MimeMessageHelper mimeMessageHelper = new MimeMessageHelper(mimeMessage, false, "UTF-8"); + + mimeMessageHelper.setTo(recipient); + mimeMessageHelper.setSubject("[동방에누구] 임시 비밀번호 발송"); + mimeMessageHelper.setText(setPasswordContext(password), true); + + return mimeMessage; + } catch (MessagingException e) { // SMTP 전송 오류, 포맷 오류 발생 시 + throw new BusinessException(ErrorCode.MAIL_SEND_FAILED); + } + } + + public void checkAuthCode(CodeCheckRequest request) { + String storedCode = getStoredCode(request.getEmail()); + if (storedCode == null) { + throw new BusinessException(ErrorCode.EXPIRED_EMAIL_CODE); + } + + // 인증 번호가 이미 인증된 상태인 경우 그냥 리턴 + if ("VERIFIED".equals(getStoredCode(request.getEmail()))){return;}; + + // 입력 코드와 Redis 코드가 다르면 에러 + if (!String.valueOf(request.getAuthCode()).equals(storedCode)) { + throw new BusinessException(ErrorCode.INVALID_EMAIL_CODE); + } + // 인증 성공: 값 변경 + TTL 재설정 + redisService.setValues(EMAIL_KEY_PREFIX + request.getEmail(), "VERIFIED", Duration.ofSeconds(VERIFIED_TTL_SECONDS)); + } + + public String getStoredCode(String email) { + String key = EMAIL_KEY_PREFIX + email; + return redisService.getValues(key); + } + + // thymeleaf를 통한 html 적용 + public String setContext(String authCode) { + Context context = new Context(); + context.setVariable("code", authCode); + return templateEngine.process("AuthCode-email.html", context); + } + + // thymeleaf를 통한 html 적용 + public String setPasswordContext(String password) { + Context context = new Context(); + context.setVariable("password", password); + return templateEngine.process("Password-email.html", context); + } +} + + diff --git a/src/main/java/com/WhoIsRoom/WhoIs_Server/domain/user/service/UserService.java b/src/main/java/com/WhoIsRoom/WhoIs_Server/domain/user/service/UserService.java index ae0cbe9..7cc4e4d 100644 --- a/src/main/java/com/WhoIsRoom/WhoIs_Server/domain/user/service/UserService.java +++ b/src/main/java/com/WhoIsRoom/WhoIs_Server/domain/user/service/UserService.java @@ -1,5 +1,8 @@ package com.WhoIsRoom.WhoIs_Server.domain.user.service; +import com.WhoIsRoom.WhoIs_Server.domain.auth.dto.request.MailRequest; +import com.WhoIsRoom.WhoIs_Server.domain.auth.dto.request.PasswordRequest; +import com.WhoIsRoom.WhoIs_Server.domain.auth.service.MailService; import com.WhoIsRoom.WhoIs_Server.domain.user.dto.request.SignupRequest; import com.WhoIsRoom.WhoIs_Server.domain.user.model.Role; import com.WhoIsRoom.WhoIs_Server.domain.user.model.User; @@ -18,6 +21,7 @@ public class UserService { private final UserRepository userRepository; private final PasswordEncoder passwordEncoder; + private final MailService mailService; @Transactional public void signUp(SignupRequest request) { @@ -27,6 +31,9 @@ public void signUp(SignupRequest request) { if (userRepository.existsByNickName(request.getNickName())) { throw new BusinessException(ErrorCode.USER_DUPLICATE_NICKNAME); } + if (!"VERIFIED".equals(mailService.getStoredCode(request.getEmail()))){ + throw new BusinessException(ErrorCode.AUTHCODE_UNAUTHORIZED); + } User user = User.builder() .email(request.getEmail()) @@ -36,4 +43,23 @@ public void signUp(SignupRequest request) { .build(); userRepository.save(user); } + + @Transactional + public void sendNewPassword(MailRequest request) { + User user = userRepository.findByEmail(request.getEmail()) + .orElseThrow(() -> new BusinessException(ErrorCode.USER_NOT_FOUND)); + String newPassword = mailService.sendPasswordMail(request); + user.setPassword(passwordEncoder.encode(newPassword)); + } + + @Transactional + public void updateMyPassword(Long userId, PasswordRequest request) { + User user = userRepository.findById(userId) + .orElseThrow(() -> new BusinessException(ErrorCode.USER_NOT_FOUND)); + + if (!passwordEncoder.matches(request.getPrePassword(), user.getPassword())) { + throw new BusinessException(ErrorCode.INVALID_PASSWORD); + } + user.setPassword(passwordEncoder.encode(request.getNewPassword())); + } } diff --git a/src/main/java/com/WhoIsRoom/WhoIs_Server/global/common/exception/BusinessException.java b/src/main/java/com/WhoIsRoom/WhoIs_Server/global/common/exception/BusinessException.java index 939976f..1df98cf 100644 --- a/src/main/java/com/WhoIsRoom/WhoIs_Server/global/common/exception/BusinessException.java +++ b/src/main/java/com/WhoIsRoom/WhoIs_Server/global/common/exception/BusinessException.java @@ -7,7 +7,8 @@ public class BusinessException extends RuntimeException { private final ErrorCode errorCode; - public BusinessException(ErrorCode errorCode) { - this.errorCode = errorCode; + public BusinessException(ErrorCode code) { + super(code.getMessage()); + this.errorCode = code; } -} +} \ No newline at end of file diff --git a/src/main/java/com/WhoIsRoom/WhoIs_Server/global/common/response/ErrorCode.java b/src/main/java/com/WhoIsRoom/WhoIs_Server/global/common/response/ErrorCode.java index 828eb4c..21891ec 100644 --- a/src/main/java/com/WhoIsRoom/WhoIs_Server/global/common/response/ErrorCode.java +++ b/src/main/java/com/WhoIsRoom/WhoIs_Server/global/common/response/ErrorCode.java @@ -41,8 +41,8 @@ public enum ErrorCode{ UNSUPPORTED_TOKEN_TYPE(614, HttpStatus.BAD_REQUEST.value(),"지원되지 않는 토큰 형식입니다."), MALFORMED_TOKEN_TYPE(615, HttpStatus.BAD_REQUEST.value(),"인증 토큰이 올바르게 구성되지 않았습니다."), INVALID_SIGNATURE_JWT(616, HttpStatus.BAD_REQUEST.value(), "인증 시그니처가 올바르지 않습니다"), - INVALID_ID_OR_PASSWORD(617, HttpStatus.BAD_REQUEST.value(), "이메일 또는 비밀번호가 올바르지 않습니다."); - + INVALID_ID_OR_PASSWORD(617, HttpStatus.BAD_REQUEST.value(), "이메일 또는 비밀번호가 올바르지 않습니다."), + INVALID_PASSWORD(618, HttpStatus.BAD_REQUEST.value(), "기존 비밀번호가 유효하지 않습니다"); private final int code; private final int httpStatus; diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml index b24d5f6..ce5040c 100644 --- a/src/main/resources/application.yml +++ b/src/main/resources/application.yml @@ -4,7 +4,7 @@ spring: profiles: group: local : local-db, local-port, common - prod: prod-db, prod-port,common + prod: prod-db, prod-port, common active: local --- # 로컬용 DB @@ -59,19 +59,20 @@ spring: config: activate: on-profile: common + import: optional:file:.env[.properties] web: resources: add-mappings: false -# mail: -# host: smtp.gmail.com -# port: 587 -# username: ${MAIL_USERNAME} -# password: ${MAIL_PASSWORD} -# properties: -# mail.smtp.auth: true -# mail.smtp.timeout: 5000 -# mail.smtp.starttls.enable: true -# + mail: + host: smtp.gmail.com + port: 587 + username: ${MAIL_ADDRESS} + password: ${MAIL_PASSWORD} + properties: + mail.smtp.auth: true + mail.smtp.timeout: 5000 + mail.smtp.starttls.enable: true + jwt: secret: ${JWT_SECRET_KEY} access: diff --git a/src/main/resources/templates/AuthCode-email.html b/src/main/resources/templates/AuthCode-email.html new file mode 100644 index 0000000..d83655e --- /dev/null +++ b/src/main/resources/templates/AuthCode-email.html @@ -0,0 +1,20 @@ + + + + +
+

안녕하세요.

+

동아리에 누가 있는지 알려주는 동방에누구입니다.

+
+

아래 코드를 회원가입 창으로 돌아가 입력해주세요.

+
+ +
+

회원가입 인증 번호 입니다.

+
+
+
+
+ + + \ No newline at end of file diff --git a/src/main/resources/templates/Password-email.html b/src/main/resources/templates/Password-email.html new file mode 100644 index 0000000..b3f58ed --- /dev/null +++ b/src/main/resources/templates/Password-email.html @@ -0,0 +1,20 @@ + + + + +
+

안녕하세요.

+

동아리에 누가 있는지 알려주는 동방에누구입니다.

+
+

임시 비밀번호가 다음과 같이 변경되었습니다.

+
+ +
+

임시 비밀번호 입니다.

+
+
+
+
+ + + \ No newline at end of file