Feat #20 카카오 로그인 로직 변경

src/main/java/com/gachtaxi/domain/members/controller/AuthController.java

@@ -12,6 +12,7 @@
 import org.springframework.web.bind.annotation.*;
 
 import static com.gachtaxi.domain.members.controller.ResponseMessage.*;
+import static com.gachtaxi.global.auth.kakao.dto.KaKaoDTO.KakaoAuthCode;
 import static com.gachtaxi.global.auth.kakao.dto.KaKaoDTO.OauthKakaoResponse;
 
 @RequestMapping("/auth")
@@ -22,9 +23,9 @@ public class AuthController {
     private final AuthService authService;
     private final JwtService jwtService;
 
-    @GetMapping("/login/kakao")
-    public ApiResponse<OauthKakaoResponse> kakaoLogin(@RequestParam("code") String authcode, HttpServletResponse response) {
-        OauthKakaoResponse res = authService.kakaoLogin(authcode, response);
+    @PostMapping("/login/kakao")
+    public ApiResponse<OauthKakaoResponse> kakaoLogin(@RequestBody KakaoAuthCode kakaoAuthCode, HttpServletResponse response) {
+        OauthKakaoResponse res = authService.kakaoLogin(kakaoAuthCode.authCode(), response);
         ResponseMessage OAUTH_STATUS = (res.status() == OauthLoginStatus.LOGIN)
                 ? LOGIN_SUCCESS
                 : UN_REGISTER;

src/main/java/com/gachtaxi/domain/members/entity/Members.java

@@ -18,19 +18,23 @@
 @NoArgsConstructor(access = AccessLevel.PROTECTED)
 public class Members extends BaseEntity {
 
-    @Column(name = "email", nullable = false, unique = true)
+    // UserDetails를 만드는 과정에서 null 방지를 위해 임시로 저장하는 이메일
+    // 추후 로직 개선하겠습니다.
+    private final static String TMP_EMAIL = "[email protected]";
+
+    @Column(name = "email", unique = true)
     private String email;
 
     @Column(name = "profile_picture")
     private String profilePicture;
 
-    @Column(name = "nickname", nullable = false)
+    @Column(name = "nickname")
     private String nickname;
 
-    @Column(name = "real_name", nullable = false)
+    @Column(name = "real_name")
     private String realName;
 
-    @Column(name = "student_number", nullable = false, unique = true)
+    @Column(name = "student_number", unique = true)
     private Long studentNumber;
 
     @Column(name = "phone_number", unique = true) // 피그마 참고, 일단 null 허용
@@ -49,22 +53,22 @@ public class Members extends BaseEntity {
     private Gender gender;
 
     // 이용 약관 동의
-    @Column(name = "terms_agreement", nullable = false)
+    @Column(name = "terms_agreement")
     @ColumnDefault("true")
     private Boolean termsAgreement;
 
     // 개인정보 수집 동의
-    @Column(name = "privacy_agreement", nullable = false)
+    @Column(name = "privacy_agreement")
     @ColumnDefault("true")
     private Boolean privacyAgreement;
 
     // 광고성 정보 수신 동의
-    @Column(name = "marketing_agreement", nullable = false)
+    @Column(name = "marketing_agreement")
     @ColumnDefault("false")
     private Boolean marketingAgreement;
 
     // 2차 인증 (전화번호)
-    @Column(name = "two_factor_authentication", nullable = false)
+    @Column(name = "two_factor_authentication")
     @ColumnDefault("false")
     private Boolean twoFactorAuthentication;
 
@@ -76,7 +80,7 @@ public class Members extends BaseEntity {
     * */
 
     public static Members of(UserSignUpRequestDto dto){
-        return Members.builder()
+        return com.gachtaxi.domain.members.entity.Members.builder()
                 //.profilePicture(dto.profilePicture())
                 .email(dto.email())
                 .nickname(dto.nickName())
@@ -93,4 +97,12 @@ public static Members of(UserSignUpRequestDto dto){
                 .twoFactorAuthentication(dto.twoFactorAuthentication())
                 .build();
     }
+
+    public static Members ofKakaoId(Long kakaoId){
+        return Members.builder()
+                .kakaoId(kakaoId)
+                .email(TMP_EMAIL)
+                .role(Role.TEMPORARY)
+                .build();
+    }
 }

src/main/java/com/gachtaxi/domain/members/entity/enums/Role.java

@@ -1,5 +1,5 @@
 package com.gachtaxi.domain.members.entity.enums;
 
 public enum Role {
-    MEMBER, ADMIN
+    TEMPORARY, MEMBER, ADMIN
 }

src/main/java/com/gachtaxi/domain/members/service/AuthService.java

@@ -1,14 +1,17 @@
 package com.gachtaxi.domain.members.service;
 
+import com.gachtaxi.domain.members.dto.request.TmpMemberDto;
 import com.gachtaxi.domain.members.entity.Members;
 import com.gachtaxi.global.auth.jwt.service.JwtService;
 import com.gachtaxi.global.auth.kakao.util.KakaoUtil;
 import com.gachtaxi.global.auth.mapper.OauthMapper;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.RequiredArgsConstructor;
 import org.springframework.stereotype.Service;
+
 import java.util.Optional;
 
+import static com.gachtaxi.domain.members.entity.enums.Role.TEMPORARY;
 import static com.gachtaxi.global.auth.kakao.dto.KaKaoDTO.*;
 
 
@@ -32,13 +35,24 @@ public OauthKakaoResponse kakaoLogin(String authCode, HttpServletResponse respon
 
         Long kakaoId = userInfo.id();
         Optional<Members> optionalMember = memberService.findByKakaoId(kakaoId);
+//        System.out.println(optionalMember.get().getKakaoId());
 
         if(optionalMember.isEmpty()) {
-            return oauthMapper.toKakaoUnRegisterResponse(userInfo);
+            TmpMemberDto tmpDto = memberService.saveTmpMember(kakaoId);
+
+            jwtService.responseTmpAccessToken(tmpDto, response);
+            return oauthMapper.toKakaoUnRegisterResponse(tmpDto.userId());
+        }
+
+        // 회원 가입 진행 중 중단된 유저 또한 다시 임시 토큰을 재발급해준다.
+        if(optionalMember.get().getRole() == TEMPORARY){
+            TmpMemberDto tmpDto = TmpMemberDto.of(optionalMember.get());
+            jwtService.responseTmpAccessToken(tmpDto, response);
+            return oauthMapper.toKakaoUnRegisterResponse(tmpDto.userId());
         }
 
         Members member = optionalMember.get();
         jwtService.responseJwtToken(member.getId(), member.getEmail(), member.getRole(), response);
-        return oauthMapper.toKakaoLoginResponse(userInfo, member.getId());
+        return oauthMapper.toKakaoLoginResponse(member.getId());
     }
 }

src/main/java/com/gachtaxi/domain/members/service/MemberService.java

@@ -1,5 +1,6 @@
 package com.gachtaxi.domain.members.service;
 
+import com.gachtaxi.domain.members.dto.request.TmpMemberDto;
 import com.gachtaxi.domain.members.dto.request.UserSignUpRequestDto;
 import com.gachtaxi.domain.members.entity.Members;
 import com.gachtaxi.domain.members.exception.DuplicatedStudentNumberException;
@@ -19,6 +20,7 @@ public class MemberService {
     private final JwtService jwtService;
     private final MemberRepository memberRepository;
 
+    //TODO 최종 회원가입 절차에서 사용
     @Transactional
     public void saveMember(UserSignUpRequestDto dto, HttpServletResponse response) {
         checkDuplicatedStudentNumber(dto);
@@ -27,6 +29,14 @@ public void saveMember(UserSignUpRequestDto dto, HttpServletResponse response) {
         jwtService.responseJwtToken(newMember.getId(), newMember.getEmail(), newMember.getRole(), response);
     }
 
+    // 임시 유저 저장
+    @Transactional
+    public TmpMemberDto saveTmpMember(Long kakaoId){
+        Members tmpMember = Members.ofKakaoId(kakaoId);
+        memberRepository.save(tmpMember);
+        return TmpMemberDto.of(tmpMember);
+    }
+
     public Optional<Members> findByKakaoId(Long kakaoId) {
         return memberRepository.findByKakaoId(kakaoId);
     }

src/main/java/com/gachtaxi/global/auth/jwt/service/JwtService.java

@@ -1,5 +1,6 @@
 package com.gachtaxi.global.auth.jwt.service;
 
+import com.gachtaxi.domain.members.dto.request.TmpMemberDto;
 import com.gachtaxi.domain.members.entity.enums.Role;
 import com.gachtaxi.global.auth.jwt.dto.JwtTokenDto;
 import com.gachtaxi.global.auth.jwt.exception.CookieNotFoundException;
@@ -36,6 +37,11 @@ public void responseJwtToken(Long userId, String email, Role role, HttpServletRe
         setCookie(jwtToken.refreshToken(), response);
     }
 
+    public void responseTmpAccessToken(TmpMemberDto tmpMemberDto, HttpServletResponse response) {
+        String tmpAccessToken = jwtProvider.generateTmpAccessToken(tmpMemberDto.userId(), tmpMemberDto.email(), tmpMemberDto.role().name());
+        setHeader(tmpAccessToken, response);
+    }
+
     public JwtTokenDto reissueJwtToken(HttpServletRequest request) {
         String refreshToken = extractRefreshToken(request);
         if(jwtExtractor.isExpired(refreshToken)){

src/main/java/com/gachtaxi/global/auth/jwt/util/JwtProvider.java

@@ -18,6 +18,7 @@ public class JwtProvider {
     private static final String ID_CLAIM = "id";
     private static final String EMAIL_CLAIM = "email";
     private static final String ROLE_CLAIM = "role";
+    private static final String TMP_EMAIL_CLAIM = "tmpEmail";
     private final Key key;
 
     public JwtProvider(@Value("${gachtaxi.auth.jwt.key}") String secretKey) {
@@ -27,6 +28,9 @@ public JwtProvider(@Value("${gachtaxi.auth.jwt.key}") String secretKey) {
     @Value("${gachtaxi.auth.jwt.accessTokenExpiration}")
     private Long accessTokenExpiration;
 
+    @Value("${gachtaxi.auth.jwt.tmpAccessTokenExpiration}")
+    private Long tmpAccessTokenExpiration;
+
     @Value("${gachtaxi.auth.jwt.refreshTokenExpiration}")
     private Long refreshTokenExpiration;
 
@@ -42,6 +46,19 @@ public String generateAccessToken(Long id, String email, String role) {
                 .compact(); // 최종 문자열 생성
     }
 
+    public String generateTmpAccessToken(Long id, String email, String role) {
+        return Jwts.builder()
+                .claim(ID_CLAIM, id)
+                .claim(EMAIL_CLAIM, email)
+                .claim(EMAIL_CLAIM, TMP_EMAIL_CLAIM)
+                .claim(ROLE_CLAIM, role)
+                .setSubject(ACCESS_TOKEN_SUBJECT) // 사용자 정보(고유 식별자)
+                .setIssuedAt(new Date()) // 발행 시간
+                .setExpiration(new Date(System.currentTimeMillis() + tmpAccessTokenExpiration)) // 만료 시간
+                .signWith(key, SignatureAlgorithm.HS256) // 서명 알고리즘
+                .compact(); // 최종 문자열 생성
+    }
+
     public String generateRefreshToken(Long id, String email, String role) {
         return Jwts.builder()
                 .claim(ID_CLAIM, id)

src/main/java/com/gachtaxi/global/auth/kakao/dto/KaKaoDTO.java

@@ -1,10 +1,15 @@
 package com.gachtaxi.global.auth.kakao.dto;
 
 import com.gachtaxi.global.auth.enums.OauthLoginStatus;
+import jakarta.validation.constraints.NotBlank;
 import lombok.Builder;
 
 public class KaKaoDTO {
 
+    public record KakaoAuthCode(
+            @NotBlank String authCode
+    ){}
+
     public record KakaoAccessToken(
             String access_token,
             String token_type,
@@ -34,7 +39,6 @@ public record Profile(
     @Builder
     public record OauthKakaoResponse(
             Long userId,
-            Long kakaoId,
             OauthLoginStatus status
     ){}
 

src/main/java/com/gachtaxi/global/auth/mapper/OauthMapper.java

@@ -8,18 +8,17 @@
 @Component
 public class OauthMapper {
 
-    public OauthKakaoResponse toKakaoUnRegisterResponse(KakaoUserInfoResponse userInfo) {
+    public OauthKakaoResponse toKakaoUnRegisterResponse(Long userId) {
         return OauthKakaoResponse.builder()
-                .kakaoId(userInfo.id())
+                .userId(userId)
                 .status(UN_REGISTER)
                 .build();
     }
 
     // jwt 토큰 추가 할 것.
-    public OauthKakaoResponse toKakaoLoginResponse(KakaoUserInfoResponse userInfo, Long userId) {
+    public OauthKakaoResponse toKakaoLoginResponse(Long userId) {
         return OauthKakaoResponse.builder()
                 .userId(userId)
-                .kakaoId(userInfo.id())
                 .status(LOGIN)
                 .build();
     }

src/main/java/com/gachtaxi/global/config/PermitUrlConfig.java

@@ -16,6 +16,12 @@ public String[] getPublicUrl(){
         };
     }
 
+    public String[] getTmpMemberUrl(){
+        return new String[]{
+                "/api/tmp-members/**"
+        };
+    }
+
     public String[] getMemberUrl(){
         return new String[]{
 

src/main/java/com/gachtaxi/global/config/SecurityConfig.java

@@ -1,7 +1,6 @@
 package com.gachtaxi.global.config;
 
 
-import com.gachtaxi.domain.members.entity.enums.Role;
 import com.gachtaxi.global.auth.jwt.authentication.CustomAccessDeniedHandler;
 import com.gachtaxi.global.auth.jwt.authentication.CustomAuthenticationEntryPoint;
 import com.gachtaxi.global.auth.jwt.filter.JwtAuthenticationFilter;
@@ -24,6 +23,8 @@
 import java.util.Arrays;
 import java.util.List;
 
+import static com.gachtaxi.domain.members.entity.enums.Role.*;
+
 @Configuration
 @EnableWebSecurity
 @RequiredArgsConstructor
@@ -46,8 +47,9 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
 
         http.authorizeHttpRequests((auth) -> auth
                 .requestMatchers(permitUrlConfig.getPublicUrl()).permitAll()
-                .requestMatchers(permitUrlConfig.getMemberUrl()).hasRole(Role.MEMBER.name())
-                .requestMatchers(permitUrlConfig.getAdminUrl()).hasRole(Role.ADMIN.name())
+                .requestMatchers(permitUrlConfig.getTmpMemberUrl()).hasRole(TEMPORARY.name())
+                .requestMatchers(permitUrlConfig.getMemberUrl()).hasAnyRole(MEMBER.name(), ADMIN.name())
+                .requestMatchers(permitUrlConfig.getAdminUrl()).hasRole(ADMIN.name())
                 .anyRequest().authenticated());
 
         http.exceptionHandling(e -> e

src/main/resources/application-dev.yml

@@ -35,6 +35,7 @@ gachtaxi:
       key: ${JWT_SECRET_KEY}
       accessTokenExpiration: ${JWT_ACCESS_TOKEN_EXPIRATION}
       refreshTokenExpiration: ${JWT_REFRESH_TOKEN_EXPIRATION}
+      tmpAccessTokenExpiration: ${JWT_TMP_ACCESS_TOKEN_EXPIRATION}
       cookieMaxAge: ${JWT_COOKIE_MAX_AGE}
       secureOption: ${COOKIE_SECURE_OPTION}
       cookiePathOption: ${COOKIE_PATH_OPTION}

src/main/resources/application-local.yml

@@ -35,6 +35,7 @@ gachtaxi:
       key: ${JWT_SECRET_KEY}
       accessTokenExpiration: ${JWT_ACCESS_TOKEN_EXPIRATION}
       refreshTokenExpiration: ${JWT_REFRESH_TOKEN_EXPIRATION}
+      tmpAccessTokenExpiration: ${JWT_TMP_ACCESS_TOKEN_EXPIRATION}
       cookieMaxAge: ${JWT_COOKIE_MAX_AGE}
       secureOption: ${COOKIE_SECURE_OPTION}
       cookiePathOption: ${COOKIE_PATH_OPTION}