From a83273a969241eecc230a320c623d722ad7c19d0 Mon Sep 17 00:00:00 2001 From: Umjiseung <127853946+Umjiseung@users.noreply.github.com> Date: Wed, 13 Mar 2024 20:22:57 +0900 Subject: [PATCH 01/10] =?UTF-8?q?add=20::=20updatePassword=20=EC=B6=94?= =?UTF-8?q?=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../msg/gauth/domain/auth/presentation/AuthController.kt | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/main/kotlin/com/msg/gauth/domain/auth/presentation/AuthController.kt b/src/main/kotlin/com/msg/gauth/domain/auth/presentation/AuthController.kt index a3e13d59..51b91838 100644 --- a/src/main/kotlin/com/msg/gauth/domain/auth/presentation/AuthController.kt +++ b/src/main/kotlin/com/msg/gauth/domain/auth/presentation/AuthController.kt @@ -5,6 +5,7 @@ import com.msg.gauth.domain.auth.presentation.dto.request.SignInRequestDto import com.msg.gauth.domain.auth.presentation.dto.response.RefreshResponseDto import com.msg.gauth.domain.auth.service.* import com.msg.gauth.domain.auth.presentation.dto.request.PasswordInitReqDto +import com.msg.gauth.domain.auth.presentation.dto.request.PasswordUpdateRequestDto import com.msg.gauth.domain.auth.presentation.dto.response.SignInResponseDto import com.msg.gauth.domain.auth.presentation.dto.response.SignUpImageResDto import com.msg.gauth.domain.auth.service.InitPasswordService @@ -23,6 +24,7 @@ class AuthController( private val signUpService: SignUpService, private val initPasswordService: InitPasswordService, private val signUpImageUploadService: SignUpImageUploadService, + private val updatePasswordService: UpdatePasswordService ) { @PatchMapping fun refresh(@RequestHeader("RefreshToken") refreshToken: String): ResponseEntity { @@ -60,4 +62,10 @@ class AuthController( initPasswordService.execute(passwordInitReqDto) return ResponseEntity.noContent().build() } + + @PatchMapping("/password") + fun updatePassword(@RequestBody passwordUpdateRequestDto: PasswordUpdateRequestDto): ResponseEntity { + updatePasswordService.execute(passwordUpdateRequestDto) + return ResponseEntity.noContent().build() + } } \ No newline at end of file From dfe8df4cf5667cfe56a8e1e25cdfd65decc08a66 Mon Sep 17 00:00:00 2001 From: Umjiseung <127853946+Umjiseung@users.noreply.github.com> Date: Wed, 13 Mar 2024 20:23:09 +0900 Subject: [PATCH 02/10] =?UTF-8?q?add=20::=20PasswordUpdateRequestDto=20?= =?UTF-8?q?=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../dto/request/PasswordUpdateRequestDto.kt | 30 +++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 src/main/kotlin/com/msg/gauth/domain/auth/presentation/dto/request/PasswordUpdateRequestDto.kt diff --git a/src/main/kotlin/com/msg/gauth/domain/auth/presentation/dto/request/PasswordUpdateRequestDto.kt b/src/main/kotlin/com/msg/gauth/domain/auth/presentation/dto/request/PasswordUpdateRequestDto.kt new file mode 100644 index 00000000..a57c5790 --- /dev/null +++ b/src/main/kotlin/com/msg/gauth/domain/auth/presentation/dto/request/PasswordUpdateRequestDto.kt @@ -0,0 +1,30 @@ +package com.msg.gauth.domain.auth.presentation.dto.request + +import com.msg.gauth.domain.user.User +import javax.validation.constraints.NotBlank +import javax.validation.constraints.Pattern + +data class PasswordUpdateRequestDto( + @field:NotBlank + val password: String, + @field:NotBlank + @field:Pattern(regexp = "^(?=.*[a-zA-Z])(?=.*[!@#\$%^*+=-?<>])(?=.*[0-9]).{8,20}\$") + val newPassword: String +) { + + fun toEntity(user: User, encodedPassword: String): User = + User( + id = user.id, + email = user.email, + password = encodedPassword, + gender = user.gender, + name = user.name, + grade = user.grade, + classNum = user.classNum, + num = user.num, + roles = user.roles, + state = user.state, + profileUrl = user.profileUrl + ) + +} \ No newline at end of file From 3a362238867d7eea5a1cf23418eaa699472c7aef Mon Sep 17 00:00:00 2001 From: Umjiseung <127853946+Umjiseung@users.noreply.github.com> Date: Wed, 13 Mar 2024 20:23:18 +0900 Subject: [PATCH 03/10] =?UTF-8?q?add=20::=20UpdatePasswordService=20?= =?UTF-8?q?=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../auth/service/UpdatePasswordService.kt | 26 +++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 src/main/kotlin/com/msg/gauth/domain/auth/service/UpdatePasswordService.kt diff --git a/src/main/kotlin/com/msg/gauth/domain/auth/service/UpdatePasswordService.kt b/src/main/kotlin/com/msg/gauth/domain/auth/service/UpdatePasswordService.kt new file mode 100644 index 00000000..7c775e4d --- /dev/null +++ b/src/main/kotlin/com/msg/gauth/domain/auth/service/UpdatePasswordService.kt @@ -0,0 +1,26 @@ +package com.msg.gauth.domain.auth.service + +import com.msg.gauth.domain.auth.exception.PasswordMismatchException +import com.msg.gauth.domain.auth.presentation.dto.request.PasswordUpdateRequestDto +import com.msg.gauth.domain.user.repository.UserRepository +import com.msg.gauth.domain.user.util.UserUtil +import com.msg.gauth.global.annotation.service.TransactionalService +import org.springframework.security.crypto.password.PasswordEncoder + +@TransactionalService +class UpdatePasswordService( + private val passwordEncoder: PasswordEncoder, + private val userUtil: UserUtil, + private val userRepository: UserRepository +) { + + fun execute(passwordUpdateRequestDto: PasswordUpdateRequestDto) { + val currentUser = userUtil.fetchCurrentUser() + + if (currentUser.password == passwordUpdateRequestDto.password) { + throw PasswordMismatchException() + } + + userRepository.save(passwordUpdateRequestDto.toEntity(currentUser, passwordEncoder.encode(passwordUpdateRequestDto.newPassword))) + } +} \ No newline at end of file From 92a0fb5c5d75236d3509f86c2c02e37b87f1607c Mon Sep 17 00:00:00 2001 From: Umjiseung <127853946+Umjiseung@users.noreply.github.com> Date: Wed, 13 Mar 2024 20:23:35 +0900 Subject: [PATCH 04/10] =?UTF-8?q?update=20::=20val=20->=20var=20=EB=B3=80?= =?UTF-8?q?=EA=B2=BD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/main/kotlin/com/msg/gauth/domain/user/User.kt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/kotlin/com/msg/gauth/domain/user/User.kt b/src/main/kotlin/com/msg/gauth/domain/user/User.kt index 09747943..f7834e26 100644 --- a/src/main/kotlin/com/msg/gauth/domain/user/User.kt +++ b/src/main/kotlin/com/msg/gauth/domain/user/User.kt @@ -16,7 +16,7 @@ class User( val email: String, @field:Size(max = 60) - val password: String, + var password: String, @Enumerated(EnumType.STRING) val gender: Gender? = null, From 48dbf41be71f88f4755c21a57afdb08a78432bf4 Mon Sep 17 00:00:00 2001 From: Umjiseung <127853946+Umjiseung@users.noreply.github.com> Date: Wed, 13 Mar 2024 23:06:22 +0900 Subject: [PATCH 05/10] =?UTF-8?q?update=20::=20var=20->=20val=20=EB=B3=80?= =?UTF-8?q?=EA=B2=BD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/main/kotlin/com/msg/gauth/domain/user/User.kt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/kotlin/com/msg/gauth/domain/user/User.kt b/src/main/kotlin/com/msg/gauth/domain/user/User.kt index f7834e26..09747943 100644 --- a/src/main/kotlin/com/msg/gauth/domain/user/User.kt +++ b/src/main/kotlin/com/msg/gauth/domain/user/User.kt @@ -16,7 +16,7 @@ class User( val email: String, @field:Size(max = 60) - var password: String, + val password: String, @Enumerated(EnumType.STRING) val gender: Gender? = null, From 8c78e9c84f73111e9153a5ea5fb1c4a2535ebffe Mon Sep 17 00:00:00 2001 From: Umjiseung <127853946+Umjiseung@users.noreply.github.com> Date: Wed, 13 Mar 2024 23:09:39 +0900 Subject: [PATCH 06/10] =?UTF-8?q?update=20::=20toEntity=20=EC=82=AD?= =?UTF-8?q?=EC=A0=9C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../dto/request/PasswordUpdateRequestDto.kt | 19 +------------------ 1 file changed, 1 insertion(+), 18 deletions(-) diff --git a/src/main/kotlin/com/msg/gauth/domain/auth/presentation/dto/request/PasswordUpdateRequestDto.kt b/src/main/kotlin/com/msg/gauth/domain/auth/presentation/dto/request/PasswordUpdateRequestDto.kt index a57c5790..6199cfd3 100644 --- a/src/main/kotlin/com/msg/gauth/domain/auth/presentation/dto/request/PasswordUpdateRequestDto.kt +++ b/src/main/kotlin/com/msg/gauth/domain/auth/presentation/dto/request/PasswordUpdateRequestDto.kt @@ -10,21 +10,4 @@ data class PasswordUpdateRequestDto( @field:NotBlank @field:Pattern(regexp = "^(?=.*[a-zA-Z])(?=.*[!@#\$%^*+=-?<>])(?=.*[0-9]).{8,20}\$") val newPassword: String -) { - - fun toEntity(user: User, encodedPassword: String): User = - User( - id = user.id, - email = user.email, - password = encodedPassword, - gender = user.gender, - name = user.name, - grade = user.grade, - classNum = user.classNum, - num = user.num, - roles = user.roles, - state = user.state, - profileUrl = user.profileUrl - ) - -} \ No newline at end of file +) \ No newline at end of file From 6067baaa068fdd533b98e2bae5c724a75ca4b89d Mon Sep 17 00:00:00 2001 From: Umjiseung <127853946+Umjiseung@users.noreply.github.com> Date: Wed, 13 Mar 2024 23:10:45 +0900 Subject: [PATCH 07/10] =?UTF-8?q?update=20::=20password=20=EC=88=98?= =?UTF-8?q?=EC=A0=95=20=EB=A1=9C=EC=A7=81=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../auth/service/UpdatePasswordService.kt | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/src/main/kotlin/com/msg/gauth/domain/auth/service/UpdatePasswordService.kt b/src/main/kotlin/com/msg/gauth/domain/auth/service/UpdatePasswordService.kt index 7c775e4d..9d68bb9d 100644 --- a/src/main/kotlin/com/msg/gauth/domain/auth/service/UpdatePasswordService.kt +++ b/src/main/kotlin/com/msg/gauth/domain/auth/service/UpdatePasswordService.kt @@ -2,6 +2,7 @@ package com.msg.gauth.domain.auth.service import com.msg.gauth.domain.auth.exception.PasswordMismatchException import com.msg.gauth.domain.auth.presentation.dto.request.PasswordUpdateRequestDto +import com.msg.gauth.domain.user.User import com.msg.gauth.domain.user.repository.UserRepository import com.msg.gauth.domain.user.util.UserUtil import com.msg.gauth.global.annotation.service.TransactionalService @@ -21,6 +22,22 @@ class UpdatePasswordService( throw PasswordMismatchException() } - userRepository.save(passwordUpdateRequestDto.toEntity(currentUser, passwordEncoder.encode(passwordUpdateRequestDto.newPassword))) + val newPassword = passwordEncoder.encode(passwordUpdateRequestDto.newPassword) + + val user = User( + id = currentUser.id, + email = currentUser.email, + password = newPassword, + gender = currentUser.gender, + name = currentUser.name, + grade = currentUser.grade, + classNum = currentUser.classNum, + num = currentUser.num, + roles = currentUser.roles, + state = currentUser.state, + profileUrl = currentUser.profileUrl + ) + + userRepository.save(user) } } \ No newline at end of file From dc6a8c5efda81855ebdd87b71e3c5b280f24b1a2 Mon Sep 17 00:00:00 2001 From: Umjiseung <127853946+Umjiseung@users.noreply.github.com> Date: Wed, 13 Mar 2024 23:29:15 +0900 Subject: [PATCH 08/10] =?UTF-8?q?add=20::=20=EB=B9=84=EB=B0=80=EB=B2=88?= =?UTF-8?q?=ED=98=B8=20=EB=B3=80=EA=B2=BD=20api=20config=20=EC=84=A4?= =?UTF-8?q?=EC=A0=95=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/main/kotlin/com/msg/gauth/global/security/SecurityConfig.kt | 1 + 1 file changed, 1 insertion(+) diff --git a/src/main/kotlin/com/msg/gauth/global/security/SecurityConfig.kt b/src/main/kotlin/com/msg/gauth/global/security/SecurityConfig.kt index bd5908f0..91857709 100644 --- a/src/main/kotlin/com/msg/gauth/global/security/SecurityConfig.kt +++ b/src/main/kotlin/com/msg/gauth/global/security/SecurityConfig.kt @@ -49,6 +49,7 @@ class SecurityConfig( .antMatchers(HttpMethod.PATCH, "/auth/password/initialize").permitAll() .antMatchers(HttpMethod.PATCH, "/auth/image").permitAll() .antMatchers(HttpMethod.DELETE, "/auth/image").permitAll() + .antMatchers(HttpMethod.PATCH, "/auth/password").permitAll() // Email .antMatchers(HttpMethod.POST, "/email").permitAll() From d58b68d31420c85315738c3ef7a46bf210c2e960 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=EC=97=84=EC=A7=80=EC=84=B1?= <127853946+Umjiseung@users.noreply.github.com> Date: Thu, 14 Mar 2024 08:26:24 +0900 Subject: [PATCH 09/10] Update src/main/kotlin/com/msg/gauth/global/security/SecurityConfig.kt Co-authored-by: baegteun --- src/main/kotlin/com/msg/gauth/global/security/SecurityConfig.kt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/kotlin/com/msg/gauth/global/security/SecurityConfig.kt b/src/main/kotlin/com/msg/gauth/global/security/SecurityConfig.kt index 91857709..a1f8d9c3 100644 --- a/src/main/kotlin/com/msg/gauth/global/security/SecurityConfig.kt +++ b/src/main/kotlin/com/msg/gauth/global/security/SecurityConfig.kt @@ -49,7 +49,7 @@ class SecurityConfig( .antMatchers(HttpMethod.PATCH, "/auth/password/initialize").permitAll() .antMatchers(HttpMethod.PATCH, "/auth/image").permitAll() .antMatchers(HttpMethod.DELETE, "/auth/image").permitAll() - .antMatchers(HttpMethod.PATCH, "/auth/password").permitAll() + .antMatchers(HttpMethod.PATCH, "/auth/password").authenticated() // Email .antMatchers(HttpMethod.POST, "/email").permitAll() From 193702aa5db1bf184694faed543dc7b15902bc53 Mon Sep 17 00:00:00 2001 From: Umjiseung <127853946+Umjiseung@users.noreply.github.com> Date: Thu, 14 Mar 2024 19:11:50 +0900 Subject: [PATCH 10/10] =?UTF-8?q?update=20::=20=EB=B9=84=EB=B0=80=EB=B2=88?= =?UTF-8?q?=ED=98=B8=20=EA=B2=80=EC=A6=9D=20=EB=A1=9C=EC=A7=81=20=EC=88=98?= =?UTF-8?q?=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../com/msg/gauth/domain/auth/service/UpdatePasswordService.kt | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/main/kotlin/com/msg/gauth/domain/auth/service/UpdatePasswordService.kt b/src/main/kotlin/com/msg/gauth/domain/auth/service/UpdatePasswordService.kt index 9d68bb9d..f76a8399 100644 --- a/src/main/kotlin/com/msg/gauth/domain/auth/service/UpdatePasswordService.kt +++ b/src/main/kotlin/com/msg/gauth/domain/auth/service/UpdatePasswordService.kt @@ -18,7 +18,7 @@ class UpdatePasswordService( fun execute(passwordUpdateRequestDto: PasswordUpdateRequestDto) { val currentUser = userUtil.fetchCurrentUser() - if (currentUser.password == passwordUpdateRequestDto.password) { + if (!passwordEncoder.matches(passwordUpdateRequestDto.password, currentUser.password)) { throw PasswordMismatchException() } @@ -33,7 +33,6 @@ class UpdatePasswordService( grade = currentUser.grade, classNum = currentUser.classNum, num = currentUser.num, - roles = currentUser.roles, state = currentUser.state, profileUrl = currentUser.profileUrl )