Merge pull request #19 from CAPS-DGU/feat/#16-security

floreo1242 · web-flow · commit 42db7c33dd84 · 2025-09-14T16:39:35.000+09:00
[fix] #16 Auth 어노테이션을 사용하도록 수정
diff --git a/src/main/java/kr/dgucaps/caps/domain/member/controller/MemberApi.java b/src/main/java/kr/dgucaps/caps/domain/member/controller/MemberApi.java
@@ -9,10 +9,8 @@
 import jakarta.validation.Valid;
 import kr.dgucaps.caps.domain.member.dto.request.UpdateMemberRequest;
 import kr.dgucaps.caps.domain.member.dto.response.MemberInfoResponse;
-import kr.dgucaps.caps.domain.member.entity.Member;
 import kr.dgucaps.caps.global.common.SuccessResponse;
 import org.springframework.http.ResponseEntity;
-import org.springframework.security.core.annotation.AuthenticationPrincipal;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestBody;
 
@@ -27,7 +25,7 @@ public interface MemberApi {
             content = @Content(mediaType = "application/json",
                     schema = @Schema(implementation = MemberInfoResponse.class))
     )
-    ResponseEntity<SuccessResponse<?>> getMemberInfo(@AuthenticationPrincipal(expression = "member") Member member);
+    ResponseEntity<SuccessResponse<?>> getMemberInfo(Long memberId);
 
     @Operation(
             summary = "다른 회원 정보 조회",
@@ -50,6 +48,6 @@ public interface MemberApi {
             content = @Content(mediaType = "application/json",
                     schema = @Schema(implementation = MemberInfoResponse.class))
     )
-    ResponseEntity<SuccessResponse<?>> updateMember(@AuthenticationPrincipal(expression = "member") Member member,
+    ResponseEntity<SuccessResponse<?>> updateMember(Long memberId,
                                                     @Valid @RequestBody UpdateMemberRequest request);
 }
diff --git a/src/main/java/kr/dgucaps/caps/domain/member/controller/MemberController.java b/src/main/java/kr/dgucaps/caps/domain/member/controller/MemberController.java
@@ -2,12 +2,11 @@
 
 import jakarta.validation.Valid;
 import kr.dgucaps.caps.domain.member.dto.request.UpdateMemberRequest;
-import kr.dgucaps.caps.domain.member.entity.Member;
 import kr.dgucaps.caps.domain.member.service.MemberService;
+import kr.dgucaps.caps.global.annotation.Auth;
 import kr.dgucaps.caps.global.common.SuccessResponse;
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.ResponseEntity;
-import org.springframework.security.core.annotation.AuthenticationPrincipal;
 import org.springframework.web.bind.annotation.*;
 
 @RestController
@@ -18,8 +17,8 @@ public class MemberController implements MemberApi {
     private final MemberService memberService;
 
     @GetMapping("/me")
-    public ResponseEntity<SuccessResponse<?>> getMemberInfo(@AuthenticationPrincipal(expression = "member") Member member) {
-        return SuccessResponse.ok(memberService.getMemberInfo(member.getId()));
+    public ResponseEntity<SuccessResponse<?>> getMemberInfo(@Auth Long memberId) {
+        return SuccessResponse.ok(memberService.getMemberInfo(memberId));
     }
 
     @GetMapping("/{memberId}")
@@ -28,9 +27,9 @@ public ResponseEntity<SuccessResponse<?>> getOtherMemberInfo(@PathVariable("memb
     }
 
     @PatchMapping("/me")
-    public ResponseEntity<SuccessResponse<?>> updateMember(@AuthenticationPrincipal(expression = "member") Member member,
+    public ResponseEntity<SuccessResponse<?>> updateMember(@Auth Long memberId,
                                                            @Valid @RequestBody UpdateMemberRequest request) {
-        return SuccessResponse.ok(memberService.updateMember(member, request));
+        return SuccessResponse.ok(memberService.updateMember(memberId, request));
     }
 
 //    @DeleteMapping("/user/{userId}")
diff --git a/src/main/java/kr/dgucaps/caps/domain/member/service/MemberService.java b/src/main/java/kr/dgucaps/caps/domain/member/service/MemberService.java
@@ -24,7 +24,9 @@ public MemberInfoResponse getMemberInfo(Long memberId) {
     }
 
     @Transactional
-    public MemberInfoResponse updateMember(Member member, UpdateMemberRequest request) {
+    public MemberInfoResponse updateMember(Long memberId, UpdateMemberRequest request) {
+        Member member = memberRepository.findById(memberId)
+                .orElseThrow(() -> new EntityNotFoundException(ErrorCode.MEMBER_NOT_FOUND));
         member.updateMember(request.comment(), request.profileImageUrl());
         return MemberInfoResponse.from(member);
     }

Original file line number	Diff line number	Diff line change
`@@ -24,7 +24,9 @@ public MemberInfoResponse getMemberInfo(Long memberId) {`
`24`	`24`	`}`
`25`	`25`
`26`	`26`	`@Transactional`
`27`		`- public MemberInfoResponse updateMember(Member member, UpdateMemberRequest request) {`
	`27`	`+ public MemberInfoResponse updateMember(Long memberId, UpdateMemberRequest request) {`
	`28`	`+ Member member = memberRepository.findById(memberId)`
	`29`	`+ .orElseThrow(() -> new EntityNotFoundException(ErrorCode.MEMBER_NOT_FOUND));`
`28`	`30`	`member.updateMember(request.comment(), request.profileImageUrl());`
`29`	`31`	`return MemberInfoResponse.from(member);`
`30`	`32`	`}`