Skip to content

[Debug] 회원탈퇴 외래키 제약으로 인한 오류 & 프로필 이미지 url 반환 코드 수정 #133

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
SungMinju merged 93 commits into from
Feb 12, 2026
Merged

[Debug] 회원탈퇴 외래키 제약으로 인한 오류 & 프로필 이미지 url 반환 코드 수정 #133

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
93 commits
Select commit Hold shift + click to select a range
442fb47
merge 성공
SungMinju Jan 12, 2026
8220906
merge 성공
SungMinju Jan 12, 2026
5d487f8
[feature]: user 엔티티 설계
SungMinju Jan 12, 2026
f31624d
merge 오류 수정
SungMinju Jan 17, 2026
af53b10
[Feature] JWT 생성
SungMinju Jan 19, 2026
f84b769
[FIX] 오류 수정
SungMinju Jan 19, 2026
37be66f
[FIX] User 엔티티 설정 수정
SungMinju Jan 19, 2026
8307545
[Feature] User 컨버터 구현
SungMinju Jan 19, 2026
c89395e
[FIX] 오류 수정
SungMinju Jan 19, 2026
e271230
[FIX] 설정값 수정
SungMinju Jan 19, 2026
16e29ee
[Refactor] 코드 구조 변경
SungMinju Jan 19, 2026
dcc3412
[Refactor] 코드 구조 변경
SungMinju Jan 19, 2026
107a30c
[Fix] 오류 응답 구조 변경으로 인한 오류 수정
SungMinju Jan 19, 2026
9943956
[Feat] 약관동의 추가
SungMinju Jan 29, 2026
32482b8
[Fix] 약관동의 dto 추가
SungMinju Jan 29, 2026
8d19b22
[Fix] 약관동의 dto 추가
SungMinju Jan 29, 2026
c849010
[Fix] refresh token dto 삭제
SungMinju Jan 29, 2026
4acbc09
[Fix] 유저 컨버터 코드 추가
SungMinju Jan 29, 2026
af9b5a4
[Refactor] Refresh Token 전달 방식 변경
SungMinju Jan 29, 2026
0239089
[Feat] Auth 로직 구현
SungMinju Jan 29, 2026
dfc0983
[Feat] Refresh Token 쿠키 저장 로직 구현
SungMinju Jan 29, 2026
d3d6f19
[Style] import 구문 수정
SungMinju Feb 3, 2026
ab72c3a
[Feat] 코드 추가
SungMinju Feb 3, 2026
af75e6c
[Feat] 오류메세지 추가
SungMinju Feb 3, 2026
9578c2d
[Feat] 회원가입/로그인 코드 구현
SungMinju Feb 3, 2026
a0410ad
Merge 성공
SungMinju Feb 3, 2026
379112a
Merge 과정 중 코드 생략 오류 수정
SungMinju Feb 3, 2026
6e49016
[Chore] BaseEntity import 경로 수정
SungMinju Feb 3, 2026
e4604fa
[Fix] cors 코드 수정
SungMinju Feb 3, 2026
09e7154
[Fix] cors 코드 수정
SungMinju Feb 3, 2026
2b5ff86
[Feat] 에러상태 코드 추가
SungMinju Feb 3, 2026
4316265
[Feat] S3 이미지 설정 코드 추가
SungMinju Feb 3, 2026
f360a57
[Fix] 프로필 이미지 변수 제거
SungMinju Feb 3, 2026
6d46ef5
[Fix] 회원 정보 수정 API 분리
SungMinju Feb 3, 2026
5a4ff0c
[Fix] 코드래빗 리뷰 수정사항 반영
SungMinju Feb 4, 2026
cb5902f
[Feat] 회원가입 시 Term(약관) 엔티티 저장 로직 추가
SungMinju Feb 4, 2026
dcbac96
[Refactor] @PasswordMatch 검증기 범용성 확대
SungMinju Feb 4, 2026
ac07dbc
[Refactor] @PasswordMatch 검증기 범용성 확대
SungMinju Feb 4, 2026
22a93d2
[Feat] 회원가입 시 Term(약관) 엔티티 저장 로직 추가
SungMinju Feb 4, 2026
931b6ac
[Fix] 프로필 업데이트 롤백 시 S3 파일 정리 로직 추가
SungMinju Feb 4, 2026
6f6b2a5
[Fix] 로그아웃 시 리프레시 토큰 쿠키 삭제 처리
SungMinju Feb 4, 2026
592b436
[Refactor] @PasswordMatch 검증기 범용성 확대
SungMinju Feb 4, 2026
dc56c8c
[Refactor] @PasswordMatch 검증기 범용성 확대
SungMinju Feb 4, 2026
65c36ad
[Chore] 유저 서비스 패키지 구조 변경
SungMinju Feb 4, 2026
8d48aa2
[Feat] 소셜로그인 구현
SungMinju Feb 4, 2026
1a1fd2f
[Feat] refreshToken 재발급 API 구현
SungMinju Feb 5, 2026
e39b7b5
[Feat] 소셜로그인 코드 구현
SungMinju Feb 5, 2026
4fa3dff
[Fix] 개인정보 변경 코드 수정
SungMinju Feb 5, 2026
3937bd5
[Chore] Valid 어노테이션 제거
SungMinju Feb 5, 2026
a86fc8e
[Feat] 카카오 OAuth2 성공/실패 핸들러 및 리다이렉트 처리 추가
SungMinju Feb 5, 2026
22c2b74
[Feat] refreshToken 기반 accessToken 재발급 API 및 서비스 구현
SungMinju Feb 5, 2026
8f15e04
[Feat] JWT 인증 필터 연결 및 local OAuth 설정 추가
SungMinju Feb 5, 2026
7f636a2
[Feat] OAuth2 authorization request 쿠키 처리 개선
SungMinju Feb 5, 2026
089716b
[Fix] OAuth2 로그인 쿠키 저장/로드 문제 해결
SungMinju Feb 5, 2026
8a20401
[Fix] 전화번호 null 값 반환으로 인한 오류 해결
SungMinju Feb 5, 2026
8dacd18
[Fix] 운영환경에 따른 설정
SungMinju Feb 5, 2026
f5396fc
[Debug] refreshToken 재발급 확인 로그 추가
SungMinju Feb 6, 2026
619fa60
[Fix] refreshToken 쿠키 삭제 코드 추가
SungMinju Feb 6, 2026
82e8e73
[chore] 프론트 OAuth2 redirect URL 테스트으로 인해 수정
SungMinju Feb 6, 2026
418e7fe
merge 오류 수정
SungMinju Feb 6, 2026
c7cddec
[Fix] 약관동의 연관관계로 인한 회원탈퇴 오류 수정
SungMinju Feb 6, 2026
aef94e9
[Fix] 토큰 재발급 받을때, 역할도 받게 수정
SungMinju Feb 6, 2026
30d23f3
[Chore] 에러응답 경로 변경
SungMinju Feb 6, 2026
c5de559
수정사항 없음
SungMinju Feb 6, 2026
d92614b
merge 충돌 수정
SungMinju Feb 6, 2026
f2f06c4
[Chore] 소셜로그인 서버 리다이랙트 url 수정
SungMinju Feb 6, 2026
c4d04b6
[Refactor] 코드래빗 피드백 반영하여 수정
SungMinju Feb 6, 2026
a2c8b29
[Refactor] 코드래빗 피드백 반영하여 수정
SungMinju Feb 7, 2026
888168b
[Refactor] 코드래빗 피드백 반영하여 수정
SungMinju Feb 7, 2026
cc5e0c4
[Feat] 비밀번호 변경 API 구현
SungMinju Feb 7, 2026
d0324c1
[Feat] 비밀번호 변경 API 구현
SungMinju Feb 7, 2026
29b6b0f
[Refactor] 보안상으로 사용자 정보 수정에서 이메일은 제거
SungMinju Feb 7, 2026
eac38d2
Merge branch 'develop' into feat/change-password
SungMinju Feb 7, 2026
c293cba
[Refactor] 비밀번호 변경 예외 코드 경로 정리 및 소셜 로그인 계정 비밀번호 변경 차단
SungMinju Feb 8, 2026
d001a3d
Merge branch 'feat/change-password' of https://github.com/Eatsfine/BE…
SungMinju Feb 8, 2026
12ad54c
[Fix] 괄호 생략으로 인한 오류 수정
SungMinju Feb 8, 2026
189c19b
[Fix] 괄호 생략으로 인한 오류 수정
SungMinju Feb 8, 2026
80a4cb7
[Fix] 비밀번호 변경 후 refresh token 무효화 코드 추가
SungMinju Feb 8, 2026
a0831d0
[Chore] 에러 코드 네이밍 컨벤션 불일치 수정
SungMinju Feb 8, 2026
3f5f131
[Refactor] 비밀번호 변경 시 쿠키 삭제 로직 컨트롤러로 이동
SungMinju Feb 8, 2026
08949fe
[Refactor] setSecure 동적 설정
SungMinju Feb 8, 2026
d9fc2eb
[Refactor] 나머지 코드 원상복귀
SungMinju Feb 8, 2026
9a87870
[Fix] 사용자 프로필 오류 수정
SungMinju Feb 11, 2026
9e99154
merge
SungMinju Feb 11, 2026
95bab25
Merge branch 'develop' into fix/profileImage
SungMinju Feb 11, 2026
c12ac36
[Chore] 들여쓰기 일치시킴
SungMinju Feb 11, 2026
dc1d4ee
[Fix] Origin 값 설정
SungMinju Feb 11, 2026
60ccbfa
Merge branch 'fix/profileImage' of https://github.com/Eatsfine/BE int…
SungMinju Feb 11, 2026
1723fa2
[Debug] 회원탈퇴 연관관계 및 회원 프로필 이미지 오류 수정
SungMinju Feb 11, 2026
567dd11
Merge branch 'develop' into debug/withdraw
SungMinju Feb 11, 2026
50417c0
Update UserErrorStatus.java
SungMinju Feb 11, 2026
32f6697
Update UserServiceImpl.java
SungMinju Feb 11, 2026
48ed4fc
Merge branch 'develop' into debug/withdraw
SungMinju Feb 12, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions src/main/java/com/eatsfine/eatsfine/domain/user/converter/UserConverter.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,10 +30,10 @@ public static UserResponseDto.LoginResponseDto toLoginResponse(User user, String


// 유저 정보 조회 응답 변환
public static UserResponseDto.UserInfoDto toUserInfo(User user) {
public static UserResponseDto.UserInfoDto toUserInfo(User user, String profileImageUrl) {
return UserResponseDto.UserInfoDto.builder()
.id(user.getId())
.profileImage(user.getProfileImage())
.profileImage(profileImageUrl)
.email(user.getEmail())
.name(user.getName())
.phoneNumber(user.getPhoneNumber())
Expand Down
20 changes: 20 additions & 0 deletions src/main/java/com/eatsfine/eatsfine/domain/user/entity/User.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,9 @@
import com.eatsfine.eatsfine.global.common.BaseEntity;
import jakarta.persistence.*;
import lombok.*;

import java.time.LocalDateTime;

@Entity
@Getter
// 수정한 부분: access 레벨을 PROTECTED로 설정하여 Hibernate가 접근할 수 있게 합니다.
Expand Down Expand Up @@ -46,6 +49,12 @@ public class User extends BaseEntity {
@Column(length = 500)
private String refreshToken;

@Column(name = "deleted_at")
private LocalDateTime deletedAt;

@Column(name = "is_deleted")
private Boolean isDeleted = false;
Comment on lines +52 to +56
Copy link

@coderabbitai coderabbitai bot Feb 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

isDeleted 필드에 @Builder.Default 누락 — Builder로 생성 시 null이 됩니다.

Lombok @Builder는 필드 초기화 값(= false)을 무시합니다. UserConverter.toUser() 등 Builder로 User를 생성하면 isDeletednull로 설정되어 DB에도 null이 저장됩니다.

isDeleted() 메서드에서 null-safe 처리를 하고 있어 런타임 오류는 없지만, DB 데이터 정합성을 위해 @Builder.Default를 추가하거나 columnDefinition으로 DB 기본값을 설정해야 합니다.

🔧 수정 제안 
     `@Column`(name = "is_deleted")
+    `@Builder.Default`
     private Boolean isDeleted = false;
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
@Column(name = "deleted_at")
private LocalDateTime deletedAt;
@Column(name = "is_deleted")
private Boolean isDeleted = false;
`@Column`(name = "deleted_at")
private LocalDateTime deletedAt;
`@Column`(name = "is_deleted")
`@Builder.Default`
private Boolean isDeleted = false;
🤖 Prompt for AI Agents 
In `@src/main/java/com/eatsfine/eatsfine/domain/user/entity/User.java` around
lines 52 - 56, The isDeleted field is initialized to false but Lombok's `@Builder`
ignores field initializers, causing Builder-created Users (e.g. in
UserConverter.toUser()) to get a null isDeleted and nullable DB writes; add
Lombok's `@Builder.Default` to the isDeleted field (keep the "= false" assignment)
so Builder sets a default false value, and verify uses like isDeleted() remain
null-safe; alternatively ensure a DB column default via columnDefinition if you
prefer DB-level enforcement.


public void updateName(String name) {
this.name = name;
}
Expand Down Expand Up @@ -87,6 +96,17 @@ public void linkSocial (SocialType socialType, String socialId){
this.socialId = socialId;
}

// 회원 탈퇴 메서드 추가
public void withdraw() {
this.isDeleted = true;
this.deletedAt = LocalDateTime.now();
this.refreshToken = null; // refresh token도 null 처리
}

public boolean isDeleted() {
return this.isDeleted != null && this.isDeleted;
}
Comment on lines +99 to +108
Copy link

@coderabbitai coderabbitai bot Feb 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Find User.java and related entity files
find . -type f -name "User.java" -o -name "*Term*.java" -o -name "*Entity.java" | head -20

Repository: Eatsfine/BE

Length of output: 337

🏁 Script executed:

#!/bin/bash
# Check repository structure
ls -la src/main/java/com/eatsfine/eatsfine/domain/ 2>/dev/null || ls -la . | head -20

Repository: Eatsfine/BE

Length of output: 1033

🏁 Script executed:

#!/bin/bash
# Find all entity files and examine User references
fd "\.java$" src/main/java --type f -x grep -l "@Entity\|@Table" {} \; | head -30

Repository: Eatsfine/BE

Length of output: 1225

🏁 Script executed:

#!/bin/bash
# Read User.java to see the withdraw() and isDeleted() methods and context
cat -n src/main/java/com/eatsfine/eatsfine/domain/user/entity/User.java | head -120

Repository: Eatsfine/BE

Length of output: 3686

🏁 Script executed:

#!/bin/bash
# Read Term.java to check User relationship and cascade config
cat -n src/main/java/com/eatsfine/eatsfine/domain/term/entity/Term.java

Repository: Eatsfine/BE

Length of output: 1166

🏁 Script executed:

#!/bin/bash
# Search for getCurrentUser implementation
rg -n "getCurrentUser" --type java -A 5

Repository: Eatsfine/BE

Length of output: 5362

🏁 Script executed:

#!/bin/bash
# Search for token invalidation or blacklist mechanism
rg -n "refreshToken|accessToken|token.*invalidat|blacklist|logout" --type java -i | head -40

Repository: Eatsfine/BE

Length of output: 6367

🏁 Script executed:

#!/bin/bash
# Search for where isDeleted() method is actually called
rg -n "\.isDeleted\(\)" --type java -B 3 -A 3

Repository: Eatsfine/BE

Length of output: 981

🏁 Script executed:

#!/bin/bash
# Check security configuration and filter/interceptor for user validation
rg -n "class.*Filter|class.*Interceptor|class.*Advice|SecurityContextHolder" --type java | head -20

Repository: Eatsfine/BE

Length of output: 708

🏁 Script executed:

#!/bin/bash
# Search for batch jobs, scheduled tasks, or cleanup logic
rg -n "@Scheduled|@Transactional.*void|batch|cleanup|purge|delete" --type java -i | grep -i "term\|orphan\|delete\|batch" | head -20

Repository: Eatsfine/BE

Length of output: 2488

🏁 Script executed:

#!/bin/bash
# Check if isDeleted filter exists in repository queries
rg -n "isDeleted|deleted_at" --type java src/main/java/com/eatsfine/eatsfine/domain/user/ -B 2 -A 2

Repository: Eatsfine/BE

Length of output: 2606

🏁 Script executed:

#!/bin/bash
# Check JwtAuthenticationFilter to see if isDeleted is checked there
cat -n src/main/java/com/eatsfine/eatsfine/global/config/jwt/JwtAuthenticationFilter.java | head -80

Repository: Eatsfine/BE

Length of output: 3602

🏁 Script executed:

#!/bin/bash
# Search for all entities that reference User to understand cascade impact scope
rg -n "User.*user|@ManyToOne.*User|@OneToOne.*User" --type java src/main/java/com/eatsfine/eatsfine/domain/ -B 1 -A 1 | head -60

Repository: Eatsfine/BE

Length of output: 6335

🏁 Script executed:

#!/bin/bash
# Check if there's a withdraw service method and how it's implemented
rg -n "withdraw" --type java -B 5 -A 10

Repository: Eatsfine/BE

Length of output: 9453

🏁 Script executed:

#!/bin/bash
# Check if there are any batch jobs or scheduled deletion tasks
fd ".*Batch.*\.java|.*Scheduler.*\.java|.*Job.*\.java" --type f | xargs cat 2>/dev/null | head -50

Repository: Eatsfine/BE

Length of output: 1548

🏁 Script executed:

#!/bin/bash
# Verify if there are any other User references or repositories that do isDeleted filtering
rg -n "findByEmail|findById" --type java src/main/java/com/eatsfine/eatsfine/domain/user/repository/ -A 3

Repository: Eatsfine/BE

Length of output: 559

🏁 Script executed:

#!/bin/bash
# Check if there's any aspect/annotation that globally checks isDeleted
rg -n "@Aspect|@Around|isDeleted" --type java src/main/java/com/eatsfine/eatsfine/global/ -B 2 -A 5

Repository: Eatsfine/BE

Length of output: 37

withdraw()isDeleted() — 소프트 딜리트 구현에 몇 가지 미흡한 점이 있습니다.

소프트 딜리트로 FK 제약을 해결한 점은 좋으나, 다음 사항들을 개선해야 합니다:

  1. 발급된 accessToken은 만료 시까지 유효합니다. refreshToken을 null 처리하면 토큰 재발급을 차단하지만, 탈퇴 전에 발급된 JWT accessToken은 만료 전까지 여전히 사용 가능합니다. 토큰 블랙리스트나 즉시 무효화 메커니즘이 필요할 수 있습니다.

  2. getCurrentUser()에서 isDeleted() 검사가 있으나, JwtAuthenticationFilter는 검사하지 않습니다. 현재 서비스 계층에서만 삭제 여부를 확인하므로, 필터 단계에서 추가 검증을 고려하세요.

  3. Term(약관 동의) 데이터가 영구 잔존합니다. withdraw() 메서드는 필드를 업데이트할 뿐 엔티티를 삭제하지 않으므로, User의 CascadeType.REMOVE(Line 110)가 작동하지 않습니다. GDPR/개인정보 보호 관점에서 탈퇴 시 관련 데이터(Term 등)를 명시적으로 삭제하는 로직이 필요합니다.

🤖 Prompt for AI Agents 
In `@src/main/java/com/eatsfine/eatsfine/domain/user/entity/User.java` around
lines 99 - 108, The withdraw() soft-delete only nulls refreshToken and sets
isDeleted/deletedAt but leaves issued accessTokens valid and related Term
entities intact; update withdraw() (and/or add a UserService method called from
withdraw()) to 1) record/emit an immediate token invalidation (e.g., add user
token blacklist entry or increment a tokenVersion field tied to JWTs so issued
accessTokens are rejected), 2) explicitly remove or anonymize related Term data
instead of relying on CascadeType.REMOVE (deleteRelatedTerms() or
termRepository.deleteByUser(this) as part of withdrawal), and 3) enforce the
deletion check earlier by adding isDeleted() validation into
JwtAuthenticationFilter so requests with deleted users are rejected at
authentication time rather than only in getCurrentUser().


@OneToOne(mappedBy = "user", cascade = CascadeType.REMOVE, orphanRemoval = true, fetch = FetchType.LAZY)
private Term term;
}
22 changes: 16 additions & 6 deletions src/main/java/com/eatsfine/eatsfine/domain/user/service/userService/UserServiceImpl.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -67,6 +67,10 @@ public UserResponseDto.LoginResponseDto login(UserRequestDto.LoginDto loginDto)
User user = userRepository.findByEmail(loginDto.getEmail())
.orElseThrow(() -> new UserException(UserErrorStatus.MEMBER_NOT_FOUND));

if (user.isDeleted()) {
throw new UserException(UserErrorStatus.WITHDRAWN_USER);
}

// 2) 비밀번호 검증
if (!passwordEncoder.matches(loginDto.getPassword(), user.getPassword())) {
throw new UserException(UserErrorStatus.INVALID_PASSWORD);
Expand All @@ -85,12 +89,12 @@ public UserResponseDto.LoginResponseDto login(UserRequestDto.LoginDto loginDto)
.refreshToken(refreshToken)
.build();
}

@Override
@Transactional
public UserResponseDto.UserInfoDto getMemberInfo(HttpServletRequest request) {
User user = getCurrentUser(request);
return UserConverter.toUserInfo(user);
String profileUrl = s3Service.toUrl(user.getProfileImage());
return UserConverter.toUserInfo(user, profileUrl);
}
Comment on lines 92 to 98
Copy link

@coderabbitai coderabbitai bot Feb 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick | 🔵 Trivial

getMemberInfo는 읽기 전용 — @Transactional(readOnly = true) 사용 권장.

이 메서드는 데이터를 조회만 하므로 readOnly = true를 설정하면 Hibernate flush 모드를 MANUAL로 전환하여 성능상 이점이 있습니다.

♻️ 수정 제안 
     `@Override`
-    `@Transactional`
+    `@Transactional`(readOnly = true)
     public UserResponseDto.UserInfoDto getMemberInfo(HttpServletRequest request) {

As per coding guidelines, "읽기 전용 트랜잭션(readOnly = true)을 적절히 사용했는지."

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
@Override
@Transactional
public UserResponseDto.UserInfoDto getMemberInfo(HttpServletRequest request) {
User user = getCurrentUser(request);
return UserConverter.toUserInfo(user);
String profileUrl = s3Service.toUrl(user.getProfileImage());
return UserConverter.toUserInfo(user, profileUrl);
}
`@Override`
`@Transactional`(readOnly = true)
public UserResponseDto.UserInfoDto getMemberInfo(HttpServletRequest request) {
User user = getCurrentUser(request);
String profileUrl = s3Service.toUrl(user.getProfileImage());
return UserConverter.toUserInfo(user, profileUrl);
}
🤖 Prompt for AI Agents 
In
`@src/main/java/com/eatsfine/eatsfine/domain/user/service/userService/UserServiceImpl.java`
around lines 88 - 94, getMemberInfo in UserServiceImpl is read-only but
annotated with `@Transactional`; change it to use a read-only transaction by
updating the annotation to `@Transactional`(readOnly = true) on the getMemberInfo
method so Hibernate uses MANUAL flush mode for better performance; ensure the
method signature (getMemberInfo), any calls to getCurrentUser, s3Service.toUrl,
and UserConverter.toUserInfo remain unchanged.


@Override
Expand Down Expand Up @@ -191,6 +195,7 @@ private void validateProfileImage(MultipartFile file) {
}



@Override
@Transactional
public void withdraw(HttpServletRequest request) {
Expand All @@ -205,8 +210,8 @@ public void withdraw(HttpServletRequest request) {
}
}

user.updateRefreshToken(null);
userRepository.delete(user);
user.withdraw();
userRepository.save(user);
}

@Override
Expand All @@ -225,8 +230,13 @@ private User getCurrentUser(HttpServletRequest request) {

String email = jwtTokenProvider.getEmailFromToken(token);

return userRepository.findByEmail(email)
User user = userRepository.findByEmail(email)
.orElseThrow(() -> new UserException(UserErrorStatus.MEMBER_NOT_FOUND));

if (user.isDeleted()) {
throw new UserException(UserErrorStatus.WITHDRAWN_USER);
}
return user;
}

@Override
Expand Down Expand Up @@ -283,4 +293,4 @@ public UserResponseDto.UpdatePasswordDto changePassword(
return UserConverter.toUpdatePasswordResponse(true, LocalDateTime.now(), "비밀번호가 성공적으로 변경되었습니다.");
}

}
}
4 changes: 2 additions & 2 deletions src/main/java/com/eatsfine/eatsfine/domain/user/status/UserErrorStatus.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,8 +16,8 @@ public enum UserErrorStatus implements BaseErrorCode {
EMAIL_ALREADY_EXISTS(HttpStatus.CONFLICT, "MEMBER4003", "이미 존재하는 이메일입니다."),
INVALID_PASSWORD(HttpStatus.BAD_REQUEST, "MEMBER4004", "비밀번호가 올바르지 않습니다."),
PASSWORD_NOT_MATCH(HttpStatus.BAD_REQUEST, "MEMBER4005", "현재 비밀번호가 일치하지 않습니다."),
SAME_PASSWORD(HttpStatus.BAD_REQUEST, "MEMBER4006", "새 비밀번호가 현재 비밀번호와 동일합니다.")

SAME_PASSWORD(HttpStatus.BAD_REQUEST, "MEMBER4006", "새 비밀번호가 현재 비밀번호와 동일합니다."),
WITHDRAWN_USER(HttpStatus.FORBIDDEN, "MEMBER4007", "탈퇴한 회원입니다.")
;

private final HttpStatus httpStatus;
Expand Down
3 changes: 2 additions & 1 deletion src/main/java/com/eatsfine/eatsfine/global/config/SecurityConfig.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -95,12 +95,12 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
return http.build();
}


@Bean
public HttpCookieOAuth2AuthorizationRequestRepository cookieAuthorizationRequestRepository() {
return new HttpCookieOAuth2AuthorizationRequestRepository();
}


@Bean
public CorsConfigurationSource corsConfigurationSource() {
CorsConfiguration config = new CorsConfiguration();
Expand All @@ -122,6 +122,7 @@ public CorsConfigurationSource corsConfigurationSource() {
return source;
}


@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
Expand Down