team-ppointer · seokbeom00 · Feb 14, 2025 · Feb 13, 2025 · Feb 13, 2025 · seokbeom00
diff --git a/...n/generated/com/moplus/moplus_server/domain/problem/service/mapper/ProblemMapperImpl.java b/...n/generated/com/moplus/moplus_server/domain/problem/service/mapper/ProblemMapperImpl.java
@@ -14,7 +14,7 @@
 
 @Generated(
     value = "org.mapstruct.ap.MappingProcessor",
-    date = "2025-02-13T05:08:28+0900",
+    date = "2025-02-13T19:05:39+0900",
     comments = "version: 1.6.3, compiler: javac, environment: Java 17.0.10 (JetBrains s.r.o.)"
 )
 @Component

diff --git a/src/main/java/com/moplus/moplus_server/domain/auth/controller/AuthController.java b/src/main/java/com/moplus/moplus_server/domain/auth/controller/AuthController.java
@@ -1,10 +1,20 @@
 package com.moplus.moplus_server.domain.auth.controller;
 
 import com.moplus.moplus_server.domain.auth.dto.request.AdminLoginRequest;
+import com.moplus.moplus_server.domain.auth.dto.response.AccessTokenResponse;
 import com.moplus.moplus_server.domain.auth.dto.response.TokenResponse;
-import io.swagger.v3.oas.annotations.Operation;
+import com.moplus.moplus_server.domain.auth.service.AuthService;
+import com.moplus.moplus_server.global.error.exception.ErrorCode;
+import com.moplus.moplus_server.global.error.exception.NotFoundException;
+import com.moplus.moplus_server.global.security.utils.CookieUtil;
+import jakarta.servlet.http.Cookie;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import jakarta.validation.Valid;
+import java.util.Arrays;
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -13,15 +23,41 @@
 @RestController
 @RequestMapping("/api/v1/auth")
 @RequiredArgsConstructor
-public class AuthController {
+public class AuthController implements AuthControllerDocs {
 
-    @Operation(summary = "어드민 로그인", description = "아아디 패스워드 로그인 후 토큰 발급합니다.")
+    private final AuthService authService;
+    private final CookieUtil cookieUtil;
+
+    private static String validateRefreshTokenCookie(HttpServletRequest request) {
+        if (request.getCookies() == null) {
+            throw new NotFoundException(ErrorCode.BLANK_INPUT_VALUE);
+        }
+        Cookie[] cookies = request.getCookies();
+        return Arrays.stream(cookies)
+                .filter(cookie -> "refreshToken".equals(cookie.getName()))
+                .map(Cookie::getValue)
+                .findFirst()
+                .orElseThrow(() -> new NotFoundException(ErrorCode.BLANK_INPUT_VALUE));
+    }
+
+    @Override
     @PostMapping("/admin/login")
-    public ResponseEntity<TokenResponse> adminLogin(
-            @RequestBody AdminLoginRequest request
+    public ResponseEntity<AccessTokenResponse> adminLogin(
+            @Valid @RequestBody AdminLoginRequest request
     ) {
         // 실제 처리는 Security 필터에서 이루어지며, 이 메서드는 Swagger 명세용입니다.
         return null;
     }
 
+    @Override
+    @GetMapping("/reissue")
+    public ResponseEntity<AccessTokenResponse> reissueToken(HttpServletRequest request, HttpServletResponse response) {
+        String refreshToken = validateRefreshTokenCookie(request);
+
+        TokenResponse tokenResponse = authService.reissueToken(refreshToken);
+
+        response.addCookie(cookieUtil.createCookie(tokenResponse.refreshToken()));
+
+        return ResponseEntity.ok(new AccessTokenResponse(tokenResponse.accessToken()));
+    }
 }
diff --git a/src/main/java/com/moplus/moplus_server/domain/auth/controller/AuthControllerDocs.java b/src/main/java/com/moplus/moplus_server/domain/auth/controller/AuthControllerDocs.java
@@ -0,0 +1,81 @@
+package com.moplus.moplus_server.domain.auth.controller;
+
+import com.moplus.moplus_server.domain.auth.dto.request.AdminLoginRequest;
+import com.moplus.moplus_server.domain.auth.dto.response.AccessTokenResponse;
+import com.moplus.moplus_server.global.error.ErrorResponse;
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.media.Content;
+import io.swagger.v3.oas.annotations.media.Schema;
+import io.swagger.v3.oas.annotations.responses.ApiResponse;
+import io.swagger.v3.oas.annotations.headers.Header;
+import io.swagger.v3.oas.annotations.tags.Tag;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import org.springframework.http.ResponseEntity;
+
+@Tag(name = "인증", description = "인증 관련 API")
+public interface AuthControllerDocs {
+
+    @Operation(
+        summary = "어드민 로그인",
+        description = "이메일과 비밀번호로 로그인하여 액세스 토큰을 발급받고 리프레시 토큰을 쿠키에 설정합니다.",
+        responses = {
+            @ApiResponse(
+                responseCode = "200",
+                description = "로그인 성공",
+                content = @Content(
+                    mediaType = "application/json",
+                    schema = @Schema(implementation = AccessTokenResponse.class)
+                ),
+                headers = @Header(
+                    name = "Set-Cookie",
+                    description = "리프레시 토큰이 담긴 HTTP Only 쿠키",
+                    schema = @Schema(
+                        type = "string",
+                        example = "refreshToken=xxx; Path=/; HttpOnly; Secure; SameSite=None"
+                    )
+                )
+            ),
+            @ApiResponse(
+                responseCode = "401",
+                description = "인증 실패 (잘못된 이메일 또는 비밀번호)",
+                content = @Content(schema = @Schema(implementation = ErrorResponse.class))
+            )
+        }
+    )
+    ResponseEntity<AccessTokenResponse> adminLogin(AdminLoginRequest request);
+
+    @Operation(
+        summary = "토큰 재발급",
+        description = "리프레시 토큰을 통해 새로운 액세스 토큰을 발급하고 새로운 리프레시 토큰을 쿠키에 설정합니다.",
+        responses = {
+            @ApiResponse(
+                responseCode = "200",
+                description = "토큰 재발급 성공",
+                content = @Content(
+                    mediaType = "application/json",
+                    schema = @Schema(implementation = AccessTokenResponse.class)
+                ),
+                headers = @Header(
+                    name = "Set-Cookie",
+                    description = "새로운 리프레시 토큰이 담긴 HTTP Only 쿠키",
+                    schema = @Schema(
+                        type = "string",
+                        example = "refreshToken=xxx; Path=/; HttpOnly; Secure; SameSite=None"
+                    )
+                )
+            ),
+            @ApiResponse(
+                responseCode = "401",
+                description = "유효하지 않은 리프레시 토큰",
+                content = @Content(schema = @Schema(implementation = ErrorResponse.class))
+            ),
+            @ApiResponse(
+                responseCode = "404",
+                description = "리프레시 토큰 쿠키 없음",
+                content = @Content(schema = @Schema(implementation = ErrorResponse.class))
+            )
+        }
+    )
+    ResponseEntity<AccessTokenResponse> reissueToken(HttpServletRequest request, HttpServletResponse response);
+} 
diff --git a/src/main/java/com/moplus/moplus_server/domain/auth/dto/request/AdminLoginRequest.java b/src/main/java/com/moplus/moplus_server/domain/auth/dto/request/AdminLoginRequest.java
@@ -1,7 +1,11 @@
 package com.moplus.moplus_server.domain.auth.dto.request;
 
+import jakarta.validation.constraints.NotNull;
+
 public record AdminLoginRequest(
+        @NotNull(message = "이메일을 입력해주세요.")
         String email,
+        @NotNull(message = "비밀번호를 입력해주세요.")
         String password
 ) {
 }
diff --git a/src/main/java/com/moplus/moplus_server/domain/auth/dto/response/AccessTokenResponse.java b/src/main/java/com/moplus/moplus_server/domain/auth/dto/response/AccessTokenResponse.java
@@ -0,0 +1,5 @@
+package com.moplus.moplus_server.domain.auth.dto.response;
+
+public record AccessTokenResponse(
+    String accessToken
+) {} 
diff --git a/src/main/java/com/moplus/moplus_server/domain/auth/service/AuthService.java b/src/main/java/com/moplus/moplus_server/domain/auth/service/AuthService.java
@@ -0,0 +1,65 @@
+package com.moplus.moplus_server.domain.auth.service;
+
+import com.moplus.moplus_server.domain.auth.dto.response.TokenResponse;
+import com.moplus.moplus_server.domain.member.domain.Member;
+import com.moplus.moplus_server.domain.member.service.MemberService;
+import com.moplus.moplus_server.global.error.exception.ErrorCode;
+import com.moplus.moplus_server.global.error.exception.InvalidValueException;
+import com.moplus.moplus_server.global.security.exception.JwtInvalidException;
+import com.moplus.moplus_server.global.security.utils.JwtUtil;
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.ExpiredJwtException;
+import io.jsonwebtoken.MalformedJwtException;
+import io.jsonwebtoken.security.SignatureException;
+import lombok.RequiredArgsConstructor;
+import org.springframework.security.authentication.BadCredentialsException;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
+@Service
+@RequiredArgsConstructor
+public class AuthService {
+
+    private final JwtUtil jwtUtil;
+    private final MemberService memberService;
+
+    @Transactional
+    public TokenResponse reissueToken(String refreshToken) {
+        if (refreshToken == null) {
+            throw new InvalidValueException(ErrorCode.INVALID_INPUT_VALUE);
+        }
+
+        Claims claims = getClaims(refreshToken);
+        final Member member = getMemberById(claims.getSubject());
+
+        // 새로운 액세스 토큰과 리프레시 토큰 생성
+        String newAccessToken = jwtUtil.generateAccessToken(member);
+        String newRefreshToken = jwtUtil.generateRefreshToken(member);
+
+        return new TokenResponse(newAccessToken, newRefreshToken);
+    }
+
+    private Claims getClaims(String refreshToken) {
+        Claims claims;
+        try {
+            claims = jwtUtil.getRefreshTokenClaims(refreshToken);
+        } catch (ExpiredJwtException expiredJwtException) {
+            throw new JwtInvalidException(ErrorCode.EXPIRED_TOKEN.getMessage());
+        } catch (SignatureException signatureException) {
+            throw new JwtInvalidException(ErrorCode.WRONG_TYPE_TOKEN.getMessage());
+        } catch (MalformedJwtException malformedJwtException) {
+            throw new JwtInvalidException(ErrorCode.UNSUPPORTED_TOKEN.getMessage());
+        } catch (IllegalArgumentException illegalArgumentException) {
+            throw new JwtInvalidException(ErrorCode.UNKNOWN_ERROR.getMessage());
+        }
+        return claims;
+    }
+
+    private Member getMemberById(String id) {
+        try {
+            return memberService.getMemberById(Long.parseLong(id));
+        } catch (Exception e) {
+            throw new BadCredentialsException(ErrorCode.BAD_CREDENTIALS.getMessage());
+        }
+    }
+} 
diff --git a/src/main/java/com/moplus/moplus_server/domain/concept/controller/ConceptTagController.java b/src/main/java/com/moplus/moplus_server/domain/concept/controller/ConceptTagController.java
@@ -3,13 +3,15 @@
 import com.moplus.moplus_server.domain.concept.dto.response.ConceptTagResponse;
 import com.moplus.moplus_server.domain.concept.repository.ConceptTagRepository;
 import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.tags.Tag;
 import java.util.List;
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
+@Tag(name = "문항", description = "문항 관련 API")
 @RestController
 @RequestMapping("/api/v1/conceptTags")
 @RequiredArgsConstructor

diff --git a/src/main/java/com/moplus/moplus_server/domain/concept/dto/response/ConceptTagResponse.java b/src/main/java/com/moplus/moplus_server/domain/concept/dto/response/ConceptTagResponse.java
@@ -1,9 +1,12 @@
 package com.moplus.moplus_server.domain.concept.dto.response;
 
 import com.moplus.moplus_server.domain.concept.domain.ConceptTag;
+import jakarta.validation.constraints.NotNull;
 
 public record ConceptTagResponse(
+        @NotNull(message = "개념 태그 ID는 필수입니다")
         Long id,
+        @NotNull(message = "개념 태그 이름은 필수입니다")
         String name
 ) {
     public static ConceptTagResponse of(ConceptTag entity) {

diff --git a/src/main/java/com/moplus/moplus_server/domain/member/controller/MemberController.java b/src/main/java/com/moplus/moplus_server/domain/member/controller/MemberController.java
@@ -4,12 +4,14 @@
 import com.moplus.moplus_server.domain.member.dto.response.MemberGetResponse;
 import com.moplus.moplus_server.global.annotation.AuthUser;
 import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
+@Tag(name = "회원", description = "회원 관련 API")
 @RestController
 @RequestMapping("/api/v1/member")
 @RequiredArgsConstructor

diff --git a/...in/java/com/moplus/moplus_server/domain/problem/controller/PracticeTestTagController.java b/...in/java/com/moplus/moplus_server/domain/problem/controller/PracticeTestTagController.java
@@ -3,13 +3,16 @@
 import com.moplus.moplus_server.domain.problem.dto.response.PracticeTestTagResponse;
 import com.moplus.moplus_server.domain.problem.repository.PracticeTestTagRepository;
 import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.tags.Tag;
 import java.util.List;
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
+
+@Tag(name = "문항", description = "문항 관련 API")
 @RestController
 @RequestMapping("/api/v1/practiceTestTags")
 @RequiredArgsConstructor

diff --git a/src/main/java/com/moplus/moplus_server/domain/problem/controller/ProblemController.java b/src/main/java/com/moplus/moplus_server/domain/problem/controller/ProblemController.java
@@ -8,6 +8,7 @@
 import com.moplus.moplus_server.domain.problem.service.ProblemSaveService;
 import com.moplus.moplus_server.domain.problem.service.ProblemUpdateService;
 import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.tags.Tag;
 import jakarta.validation.Valid;
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.ResponseEntity;
@@ -19,6 +20,7 @@
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
+@Tag(name = "문항", description = "문항 관련 API")
 @RestController
 @RequestMapping("/api/v1/problems")
 @RequiredArgsConstructor

diff --git a/...main/java/com/moplus/moplus_server/domain/problem/controller/ProblemSearchController.java b/...main/java/com/moplus/moplus_server/domain/problem/controller/ProblemSearchController.java
@@ -3,6 +3,7 @@
 import com.moplus.moplus_server.domain.problem.dto.response.ProblemSearchGetResponse;
 import com.moplus.moplus_server.domain.problem.repository.ProblemSearchRepositoryCustom;
 import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.tags.Tag;
 import java.util.List;
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.ResponseEntity;
@@ -11,6 +12,7 @@
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
 
+@Tag(name = "문항", description = "문항 관련 API")
 @RestController
 @RequestMapping("/api/v1/problems")
 @RequiredArgsConstructor

diff --git a/src/main/java/com/moplus/moplus_server/domain/problem/domain/problem/ProblemAdminId.java b/src/main/java/com/moplus/moplus_server/domain/problem/domain/problem/ProblemAdminId.java
@@ -12,7 +12,7 @@
 @NoArgsConstructor(access = AccessLevel.PROTECTED)
 public class ProblemAdminId implements Serializable {
 
-    @Column(name = "problem_admin_id")
+    @Column(name = "problem_admin_id", nullable = false)
     private String id;
 
     public ProblemAdminId(String id) {

diff --git a/src/main/java/com/moplus/moplus_server/domain/problem/dto/request/ProblemPostRequest.java b/src/main/java/com/moplus/moplus_server/domain/problem/dto/request/ProblemPostRequest.java
@@ -7,7 +7,7 @@
 import jakarta.validation.constraints.NotNull;
 
 public record ProblemPostRequest(
-        @NotNull(message = "문제 유형은 필수입니다")
+        @NotNull(message = "문항 유형은 필수입니다")
         ProblemType problemType,
         Long practiceTestId,
         int number

diff --git a/src/main/java/com/moplus/moplus_server/domain/problem/dto/request/ProblemUpdateRequest.java b/src/main/java/com/moplus/moplus_server/domain/problem/dto/request/ProblemUpdateRequest.java
@@ -2,10 +2,12 @@
 
 import com.moplus.moplus_server.domain.problem.domain.problem.AnswerType;
 import com.moplus.moplus_server.domain.problem.domain.problem.ProblemType;
+import jakarta.validation.constraints.NotNull;
 import java.util.List;
 import java.util.Set;
 
 public record ProblemUpdateRequest(
+        @NotNull(message = "문제 유형은 필수입니다")
         ProblemType problemType,
         Long practiceTestId,
         int number,

diff --git a/...in/java/com/moplus/moplus_server/domain/problem/dto/response/ChildProblemGetResponse.java b/...in/java/com/moplus/moplus_server/domain/problem/dto/response/ChildProblemGetResponse.java
@@ -2,11 +2,13 @@
 
 import com.moplus.moplus_server.domain.problem.domain.childProblem.ChildProblem;
 import com.moplus.moplus_server.domain.problem.domain.problem.AnswerType;
+import jakarta.validation.constraints.NotNull;
 import java.util.Set;
 import lombok.Builder;
 
 @Builder
 public record ChildProblemGetResponse(
+        @NotNull(message = "새끼 문항 ID는 필수입니다")
         Long childProblemId,
         String imageUrl,
         AnswerType answerType,