Merge pull request #38 from trans-talk/develop

[release] add withdraw member feature

Author: Hokirby

src/main/java/com/wootech/transtalk/client/GoogleClient.java

@@ -38,6 +38,9 @@ public class GoogleClient {
     private String redirectUri;
     @Value("${GOOGLE_AUTHORIZE_URI}")
     private String authorizeUri;
+    @Value("${spring.oauth.google.client.uri.revoke}")
+    private String revokeUri;
+
 
     public static final String BEARER_PREFIX = "Bearer ";
 
@@ -118,5 +121,33 @@ public GoogleProfileResponse requestProfile(String accessToken) {
         return googleProfileResponse;
     }
 
+    // 회원탈퇴
+    public void revokeToken(String token) {
+        if (token == null || token.isEmpty()) {
+            log.warn("[GoogleClient] Revoke token is empty, skipping revocation.");
+            return;
+        }
+
+        URI uri = UriComponentsBuilder.fromUriString(this.revokeUri)
+                .queryParam("token", token)
+                .build()
+                .toUri();
+        log.info("[GoogleClient] Revoke API URI: {}", uri);
+
+        try {
+            restClient.post()
+                    .uri(uri)
+                    .contentType(MediaType.APPLICATION_FORM_URLENCODED)
+                    .retrieve()
+                    .onStatus(HttpStatusCode::isError, (request, response) -> {
+                        String body = new String(response.getBody().readAllBytes());
+                        log.error("[GoogleClient] Revoke Token Failed for token: [{}]. Response: {}", token, body);
+                    })
+                    .toBodilessEntity();
+            log.info("[GoogleClient] Successfully Revoked Token for User Token: [{}]", token);
+        } catch (Exception e) {
+            log.error("[GoogleClient] Exception During Token Revocation for Token: [{}]. Error: {}", token, e.getMessage(), e);
+        }
+    }
 
 }

src/main/java/com/wootech/transtalk/config/DataInitializer.java

@@ -10,11 +10,12 @@
 import com.wootech.transtalk.repository.user.UserRepository;
 import com.wootech.transtalk.service.chatroom.ChatRoomService;
 import jakarta.annotation.PostConstruct;
-import java.time.Instant;
-import java.util.List;
 import lombok.RequiredArgsConstructor;
 import org.springframework.stereotype.Component;
 
+import java.time.Instant;
+import java.util.List;
+
 @Component
 @RequiredArgsConstructor
 public class DataInitializer {
@@ -70,4 +71,4 @@ private void createChat(Long ownerId, String ownerEmail, Long chatRoomId) {
             }
         }
     }
-}
+}

src/main/java/com/wootech/transtalk/config/jwt/JwtAuthenticationFilter.java

@@ -3,6 +3,8 @@
 import com.wootech.transtalk.config.util.JwtUtil;
 import com.wootech.transtalk.dto.auth.AuthUser;
 import com.wootech.transtalk.enums.UserRole;
+import com.wootech.transtalk.exception.custom.NotFoundException;
+import com.wootech.transtalk.service.user.UserDetailsServiceImpl;
 import io.jsonwebtoken.Claims;
 import io.jsonwebtoken.ExpiredJwtException;
 import io.jsonwebtoken.MalformedJwtException;
@@ -14,6 +16,7 @@
 import lombok.NonNull;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Component;
@@ -29,6 +32,7 @@
 public class JwtAuthenticationFilter extends OncePerRequestFilter {
 
     private final JwtUtil jwtUtil;
+    private final UserDetailsServiceImpl userDetailsService;
 
     @Override
     protected void doFilterInternal(
@@ -43,11 +47,18 @@ protected void doFilterInternal(
 
             try {
                 Claims claims = jwtUtil.extractClaims(jwt);
+                String email = jwtUtil.getEmail(jwt);
+
+                // 탈퇴된 사용자라면 404 에러
+                userDetailsService.loadUserByUsername(email);
 
                 if (SecurityContextHolder.getContext().getAuthentication() == null) {
                     setAuthentication(claims);
                 }
 
+            }catch (NotFoundException e) {
+                log.error(WITHDRAWN_USER_ERROR);
+                throw new AuthenticationCredentialsNotFoundException(WITHDRAWN_USER_ERROR, e);
             } catch (SecurityException | MalformedJwtException e) {
                 log.error(INVALID_JWT_SIGNATURE_ERROR, e);
                 response.sendError(HttpServletResponse.SC_UNAUTHORIZED, INVALID_JWT_SIGNATURE_ERROR);

src/main/java/com/wootech/transtalk/config/jwt/JwtChannelInterceptor.java

@@ -2,9 +2,11 @@
 
 import com.wootech.transtalk.config.util.JwtUtil;
 import com.wootech.transtalk.enums.UserRole;
+import com.wootech.transtalk.exception.custom.NotFoundException;
 import com.wootech.transtalk.exception.custom.UnauthorizedException;
 import com.wootech.transtalk.event.Events;
 import com.wootech.transtalk.event.ExitToChatRoomEvent;
+import com.wootech.transtalk.service.user.UserDetailsServiceImpl;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.http.HttpStatusCode;
@@ -20,13 +22,15 @@
 import java.util.List;
 
 import static com.wootech.transtalk.exception.ErrorMessages.JWT_DOES_NOT_EXIST_ERROR;
+import static com.wootech.transtalk.exception.ErrorMessages.WITHDRAWN_USER_ERROR;
 
 @Slf4j
 @Component
 @RequiredArgsConstructor
 public class JwtChannelInterceptor implements ChannelInterceptor {
 
     private final JwtUtil jwtUtil;
+    private final UserDetailsServiceImpl userDetailsService;
 
     @Override
     public Message<?> preSend(Message<?> message, MessageChannel channel) {
@@ -53,8 +57,14 @@ private void handleConnect(StompHeaderAccessor accessor) {
         validateAccessToken(accessToken);
 
         String userEmail = jwtUtil.getEmail(accessToken);
+        // 탈퇴된 사용자라면 404 에러
+        try {
+            userDetailsService.loadUserByUsername(userEmail);
+        } catch (NotFoundException e) {
+            log.error(WITHDRAWN_USER_ERROR);
+            throw new NotFoundException(WITHDRAWN_USER_ERROR, HttpStatusCode.valueOf(404));
+        }
         accessor.setUser(new UsernamePasswordAuthenticationToken(userEmail, null, List.of(UserRole.ROLE_USER)));
-
         log.info("[JwtChannelInterceptor] CONNECT - JWT Token validated for user={}", userEmail);
     }
     private String extractAccessToken(StompHeaderAccessor accessor) {

src/main/java/com/wootech/transtalk/config/util/CookieUtil.java

@@ -4,9 +4,11 @@
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.AccessLevel;
 import lombok.NoArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 
 import static com.wootech.transtalk.config.util.JwtUtil.REFRESH_TOKEN_TIME;
 
+@Slf4j
 @NoArgsConstructor(access = AccessLevel.PRIVATE)
 public class CookieUtil {
 
@@ -28,4 +30,16 @@ public static void addRefreshTokenCookie(HttpServletResponse response, String re
 
         response.addHeader("Set-Cookie", cookieValue);
     }
+
+    public static void deleteRefreshTokenCookie(HttpServletResponse response) {
+        String cookieName = "refreshToken";
+
+        String cookieValue = String.format(
+                "%s=; Max-Age=0; Path=/; Secure; HttpOnly; SameSite=None",
+                cookieName
+        );
+
+        response.addHeader("Set-Cookie", cookieValue);
+        log.info("[CookieUtil] Refresh Token Cookie Deleted: {}", cookieName);
+    }
 }

src/main/java/com/wootech/transtalk/controller/auth/AuthController.java

@@ -9,13 +9,16 @@
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.http.HttpHeaders;
 import org.springframework.security.core.annotation.AuthenticationPrincipal;
 import org.springframework.web.bind.annotation.*;
 
 import java.net.URI;
 import java.time.LocalDateTime;
 
 import static com.wootech.transtalk.config.util.CookieUtil.addRefreshTokenCookie;
+import static com.wootech.transtalk.config.util.CookieUtil.deleteRefreshTokenCookie;
+import static com.wootech.transtalk.exception.ErrorMessages.ACCESS_TOKEN_DOES_NOT_EXISTS_ERROR;
 
 @Slf4j
 @RequiredArgsConstructor
@@ -69,12 +72,25 @@ public ApiResponse<Object> logOut() {
 
     // 회원탈퇴
     @DeleteMapping("/withdraw")
-    public ApiResponse<Object> withdrawUser(@AuthenticationPrincipal AuthUser authUser) {
-        userService.withdrawUser(authUser);
-        return ApiResponse.builder()
-                .success(true)
-                .message("회원탈퇴에 성공했습니다.")
-                .timestamp(LocalDateTime.now())
-                .build();
+    public ApiResponse<Object> withdrawUser(
+            @RequestHeader(HttpHeaders.AUTHORIZATION) String authorizationHeader,
+            @AuthenticationPrincipal AuthUser authUser,
+            HttpServletResponse response
+    ) {
+        String accessToken = null;
+        if (authorizationHeader != null && authorizationHeader.startsWith("Bearer ")) {
+            accessToken = authorizationHeader.substring("Bearer ".length()).trim();
+        }
+        if (accessToken != null) {
+            authService.withdrawUser(authUser, accessToken);
+            deleteRefreshTokenCookie(response);
+            return ApiResponse.builder()
+                    .success(true)
+                    .message("회원탈퇴에 성공했습니다.")
+                    .timestamp(LocalDateTime.now())
+                    .build();
+        } else {
+            throw new IllegalArgumentException(ACCESS_TOKEN_DOES_NOT_EXISTS_ERROR);
+        }
     }
 }

src/main/java/com/wootech/transtalk/dto/auth/AuthUser.java

@@ -6,12 +6,13 @@
 import lombok.Getter;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
 
 import java.util.Collection;
 import java.util.List;
 
 @Getter
-public class AuthUser {
+public class AuthUser implements UserDetails {
 
     private final Long userId;
     private final String email;
@@ -25,4 +26,14 @@ public AuthUser(Long userId, String email, String name, UserRole role) {
         this.name = name;
         this.authorities = List.of(new SimpleGrantedAuthority(role.name()));
     }
+
+    @Override
+    public String getPassword() {
+        return "";
+    }
+
+    @Override
+    public String getUsername() {
+        return email;
+    }
 }

src/main/java/com/wootech/transtalk/entity/Chat.java

@@ -8,8 +8,6 @@
 import jakarta.persistence.GeneratedValue;
 import jakarta.persistence.GenerationType;
 import jakarta.persistence.Id;
-import java.time.LocalDateTime;
-import java.time.ZoneId;
 import lombok.AccessLevel;
 import lombok.Getter;
 import lombok.NoArgsConstructor;

src/main/java/com/wootech/transtalk/entity/ChatRoom.java

@@ -1,20 +1,23 @@
 package com.wootech.transtalk.entity;
 
-import com.fasterxml.jackson.core.JsonToken;
 import com.wootech.transtalk.enums.TranslateLanguage;
 import com.wootech.transtalk.exception.custom.NotFoundException;
 import jakarta.persistence.*;
-import java.time.Instant;
 import lombok.AccessLevel;
 import lombok.Getter;
 import lombok.NoArgsConstructor;
+import org.hibernate.annotations.SQLDelete;
+import org.hibernate.annotations.Where;
 import org.springframework.http.HttpStatusCode;
 
+import java.time.Instant;
 import java.util.ArrayList;
 import java.util.List;
 
 import static com.wootech.transtalk.exception.ErrorMessages.PARTICIPANT_NOT_FOUND_ERROR;
 
+@SQLDelete(sql = "UPDATE chat_room SET deleted_at = NOW() WHERE chat_room_id = ?")
+@Where(clause = "deleted_at IS NULL")
 @Getter
 @Entity
 @NoArgsConstructor(access = AccessLevel.PROTECTED)

src/main/java/com/wootech/transtalk/entity/Participant.java

@@ -6,7 +6,11 @@
 import lombok.AccessLevel;
 import lombok.Getter;
 import lombok.NoArgsConstructor;
+import org.hibernate.annotations.SQLDelete;
+import org.hibernate.annotations.Where;
 
+@SQLDelete(sql = "UPDATE participant SET deleted_at = NOW() WHERE participant_id = ?")
+@Where(clause = "deleted_at IS NULL")
 @Getter
 @Entity
 @NoArgsConstructor(access = AccessLevel.PROTECTED)