Merge pull request #301 from GSM-MSG/300-password-change-old-password-new-verify-if-the-password-same

🔀 :: 기존 비밀번호와 새 비밀번호와 다른지 검사하는 로직

Author: Umjiseung

src/main/kotlin/com/msg/gauth/domain/auth/exception/PasswordAndNewPasswordSameException.kt

@@ -0,0 +1,6 @@
+package com.msg.gauth.domain.auth.exception
+
+import com.msg.gauth.global.exception.ErrorCode
+import com.msg.gauth.global.exception.exceptions.BasicException
+
+class PasswordAndNewPasswordSameException: BasicException(ErrorCode.SAME_PASSWORD_AND_NEW_PASSWORD)

src/main/kotlin/com/msg/gauth/domain/auth/presentation/AuthController.kt

@@ -4,8 +4,8 @@ import com.msg.gauth.domain.auth.presentation.dto.request.SignUpDto
 import com.msg.gauth.domain.auth.presentation.dto.request.SignInRequestDto
 import com.msg.gauth.domain.auth.presentation.dto.response.RefreshResponseDto
 import com.msg.gauth.domain.auth.service.*
-import com.msg.gauth.domain.auth.presentation.dto.request.PasswordInitReqDto
-import com.msg.gauth.domain.auth.presentation.dto.request.PasswordUpdateRequestDto
+import com.msg.gauth.domain.auth.presentation.dto.request.InitPasswordRequestDto
+import com.msg.gauth.domain.auth.presentation.dto.request.UpdatePasswordRequestDto
 import com.msg.gauth.domain.auth.presentation.dto.response.SignInResponseDto
 import com.msg.gauth.domain.auth.presentation.dto.response.SignUpImageResDto
 import com.msg.gauth.domain.auth.service.InitPasswordService
@@ -58,14 +58,14 @@ class AuthController(
 
 
     @PatchMapping("/password/initialize")
-    fun initPassword(@Valid @RequestBody passwordInitReqDto: PasswordInitReqDto): ResponseEntity<Void> {
-        initPasswordService.execute(passwordInitReqDto)
+    fun initPassword(@Valid @RequestBody initPasswordRequestDto: InitPasswordRequestDto): ResponseEntity<Void> {
+        initPasswordService.execute(initPasswordRequestDto)
         return ResponseEntity.noContent().build()
     }
 
     @PatchMapping("/password")
-    fun updatePassword(@RequestBody passwordUpdateRequestDto: PasswordUpdateRequestDto): ResponseEntity<Void> {
-        updatePasswordService.execute(passwordUpdateRequestDto)
+    fun updatePassword(@RequestBody updatePasswordRequestDto: UpdatePasswordRequestDto): ResponseEntity<Void> {
+        updatePasswordService.execute(updatePasswordRequestDto)
         return ResponseEntity.noContent().build()
     }
 }

src/main/kotlin/com/msg/gauth/domain/auth/presentation/dto/request/PasswordInitReqDto.kt renamed to src/main/kotlin/com/msg/gauth/domain/auth/presentation/dto/request/InitPasswordRequestDto.kt

@@ -4,7 +4,7 @@ import com.msg.gauth.domain.user.User
 import javax.validation.constraints.NotBlank
 import javax.validation.constraints.Pattern
 
-data class PasswordInitReqDto(
+data class InitPasswordRequestDto(
     @field:NotBlank
     @field:Pattern(regexp = "^[a-zA-Z0-9.]+@gsm.hs.kr$")
     val email: String,

src/main/kotlin/com/msg/gauth/domain/auth/presentation/dto/request/PasswordUpdateRequestDto.kt renamed to src/main/kotlin/com/msg/gauth/domain/auth/presentation/dto/request/UpdatePasswordRequestDto.kt

@@ -1,10 +1,9 @@
 package com.msg.gauth.domain.auth.presentation.dto.request
 
-import com.msg.gauth.domain.user.User
 import javax.validation.constraints.NotBlank
 import javax.validation.constraints.Pattern
 
-data class PasswordUpdateRequestDto(
+data class UpdatePasswordRequestDto(
     @field:NotBlank
     val password: String,
     @field:NotBlank

src/main/kotlin/com/msg/gauth/domain/auth/service/InitPasswordService.kt

@@ -3,8 +3,7 @@ package com.msg.gauth.domain.auth.service
 import com.msg.gauth.domain.email.repository.EmailAuthRepository
 import com.msg.gauth.domain.user.exception.EmailNotVerifiedException
 import com.msg.gauth.domain.user.exception.UserNotFoundException
-import com.msg.gauth.domain.auth.presentation.dto.request.PasswordInitReqDto
-import com.msg.gauth.domain.user.User
+import com.msg.gauth.domain.auth.presentation.dto.request.InitPasswordRequestDto
 import com.msg.gauth.domain.user.repository.UserRepository
 import com.msg.gauth.global.annotation.service.TransactionalService
 import org.springframework.security.crypto.password.PasswordEncoder
@@ -15,17 +14,17 @@ class InitPasswordService(
     private val emailAuthRepository: EmailAuthRepository,
     private val passwordEncoder: PasswordEncoder,
 ){
-    fun execute(passwordInitReqDto: PasswordInitReqDto){
-        val emailAuth = emailAuthRepository.findById(passwordInitReqDto.email)
+    fun execute(initPasswordRequestDto: InitPasswordRequestDto){
+        val emailAuth = emailAuthRepository.findById(initPasswordRequestDto.email)
             .orElseThrow { throw EmailNotVerifiedException() }
 
         if(!emailAuth.authentication)
             throw EmailNotVerifiedException()
 
-        val user = userRepository.findByEmail(passwordInitReqDto.email)
+        val user = userRepository.findByEmail(initPasswordRequestDto.email)
             ?: throw UserNotFoundException()
 
-        userRepository.save(passwordInitReqDto.toEntity(user, passwordEncoder.encode(passwordInitReqDto.newPassword)))
+        userRepository.save(initPasswordRequestDto.toEntity(user, passwordEncoder.encode(initPasswordRequestDto.newPassword)))
         emailAuthRepository.delete(emailAuth)
     }
 }

src/main/kotlin/com/msg/gauth/domain/auth/service/UpdatePasswordService.kt

@@ -1,7 +1,8 @@
 package com.msg.gauth.domain.auth.service
 
+import com.msg.gauth.domain.auth.exception.PasswordAndNewPasswordSameException
 import com.msg.gauth.domain.auth.exception.PasswordMismatchException
-import com.msg.gauth.domain.auth.presentation.dto.request.PasswordUpdateRequestDto
+import com.msg.gauth.domain.auth.presentation.dto.request.UpdatePasswordRequestDto
 import com.msg.gauth.domain.user.User
 import com.msg.gauth.domain.user.repository.UserRepository
 import com.msg.gauth.domain.user.util.UserUtil
@@ -15,14 +16,18 @@ class UpdatePasswordService(
     private val userRepository: UserRepository
 ) {
 
-    fun execute(passwordUpdateRequestDto: PasswordUpdateRequestDto) {
+    fun execute(updatePasswordRequestDto: UpdatePasswordRequestDto) {
         val currentUser = userUtil.fetchCurrentUser()
 
-        if (!passwordEncoder.matches(passwordUpdateRequestDto.password, currentUser.password)) {
+        if (!passwordEncoder.matches(updatePasswordRequestDto.password, currentUser.password)) {
             throw PasswordMismatchException()
         }
 
-        val newPassword = passwordEncoder.encode(passwordUpdateRequestDto.newPassword)
+        if (updatePasswordRequestDto.password == updatePasswordRequestDto.newPassword) {
+            throw PasswordAndNewPasswordSameException()
+        }
+
+        val newPassword = passwordEncoder.encode(updatePasswordRequestDto.newPassword)
 
         val user = User(
             id = currentUser.id,

src/main/kotlin/com/msg/gauth/global/exception/ErrorCode.kt

@@ -10,6 +10,7 @@ enum class ErrorCode(
     FILE_EXTENSION_INVALID("파일 확장자가 유효하지 않습니다.", 400),
     ALREADY_AUTHENTICATED_MAIL("이미 인증된 메일 입니다.", 400),
     INVALID_DELEGATE_USER("유효하지 않은 위임자입니다.", 400),
+    SAME_PASSWORD_AND_NEW_PASSWORD("기본 비밀번호와 새 비밀번호가 일치합니다.", 400),
 
     AUTH_CODE_EXPIRED("메일 인증이 만료되었습니다.", 401),
     UNAUTHORIZED("권한 없음", 401),