Merge pull request #381 from TaskFlow-CLAP/CLAP-310

�CLAP-310 관리자 회원 정보 수정 api request 변경 및 비밀번호 재설정 인증번호 로직 수정 및 시큐리티 설정

Author: joowojr

src/main/java/clap/server/adapter/inbound/security/SecurityConfig.java

@@ -85,6 +85,7 @@ private AbstractRequestMatcherRegistry<AuthorizeHttpRequestsConfigurer<HttpSecur
                 .requestMatchers(LOGIN_ENDPOINT).permitAll()
                 .requestMatchers(HEALTH_CHECK_ENDPOINT).permitAll()
                 .requestMatchers(REISSUANCE_ENDPOINT).permitAll()
+                .requestMatchers(PASSWORD_EMAIL_ENDPOINT).permitAll()
                 .requestMatchers(SWAGGER_ENDPOINTS).permitAll();
     }
 

src/main/java/clap/server/adapter/inbound/security/WebSecurityUrl.java

@@ -13,5 +13,6 @@ private WebSecurityUrl() {
             "/swagger-ui/**", "/swagger"
     };
     public static final String REISSUANCE_ENDPOINT = "/api/auths/reissuance";
+    public static final String PASSWORD_EMAIL_ENDPOINT = "/api/verifications/**";
     public static final String TEMPORARY_TOKEN_ALLOWED_ENDPOINT = "/api/members/initial-password";
 }

src/main/java/clap/server/adapter/inbound/security/filter/JwtAuthenticationFilter.java

@@ -2,8 +2,8 @@
 
 import clap.server.adapter.outbound.jwt.JwtClaims;
 import clap.server.adapter.outbound.jwt.access.AccessTokenClaimKeys;
-import clap.server.application.port.outbound.auth.forbidden.ForbiddenTokenPort;
 import clap.server.application.port.outbound.auth.JwtProvider;
+import clap.server.application.port.outbound.auth.forbidden.ForbiddenTokenPort;
 import clap.server.exception.JwtException;
 import clap.server.exception.code.AuthErrorCode;
 import io.jsonwebtoken.Claims;
@@ -49,7 +49,7 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
             SWAGGER_ENDPOINTS
     ).flatMap(Arrays::stream).toArray(String[]::new);
 
-    public static final String[] ANONYMOUS_ENDPOINTS = {LOGIN_ENDPOINT, REISSUANCE_ENDPOINT};
+    public static final String[] ANONYMOUS_ENDPOINTS = {LOGIN_ENDPOINT, REISSUANCE_ENDPOINT, PASSWORD_EMAIL_ENDPOINT};
 
     @Override
     protected void doFilterInternal(

src/main/java/clap/server/adapter/inbound/web/admin/FindDepartmentController.java

@@ -1,12 +1,12 @@
 package clap.server.adapter.inbound.web.admin;
 
 import clap.server.adapter.inbound.web.dto.admin.response.FindAllDepartmentsResponse;
-import clap.server.application.mapper.DepartmentResponseMapper;
 import clap.server.application.port.inbound.admin.FindAllDepartmentsUsecase;
 import clap.server.common.annotation.architecture.WebAdapter;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.RequiredArgsConstructor;
+import org.springframework.http.ResponseEntity;
 import org.springframework.security.access.annotation.Secured;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -23,10 +23,7 @@ public class FindDepartmentController {
     @Operation(summary = "부서 조회 API")
     @Secured("ROLE_ADMIN")
     @GetMapping("/departments")
-    public List<FindAllDepartmentsResponse> findAllDepartments() {
-        return findAllDepartmentsUsecase.findAllDepartments()
-                .stream()
-                .map(DepartmentResponseMapper::toFindAllDepartmentsResponse)
-                .toList();
+    public ResponseEntity<List<FindAllDepartmentsResponse>> findAllDepartments() {
+        return ResponseEntity.ok(findAllDepartmentsUsecase.findAllDepartments());
     }
 }

src/main/java/clap/server/adapter/inbound/web/admin/RegisterMemberCsvController.java

@@ -9,6 +9,7 @@
 import clap.server.exception.code.FileErrorcode;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
+import lombok.RequiredArgsConstructor;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.access.annotation.Secured;
 import org.springframework.security.core.annotation.AuthenticationPrincipal;
@@ -21,23 +22,19 @@
 
 @Tag(name = "05. Admin [회원 관리]")
 @WebAdapter
+@RequiredArgsConstructor
 @RequestMapping("/api/managements")
 public class RegisterMemberCsvController {
     private final RegisterMemberCSVUsecase registerMemberCSVUsecase;
 
-    public RegisterMemberCsvController(RegisterMemberCSVUsecase registerMemberCSVUsecase) {
-        this.registerMemberCSVUsecase = registerMemberCSVUsecase;
-    }
-
     @Operation(summary = "CSV 파일로 회원 등록 API")
     @PostMapping("/members/upload")
     @Secured("ROLE_ADMIN")
     public ResponseEntity<String> registerMembersFromCsv(
             @AuthenticationPrincipal SecurityUserDetails userInfo,
             @RequestParam("file") MultipartFile file) throws IOException {
         if (!FileTypeValidator.validCSVFile(file.getInputStream())) {
-            throw new AdapterException(FileErrorcode.UNSUPPORTED_FILE_TYPE);
-        }
+            throw new AdapterException(FileErrorcode.UNSUPPORTED_FILE_TYPE);}
         int addedCount = registerMemberCSVUsecase.registerMembersFromCsv(userInfo.getUserId(), file);
         return ResponseEntity.ok(addedCount + "명의 회원이 등록되었습니다.");
     }

src/main/java/clap/server/adapter/inbound/web/dto/admin/request/UpdateMemberRequest.java

@@ -12,8 +12,6 @@ public record UpdateMemberRequest(
         @NotBlank
         @Pattern(regexp = "^[a-zA-Z0-9_+&*-]+(?:\\.[a-zA-Z0-9_+&*-]+)*@(?:[a-zA-Z0-9-]+\\.)+[a-zA-Z]{2,7}$",
                 message = "올바른 이메일 형식이 아닙니다.")
-        @Schema(description = "회원 이메일", example = "siena@gmail.com")
-        String email,
         @NotNull @Schema(description = "승인 권한 여부")
         Boolean isReviewer,
         @NotNull @Schema(description = "부서 ID")

src/main/java/clap/server/adapter/inbound/web/dto/member/response/SendVerificationCodeRequest.java

@@ -0,0 +1,11 @@
+package clap.server.adapter.inbound.web.dto.member.response;
+
+import jakarta.validation.constraints.NotBlank;
+
+public record SendVerificationCodeRequest(
+        @NotBlank
+        String nickname,
+        @NotBlank
+        String email
+) {
+}

src/main/java/clap/server/adapter/inbound/web/dto/member/response/VerifyCodeRequest.java

@@ -0,0 +1,12 @@
+
+package clap.server.adapter.inbound.web.dto.member.response;
+
+import jakarta.validation.constraints.NotBlank;
+
+public record VerifyCodeRequest(
+        @NotBlank
+        String email,
+        @NotBlank
+        String code
+) {
+}

src/main/java/clap/server/adapter/inbound/web/member/EmailVerificationController.java

@@ -1,35 +1,34 @@
 package clap.server.adapter.inbound.web.member;
 
-import clap.server.adapter.inbound.security.service.SecurityUserDetails;
+import clap.server.adapter.inbound.web.dto.member.response.SendVerificationCodeRequest;
+import clap.server.adapter.inbound.web.dto.member.response.VerifyCodeRequest;
 import clap.server.application.port.inbound.member.SendVerificationEmailUsecase;
 import clap.server.application.port.inbound.member.VerifyEmailCodeUsecase;
 import clap.server.common.annotation.architecture.WebAdapter;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.RequiredArgsConstructor;
-import org.springframework.security.core.annotation.AuthenticationPrincipal;
 import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestParam;
 
 @Tag(name = "00. Auth [인증번호]")
 @WebAdapter
 @RequiredArgsConstructor
-@RequestMapping("/api/members")
+@RequestMapping("/api")
 public class EmailVerificationController {
     private final SendVerificationEmailUsecase sendVerificationEmailUsecase;
     private final VerifyEmailCodeUsecase verifyEmailCodeUsecase;
 
     @Operation(summary = "인증번호 전송 API")
-    @PostMapping("/verification/email")
-    public void sendVerificationEmail(@AuthenticationPrincipal SecurityUserDetails userInfo){
-        sendVerificationEmailUsecase.sendVerificationCode(userInfo.getUserId());
+    @PostMapping("/verifications/email")
+    public void sendVerificationEmail(@RequestBody SendVerificationCodeRequest request) {
+        sendVerificationEmailUsecase.sendVerificationCode(request);
     }
 
     @Operation(summary = "인증번호 검증 API")
-    @PostMapping("/verification")
-    public void sendVerificationEmail(@AuthenticationPrincipal SecurityUserDetails userInfo,
-                                      @RequestParam String code){
-        verifyEmailCodeUsecase.verifyEmailCode(userInfo.getUserId(), code);
+    @PostMapping("/verifications")
+    public void sendVerificationEmail(@RequestBody VerifyCodeRequest request) {
+        verifyEmailCodeUsecase.verifyEmailCode(request);
     }
 }

src/main/java/clap/server/adapter/outbound/persistense/MemberPersistenceAdapter.java

@@ -32,7 +32,6 @@ public class MemberPersistenceAdapter implements LoadMemberPort, CommandMemberPo
     private final MemberPersistenceMapper memberPersistenceMapper;
     private final TaskRepository taskRepository;
     private final TaskPersistenceMapper taskPersistenceMapper;
-    private final JPAQueryFactory jpaQueryFactory;
 
     @Override
     public Optional<Member> findById(final Long id) {
@@ -110,5 +109,10 @@ public Page<Member> findAllMembers(Pageable pageable) {
     public Page<Member> findMembersWithFilter(Pageable pageable, FindMemberRequest filterRequest, String sortDirection) {
         return memberRepository.findMembersWithFilter(pageable, filterRequest,sortDirection).map(memberPersistenceMapper::toDomain);
     }
+
+    @Override
+    public Optional<Member> findByNicknameOrEmail(String nickname, String email) {
+        return memberRepository.findByNicknameAndEmail(nickname, email).map(memberPersistenceMapper::toDomain);
+    }
 }