diff --git a/src/main/java/me/snaptime/exception/handler/JwtExceptionHandlerFilter.java b/src/main/java/me/snaptime/exception/handler/JwtExceptionHandlerFilter.java index bf253a1f..0d002fb2 100644 --- a/src/main/java/me/snaptime/exception/handler/JwtExceptionHandlerFilter.java +++ b/src/main/java/me/snaptime/exception/handler/JwtExceptionHandlerFilter.java @@ -29,8 +29,10 @@ protected void doFilterInternal(HttpServletRequest request, String message = e.getExceptionCode().getMessage(); if(message.contains("AccessToken")){ setErrorResponse(response,ExceptionCode.ACCESS_TOKEN_EXPIRED); - }else{ + }else if(message.contains("RefreshToken")){ setErrorResponse(response,ExceptionCode.REFRESH_TOKEN_EXPIRED); + }else{ + setErrorResponse(response, ExceptionCode.USER_NOT_EXIST); } } catch (DecodingException e) { //jwt 디코딩 중 발생할 수 있는 예외. Base64 형식이 아닌경우, 헤더,페이로드,서명이 유효하지 않은경우, 페이로드 파싱에 문제가 있는경우 setErrorResponse(response, ExceptionCode.TOKEN_INVALID); diff --git a/src/main/java/me/snaptime/user/controller/UserController.java b/src/main/java/me/snaptime/user/controller/UserController.java index d95fbabd..195541fd 100644 --- a/src/main/java/me/snaptime/user/controller/UserController.java +++ b/src/main/java/me/snaptime/user/controller/UserController.java @@ -73,7 +73,7 @@ public ResponseEntity> changeUser(@Authenticat @PatchMapping("/password") public ResponseEntity> changeUser(@AuthenticationPrincipal UserDetails userDetails, @RequestParam("password") - @NotBlank(message = "로그인 아이디 입력은 필수입니다.") String password) { + @NotBlank(message = "패스워드 입력은 필수입니다.") String password) { userService.updatePassword(userDetails.getUsername(), password); return ResponseEntity.status(HttpStatus.OK).body( new CommonResponseDto<>( @@ -84,8 +84,10 @@ public ResponseEntity> changeUser(@AuthenticationPrincip @Operation(summary = "유저 삭제",description = "유저 번호로 유저를 삭제합니다.") @DeleteMapping() - public ResponseEntity> deleteUser(@AuthenticationPrincipal UserDetails userDetails){ - userService.deleteUser(userDetails.getUsername()); + public ResponseEntity> deleteUser(@AuthenticationPrincipal UserDetails userDetails, + @RequestParam("password") + @NotBlank(message = "패스워드 입력은 필수입니다.") String password){ + userService.deleteUser(password, userDetails.getUsername()); return ResponseEntity.status(HttpStatus.OK).body( new CommonResponseDto<>( "유저 삭제가 성공적으로 완료되었습니다.", diff --git a/src/main/java/me/snaptime/user/service/UserService.java b/src/main/java/me/snaptime/user/service/UserService.java index ae8910bc..b4fb6e26 100644 --- a/src/main/java/me/snaptime/user/service/UserService.java +++ b/src/main/java/me/snaptime/user/service/UserService.java @@ -8,6 +8,6 @@ public interface UserService { UserFindResDto getUser(String loginId); UserPagingResDto findUserPageByName(String searchKeyword, Long pageNum); UserFindResDto updateUser(String loginId, UserUpdateReqDto userUpdateReqDto); - void deleteUser(String loginId); + void deleteUser(String password, String loginId); void updatePassword(String loginId, String password); } diff --git a/src/main/java/me/snaptime/user/service/impl/UserServiceImpl.java b/src/main/java/me/snaptime/user/service/impl/UserServiceImpl.java index 905970b1..1b4b6331 100644 --- a/src/main/java/me/snaptime/user/service/impl/UserServiceImpl.java +++ b/src/main/java/me/snaptime/user/service/impl/UserServiceImpl.java @@ -77,8 +77,12 @@ public UserFindResDto updateUser(String loginId, UserUpdateReqDto userUpdateReqD return UserFindResDto.toDto(user); } - public void deleteUser(String loginId) { + public void deleteUser(String password, String loginId) { + User user = userRepository.findByLoginId(loginId).orElseThrow(() -> new CustomException(ExceptionCode.USER_NOT_EXIST)); + if (!passwordEncoder.matches(password, user.getPassword())) { + throw new CustomException(ExceptionCode.PASSWORD_NOT_EQUAL); + } userRepository.deleteById(user.getUserId()); } diff --git a/src/test/java/me/snaptime/user/controller/UserControllerTest.java b/src/test/java/me/snaptime/user/controller/UserControllerTest.java index ee43236a..66e095ae 100644 --- a/src/test/java/me/snaptime/user/controller/UserControllerTest.java +++ b/src/test/java/me/snaptime/user/controller/UserControllerTest.java @@ -161,10 +161,10 @@ void updateUserTest() throws Exception{ void deleteUserTest() throws Exception{ //given //when - mockMvc.perform(delete("/users")) + mockMvc.perform(delete("/users").param("password", "test1234")) .andExpect(status().isOk()) .andDo(print()); - verify(userService,times(1)).deleteUser("kang4746"); + verify(userService,times(1)).deleteUser("test1234","kang4746"); } } diff --git a/src/test/java/me/snaptime/user/service/UserServiceTest.java b/src/test/java/me/snaptime/user/service/UserServiceTest.java index a2251c9c..b8525c27 100644 --- a/src/test/java/me/snaptime/user/service/UserServiceTest.java +++ b/src/test/java/me/snaptime/user/service/UserServiceTest.java @@ -168,8 +168,12 @@ public void deleteUser() { Mockito.when(userRepository.findByLoginId("kang4746")) .thenReturn(Optional.of(user)); + + Mockito.when(passwordEncoder.matches("test1234", user.getPassword())) + .thenReturn(true); + //when - userService.deleteUser("kang4746"); + userService.deleteUser("test1234","kang4746"); //then verify(userRepository,times(1)).findByLoginId("kang4746");