-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
14 changed files
with
131 additions
and
30 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
45 changes: 45 additions & 0 deletions
45
hyunsub-auth/src/main/kotlin/kim/hyunsub/auth/bo/user/ProfilePasswordBo.kt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,45 @@ | ||
package kim.hyunsub.auth.bo.user | ||
|
||
import kim.hyunsub.auth.model.AuthStatus | ||
import kim.hyunsub.auth.model.dto.user.ProfilePasswordParams | ||
import kim.hyunsub.auth.model.dto.user.ProfilePasswordResult | ||
import kim.hyunsub.auth.repository.UserRepository | ||
import kim.hyunsub.auth.service.PasswordService | ||
import kim.hyunsub.auth.service.RsaKeyService | ||
import kim.hyunsub.common.web.error.ErrorCode | ||
import kim.hyunsub.common.web.error.ErrorCodeException | ||
import org.springframework.data.repository.findByIdOrNull | ||
import org.springframework.stereotype.Service | ||
|
||
@Service | ||
class ProfilePasswordBo( | ||
private val userRepository: UserRepository, | ||
private val rsaKeyService: RsaKeyService, | ||
private val passwordService: PasswordService, | ||
) { | ||
fun change(userId: String, params: ProfilePasswordParams): ProfilePasswordResult { | ||
val user = userRepository.findByIdOrNull(userId) | ||
?: throw ErrorCodeException(ErrorCode.NO_SUCH_USER) | ||
|
||
val oldPw = rsaKeyService.decrypt(params.oldPw) | ||
val newPw = rsaKeyService.decrypt(params.newPw) | ||
|
||
if (!passwordService.isValidLength(newPw)) { | ||
return ProfilePasswordResult(AuthStatus.INVALID_LENGTH_PASSWORD) | ||
} | ||
|
||
if (passwordService.isWrong(user, oldPw)) { | ||
return ProfilePasswordResult(AuthStatus.WRONG_PASSWORD) | ||
} | ||
|
||
if (oldPw == newPw) { | ||
return ProfilePasswordResult(AuthStatus.CURRENT_PASSWORD) | ||
} | ||
|
||
val newHash = passwordService.generateHash(newPw) | ||
val newUser = user.copy(password = newHash) | ||
userRepository.save(newUser) | ||
|
||
return ProfilePasswordResult(AuthStatus.SUCCESS) | ||
} | ||
} |
24 changes: 24 additions & 0 deletions
24
hyunsub-auth/src/main/kotlin/kim/hyunsub/auth/controller/user/ProfilePasswordController.kt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
package kim.hyunsub.auth.controller.user | ||
|
||
import kim.hyunsub.auth.bo.user.ProfilePasswordBo | ||
import kim.hyunsub.auth.model.dto.user.ProfilePasswordParams | ||
import kim.hyunsub.auth.model.dto.user.ProfilePasswordResult | ||
import kim.hyunsub.common.web.model.UserAuth | ||
import org.springframework.web.bind.annotation.PutMapping | ||
import org.springframework.web.bind.annotation.RequestBody | ||
import org.springframework.web.bind.annotation.RequestMapping | ||
import org.springframework.web.bind.annotation.RestController | ||
|
||
@RestController | ||
@RequestMapping("/api/v1/profile/password") | ||
class ProfilePasswordController( | ||
private val profilePasswordBo: ProfilePasswordBo, | ||
) { | ||
@PutMapping("") | ||
fun update( | ||
userAuth: UserAuth, | ||
@RequestBody params: ProfilePasswordParams, | ||
): ProfilePasswordResult { | ||
return profilePasswordBo.change(userAuth.idNo, params) | ||
} | ||
} |
14 changes: 14 additions & 0 deletions
14
hyunsub-auth/src/main/kotlin/kim/hyunsub/auth/model/AuthStatus.kt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
package kim.hyunsub.auth.model | ||
|
||
import com.fasterxml.jackson.annotation.JsonValue | ||
|
||
enum class AuthStatus( | ||
@JsonValue val code: Int, | ||
) { | ||
SUCCESS(0), | ||
|
||
INVALID_LENGTH_PASSWORD(2000), | ||
WRONG_PASSWORD(2001), | ||
CURRENT_PASSWORD(2002), | ||
; | ||
} |
4 changes: 3 additions & 1 deletion
4
hyunsub-auth/src/main/kotlin/kim/hyunsub/auth/model/dto/auth/RegisterResult.kt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,7 @@ | ||
package kim.hyunsub.auth.model.dto.auth | ||
|
||
import kim.hyunsub.auth.model.AuthStatus | ||
|
||
data class RegisterResult( | ||
val idNo: String, | ||
val status: AuthStatus, | ||
) |
6 changes: 6 additions & 0 deletions
6
hyunsub-auth/src/main/kotlin/kim/hyunsub/auth/model/dto/user/ProfilePasswordParams.kt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
package kim.hyunsub.auth.model.dto.user | ||
|
||
data class ProfilePasswordParams( | ||
val oldPw: String, | ||
val newPw: String, | ||
) |
7 changes: 7 additions & 0 deletions
7
hyunsub-auth/src/main/kotlin/kim/hyunsub/auth/model/dto/user/ProfilePasswordResult.kt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
package kim.hyunsub.auth.model.dto.user | ||
|
||
import kim.hyunsub.auth.model.AuthStatus | ||
|
||
data class ProfilePasswordResult( | ||
val status: AuthStatus, | ||
) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
20 changes: 20 additions & 0 deletions
20
hyunsub-auth/src/main/kotlin/kim/hyunsub/auth/service/PasswordService.kt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
package kim.hyunsub.auth.service | ||
|
||
import at.favre.lib.crypto.bcrypt.BCrypt | ||
import kim.hyunsub.auth.config.AuthConstants | ||
import kim.hyunsub.auth.repository.entity.User | ||
import org.springframework.stereotype.Service | ||
|
||
@Service | ||
class PasswordService { | ||
fun isValidLength(password: String): Boolean = | ||
password.length in 8..255 | ||
|
||
fun generateHash(password: String): String = | ||
BCrypt.withDefaults().hashToString(AuthConstants.BCRYPT_COST, password.toCharArray()) | ||
|
||
fun isWrong(user: User, password: String): Boolean { | ||
val correct = BCrypt.verifyer().verify(password.toCharArray(), user.password).verified | ||
return !correct | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters