diff --git a/server/src/main/java/com/ticketing/server/global/validator/constraints/FieldsValueNotMatch.java b/server/src/main/java/com/ticketing/server/global/validator/constraints/FieldsValueNotMatch.java new file mode 100644 index 0000000..ecabaf4 --- /dev/null +++ b/server/src/main/java/com/ticketing/server/global/validator/constraints/FieldsValueNotMatch.java @@ -0,0 +1,28 @@ +package com.ticketing.server.global.validator.constraints; + +import com.ticketing.server.global.validator.constraintvalidators.FieldsValueNotMatchValidator; +import java.lang.annotation.Documented; +import java.lang.annotation.ElementType; +import java.lang.annotation.Retention; +import java.lang.annotation.RetentionPolicy; +import java.lang.annotation.Target; +import javax.validation.Constraint; +import javax.validation.Payload; + +@Constraint(validatedBy = FieldsValueNotMatchValidator.class) +@Target(ElementType.TYPE) +@Retention(RetentionPolicy.RUNTIME) +@Documented +public @interface FieldsValueNotMatch { + + String message(); + + String field(); + + String fieldMatch(); + + Class[] groups() default {}; + + Class[] payload() default {}; + +} diff --git a/server/src/main/java/com/ticketing/server/global/validator/constraintvalidators/FieldsValueNotMatchValidator.java b/server/src/main/java/com/ticketing/server/global/validator/constraintvalidators/FieldsValueNotMatchValidator.java new file mode 100644 index 0000000..bfea20e --- /dev/null +++ b/server/src/main/java/com/ticketing/server/global/validator/constraintvalidators/FieldsValueNotMatchValidator.java @@ -0,0 +1,29 @@ +package com.ticketing.server.global.validator.constraintvalidators; + +import com.ticketing.server.global.validator.constraints.FieldsValueNotMatch; +import javax.validation.ConstraintValidator; +import javax.validation.ConstraintValidatorContext; +import org.springframework.beans.BeanWrapperImpl; + +public class FieldsValueNotMatchValidator implements ConstraintValidator { + + private String field; + private String fieldMatch; + + public void initialize(FieldsValueNotMatch constraintAnnotation) { + this.field = constraintAnnotation.field(); + this.fieldMatch = constraintAnnotation.fieldMatch(); + } + + @Override + public boolean isValid(Object value, ConstraintValidatorContext context) { + Object fieldValue = new BeanWrapperImpl(value).getPropertyValue(field); + Object fieldMatchValue = new BeanWrapperImpl(value).getPropertyValue(fieldMatch); + + if (fieldValue != null) { + return !fieldValue.equals(fieldMatchValue); + } else { + return fieldMatchValue != null; + } + } +} diff --git a/server/src/main/java/com/ticketing/server/user/application/AuthController.java b/server/src/main/java/com/ticketing/server/user/application/AuthController.java index a3c0f26..11d3243 100644 --- a/server/src/main/java/com/ticketing/server/user/application/AuthController.java +++ b/server/src/main/java/com/ticketing/server/user/application/AuthController.java @@ -3,7 +3,6 @@ package com.ticketing.server.user.application; import com.ticketing.server.user.application.request.LoginRequest; import com.ticketing.server.user.application.response.TokenDto; import com.ticketing.server.user.service.interfaces.AuthenticationService; -import javax.servlet.http.HttpServletResponse; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; import org.springframework.http.HttpHeaders; @@ -24,27 +23,30 @@ public class AuthController { private final AuthenticationService authenticationService; @PostMapping("/token") - public ResponseEntity login(@RequestBody LoginRequest loginRequest, HttpServletResponse response) { + public ResponseEntity login(@RequestBody LoginRequest loginRequest) { TokenDto tokenDto = authenticationService.generateTokenDto(loginRequest.toAuthentication()); - setNotCaching(response); - return ResponseEntity.status(HttpStatus.OK).body(tokenDto); + return ResponseEntity.status(HttpStatus.OK) + .headers(getHttpHeaders()) + .body(tokenDto); } @PostMapping("/refresh") - public ResponseEntity refreshToken(@RequestParam("refreshToken") String refreshToken, HttpServletResponse response) { + public ResponseEntity refreshToken(@RequestParam("refreshToken") String refreshToken) { TokenDto tokenDto = authenticationService.reissueTokenDto(refreshToken); - setNotCaching(response); - return ResponseEntity.status(HttpStatus.OK).body(tokenDto); + return ResponseEntity.status(HttpStatus.OK) + .headers(getHttpHeaders()) + .body(tokenDto); } - private HttpServletResponse setNotCaching(HttpServletResponse response) { - response.setHeader(HttpHeaders.CACHE_CONTROL, "no-cache, no-store, must-revalidate"); - response.setHeader(HttpHeaders.PRAGMA, "no-store"); - response.setHeader(HttpHeaders.EXPIRES, "0"); + private HttpHeaders getHttpHeaders() { + HttpHeaders httpHeaders = new HttpHeaders(); + httpHeaders.set(HttpHeaders.CACHE_CONTROL, "no-cache, no-store, must-revalidate"); + httpHeaders.set(HttpHeaders.PRAGMA, "no-store"); + httpHeaders.set(HttpHeaders.EXPIRES, "0"); - return response; + return httpHeaders; } } diff --git a/server/src/main/java/com/ticketing/server/user/application/UserController.java b/server/src/main/java/com/ticketing/server/user/application/UserController.java index b91bf7c..0164c1f 100644 --- a/server/src/main/java/com/ticketing/server/user/application/UserController.java +++ b/server/src/main/java/com/ticketing/server/user/application/UserController.java @@ -61,12 +61,6 @@ public class UserController { public ResponseEntity changePassword( @AuthenticationPrincipal UserDetails userRequest, @RequestBody @Valid UserChangePasswordRequest request) { - - if (request.oldEqualNew()) { - log.error("기존 패스워드와 동일한 패스워드로 변경할 수 없습니다."); - return ResponseEntity.status(HttpStatus.BAD_REQUEST).build(); - } - User user = userService.changePassword(request.toChangePasswordDto(userRequest.getUsername(), passwordEncoder)); return ResponseEntity.status(HttpStatus.OK).body(UserChangePasswordResponse.from(user)); } diff --git a/server/src/main/java/com/ticketing/server/user/application/request/UserChangePasswordRequest.java b/server/src/main/java/com/ticketing/server/user/application/request/UserChangePasswordRequest.java index 545fc87..a4f1eab 100644 --- a/server/src/main/java/com/ticketing/server/user/application/request/UserChangePasswordRequest.java +++ b/server/src/main/java/com/ticketing/server/user/application/request/UserChangePasswordRequest.java @@ -1,5 +1,6 @@ package com.ticketing.server.user.application.request; +import com.ticketing.server.global.validator.constraints.FieldsValueNotMatch; import com.ticketing.server.user.service.dto.ChangePasswordDTO; import javax.validation.constraints.NotEmpty; import lombok.AllArgsConstructor; @@ -10,6 +11,11 @@ import org.springframework.security.crypto.password.PasswordEncoder; @Getter @NoArgsConstructor @AllArgsConstructor +@FieldsValueNotMatch( + field = "oldPassword", + fieldMatch = "newPassword", + message = "{validation.password.not.change}" +) public class UserChangePasswordRequest { @NotEmpty(message = "{validation.not.empty.oldpassword}") @@ -22,8 +28,4 @@ public class UserChangePasswordRequest { return new ChangePasswordDTO(email, oldPassword, newPassword, passwordEncoder); } - public boolean oldEqualNew() { - return oldPassword.equals(newPassword); - } - } diff --git a/server/src/main/resources/i18n/messages.properties b/server/src/main/resources/i18n/messages.properties index 2d2f70c..d356a7f 100644 --- a/server/src/main/resources/i18n/messages.properties +++ b/server/src/main/resources/i18n/messages.properties @@ -7,3 +7,4 @@ validation.not.empty.grade="\uC0AC\uC6A9\uC790 \uB4F1\uAE09\uC740 \uD544\uC218 \ validation.not.empty.phone="\uD734\uB300\uBC88\uD638\uB294 \uD544\uC218 \uC785\uB2C8\uB2E4." validation.email="\uC774\uBA54\uC77C\uC774 \uC62C\uBC14\uB974\uC9C0 \uC54A\uC2B5\uB2C8\uB2E4." validation.phone="\uD734\uB300\uBC88\uD638\uAC00 \uC62C\uBC14\uB974\uC9C0 \uC54A\uC2B5\uB2C8\uB2E4." +validation.password.not.change="\uB3D9\uC77C\uD55C \uD328\uC2A4\uC6CC\uB4DC\uB85C \uBCC0\uACBD\uD560 \uC218 \uC5C6\uC2B5\uB2C8\uB2E4." diff --git a/server/src/main/resources/i18n/messages_en.properties b/server/src/main/resources/i18n/messages_en.properties index 65240e4..6538fff 100644 --- a/server/src/main/resources/i18n/messages_en.properties +++ b/server/src/main/resources/i18n/messages_en.properties @@ -7,3 +7,4 @@ validation.not.empty.grade="user grade is required." validation.not.empty.phone="phone is required." validation.email="email is not valid." validation.phone="phone is not valid." +validation.password.not.change="password not change." diff --git a/server/src/main/resources/i18n/messages_ko.properties b/server/src/main/resources/i18n/messages_ko.properties index 2d2f70c..d356a7f 100644 --- a/server/src/main/resources/i18n/messages_ko.properties +++ b/server/src/main/resources/i18n/messages_ko.properties @@ -7,3 +7,4 @@ validation.not.empty.grade="\uC0AC\uC6A9\uC790 \uB4F1\uAE09\uC740 \uD544\uC218 \ validation.not.empty.phone="\uD734\uB300\uBC88\uD638\uB294 \uD544\uC218 \uC785\uB2C8\uB2E4." validation.email="\uC774\uBA54\uC77C\uC774 \uC62C\uBC14\uB974\uC9C0 \uC54A\uC2B5\uB2C8\uB2E4." validation.phone="\uD734\uB300\uBC88\uD638\uAC00 \uC62C\uBC14\uB974\uC9C0 \uC54A\uC2B5\uB2C8\uB2E4." +validation.password.not.change="\uB3D9\uC77C\uD55C \uD328\uC2A4\uC6CC\uB4DC\uB85C \uBCC0\uACBD\uD560 \uC218 \uC5C6\uC2B5\uB2C8\uB2E4."