Merge pull request #156 from U2DJ2/be/feat/session-validation

[BE] 회원 세션 유효 검증

backend/src/main/java/moim_today/application/auth/AuthService.java

@@ -3,6 +3,7 @@
 import jakarta.servlet.http.HttpServletRequest;
 import moim_today.dto.auth.MemberLoginRequest;
 import moim_today.dto.auth.MemberSignUpRequest;
+import moim_today.dto.auth.MemberSessionValidateResponse;
 
 public interface AuthService {
 
@@ -11,4 +12,6 @@ public interface AuthService {
     void signUp(final MemberSignUpRequest memberSignUpRequest, final HttpServletRequest request);
 
     void logout(final HttpServletRequest request);
+
+    MemberSessionValidateResponse validateMemberSession(final HttpServletRequest request);
 }

backend/src/main/java/moim_today/application/auth/AuthServiceImpl.java

@@ -1,10 +1,12 @@
 package moim_today.application.auth;
 
+import jakarta.servlet.http.HttpServletRequest;
+import moim_today.domain.member.MemberSession;
 import moim_today.dto.auth.MemberLoginRequest;
 import moim_today.dto.auth.MemberSignUpRequest;
+import moim_today.dto.auth.MemberSessionValidateResponse;
 import moim_today.implement.department.DepartmentFinder;
 import moim_today.implement.member.AuthManager;
-import jakarta.servlet.http.HttpServletRequest;
 import moim_today.implement.member.MemberFinder;
 import moim_today.implement.university.UniversityFinder;
 import org.springframework.stereotype.Service;
@@ -46,4 +48,9 @@ public void signUp(final MemberSignUpRequest memberSignUpRequest,
         memberFinder.validateEmailNotExists(memberSignUpRequest.email());
         authManager.signUp(memberSignUpRequest, request);
     }
+
+    @Override
+    public MemberSessionValidateResponse validateMemberSession(final HttpServletRequest request) {
+        return MemberSession.validateMemberSession(request);
+    }
 }

backend/src/main/java/moim_today/domain/member/MemberSession.java

@@ -5,6 +5,7 @@
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpSession;
 import lombok.Builder;
+import moim_today.dto.auth.MemberSessionValidateResponse;
 import moim_today.global.error.InternalServerException;
 import moim_today.persistence.entity.member.MemberJpaEntity;
 
@@ -50,4 +51,13 @@ public void setSession(final HttpServletRequest request, final String memberSess
             session.setMaxInactiveInterval(ONE_DAYS_IN_SECONDS.value());
         }
     }
+
+    public static MemberSessionValidateResponse validateMemberSession(final HttpServletRequest request) {
+        HttpSession session = request.getSession(false);
+
+        if (session == null || session.getAttribute(MEMBER_SESSION.value()) == null) {
+            return new MemberSessionValidateResponse(false);
+        }
+        return new MemberSessionValidateResponse(true);
+    }
 }

backend/src/main/java/moim_today/dto/auth/MemberSessionValidateResponse.java

@@ -0,0 +1,6 @@
+package moim_today.dto.auth;
+
+public record MemberSessionValidateResponse(
+        boolean isValidateMemberSession
+) {
+}

backend/src/main/java/moim_today/global/config/WebConfig.java

@@ -29,6 +29,7 @@ public void addInterceptors(final InterceptorRegistry registry) {
                         "/api/login",
                         "/api/certification/**",
                         "/api/sign-up",
+                        "/api",
                         "/api/universities",
                         "/api/universities/departments/**",
                         "/api/departments/university-name",

backend/src/main/java/moim_today/presentation/auth/AuthController.java

@@ -3,14 +3,10 @@
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.validation.Valid;
 import moim_today.application.auth.AuthService;
-import moim_today.domain.member.MemberSession;
 import moim_today.dto.auth.MemberLoginRequest;
 import moim_today.dto.auth.MemberSignUpRequest;
-import moim_today.global.annotation.Login;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
+import moim_today.dto.auth.MemberSessionValidateResponse;
+import org.springframework.web.bind.annotation.*;
 
 @RequestMapping("/api")
 @RestController
@@ -29,13 +25,18 @@ public void login(@RequestBody final MemberLoginRequest memberLoginRequest,
     }
 
     @PostMapping("/logout")
-    public void logout(@Login final MemberSession memberSession, final HttpServletRequest request) {
+    public void logout(final HttpServletRequest request) {
         authService.logout(request);
     }
 
     @PostMapping("/sign-up")
     public void signUp(@Valid @RequestBody final MemberSignUpRequest memberSignUpRequest,
-                       final HttpServletRequest request){
+                       final HttpServletRequest request) {
         authService.signUp(memberSignUpRequest, request);
     }
+
+    @GetMapping
+    public MemberSessionValidateResponse validateMemberSession(final HttpServletRequest SessionValidateResponse) {
+        return authService.validateMemberSession(SessionValidateResponse);
+    }
 }

backend/src/test/java/moim_today/fake_class/auth/FakeAuthService.java

@@ -3,6 +3,7 @@
 import moim_today.application.auth.AuthService;
 import moim_today.dto.auth.MemberLoginRequest;
 import moim_today.dto.auth.MemberSignUpRequest;
+import moim_today.dto.auth.MemberSessionValidateResponse;
 import moim_today.global.error.NotFoundException;
 import moim_today.persistence.entity.member.MemberJpaEntity;
 import jakarta.servlet.http.HttpServletRequest;
@@ -44,4 +45,9 @@ public void signUp(final MemberSignUpRequest memberSignUpRequest, final HttpServ
     public void logout(final HttpServletRequest request) {
 
     }
+
+    @Override
+    public MemberSessionValidateResponse validateMemberSession(final HttpServletRequest request) {
+        return new MemberSessionValidateResponse(true);
+    }
 }

backend/src/test/java/moim_today/presentation/auth/AuthControllerTest.java

@@ -17,6 +17,7 @@
 import static com.epages.restdocs.apispec.ResourceDocumentation.resource;
 import static moim_today.util.TestConstant.*;
 import static org.springframework.http.MediaType.APPLICATION_JSON;
+import static org.springframework.restdocs.mockmvc.RestDocumentationRequestBuilders.get;
 import static org.springframework.restdocs.mockmvc.RestDocumentationRequestBuilders.post;
 import static org.springframework.restdocs.payload.JsonFieldType.*;
 import static org.springframework.restdocs.payload.PayloadDocumentation.fieldWithPath;
@@ -56,7 +57,7 @@ void loginTest() throws Exception {
                 ));
     }
 
-    @DisplayName("이메일/비밀번호가 틀리면 예오가 발생한다.")
+    @DisplayName("이메일/비밀번호가 틀리면 예외가 발생한다.")
     @Test
     void loginTestFail() throws Exception {
         MemberLoginRequest memberLoginRequest = new MemberLoginRequest(WRONG_EMAIL.value(), WRONG_PASSWORD.value(), true);
@@ -138,4 +139,21 @@ void registerTest() throws Exception {
                                 .build())
                 ));
     }
+
+    @DisplayName("로그인 세션이 유효한지를 검증한다.")
+    @Test
+    void validateMemberSession() throws Exception {
+        mockMvc.perform(get("/api"))
+                .andExpect(status().isOk())
+                .andDo(document("회원 세션 인증 성공",
+                        resource(ResourceSnippetParameters.builder()
+                                .tag("인증")
+                                .summary("회원 세션 인증")
+                                .responseFields(
+                                        fieldWithPath("isValidateMemberSession").type(BOOLEAN).description("세션 인증 여부")
+                                )
+                                .build()
+                        )
+                ));
+    }
 }