전남대 BE_박진화 6주차 과제 (Step3)

build.gradle

@@ -2,7 +2,6 @@ plugins {
     id 'java'
     id 'org.springframework.boot' version '3.3.1'
     id 'io.spring.dependency-management' version '1.1.5'
-    id 'war'
 }
 
 group = 'camp.nextstep.edu'
@@ -37,20 +36,21 @@ dependencies {
     implementation 'jakarta.persistence:jakarta.persistence-api:3.1.0'
     implementation 'org.springdoc:springdoc-openapi-starter-webmvc-ui:2.1.0'
     implementation 'org.springframework.boot:spring-boot-configuration-processor'
+    implementation 'org.springframework.boot:spring-boot-starter-security'
+    implementation 'org.springframework.security:spring-security-oauth2-client'
+    implementation 'org.springframework.security:spring-security-oauth2-jose'
     compileOnly 'org.projectlombok:lombok'
     annotationProcessor 'org.projectlombok:lombok'
     runtimeOnly 'com.h2database:h2'
+
+    runtimeOnly 'com.mysql:mysql-connector-j'
     testImplementation 'org.springframework.boot:spring-boot-starter-test'
     testImplementation 'org.mockito:mockito-core'
     testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
-    providedCompile 'jakarta.servlet:jakarta.servlet-api:4.0.4'
+
     developmentOnly 'org.springframework.boot:spring-boot-devtools'
 }
 
 tasks.withType(JavaCompile).configureEach {
     options.compilerArgs << '-parameters'
 }
-
-tasks.named('test') {
-    useJUnitPlatform()
-}

src/main/java/gift/config/KakaoProperties.java

@@ -1,7 +1,11 @@
 package gift.config;
 
+import lombok.Getter;
+import lombok.Setter;
 import org.springframework.boot.context.properties.ConfigurationProperties;
 
+@Getter
+@Setter
 @ConfigurationProperties(prefix = "kakao")
 public class KakaoProperties {
 
@@ -27,39 +31,4 @@ public KakaoProperties(String adminKey, String clientId, String redirectUri, Str
         this.authBaseUrl = authBaseUrl;
     }
 
-    public String getAdminKey() {
-        return adminKey;
-    }
-
-    public String getClientId() {
-        return clientId;
-    }
-
-    public String getRedirectUri() {
-        return redirectUri;
-    }
-
-    public String getTokenRequestUri() {
-        return tokenRequestUri;
-    }
-
-    public String getMemberInfoRequestUri() {
-        return memberInfoRequestUri;
-    }
-
-    public String getApiUrl() {
-        return apiUrl;
-    }
-
-    public String getLoginUrl() {
-        return loginUrl;
-    }
-
-    public String getScope() {
-        return scope;
-    }
-
-    public String getAuthBaseUrl() {
-        return authBaseUrl;
-    }
 }

src/main/java/gift/config/SecurityConfig.java

@@ -0,0 +1,62 @@
+package gift.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configurers.LogoutConfigurer;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.web.SecurityFilterChain;
+
+@Configuration
+@EnableWebSecurity
+public class SecurityConfig {
+
+    private final UserDetailsService userDetailsService;
+
+    public SecurityConfig(UserDetailsService userDetailsService) {
+        this.userDetailsService = userDetailsService;
+    }
+
+    @Bean
+    public PasswordEncoder passwordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
+
+    @Bean
+    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+        http
+                .authorizeHttpRequests(auth -> {
+                    auth.requestMatchers("/login", "/register", "/kakao-login").permitAll();
+                    auth.anyRequest().authenticated();
+                })
+                .formLogin(form -> {
+                    form.loginPage("/login");
+                    form.defaultSuccessUrl("/home", true);
+                    form.permitAll();
+                })
+                .logout(LogoutConfigurer::permitAll)
+                .oauth2Login(oauth2 -> oauth2
+                        .loginPage("/login")
+                        .defaultSuccessUrl("/home", true)
+                );
+
+        return http.build();
+    }
+
+    @Bean
+    public AuthenticationManager authManager(HttpSecurity http) throws Exception {
+        AuthenticationManagerBuilder authBuilder =
+                http.getSharedObject(AuthenticationManagerBuilder.class);
+
+        authBuilder
+                .userDetailsService(userDetailsService)
+                .passwordEncoder(passwordEncoder());
+
+        return authBuilder.build();
+    }
+}

src/main/java/gift/config/WebConfig.java

@@ -28,9 +28,9 @@ public FilterRegistrationBean<JwtAuthenticationFilter> jwtAuthenticationFilterRe
     // 전역 CORS 설정 추가
     @Override
     public void addCorsMappings(CorsRegistry registry) {
-        registry.addMapping("/**") // 모든 경로에 대해
-                .allowedOrigins("http://example.com") // 허용할 출처를 설정
+        registry.addMapping("/**")
+                .allowedOrigins("http://54.180.238.108:8080")
                 .allowedMethods("GET", "POST", "PUT", "DELETE", "OPTIONS")
-                .allowedHeaders("*"); // 모든 헤더 허용
+                .allowedHeaders("*");
     }
 }

src/main/java/gift/controller/KakaoController.java

@@ -47,21 +47,21 @@ public KakaoController(KakaoService kakaoService) {
     @GetMapping("/login")
     @Operation(summary = "Redirect to Kakao login", description = "Redirects the user to Kakao login page", tags = { "Kakao Authentication System" })
     public void redirectKakaoLogin(HttpServletResponse response) throws IOException {
-        String encodedRedirectUri = URLEncoder.encode(redirectUri, StandardCharsets.UTF_8.toString());
-        String encodedScope = URLEncoder.encode(scope, StandardCharsets.UTF_8.toString());
-        StringBuilder kakaoLoginUrl = new StringBuilder(authBaseUrl)
-                .append("?response_type=code")
-                .append("&client_id=").append(clientId)
-                .append("&redirect_uri=").append(encodedRedirectUri)
-                .append("&scope=").append(encodedScope);
+        String encodedRedirectUri = URLEncoder.encode(redirectUri, StandardCharsets.UTF_8);
+        String encodedScope = URLEncoder.encode(scope, StandardCharsets.UTF_8);
+        String kakaoLoginUrl = authBaseUrl +
+                "?response_type=code" +
+                "&client_id=" + clientId +
+                "&redirect_uri=" + encodedRedirectUri +
+                "&scope=" + encodedScope;
 
-        response.sendRedirect(kakaoLoginUrl.toString());
+        response.sendRedirect(kakaoLoginUrl);
     }
 
     @GetMapping("/callback")
     @Operation(summary = "Kakao login callback", description = "Handles the callback after Kakao login", tags = { "Kakao Authentication System" })
     public ResponseEntity<String> callback(
-            @Parameter(description = "Authorization code from Kakao", required = false)
+            @Parameter(description = "Authorization code from Kakao")
             @RequestParam(required = false) String code) {
         if (code == null || code.isEmpty()) {
             return ResponseEntity.badRequest().body("Authorization code is missing");

src/main/java/gift/controller/OptionController.java

@@ -5,8 +5,10 @@
 import gift.dto.option.OptionResponse;
 import gift.dto.option.OptionUpdateResponse;
 import gift.entity.Option;
+import gift.exception.CustomException;
 import gift.service.OptionService;
 import jakarta.validation.Valid;
+import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.*;
 
@@ -47,8 +49,7 @@ public ResponseEntity<OptionResponse> addOptionToProduct(
             UriComponentsBuilder uriBuilder) {
         Option option = optionService.addOptionToProduct(productId, optionRequest);
         OptionResponse response = new OptionResponse(option.getId(), option.getName(), option.getQuantity());
-        URI location = uriBuilder.path("/api/products/{productId}/options/{optionId}")
-                .buildAndExpand(productId, option.getId()).toUri();
+        URI location = uriBuilder.path("/api/products/{productId}/options/{optionId}").buildAndExpand(productId, option.getId()).toUri();
         return ResponseEntity.created(location).body(response);
     }
 
@@ -72,8 +73,15 @@ public ResponseEntity<String> deleteOption(
             @PathVariable Long optionId,
             @Parameter(description = "ID of the product", required = true)
             @RequestBody DeleteOptionRequest deleteOptionRequest) {
-        optionService.deleteOption(optionId, deleteOptionRequest.getEmail(), deleteOptionRequest.getPassword());
-        return ResponseEntity.ok("Option successfully deleted.");
+        try {
+            optionService.deleteOption(optionId, deleteOptionRequest.getEmail(), deleteOptionRequest.getPassword());
+            return ResponseEntity.ok("Option successfully deleted.");
+        } catch (CustomException.EntityNotFoundException e) {
+            return ResponseEntity.status(HttpStatus.NOT_FOUND).body(e.getMessage());
+        } catch (CustomException.InvalidPasswordException e) {
+            return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body(e.getMessage());
+        } catch (Exception e) {
+            return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body("An error occurred: " + e.getMessage());
+        }
     }
 }
-

src/main/java/gift/controller/OrderController.java

@@ -2,7 +2,10 @@
 
 import gift.dto.order.OrderRequest;
 import gift.dto.order.OrderResponse;
+import gift.dto.point.PointRequest;
+import gift.dto.point.PointResponse;
 import gift.service.OrderService;
+import gift.service.PointService;
 import gift.util.JwtUtil;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -24,13 +27,16 @@
 @Tag(name = "Order Management System", description = "Operations related to order management")
 public class OrderController {
     private final OrderService orderService;
+    private final PointService pointService;
     private final JwtUtil jwtUtil;
     private static final Logger logger = LoggerFactory.getLogger(OrderController.class);
 
-    public OrderController(OrderService orderService, JwtUtil jwtUtil) {
+    public OrderController(OrderService orderService, PointService pointService, JwtUtil jwtUtil) {
         this.orderService = orderService;
+        this.pointService = pointService;
         this.jwtUtil = jwtUtil;
     }
+
     @GetMapping
     @Operation(summary = "Get all orders for the logged-in user", description = "Fetches all orders made by the logged-in user", tags = {"Order Management System"})
     public ResponseEntity<Page<OrderResponse>> getOrders(
@@ -61,12 +67,10 @@ public ResponseEntity<Page<OrderResponse>> getOrders(
     }
 
     @PostMapping
-    @Operation(summary = "Place an order", description = "Places a new order in the system", tags = { "Order Management System" })
+    @Operation(summary = "Place an order", description = "Places a new order in the system", tags = {"Order Management System"})
     public ResponseEntity<OrderResponse> placeOrder(
-            @Parameter(description = "Order details", required = true)
-            @RequestBody OrderRequest orderRequest,
-            @Parameter(description = "Authorization token", required = true)
-            @RequestHeader("Authorization") String authorizationHeader) {
+            @Parameter(description = "Order details", required = true) @RequestBody OrderRequest orderRequest,
+            @Parameter(description = "Authorization token", required = true) @RequestHeader("Authorization") String authorizationHeader) {
         logger.info("Received request to place order");
         logger.info("Server current time: {}", Instant.now().getEpochSecond());
 
@@ -97,10 +101,20 @@ public ResponseEntity<OrderResponse> placeOrder(
                 return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body(new OrderResponse("Failed to extract email from token"));
             }
 
+            // Check if points should be used
+            if (orderRequest.isUsePoints()) {
+                PointRequest pointRequest = new PointRequest(orderRequest.getProductId(), orderRequest.getOptionId(), orderRequest.getQuantity(), email);
+                PointResponse pointResponse = pointService.usePoints(pointRequest);
+                if (pointResponse.getMessage() != null && pointResponse.getMessage().contains("Insufficient points")) {
+                    return ResponseEntity.badRequest().body(new OrderResponse("Insufficient points to complete the order"));
+                }
+            }
+
             OrderRequest newOrderRequest = new OrderRequest(
                     orderRequest.getProductId(),
                     orderRequest.getOptionId(),
                     orderRequest.getQuantity(),
+                    orderRequest.isUsePoints(),
                     orderRequest.getMessage(),
                     LocalDateTime.now(),
                     email

src/main/java/gift/controller/PointController.java

@@ -0,0 +1,36 @@
+package gift.controller;
+
+import gift.dto.point.PointRequest;
+import gift.dto.point.PointResponse;
+import gift.service.PointService;
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.tags.Tag;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.*;
+
+@RestController
+@RequestMapping("/api/members")
+@Tag(name = "Point Management System", description = "Operations related to point management")
+public class PointController {
+    private final PointService pointService;
+
+    @Autowired
+    public PointController(PointService pointService) {
+        this.pointService = pointService;
+    }
+
+    @GetMapping("/points")
+    @Operation(summary = "Get member's points", description = "Fetches the points balance for a member")
+    public ResponseEntity<PointResponse> getPoints(@RequestParam Long memberId) {
+        PointResponse pointResponse = pointService.getPoints(memberId);
+        return ResponseEntity.ok(pointResponse);
+    }
+
+    @PostMapping("/points")
+    @Operation(summary = "Add points to a member", description = "Adds points to a member")
+    public ResponseEntity<PointResponse> addPoints(@RequestBody PointRequest pointRequest) {
+        PointResponse pointResponse = pointService.addPoint(pointRequest);
+        return ResponseEntity.ok(pointResponse);
+    }
+}

src/main/java/gift/controller/WishController.java

@@ -18,6 +18,7 @@
 import org.springframework.web.bind.annotation.*;
 
 import jakarta.servlet.http.HttpServletRequest;
+import java.util.List;
 
 import io.swagger.v3.oas.annotations.tags.Tag;
 import io.swagger.v3.oas.annotations.Operation;