[Fix] 이메일 관련 로직 수정 (#243)

* fix: 이메일 전송 시, 사용자 이메일 존재 여부 체크하는 로직 추가

* refactor: EmailService의 verifyCode 반환 타입 수정

* test: AuthServiceTest에 emailVerification메서드 테스트 코드 작성

* test: email 전송 성공 테스트 코드 작성

* refactor: verifyCode()의 위치를 EmailService에서 AuthService로 변경

* test: AuthServiceTest에 verifyCode 테스트코드 작성

* refactor: 사용하지 않는 import문 제거

* refactor: 소나큐브 피드백을 반영하여 return문 제거

Author: zzuharchive

src/main/java/org/programmers/signalbuddyfinal/domain/auth/controller/AuthController.java

@@ -60,14 +60,15 @@ public ResponseEntity<ApiResponse<Object>> reissue(
 
     @PostMapping("/auth-code")
     public ResponseEntity<ApiResponse<Object>> authCode(@Valid @RequestBody EmailRequest email) {
-        emailService.sendEmail(email);
+        authService.emailVerification(email);
         return ResponseEntity.ok().body(ApiResponse.createSuccessWithNoData());
     }
 
     @PostMapping("/verify-code")
     public ResponseEntity<ApiResponse<Object>> verifyCode(
         @Valid @RequestBody VerifyCodeRequest verifyCodeRequest) {
-        return emailService.verifyCode(verifyCodeRequest);
+        authService.verifyCode(verifyCodeRequest);
+        return ResponseEntity.ok().body(ApiResponse.createSuccessWithNoData());
     }
 
     @PostMapping("/social-login")

src/main/java/org/programmers/signalbuddyfinal/domain/auth/service/AuthService.java

@@ -1,16 +1,22 @@
 package org.programmers.signalbuddyfinal.domain.auth.service;
 
 import java.time.Duration;
+import java.util.concurrent.TimeUnit;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
+import org.programmers.signalbuddyfinal.domain.auth.dto.EmailRequest;
 import org.programmers.signalbuddyfinal.domain.auth.dto.LoginRequest;
 import org.programmers.signalbuddyfinal.domain.auth.dto.LoginResponse;
 import org.programmers.signalbuddyfinal.domain.auth.dto.LogoutResponse;
 import org.programmers.signalbuddyfinal.domain.auth.dto.NewTokenResponse;
 import org.programmers.signalbuddyfinal.domain.auth.dto.ReissueResponse;
 import org.programmers.signalbuddyfinal.domain.auth.dto.SocialLoginRequest;
+import org.programmers.signalbuddyfinal.domain.auth.dto.VerifyCodeRequest;
+import org.programmers.signalbuddyfinal.domain.auth.entity.Purpose;
+import org.programmers.signalbuddyfinal.domain.auth.exception.AuthErrorCode;
 import org.programmers.signalbuddyfinal.domain.member.dto.MemberResponse;
 import org.programmers.signalbuddyfinal.domain.member.entity.Member;
+import org.programmers.signalbuddyfinal.domain.member.entity.enums.MemberStatus;
 import org.programmers.signalbuddyfinal.domain.member.exception.MemberErrorCode;
 import org.programmers.signalbuddyfinal.domain.member.mapper.MemberMapper;
 import org.programmers.signalbuddyfinal.domain.member.repository.MemberRepository;
@@ -19,6 +25,8 @@
 import org.programmers.signalbuddyfinal.global.security.basic.CustomUserDetails;
 import org.programmers.signalbuddyfinal.global.security.jwt.JwtService;
 import org.programmers.signalbuddyfinal.global.security.jwt.JwtUtil;
+import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.data.redis.core.ValueOperations;
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.ResponseCookie;
 import org.springframework.security.authentication.AuthenticationManager;
@@ -36,6 +44,9 @@ public class AuthService {
     private final JwtService jwtService;
     private final MemberRepository memberRepository;
     private final FcmService fcmService;
+    private final EmailService emailService;
+    private final RedisTemplate<String, String> redisTemplate;
+    static final String PREFIX = "auth:email:";
 
     public ReissueResponse reissue(String refreshToken, String accessToken) {
         NewTokenResponse newTokenResponse = jwtService.reissue(refreshToken, accessToken);
@@ -105,6 +116,37 @@ public LogoutResponse logout(
         return new LogoutResponse(headers);
     }
 
+    public void emailVerification(EmailRequest emailRequest) {
+        Member member = memberRepository.findByEmail(emailRequest.getEmail()).orElse(null);
+        if (member == null || member.getMemberStatus() == MemberStatus.WITHDRAWAL) {
+            throw new BusinessException(MemberErrorCode.NOT_FOUND_MEMBER);
+        }
+        emailService.sendEmail(emailRequest.getEmail());
+    }
+
+    public void verifyCode(VerifyCodeRequest verifyCodeRequest) {
+
+        ValueOperations<String, String> valueOperations = redisTemplate.opsForValue();
+        Purpose purpose = verifyCodeRequest.getPurpose();
+        String email = verifyCodeRequest.getEmail();
+        String code = verifyCodeRequest.getCode();
+
+        String correctCode = valueOperations.get(PREFIX + email);
+
+        if (correctCode == null) {
+            throw new BusinessException(AuthErrorCode.INVALID_AUTH_CODE);
+        } else if (!correctCode.equals(code)) {
+            throw new BusinessException(AuthErrorCode.NOT_MATCH_AUTH_CODE);
+        } else {
+            redisTemplate.delete(PREFIX + email);
+
+            // 인증된 사용자 저장
+            String newPrefix = PREFIX + purpose.name().toLowerCase() + ":";
+            valueOperations.set(newPrefix + email, "authenticated", 10,
+                TimeUnit.MINUTES);
+        }
+    }
+
     private Authentication createAuthentication(String email, String password) {
         return authenticationManager.authenticate(
             new UsernamePasswordAuthenticationToken(email, password));

src/main/java/org/programmers/signalbuddyfinal/domain/auth/service/EmailService.java

@@ -3,19 +3,12 @@
 import jakarta.mail.MessagingException;
 import jakarta.mail.internet.MimeMessage;
 import java.security.SecureRandom;
-import java.util.Random;
 import java.util.concurrent.TimeUnit;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
-import org.programmers.signalbuddyfinal.domain.auth.dto.EmailRequest;
-import org.programmers.signalbuddyfinal.domain.auth.dto.VerifyCodeRequest;
-import org.programmers.signalbuddyfinal.domain.auth.entity.Purpose;
-import org.programmers.signalbuddyfinal.domain.auth.exception.AuthErrorCode;
-import org.programmers.signalbuddyfinal.global.exception.BusinessException;
-import org.programmers.signalbuddyfinal.global.response.ApiResponse;
 import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.data.redis.core.ValueOperations;
-import org.springframework.http.ResponseEntity;
+import org.springframework.mail.MailParseException;
 import org.springframework.mail.javamail.JavaMailSender;
 import org.springframework.mail.javamail.MimeMessageHelper;
 import org.springframework.scheduling.annotation.Async;
@@ -35,46 +28,19 @@ public class EmailService {
     static final String PREFIX = "auth:email:";
 
     @Async
-    public void sendEmail(EmailRequest emailRequest) {
+    public void sendEmail(String email) {
 
         MimeMessage message = javaMailSender.createMimeMessage();
         String code = createCode();
-
         try {
             MimeMessageHelper helper = new MimeMessageHelper(message, true);
-            helper.setTo(emailRequest.getEmail());
+            helper.setTo(email);
             helper.setSubject("[signalBuddy] 인증코드가 발송되었습니다.");
             helper.setText(setContent(code), true);
-        } catch (MessagingException e) {
-            throw new BusinessException(AuthErrorCode.SEND_EMAIL_FAILED);
-        }
-
-        codeSave(emailRequest.getEmail(), code);
-
-        javaMailSender.send(message);
-    }
-
-    public ResponseEntity<ApiResponse<Object>> verifyCode(VerifyCodeRequest verifyCodeRequest) {
-
-        ValueOperations<String, String> valueOperations = redisTemplate.opsForValue();
-        Purpose purpose = verifyCodeRequest.getPurpose();
-        String email = verifyCodeRequest.getEmail();
-        String code = verifyCodeRequest.getCode();
-
-        String correctCode = valueOperations.get(PREFIX + email);
-
-        if (correctCode == null) {
-            throw new BusinessException(AuthErrorCode.INVALID_AUTH_CODE);
-        } else if (!correctCode.equals(code)) {
-            throw new BusinessException(AuthErrorCode.NOT_MATCH_AUTH_CODE);
-        } else {
-            redisTemplate.delete(PREFIX + email);
-
-            // 인증된 사용자 저장
-            String newPrefix = PREFIX + purpose.name().toLowerCase() + ":";
-            valueOperations.set(newPrefix + email, "authenticated", 10,
-                TimeUnit.MINUTES);
-            return ResponseEntity.ok().body(ApiResponse.createSuccessWithNoData());
+            javaMailSender.send(message);
+            codeSave(email, code);
+        } catch (MailParseException | MessagingException e) {
+            log.error("메세지가 전송되지 않았습니다.");
         }
     }
 
@@ -102,11 +68,6 @@ private String setContent(String code) {
 
     private void codeSave(String email, String code) {
 
-        // 이미 요청한 메일에 대한 인증코드가 존재하는 경우, 삭제한다.
-        if (Boolean.TRUE.equals(redisTemplate.hasKey(PREFIX + email))) {
-            redisTemplate.delete(PREFIX + email);
-        }
-
         ValueOperations<String, String> valueOperations = redisTemplate.opsForValue();
         valueOperations.set(PREFIX + email, code, 3, TimeUnit.MINUTES);
     }

src/main/java/org/programmers/signalbuddyfinal/global/security/jwt/RefreshTokenRepository.java

@@ -15,7 +15,7 @@ public class RefreshTokenRepository {
 
     public void save(Long memberId, String refreshToken) {
         redisTemplate.opsForValue()
-            .set(PREFIX + String.valueOf(memberId), refreshToken, 7, TimeUnit.DAYS);
+            .set(PREFIX + memberId, refreshToken, 7, TimeUnit.DAYS);
     }
 
     public String findByMemberId(String memberId) {

src/test/java/org/programmers/signalbuddyfinal/domain/auth/controller/AuthControllerTest.java

@@ -185,7 +185,7 @@ void successReissueTokens() throws Exception {
     void sendAuthenticationCode() throws Exception {
         // given
         EmailRequest emailRequest = new EmailRequest(member.getEmail());
-        doNothing().when(emailService).sendEmail(any(EmailRequest.class));
+        doNothing().when(emailService).sendEmail(anyString());
 
         //when, then
         mockMvc.perform(post("/api/auth/auth-code")
@@ -214,7 +214,7 @@ void verifyAuthenticationCode() throws Exception {
 
         ApiResponse<Object> apiResponse = ApiResponse.createSuccessWithNoData();
         ResponseEntity<ApiResponse<Object>> responseEntity = ResponseEntity.ok().body(apiResponse);
-        when(emailService.verifyCode(any(VerifyCodeRequest.class))).thenReturn(responseEntity);
+        doNothing().when(authService).verifyCode(any(VerifyCodeRequest.class));
 
         //when, then
         mockMvc.perform(post("/api/auth/verify-code")

src/test/java/org/programmers/signalbuddyfinal/domain/auth/service/AuthServiceTest.java

@@ -4,7 +4,9 @@
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.assertj.core.api.Assertions.assertThatThrownBy;
 import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.ArgumentMatchers.anyLong;
 import static org.mockito.ArgumentMatchers.anyString;
+import static org.mockito.BDDMockito.given;
 import static org.mockito.Mockito.doNothing;
 import static org.mockito.Mockito.times;
 import static org.mockito.Mockito.verify;
@@ -19,12 +21,15 @@
 import org.mockito.InjectMocks;
 import org.mockito.Mock;
 import org.mockito.junit.jupiter.MockitoExtension;
+import org.programmers.signalbuddyfinal.domain.auth.dto.EmailRequest;
 import org.programmers.signalbuddyfinal.domain.auth.dto.LoginRequest;
 import org.programmers.signalbuddyfinal.domain.auth.dto.LoginResponse;
 import org.programmers.signalbuddyfinal.domain.auth.dto.LogoutResponse;
 import org.programmers.signalbuddyfinal.domain.auth.dto.NewTokenResponse;
 import org.programmers.signalbuddyfinal.domain.auth.dto.ReissueResponse;
 import org.programmers.signalbuddyfinal.domain.auth.dto.SocialLoginRequest;
+import org.programmers.signalbuddyfinal.domain.auth.dto.VerifyCodeRequest;
+import org.programmers.signalbuddyfinal.domain.auth.entity.Purpose;
 import org.programmers.signalbuddyfinal.domain.auth.exception.AuthErrorCode;
 import org.programmers.signalbuddyfinal.domain.member.entity.Member;
 import org.programmers.signalbuddyfinal.domain.member.entity.enums.MemberRole;
@@ -38,6 +43,8 @@
 import org.programmers.signalbuddyfinal.global.security.basic.CustomUserDetails;
 import org.programmers.signalbuddyfinal.global.security.jwt.JwtService;
 import org.programmers.signalbuddyfinal.global.security.jwt.JwtUtil;
+import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.data.redis.core.ValueOperations;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
@@ -63,6 +70,15 @@ class AuthServiceTest {
     @Mock
     private JwtUtil jwtUtil;
 
+    @Mock
+    EmailService emailService;
+
+    @Mock
+    RedisTemplate<String, String> redisTemplate;
+
+    @Mock
+    ValueOperations<String, String> valueOperations;
+
     private Member member;
     private String deviceTokenCookie = "deviceToken";
     private CustomUserDetails customUserDetails;
@@ -106,7 +122,8 @@ void givenWithdrawalMember_whenBasicLogin_thenReturnWithdrawnMemberMessage() {
             // given
             Member withdrawalMember = createMember(MemberStatus.WITHDRAWAL);
 
-            LoginRequest loginRequest = new LoginRequest(withdrawalMember.getEmail(), withdrawalMember.getPassword());
+            LoginRequest loginRequest = new LoginRequest(withdrawalMember.getEmail(),
+                withdrawalMember.getPassword());
             when(authenticationManager.authenticate(any())).thenThrow(
                 new BusinessException(MemberErrorCode.WITHDRAWN_MEMBER));
 
@@ -310,7 +327,111 @@ void givenValidToken_whenLogout_thenSuccess() {
         assertThat(afterLogoutSetCookieHeader).contains("Max-Age=0");
     }
 
-    private Member createMember(MemberStatus status){
+    @Nested
+    @DisplayName("이메일 검증")
+    class whenVerifyEmail {
+
+        @Test
+        @DisplayName("이메일이 존재하는 경우, EmailService의 sendEmail을 호출한다.")
+        void givenExistedEmail_whenEmailVerification_thenCallEmailService() {
+            //given
+            when(memberRepository.findByEmail(member.getEmail())).thenReturn(Optional.of(member));
+            doNothing().when(emailService).sendEmail(member.getEmail());
+
+            //when
+            authService.emailVerification(new EmailRequest(member.getEmail()));
+
+            //then
+            verify(emailService, times(1)).sendEmail(member.getEmail());
+        }
+
+        @Test
+        @DisplayName("이메일이 존재하지 않는 경우, NotFoundMember를 던진다.")
+        void givenNotExistedMember_whenEmailVerification_thenThrowsNotFoundError() {
+            //given
+            when(memberRepository.findByEmail(member.getEmail())).thenReturn(Optional.empty());
+
+            //when
+            assertThatThrownBy(
+                () -> authService.emailVerification(new EmailRequest(member.getEmail())))
+                .isInstanceOf(BusinessException.class)
+                .hasMessageContaining(MemberErrorCode.NOT_FOUND_MEMBER.getMessage());
+
+            verify(emailService, times(0)).sendEmail(member.getEmail());
+        }
+
+        @Test
+        @DisplayName("탈퇴한 회원인 경우, NotFoundMember를 던진다.")
+        void givenWithdrawalMember_whenEmailVerification_thenThrowsNotFoundError() {
+            //given
+            Member withdrawalMember = createMember(MemberStatus.WITHDRAWAL);
+            when(memberRepository.findByEmail(withdrawalMember.getEmail())).thenReturn(
+                Optional.of(withdrawalMember));
+
+            //when
+            assertThatThrownBy(
+                () -> authService.emailVerification(new EmailRequest(withdrawalMember.getEmail())))
+                .isInstanceOf(BusinessException.class)
+                .hasMessageContaining(MemberErrorCode.NOT_FOUND_MEMBER.getMessage());
+
+            verify(emailService, times(0)).sendEmail(member.getEmail());
+        }
+    }
+
+    @Nested
+    @DisplayName("인증 코드 검증")
+    class whenVerifyCode {
+
+        VerifyCodeRequest verifyCodeRequest = new VerifyCodeRequest(Purpose.NEW_PASSWORD,
+            "test@test.com", "123456");
+
+        @BeforeEach
+        void verifyCodeSetup() {
+            given(redisTemplate.opsForValue()).willReturn(valueOperations);
+        }
+
+        @Test
+        @DisplayName("인증에 성공한다.")
+        void givenValidCode_whenVerifyCode_thenReturnVoid() {
+            // given
+            when(valueOperations.get(any())).thenReturn(verifyCodeRequest.getCode());
+            when(redisTemplate.delete(anyString())).thenReturn(true);
+            doNothing().when(valueOperations).set(any(), any(), any(Long.class), any());
+
+            // when
+            authService.verifyCode(verifyCodeRequest);
+
+            // then
+            verify(redisTemplate, times(1)).delete(anyString());
+            verify(valueOperations, times(1)).set(anyString(), anyString(), anyLong(), any());
+        }
+
+        @Test
+        @DisplayName("인증 유효 시간이 끝나서 INVALID_AUTH_CODE 에러를 반환한다.")
+        void givenAuthExpirationTimeIsEnd_whenVerifyCode_thenThrowsInvalidAuthCodeError() {
+            // given
+            when(valueOperations.get(any())).thenReturn(null);
+
+            // when & then
+            assertThatThrownBy(() -> authService.verifyCode(verifyCodeRequest))
+                .isInstanceOf(BusinessException.class)
+                .hasMessageContaining(AuthErrorCode.INVALID_AUTH_CODE.getMessage());
+        }
+
+        @Test
+        @DisplayName("인증코드가 일치하지 않아 NOT_MATCH_AUTH_CODE 에러를 반환한다.")
+        void givenNotMatchedAuthCode_whenVerifyCode_thenThrowsNotMatchAuthCodeError() {
+            // given
+            when(valueOperations.get(any())).thenReturn("wrong");
+
+            // when & then
+            assertThatThrownBy(() -> authService.verifyCode(verifyCodeRequest))
+                .isInstanceOf(BusinessException.class)
+                .hasMessageContaining(AuthErrorCode.NOT_MATCH_AUTH_CODE.getMessage());
+        }
+    }
+
+    private Member createMember(MemberStatus status) {
         return Member.builder()
             .email("test@test.com")
             .nickname("테스트")