🔀 :: (#835) 비밀번호 재설정 구현

[uson1004]

개요

작업사항

추가 로 할 말

Summary by CodeRabbit

• New Features
  • Added password reset functionality accessible from the sign-in screen with a multi-step guided flow
  • Users can verify account ID, confirm name and email, validate identity via email verification code with a 5-minute countdown, and set a new password
  • Includes validation error messages and appropriate user feedback throughout the reset process

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR introduces a complete password reset feature for the DMS Android application. It adds a new navigation key, integrates a multi-step reset password screen with Jetpack Compose, includes a ViewModel managing server interactions and form validation, and wires the feature into the existing Sign In flow.

Changes

Cohort / File(s)	Summary
Navigation Framework app/.../navigation/DmsNavKeys.kt, app/.../DmsApp.kt	Added ResetPasswordScreenNav navigation key and integrated ResetPasswordRoute into the app's navigation graph with back navigation and snackbar handling.
Reset Password Feature - Core feature/.../resetpassword/ResetPasswordScreen.kt, feature/.../resetpassword/ResetPasswordViewModel.kt	Introduced ResetPasswordScreen composable with multi-step UI flow (InputId, InputUserInfo, InputEmailVerificationCode, InputNewPassword) and a ViewModel managing step transitions, form validation, 5-minute email verification timer, and server interactions (checking ID, sending/validating codes, resetting password).
Reset Password Feature - Components feature/.../resetpassword/component/InputIdContent.kt, feature/.../resetpassword/component/InputUserInfoContent.kt, feature/.../resetpassword/component/EmailVerificationContent.kt, feature/.../resetpassword/component/InputNewPasswordContent.kt	Added four reusable composable components rendering UI for each reset password step: account ID input, user info input (name/email), email verification code input with timer, and new password/confirmation input with validation error display.
Reset Password Route Integration feature/.../resetpassword/navigation/ResetPasswordNavigation.kt	Added ResetPasswordRoute composable wrapping ResetPasswordScreen and exposing navigation and snackbar callbacks.
Reset Password Models feature/.../resetpassword/model/ResetPasswordTextFieldError.kt	Introduced ResetPasswordTextFieldError sealed interface with error variants (InvalidEmailVerificationCode, EmailVerificationCodeTimeExpired, InvalidPasswordFormat, PasswordMismatch) and an isError() extension function.
Sign In Integration feature/.../signin/navigation/SignInRoute.kt, feature/.../signin/ui/SigninScreen.kt	Updated SignInRoute and SignInScreen to accept and forward navigateToResetPassword callback, enabling the "비밀번호 재설정" action to navigate to the password reset flow.

Sequence Diagram

sequenceDiagram
    actor User
    participant SignIn as SignIn Screen
    participant ResetPW as ResetPassword Screen
    participant ViewModel as ResetPassword ViewModel
    participant AuthRepo as AuthRepository
    participant StudentRepo as StudentRepository
    participant Server as Server

    User->>SignIn: Click "비밀번호 재설정"
    SignIn->>ResetPW: Navigate to Reset Password
    
    rect rgba(100, 150, 255, 0.5)
    Note over User,Server: Step 1: Check ID
    User->>ResetPW: Enter account ID
    User->>ResetPW: Click "다음"
    ResetPW->>ViewModel: moveNext(InputId)
    ViewModel->>AuthRepo: checkIdExists(accountId)
    AuthRepo->>Server: GET /check-id
    Server-->>AuthRepo: {hashEmail, ...}
    AuthRepo-->>ViewModel: Success with hashEmail
    ViewModel->>ResetPW: Store hashEmail, advance to InputUserInfo
    end

    rect rgba(100, 150, 255, 0.5)
    Note over User,Server: Step 2: Input User Info
    User->>ResetPW: Enter name & email
    User->>ResetPW: Click "다음"
    ResetPW->>ViewModel: moveNext(InputUserInfo)
    ViewModel->>AuthRepo: sendEmailVerificationCode(email, PASSWORD)
    AuthRepo->>Server: POST /send-verification-code
    Server-->>AuthRepo: Success
    AuthRepo-->>ViewModel: Success, start 5min timer
    ViewModel->>ResetPW: Start countdown timer, advance to InputEmailVerificationCode
    end

    rect rgba(100, 150, 255, 0.5)
    Note over User,Server: Step 3: Verify Email Code
    User->>ResetPW: Enter verification code
    User->>ResetPW: Click "다음"
    ResetPW->>ViewModel: moveNext(InputEmailVerificationCode)
    ViewModel->>AuthRepo: checkEmailVerificationCode(code)
    AuthRepo->>Server: POST /verify-code
    Server-->>AuthRepo: Valid/Invalid response
    AuthRepo-->>ViewModel: Success or error
    ViewModel->>ResetPW: Advance to InputNewPassword or show error
    end

    rect rgba(100, 150, 255, 0.5)
    Note over User,Server: Step 4: Reset Password
    User->>ResetPW: Enter new password & confirm
    User->>ResetPW: Click "완료"
    ResetPW->>ViewModel: moveNext(InputNewPassword)
    ViewModel->>StudentRepo: resetPassword(newPassword)
    StudentRepo->>Server: PUT /reset-password
    Server-->>StudentRepo: Success/Error response
    StudentRepo-->>ViewModel: Password updated
    ViewModel->>ResetPW: Show success snackbar, navigate back
    ResetPW->>SignIn: Navigate back to SignIn
    end

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Possibly related PRs

• 🔀 :: (#832) 아이디 찾기 구현 #834: Modifies app navigation and Sign In routing related to password reset/find-ID flow, touching the same navigation keys and route wiring integration points.
• 🔀 :: (#816) 마이페이지 구현 #817: Directly related as both PRs add Reset Password feature components (ResetPasswordRoute, ResetPasswordScreen, ViewModel) and navigation integration.

Suggested reviewers

• parkuiery

Poem

🐰 A password lost? No need to fret!
Five hoppy steps, and you've reset yet.
Verify, validate, timer ticks down,
New password reigns o'er the whole town! 🔐✨

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the main change: implementing password reset functionality (비밀번호 재설정 구현), which is the core objective reflected across all modified files.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

• 📝 Generate docstrings (stacked PR)
• 📝 Generate docstrings (commit on current branch)

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feature/840-비밀번호-재설정-구현

📝 Coding Plan

• Generate coding plan for human review comments

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (2)

feature/src/main/kotlin/team/aliens/dms/android/feature/resetpassword/ResetPasswordViewModel.kt (1)

31-44: Consider trimming whitespace from user inputs.

The accountId is used directly from state without trimming. Users might accidentally include leading/trailing spaces. Consider trimming inputs before making API calls.

♻️ Optional improvement

 private fun checkIdExists() = viewModelScope.launch {
     setState { it.copy(isLoading = true) }
-    authRepository.checkIdExists(accountId = uiState.value.accountId)
+    authRepository.checkIdExists(accountId = uiState.value.accountId.trim())

Similar trimming could be applied to name and email in other methods.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In
`@feature/src/main/kotlin/team/aliens/dms/android/feature/resetpassword/ResetPasswordViewModel.kt`
around lines 31 - 44, The checkIdExists coroutine reads accountId directly from
uiState without trimming; before calling authRepository.checkIdExists in the
checkIdExists function, trim whitespace from uiState.value.accountId (e.g.,
compute a local trimmedAccountId = uiState.value.accountId.trim()) and pass that
to authRepository.checkIdExists(accountId = trimmedAccountId); also update any
state uses (like setState or hashEmail assignment) or effects that should use
the trimmed value so the repository call and subsequent behavior use the cleaned
input.

feature/src/main/kotlin/team/aliens/dms/android/feature/resetpassword/ResetPasswordScreen.kt (1)

66-73: Extract duplicated back-navigation branch into one handler.

Line 66-73 and Line 139-145 implement the same logic; consolidating this avoids divergence later.

♻️ Suggested refactor

+    val handleBack = {
+        if (currentStepIndex > 0) {
+            currentStepIndex--
+            viewModel.onStepChanged(steps[currentStepIndex])
+        } else {
+            onNavigateBack()
+        }
+    }
+
     BackHandler {
-        if (currentStepIndex > 0) {
-            currentStepIndex--
-            viewModel.onStepChanged(steps[currentStepIndex])
-        } else {
-            onNavigateBack()
-        }
+        handleBack()
     }
@@
-        onBackClick = {
-            if (currentStepIndex > 0) {
-                currentStepIndex--
-                viewModel.onStepChanged(steps[currentStepIndex])
-            } else {
-                onNavigateBack()
-            }
-        },
+        onBackClick = handleBack,

Also applies to: 139-145

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In
`@feature/src/main/kotlin/team/aliens/dms/android/feature/resetpassword/ResetPasswordScreen.kt`
around lines 66 - 73, Duplicate back-navigation logic in the BackHandler blocks
should be extracted into a single helper to avoid divergence: create a function
(e.g., handleBackNavigation or onBackPressed) that contains the current logic
checking currentStepIndex, decrementing it, calling
viewModel.onStepChanged(steps[currentStepIndex]) or calling onNavigateBack()
when at index 0; then replace both BackHandler lambdas (the ones using
currentStepIndex, viewModel.onStepChanged, steps, and onNavigateBack) with a
single call to that helper to centralize behavior.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In
`@feature/src/main/kotlin/team/aliens/dms/android/feature/resetpassword/ResetPasswordScreen.kt`:
- Around line 84-87: The handler for ResetPasswordSideEffect.MoveToNext
unconditionally increments currentStepIndex and then accesses
steps[currentStepIndex], which can throw IndexOutOfBoundsException; update the
logic to guard advancement by checking currentStepIndex < steps.lastIndex (or
compute nextIndex = min(currentStepIndex + 1, steps.lastIndex)) before
incrementing/using it, only call viewModel.onStepChanged(steps[nextIndex]) when
within bounds, and avoid advancing or handle completion when already on the
final step (references: ResetPasswordSideEffect.MoveToNext, currentStepIndex,
steps, viewModel.onStepChanged, ResetPasswordStep.InputEmailVerificationCode).

---

Nitpick comments:
In
`@feature/src/main/kotlin/team/aliens/dms/android/feature/resetpassword/ResetPasswordScreen.kt`:
- Around line 66-73: Duplicate back-navigation logic in the BackHandler blocks
should be extracted into a single helper to avoid divergence: create a function
(e.g., handleBackNavigation or onBackPressed) that contains the current logic
checking currentStepIndex, decrementing it, calling
viewModel.onStepChanged(steps[currentStepIndex]) or calling onNavigateBack()
when at index 0; then replace both BackHandler lambdas (the ones using
currentStepIndex, viewModel.onStepChanged, steps, and onNavigateBack) with a
single call to that helper to centralize behavior.

In
`@feature/src/main/kotlin/team/aliens/dms/android/feature/resetpassword/ResetPasswordViewModel.kt`:
- Around line 31-44: The checkIdExists coroutine reads accountId directly from
uiState without trimming; before calling authRepository.checkIdExists in the
checkIdExists function, trim whitespace from uiState.value.accountId (e.g.,
compute a local trimmedAccountId = uiState.value.accountId.trim()) and pass that
to authRepository.checkIdExists(accountId = trimmedAccountId); also update any
state uses (like setState or hashEmail assignment) or effects that should use
the trimmed value so the repository call and subsequent behavior use the cleaned
input.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 589c59e8-4dfe-4972-8b82-80b2bb5720b8

📥 Commits

Reviewing files that changed from the base of the PR and between 4f54a95 and 2c89577.

📒 Files selected for processing (12)

• app/src/main/kotlin/team/aliens/dms/android/app/navigation/DmsNavKeys.kt
• app/src/main/kotlin/team/aliens/dms/android/app/ui/DmsApp.kt
• feature/src/main/kotlin/team/aliens/dms/android/feature/resetpassword/ResetPasswordScreen.kt
• feature/src/main/kotlin/team/aliens/dms/android/feature/resetpassword/ResetPasswordViewModel.kt
• feature/src/main/kotlin/team/aliens/dms/android/feature/resetpassword/component/EmailVerificationContent.kt
• feature/src/main/kotlin/team/aliens/dms/android/feature/resetpassword/component/InputIdContent.kt
• feature/src/main/kotlin/team/aliens/dms/android/feature/resetpassword/component/InputNewPasswordContent.kt
• feature/src/main/kotlin/team/aliens/dms/android/feature/resetpassword/component/InputUserInfoContent.kt
• feature/src/main/kotlin/team/aliens/dms/android/feature/resetpassword/model/ResetPasswordTextFieldError.kt
• feature/src/main/kotlin/team/aliens/dms/android/feature/resetpassword/navigation/ResetPasswordNavigation.kt
• feature/src/main/kotlin/team/aliens/dms/android/feature/signin/navigation/SignInRoute.kt
• feature/src/main/kotlin/team/aliens/dms/android/feature/signin/ui/SigninScreen.kt

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Guard step advancement to prevent step-index overflow crash.

Line 85 increments first, then Line 86/87 dereference steps[currentStepIndex] without a bound check. If MoveToNext arrives on the final step, this can throw IndexOutOfBoundsException.

💡 Suggested fix

                 is ResetPasswordSideEffect.MoveToNext -> {
-                    currentStepIndex++
-                    viewModel.onStepChanged(steps[currentStepIndex])
-                    if (steps[currentStepIndex] == ResetPasswordStep.InputEmailVerificationCode) {
-                        timerRunning = true
-                    }
+                    if (currentStepIndex < steps.lastIndex) {
+                        currentStepIndex++
+                        val nextStep = steps[currentStepIndex]
+                        viewModel.onStepChanged(nextStep)
+                        if (nextStep == ResetPasswordStep.InputEmailVerificationCode) {
+                            timerRunning = true
+                        }
+                    }
                 }

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In
`@feature/src/main/kotlin/team/aliens/dms/android/feature/resetpassword/ResetPasswordScreen.kt`
around lines 84 - 87, The handler for ResetPasswordSideEffect.MoveToNext
unconditionally increments currentStepIndex and then accesses
steps[currentStepIndex], which can throw IndexOutOfBoundsException; update the
logic to guard advancement by checking currentStepIndex < steps.lastIndex (or
compute nextIndex = min(currentStepIndex + 1, steps.lastIndex)) before
incrementing/using it, only call viewModel.onStepChanged(steps[nextIndex]) when
within bounds, and avoid advancing or handle completion when already on the
final step (references: ResetPasswordSideEffect.MoveToNext, currentStepIndex,
steps, viewModel.onStepChanged, ResetPasswordStep.InputEmailVerificationCode).