Post

Auth_Spring Security_findId, getNewPassword

Posted
By So Hee Park 2 min read

✅ findID

☑️ FindIdPasswordDto

아이디를 찾기 위해

  • user name
  • user phone number 두 가지로 아이디 찾기
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20

@Getter
@Setter
@NoArgsConstructor
@AllArgsConstructor
public class FindIdPasswordDto {
    private String myId;
    private String name;
    private String phoneNumber;

    public FindIdPasswordDto(String myId) {
        this.myId = myId;
    }

    public FindIdPasswordDto(String name, String phoneNumber) {
        this.name = name;
        this.phoneNumber = phoneNumber;
    }
}

☑️ SignController

1
2
3
4

    @GetMapping("/findId")
    public ResponseDto findId(@RequestBody FindIdPasswordDto findIdPasswordDto){
        return authService.findId(findIdPasswordDto);
    }

☑️ AuthService

1
2
3
4
5

    public ResponseDto findId(FindIdPasswordDto findIdPasswordDto) {
        User user= userJpa.findByNamePhoneNumber(findIdPasswordDto.getName(), findIdPasswordDto.getPhoneNumber())
                .orElseThrow(()-> new NotFoundException("Cannot find user with name and phone number"));
        return new ResponseDto(HttpStatus.OK.value(), "User ID found", user.getMyId());
    }

☑️ UserJpa

1
2
3
4
5
6

    @Query(
            "SELECT u " +
                    "FROM User u " +
                    "WHERE u.name = :name AND u.phoneNumber = :phoneNumber "
    )
    Optional<User> findByNamePhoneNumber(String name, String phoneNumber);

💡 Result

Screenshot 2024-05-15 at 17 38 34

✅ Get New Password

비밀번호는 암호화되어있기 때문에 복호화 불가 ❌
따라서 새로운 비밀번호를 주고, 비밀번호를 유저로 하여끔 고치도록 설정
새로운 비밀번호 설정을 위해 RandomStringUtils.randomAlphanumeric

☑️ SignController

1
2
3
4

    @PutMapping("/getPassword")
    public ResponseDto getNewPassword(@RequestBody FindIdPasswordDto findIdPasswordDto){
        return authService.getNewPassword(findIdPasswordDto);
    }

☑️ AuthService

1
2
3
4
5
6
7
8

    public ResponseDto getNewPassword(FindIdPasswordDto findIdPasswordDto) {
        User user= userJpa.findByMyIdFetchJoin(findIdPasswordDto.getMyId())
                .orElseThrow(()-> new NotFoundException("Cannot find user with ID"));
        String newPwd = RandomStringUtils.randomAlphanumeric(10);
        user.setPassword(passwordEncoder.encode(newPwd));
        userJpa.save(user);
        return new ResponseDto(HttpStatus.OK.value(), "New Password.  "+ newPwd  + "  Please change your password");
    }

💡 Result

이제 유저는 새로운 비밀번호 9huEoaFiCG로 로그인이 가능하다. 이전 비밀번호로는 로그인 불가능 ❌

Screenshot 2024-05-15 at 17 41 46

✅ Change user info

☑️ UserUpdateRequestDto

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23

@JsonNaming(PropertyNamingStrategies.SnakeCaseStrategy.class)
@Getter
@Setter
@NoArgsConstructor
@AllArgsConstructor
public class UserUpdateRequestDto {
    @JsonProperty("name")
    private String name;
    @JsonProperty("my-id")
    private String myId;
    @JsonProperty("password")
    private String password;
    @JsonFormat(shape = JsonFormat.Shape.STRING, pattern = "yyyy-MM-dd")
    @JsonProperty("birthday")
    private Date birthday;
    @JsonProperty("phone-number")
    private String phoneNumber;

    public UserUpdateRequestDto(String password) {
        this.password = password;
    }
}

☑️ MyPageController

1
2
3
4
5

    @PutMapping("/userInfo")
    public ResponseDto updateMyInfo(@AuthenticationPrincipal CustomUserDetails customUserDetails,
                                    @RequestBody UserUpdateRequestDto userUpdateRequestDto){
        return myPageService.updateMyInfo(customUserDetails, userUpdateRequestDto);
    }

☑️ MyPageService

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21

    public ResponseDto updateMyInfo(CustomUserDetails customUserDetails, UserUpdateRequestDto userUpdateRequestDto) {
        User user= userJpa.findByMyIdFetchJoin(customUserDetails.getMyId())
                .orElseThrow(()-> new NotFoundException("Cannot find user with myId: "+ customUserDetails.getMyId()));
        List<String> userMyIds= userJpa.findAll().stream().map(User::getName).collect(Collectors.toList());
        //ckeck already existing ID
        if(userMyIds.contains(userUpdateRequestDto.getMyId())) throw new BadRequestException("Cannot change myId, this Id already exists");
        user.setMyId(userUpdateRequestDto.getMyId());
        user.setPassword(passwordEncoder.encode(userUpdateRequestDto.getPassword()));
        user.setBirthday(userUpdateRequestDto.getBirthday());
        user.setPhoneNumber(userUpdateRequestDto.getPhoneNumber());
        userJpa.save(user);

        UserUpdateResponseDto userUpdateResponseDto= UserUpdateResponseDto.builder()
                .name(user.getName())
                .myId(user.getMyId())
                .birthday(user.getBirthday())
                .phoneNumber(user.getPhoneNumber())
                .build();

        return new ResponseDto(HttpStatus.OK.value(), "User info update success", userUpdateResponseDto);
    }

💡 Result

이제 유저가 원하는 비밀번호로 로그인 가능

Screenshot 2024-05-15 at 17 44 53

Reference

https://velog.io/@yujinaa/%ED%94%84%EB%A1%9C%EC%A0%9D%ED%8A%B8-%EA%B0%9C%EC%84%A0-%EC%9B%B9%EC%82%AC%EC%9D%B4%ED%8A%B8-%EC%A0%9C%EC%9E%91-21.-SpringJava

https://velog.io/@yujinaa/spring-%ED%8C%80%ED%94%84%EB%A1%9C%EC%A0%9D%ED%8A%B8-%EC%9B%B9%EC%82%AC%EC%9D%B4%ED%8A%B8-%EC%A0%9C%EC%9E%91-10.-%EA%B4%80%EB%A6%AC%EC%9E%90-%ED%8E%98%EC%9D%B4%EC%A7%80

JAVA, Spring
security
This post is licensed under CC BY 4.0 by the author.