Merge pull request #46 from Codeit-part4-team3/feat-진석

return 문 제거
Codeit-part4-team3 · Apr 25, 2024 · bc76b29 · bc76b29
2 parents 869680d + bedc8ef
commit bc76b29
Show file tree

Hide file tree

Showing 5 changed files with 55 additions and 16 deletions.
diff --git a/src/auth/auth.controller.ts b/src/auth/auth.controller.ts
@@ -61,7 +61,7 @@ export class AuthController {
     summary: '회원가입 이메일 인증',
   })
   async confirmSignup(@Body() confirmSignupDto: ConfirmSignupDto) {
-    return await this.authService.confirmSignUp(confirmSignupDto);
+    await this.authService.confirmSignUp(confirmSignupDto);
   }
 
   // 인증번호 다시보내기

diff --git a/src/auth/auth.service.ts b/src/auth/auth.service.ts
@@ -71,7 +71,8 @@ export class AuthService {
     };
 
     try {
-      return await this.cognitoClient.signUp(params).promise();
+      this.logger.info(`User ${signupDto.email} signed up successfully.`);
+      await this.cognitoClient.signUp(params).promise();
 
       return await this.userService.createUser(signupDto);
     } catch (e) {
@@ -167,6 +168,7 @@ export class AuthService {
     }
   }
 
+  // 토큰 얻기
   async getToken(refreshToken: string) {
     const params = {
       AuthFlow: 'REFRESH_TOKEN_AUTH',
@@ -190,6 +192,7 @@ export class AuthService {
     }
   }
 
+  // 비밀번호 잊었을 때 이메일로 코드요청
   async forgotPassword(emailDto: EmailDto) {
     const { email } = emailDto;
     const params = {
@@ -210,6 +213,7 @@ export class AuthService {
     }
   }
 
+  // 새 비밀번호로 변경
   async confirmPasswordReset(forgotPasswordDto: ForgotPasswordDto) {
     const { email, code, newPassword } = forgotPasswordDto;
 

diff --git a/src/auth/jwt-auth-guard.ts b/src/auth/jwt-auth-guard.ts
@@ -0,0 +1,30 @@
+import { AuthService } from './auth.service';
+import {
+  CanActivate,
+  ExecutionContext,
+  Injectable,
+  UnauthorizedException,
+  Request,
+} from '@nestjs/common';
+
+@Injectable()
+export class JwtAuthGuard implements CanActivate {
+  constructor(private readonly authService: AuthService) {}
+
+  async canActivate(context: ExecutionContext): Promise<boolean> {
+    const request = context.switchToHttp().getRequest<Request>();
+    const accessToken = request.headers['authorization']?.split(' ')[1];
+
+    if (!accessToken) {
+      throw new UnauthorizedException('헤더에 토큰이 없습니다.');
+    }
+
+    const user = await this.authService.tokenGetUser(accessToken);
+    if (!user || !user.email) {
+      throw new UnauthorizedException('유저가 없습니다.');
+    }
+
+    request['userId'] = user.id;
+    return true;
+  }
+}
diff --git a/src/auth/password.controller.ts b/src/auth/password.controller.ts
@@ -1,12 +1,11 @@
+import { Body, Controller, Post, Request, UseGuards } from '@nestjs/common';
 import {
-  Body,
-  Controller,
-  HttpException,
-  HttpStatus,
-  Post,
-  Request,
-} from '@nestjs/common';
-import { ApiBody, ApiOperation, ApiResponse, ApiTags } from '@nestjs/swagger';
+  ApiBearerAuth,
+  ApiBody,
+  ApiOperation,
+  ApiResponse,
+  ApiTags,
+} from '@nestjs/swagger';
 import { AuthService } from './auth.service';
 import { ForgotSchema } from './schema/forgot.schema';
 import { ForgotConfirmSchema } from './schema/forgotConfirm.schema';
@@ -18,6 +17,7 @@ import {
 import { EmailDto } from './../dto/email.dto';
 import { ForgotPasswordDto } from './../dto/forgotPassword.dto';
 import { ChangePasswordDto } from './../dto/changePassword.dto';
+import { JwtAuthGuard } from './jwt-auth-guard';
 
 @Controller('api/user/v1/')
 export class PasswordController {
@@ -56,6 +56,8 @@ export class PasswordController {
   // 비밀번호 변경
   @ApiTags('auth')
   @Post('user/password')
+  @UseGuards(JwtAuthGuard)
+  @ApiBearerAuth('accessToken')
   @ApiOperation({
     summary: '비밀번호 변경',
   })
@@ -65,11 +67,10 @@ export class PasswordController {
     @Request() request,
     @Body() changePasswordDto: ChangePasswordDto,
   ) {
-    const [type, token] = request.headers.authorization?.split(' ') ?? [];
-    if (type !== 'Bearer' || !token) {
-      throw new HttpException('토큰이 없습니다.', HttpStatus.BAD_REQUEST);
-    }
-
-    return await this.authService.changePassword(token, changePasswordDto);
+    const accessToken = request.headers['authorization']?.split(' ')[1];
+    return await this.authService.changePassword(
+      accessToken,
+      changePasswordDto,
+    );
   }
 }
diff --git a/src/main.ts b/src/main.ts
@@ -19,6 +19,10 @@ async function bootstrap() {
     .setDescription('pqsoft')
     .setVersion('1.0')
     .addTag('auth')
+    .addBearerAuth(
+      { type: 'http', scheme: 'bearer', bearerFormat: 'JWT' },
+      'accessToken', // 이 이름이 스웨거 UI에서 보안 스키마를 참조하는 데 사용됩니다.
+    )
     .build();
   const document = SwaggerModule.createDocument(app, config);
   SwaggerModule.setup('api/user/v1', app, document);