Skip to content

[fix] SecurityConfig permitAll에 restore/purge-and-register 경로 누락 수정 #186

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
geunyong16 merged 7 commits into from
May 11, 2026
Merged

[fix] SecurityConfig permitAll에 restore/purge-and-register 경로 누락 수정 #186

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
0578f15
fix(db): add version column to users table for optimistic locking
geunyong16 May 5, 2026
2421d90
fix(db): add NOT NULL constraint to users.version column
geunyong16 May 5, 2026
d6c47e8
fix(auth): 탈퇴 후 카카오 재로그인 시 복구/완전삭제 후 재가입 옵션 제공
geunyong16 May 8, 2026
0edea2c
fix(auth): CodeRabbit 리뷰 반영 - 응답 평탄화 및 purge-register 원자성 확보
geunyong16 May 11, 2026
0f6f448
fix(auth): SecurityConfig permitAll에 restore/purge-and-register 경로 추가
geunyong16 May 11, 2026
e642771
fix(auth): CodeRabbit 리뷰 반영 - 30일 복구 기간 서비스 단 강제
geunyong16 May 11, 2026
e9acd6d
chore: main 브랜치 병합 및 conflict 해결
geunyong16 May 11, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions src/main/java/com/example/paycheck/common/exception/ErrorCode.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ public class ErrorCode {
public static final String USER_NOT_FOUND = "USER_NOT_FOUND";
public static final String USER_ALREADY_DELETED = "USER_ALREADY_DELETED";
public static final String USER_NOT_WITHDRAWN = "USER_NOT_WITHDRAWN";
public static final String RECOVERY_PERIOD_EXPIRED = "RECOVERY_PERIOD_EXPIRED";

// Worker domain
public static final String WORKER_NOT_FOUND = "WORKER_NOT_FOUND";
Expand Down
19 changes: 19 additions & 0 deletions src/main/java/com/example/paycheck/domain/auth/service/AuthService.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@
import com.example.paycheck.domain.user.entity.User;
import com.example.paycheck.domain.user.enums.UserType;
import com.example.paycheck.domain.user.repository.UserRepository;
import com.example.paycheck.domain.user.scheduler.UserHardDeleteScheduler;
import com.example.paycheck.domain.user.service.UserHardDeleteService;
import com.example.paycheck.domain.user.service.UserService;
import com.example.paycheck.domain.user.service.UserWithdrawService;
Expand All @@ -26,6 +27,7 @@

import java.net.URI;
import java.net.URISyntaxException;
import java.time.LocalDateTime;

/**
* 인증 플로우를 조율하는 서비스
Expand Down Expand Up @@ -119,6 +121,21 @@ private AuthDto.LoginResponse buildLoginResponse(User user) {
.build();
}

/**
* 탈퇴 후 복구 가능 기간(30일) 이내인지 검증한다.
* Hard-delete 스케줄러 지연/장애로 30일을 초과한 계정이 남아있어도 복구/재가입을 차단한다.
*/
private void assertWithinRecoveryPeriod(User user) {
LocalDateTime cutoff = LocalDateTime.now()
.minusDays(UserHardDeleteScheduler.RETENTION_DAYS);
if (user.getDeletedAt().isBefore(cutoff)) {
throw new BadRequestException(
ErrorCode.RECOVERY_PERIOD_EXPIRED,
"복구 가능 기간(30일)이 지난 계정입니다."
);
}
}

/**
* 탈퇴한 카카오 계정 복구 (탈퇴 취소)
* - User.deletedAt = null로 되돌림
Expand All @@ -144,6 +161,7 @@ public AuthDto.LoginResponse restoreWithKakao(String kakaoAccessToken) {
"탈퇴 상태가 아닌 계정입니다."
);
}
assertWithinRecoveryPeriod(user);

user.restore();

Expand Down Expand Up @@ -174,6 +192,7 @@ public AuthDto.LoginResponse purgeAndRegisterWithKakao(AuthDto.KakaoRegisterRequ
"이미 가입된 카카오 계정입니다."
);
}
assertWithinRecoveryPeriod(existing);
userHardDeleteService.hardDeleteUser(existing.getId());
// JPA 기본 flush 순서(INSERT → DELETE)로 인해 같은 트랜잭션에서
// 신규 가입(INSERT)이 기존 사용자 DELETE보다 먼저 실행되면
Expand Down
2 changes: 1 addition & 1 deletion src/main/java/com/example/paycheck/domain/user/scheduler/UserHardDeleteScheduler.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@
@RequiredArgsConstructor
public class UserHardDeleteScheduler {

private static final int RETENTION_DAYS = 30;
public static final int RETENTION_DAYS = 30;

private final UserRepository userRepository;
private final UserHardDeleteService userHardDeleteService;
Expand Down
9 changes: 8 additions & 1 deletion src/main/java/com/example/paycheck/global/security/SecurityConfig.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,14 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
.authorizeHttpRequests(auth -> auth
.requestMatchers("/api/health", "/h2-console/**").permitAll()
.requestMatchers("/api/auth/kakao/login", "/api/auth/kakao/register", "/api/auth/refresh", "/api/auth/dev/login").permitAll()
.requestMatchers(
"/api/auth/kakao/login",
"/api/auth/kakao/register",
"/api/auth/kakao/restore",
"/api/auth/kakao/purge-and-register",
"/api/auth/refresh",
"/api/auth/dev/login"
).permitAll()
.requestMatchers("/swagger-ui/**", "/api-docs/**", "/swagger-ui.html").permitAll()
.anyRequest().authenticated()
)
Expand Down
Loading