[BE] 일반 로그인을 구현한다.

backend/bang-ggood/src/main/java/com/bang_ggood/article/repository/ArticleRepository.java

@@ -23,7 +23,7 @@ default Article getById(Long id) {
 
     @Query("SELECT a FROM Article a " +
             "WHERE a.deleted = false " +
-            "ORDER BY a.createdAt DESC ")
+            "ORDER BY a.createdAt DESC, a.id DESC")
     List<Article> findLatestArticles();
 
     @Modifying(flushAutomatically = true, clearAutomatically = true)

backend/bang-ggood/src/main/java/com/bang_ggood/auth/controller/AuthController.java

@@ -3,6 +3,7 @@
 import com.bang_ggood.auth.config.AuthRequiredPrincipal;
 import com.bang_ggood.auth.controller.cookie.CookieProvider;
 import com.bang_ggood.auth.controller.cookie.CookieResolver;
+import com.bang_ggood.auth.dto.request.LocalLoginRequestV1;
 import com.bang_ggood.auth.dto.request.OauthLoginRequest;
 import com.bang_ggood.auth.dto.request.RegisterRequestV1;
 import com.bang_ggood.auth.dto.response.AuthTokenResponse;
@@ -36,8 +37,21 @@ public ResponseEntity<Void> register(@Valid @RequestBody RegisterRequestV1 reque
     }
 
     @PostMapping("/oauth/login")
-    public ResponseEntity<Void> login(@Valid @RequestBody OauthLoginRequest request) {
-        AuthTokenResponse response = authService.login(request);
+    public ResponseEntity<Void> oauthLogin(@Valid @RequestBody OauthLoginRequest request) {
+        AuthTokenResponse response = authService.oauthLogin(request);
+
+        ResponseCookie accessTokenCookie = cookieProvider.createAccessTokenCookie(response.accessToken());
+        ResponseCookie refreshTokenCookie = cookieProvider.createRefreshTokenCookie(response.refreshToken());
+
+        return ResponseEntity.ok()
+                .header(HttpHeaders.SET_COOKIE, accessTokenCookie.toString())
+                .header(HttpHeaders.SET_COOKIE, refreshTokenCookie.toString())
+                .build();
+    }
+
+    @PostMapping("/v1/local-auth/login")
+    public ResponseEntity<Void> localLogin(@Valid @RequestBody LocalLoginRequestV1 request) {
+        AuthTokenResponse response = authService.localLogin(request);
 
         ResponseCookie accessTokenCookie = cookieProvider.createAccessTokenCookie(response.accessToken());
         ResponseCookie refreshTokenCookie = cookieProvider.createRefreshTokenCookie(response.refreshToken());

backend/bang-ggood/src/main/java/com/bang_ggood/auth/dto/request/LocalLoginRequestV1.java

@@ -0,0 +1,7 @@
+package com.bang_ggood.auth.dto.request;
+
+import jakarta.validation.constraints.NotBlank;
+
+public record LocalLoginRequestV1(@NotBlank(message = "이메일이 존재하지 않습니다.") String email,
+                                  @NotBlank(message = "비밀번호가 존재하지 않습니다.") String password) {
+}

backend/bang-ggood/src/main/java/com/bang_ggood/auth/service/AuthService.java

@@ -1,5 +1,6 @@
 package com.bang_ggood.auth.service;
 
+import com.bang_ggood.auth.dto.request.LocalLoginRequestV1;
 import com.bang_ggood.auth.dto.request.OauthLoginRequest;
 import com.bang_ggood.auth.dto.request.RegisterRequestV1;
 import com.bang_ggood.auth.dto.response.AuthTokenResponse;
@@ -34,7 +35,7 @@ public class AuthService {
     private final JwtTokenProvider jwtTokenProvider;
     private final JwtTokenResolver jwtTokenResolver;
     private final DefaultChecklistService defaultChecklistService;
-    private final UserRepository userRepository; // TODO 리팩토링
+    private final UserRepository userRepository;
 
     @Transactional
     public Long register(RegisterRequestV1 request) {
@@ -46,17 +47,36 @@ public Long register(RegisterRequestV1 request) {
     }
 
     @Transactional
-    public AuthTokenResponse login(OauthLoginRequest request) {
+    public AuthTokenResponse oauthLogin(OauthLoginRequest request) {
         OauthInfoApiResponse oauthInfoApiResponse = oauthClient.requestOauthInfo(request);
 
-        User user = userRepository.findByEmail(new Email(oauthInfoApiResponse.kakao_account().email()))
+        User user = userRepository.findByEmailAndLoginType(new Email(oauthInfoApiResponse.kakao_account().email()),
+                        LoginType.KAKAO)
                 .orElseGet(() -> signUp(oauthInfoApiResponse));
 
         String accessToken = jwtTokenProvider.createAccessToken(user);
         String refreshToken = jwtTokenProvider.createRefreshToken(user);
         return AuthTokenResponse.of(accessToken, refreshToken);
     }
 
+    @Transactional(readOnly = true)
+    public AuthTokenResponse localLogin(LocalLoginRequestV1 request) {
+        User user = userRepository.findByEmailAndLoginType(new Email(request.email()), LoginType.LOCAL)
+                .orElseThrow(() -> new BangggoodException(ExceptionCode.USER_NOT_FOUND));
+        checkPassword(request, user);
+
+        String accessToken = jwtTokenProvider.createAccessToken(user);
+        String refreshToken = jwtTokenProvider.createRefreshToken(user);
+        return AuthTokenResponse.of(accessToken, refreshToken);
+    }
+
+
+    private void checkPassword(LocalLoginRequestV1 request, User user) {
+        if (user.isDifferent(request.password())) {
+            throw new BangggoodException(ExceptionCode.USER_INVALID_PASSWORD);
+        }
+    }
+
     private User signUp(OauthInfoApiResponse oauthInfoApiResponse) {
         User user = userRepository.save(oauthInfoApiResponse.toUserEntity());
         defaultChecklistService.createDefaultChecklistAndQuestions(user);
@@ -84,15 +104,6 @@ public void logout(String accessToken, String refreshToken, User user) {
         validateTokenOwnership(user, accessAuthUser, refreshAuthUser);
     }
 
-    private static void validateTokenOwnership(User user, AuthUser accessAuthUser, AuthUser refreshAuthUser) {
-        if (!accessAuthUser.id().equals(refreshAuthUser.id())) {
-            throw new BangggoodException(ExceptionCode.AUTHENTICATION_TOKEN_USER_MISMATCH);
-        }
-        if (!user.getId().equals(accessAuthUser.id())) {
-            throw new BangggoodException(ExceptionCode.AUTHENTICATION_TOKEN_NOT_OWNED_BY_USER);
-        }
-    }
-
     @Transactional(readOnly = true)
     public User getAuthUser(String token) {
         AuthUser authUser = jwtTokenResolver.resolveAccessToken(token);
@@ -107,4 +118,13 @@ public String reissueAccessToken(String refreshToken) {
         User user = userRepository.getUserById(authUser.id());
         return jwtTokenProvider.createAccessToken(user);
     }
+
+    private static void validateTokenOwnership(User user, AuthUser accessAuthUser, AuthUser refreshAuthUser) {
+        if (!accessAuthUser.id().equals(refreshAuthUser.id())) {
+            throw new BangggoodException(ExceptionCode.AUTHENTICATION_TOKEN_USER_MISMATCH);
+        }
+        if (!user.getId().equals(accessAuthUser.id())) {
+            throw new BangggoodException(ExceptionCode.AUTHENTICATION_TOKEN_NOT_OWNED_BY_USER);
+        }
+    }
 }

backend/bang-ggood/src/main/java/com/bang_ggood/auth/service/PasswordEncoder.java

@@ -13,12 +13,20 @@
 public class PasswordEncoder {
 
     private static final String DELIMITER = ":";
+    private static final int PASSWORD_AND_SALT_LENGTH = 2;
+
+    private PasswordEncoder() {
+    }
 
     public static String encodeWithGeneralSalt(String password) {
         return encode(password, getSalt());
     }
 
-    public static String encode(String password, byte[] salt) {
+    public static String encodeWithSpecificSalt(String password, String passwordWithSalt) {
+        return encode(password, extractSaltByPassword(passwordWithSalt));
+    }
+
+    private static String encode(String password, byte[] salt) {
         try {
             KeySpec spec = new PBEKeySpec(password.toCharArray(), salt, 65536, 512);
             SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA512");
@@ -31,13 +39,20 @@ public static String encode(String password, byte[] salt) {
         }
     }
 
-    public static byte[] getSalt() {
+    private static byte[] getSalt() {
         SecureRandom secureRandom = new SecureRandom();
         byte[] salt = new byte[64];
         secureRandom.nextBytes(salt);
         return salt;
     }
 
-    private PasswordEncoder() {
+    private static byte[] extractSaltByPassword(String encodedPassword) {
+        String[] parts = encodedPassword.split(DELIMITER);
+        if (parts.length != PASSWORD_AND_SALT_LENGTH) {
+            throw new BangggoodException(ExceptionCode.PASSWORD_HASHING_ERROR);
+        }
+
+        String encodedSalt = parts[1];
+        return Base64.getDecoder().decode(encodedSalt);
     }
 }

backend/bang-ggood/src/main/java/com/bang_ggood/checklist/controller/ChecklistController.java

@@ -4,8 +4,8 @@
 import com.bang_ggood.auth.config.UserPrincipal;
 import com.bang_ggood.checklist.dto.request.ChecklistRequest;
 import com.bang_ggood.checklist.dto.request.ChecklistRequestV1;
-import com.bang_ggood.checklist.dto.response.SelectedChecklistResponse;
 import com.bang_ggood.checklist.dto.response.ChecklistsPreviewResponse;
+import com.bang_ggood.checklist.dto.response.SelectedChecklistResponse;
 import com.bang_ggood.checklist.dto.response.SelectedChecklistResponseV1;
 import com.bang_ggood.checklist.service.ChecklistManageService;
 import com.bang_ggood.checklist.service.ChecklistService;

backend/bang-ggood/src/main/java/com/bang_ggood/checklist/dto/response/SelectedChecklistResponseV1.java

@@ -16,6 +16,7 @@ public record SelectedChecklistResponseV1(SelectedRoomResponseV1 room,
     public static SelectedChecklistResponseV1 of(SelectedRoomResponse room, List<SelectedOptionResponse> options,
                                                  List<SelectedCategoryQuestionsResponse> categories, boolean isLiked,
                                                  SubwayStationResponses stations) {
-        return new SelectedChecklistResponseV1(SelectedRoomResponseV1.from(room), options, categories, isLiked, stations);
+        return new SelectedChecklistResponseV1(SelectedRoomResponseV1.from(room), options, categories, isLiked,
+                stations);
     }
 }

backend/bang-ggood/src/main/java/com/bang_ggood/checklist/repository/ChecklistRepository.java

@@ -28,7 +28,7 @@ default Checklist getById(@Param("id") Long id) {
     @Query("SELECT c FROM Checklist c "
             + "WHERE c.user = :user "
             + "AND c.deleted = false "
-            + "ORDER BY c.createdAt DESC ")
+            + "ORDER BY c.createdAt DESC, c.id DESC ")
     List<Checklist> findAllByUserOrderByLatest(@Param("user") User user);
 
     @Query("SELECT c FROM Checklist c "

backend/bang-ggood/src/main/java/com/bang_ggood/global/config/WebMvcConfig.java

@@ -1,8 +1,8 @@
 package com.bang_ggood.global.config;
 
 import com.bang_ggood.auth.config.AuthRequiredPrincipalArgumentResolver;
-import com.bang_ggood.auth.controller.cookie.CookieResolver;
 import com.bang_ggood.auth.config.UserPrincipalArgumentResolver;
+import com.bang_ggood.auth.controller.cookie.CookieResolver;
 import com.bang_ggood.auth.service.AuthService;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.web.method.support.HandlerMethodArgumentResolver;

backend/bang-ggood/src/main/java/com/bang_ggood/global/exception/ExceptionCode.java

@@ -20,6 +20,7 @@ public enum ExceptionCode {
 
     // User
     USER_NOT_FOUND(HttpStatus.UNAUTHORIZED, "유저가 존재하지 않습니다."),
+    USER_INVALID_PASSWORD(HttpStatus.BAD_REQUEST, "잘못된 비밀번호입니다."),
     USER_EMAIL_ALREADY_USED(HttpStatus.CONFLICT, "이미 해당 이메일을 사용하는 유저가 존재합니다."),
     GUEST_USER_NOT_FOUND(HttpStatus.INTERNAL_SERVER_ERROR, "게스트 유저가 존재하지 않습니다."),
     GUEST_USER_UNEXPECTED_EXIST(HttpStatus.INTERNAL_SERVER_ERROR, "예상치 못한 게스트 유저가 존재합니다. 데이터베이스를 확인해주세요."),

backend/bang-ggood/src/main/java/com/bang_ggood/room/dto/response/SelectedRoomResponse.java

@@ -9,7 +9,8 @@ public record SelectedRoomResponse(String roomName, Integer deposit, Integer ren
                                    String realEstate,
                                    Double size, String floorLevel, String structure,
                                    Integer occupancyMonth, String occupancyPeriod, String memo, String summary,
-                                   List<Integer> includedMaintenances, Integer maintenanceFee, LocalDateTime createdAt) {
+                                   List<Integer> includedMaintenances, Integer maintenanceFee,
+                                   LocalDateTime createdAt) {
 
     public static SelectedRoomResponse of(Checklist checklist, List<Integer> includedMaintenances) {
         return new SelectedRoomResponse(checklist.getRoomName(), checklist.getDeposit(), checklist.getRent(),
@@ -18,6 +19,7 @@ public static SelectedRoomResponse of(Checklist checklist, List<Integer> include
                 checklist.getRoomStation(), checklist.getRoomWalkingTime(), checklist.getRealEstate(),
                 checklist.getRoomSize(), checklist.getRoomFloorLevel().getName(),
                 checklist.getRoomStructure().getName(), checklist.getOccupancyMonth(), checklist.getOccupancyPeriod(),
-                checklist.getMemo(), checklist.getSummary(), includedMaintenances, checklist.getMaintenanceFee(), checklist.getCreatedAt());
+                checklist.getMemo(), checklist.getSummary(), includedMaintenances, checklist.getMaintenanceFee(),
+                checklist.getCreatedAt());
     }
 }

backend/bang-ggood/src/main/java/com/bang_ggood/room/dto/response/SelectedRoomResponseV1.java

@@ -3,11 +3,13 @@
 import java.time.LocalDateTime;
 import java.util.List;
 
-public record SelectedRoomResponseV1(String roomName, Integer deposit, Integer rent, Integer contractTerm, Integer floor,
+public record SelectedRoomResponseV1(String roomName, Integer deposit, Integer rent, Integer contractTerm,
+                                     Integer floor,
                                      String address, String buildingName, String realEstate,
                                      Double size, String floorLevel, String structure,
                                      Integer occupancyMonth, String occupancyPeriod, String memo, String summary,
-                                     List<Integer> includedMaintenances, Integer maintenanceFee, LocalDateTime createdAt) {
+                                     List<Integer> includedMaintenances, Integer maintenanceFee,
+                                     LocalDateTime createdAt) {
 
     public static SelectedRoomResponseV1 from(SelectedRoomResponse response) {
         return new SelectedRoomResponseV1(

backend/bang-ggood/src/main/java/com/bang_ggood/station/SubwayReader.java

@@ -22,7 +22,8 @@ public class SubwayReader {
     public static List<SubwayStation> readSubwayStationData() {
         List<SubwayStation> stations = new ArrayList<>();
         try (CSVReader csvReader = new CSVReaderBuilder(
-                new InputStreamReader(getSubwayStationResource().getInputStream(), Charset.forName("EUC-KR"))).build()) {
+                new InputStreamReader(getSubwayStationResource().getInputStream(),
+                        Charset.forName("EUC-KR"))).build()) {
             String[] line = csvReader.readNext(); // drop first row
             while ((line = csvReader.readNext()) != null) {
                 SubwayStation station = new SubwayStation(

backend/bang-ggood/src/main/java/com/bang_ggood/station/domain/ChecklistStation.java

@@ -41,8 +41,12 @@ public ChecklistStation(Checklist checklist, String stationName, String stationL
 
     @Override
     public boolean equals(Object o) {
-        if (this == o) return true;
-        if (o == null || getClass() != o.getClass()) return false;
+        if (this == o) {
+            return true;
+        }
+        if (o == null || getClass() != o.getClass()) {
+            return false;
+        }
         ChecklistStation that = (ChecklistStation) o;
         return Objects.equals(id, that.id);
     }

backend/bang-ggood/src/main/java/com/bang_ggood/station/dto/response/SubwayStationResponse.java

@@ -20,13 +20,15 @@ public class SubwayStationResponse {
     public static SubwayStationResponse of(SubwayStation station, double latitude, double longitude) {
         List<String> stationLine = new ArrayList<>();
         stationLine.add(station.getLine());
-        return new SubwayStationResponse(station.getName(), stationLine, station.calculateWalkingTime(latitude, longitude));
+        return new SubwayStationResponse(station.getName(), stationLine,
+                station.calculateWalkingTime(latitude, longitude));
     }
 
     public static SubwayStationResponse from(ChecklistStation checklistStation) {
         List<String> stationLine = new ArrayList<>();
         stationLine.add(checklistStation.getStationLine());
-        return new SubwayStationResponse(checklistStation.getStationName(), stationLine, checklistStation.getWalkingTime());
+        return new SubwayStationResponse(checklistStation.getStationName(), stationLine,
+                checklistStation.getWalkingTime());
     }
 
     public SubwayStationResponse merge(SubwayStationResponse response) {

backend/bang-ggood/src/main/java/com/bang_ggood/station/service/ChecklistStationService.java

@@ -19,12 +19,14 @@ public class ChecklistStationService {
 
     @Transactional
     public void createChecklistStations(Checklist checklist, double latitude, double longitude) {
-        List<SubwayStationResponse> responses = subwayStationService.readNearestStation(latitude, longitude).getStations();
+        List<SubwayStationResponse> responses = subwayStationService.readNearestStation(latitude, longitude)
+                .getStations();
         List<ChecklistStation> checklistStations = new ArrayList<>();
 
         for (SubwayStationResponse response : responses) {
             for (String stationLine : response.getStationLine()) {
-                checklistStations.add(new ChecklistStation(checklist, response.getStationName(), stationLine, response.getWalkingTime()));
+                checklistStations.add(new ChecklistStation(checklist, response.getStationName(), stationLine,
+                        response.getWalkingTime()));
             }
         }
 

backend/bang-ggood/src/main/java/com/bang_ggood/user/domain/Email.java

@@ -31,7 +31,7 @@ public Email(String value) {
     }
 
     public void validateEmailPattern(String email) {
-        if(!EMAIL_PATTERN.matcher(email).matches()) {
+        if (!EMAIL_PATTERN.matcher(email).matches()) {
             throw new BangggoodException(ExceptionCode.EMAIL_INVALID_FORMAT);
         }
     }

backend/bang-ggood/src/main/java/com/bang_ggood/user/domain/Password.java

@@ -29,8 +29,13 @@ public Password(String value) {
         this.value = PasswordEncoder.encodeWithGeneralSalt(value);
     }
 
-    public void validatePasswordPattern(String password) {
-        if (!PASSWORD_PATTERN.matcher(password).matches()) {
+    public boolean isDifferent(String password) {
+        String targetPassword = PasswordEncoder.encodeWithSpecificSalt(password, value);
+        return !value.equals(targetPassword);
+    }
+
+    private void validatePasswordPattern(String password) {
+        if (password == null || !PASSWORD_PATTERN.matcher(password).matches()) {
             throw new BangggoodException(ExceptionCode.PASSWORD_INVALID_FORMAT);
         }
     }
@@ -43,8 +48,8 @@ public boolean equals(Object o) {
         if (o == null || getClass() != o.getClass()) {
             return false;
         }
-        Password password1 = (Password) o;
-        return Objects.equals(value, password1.value);
+        Password targetPassword = (Password) o;
+        return Objects.equals(value, targetPassword.value);
     }
 
     @Override

backend/bang-ggood/src/main/java/com/bang_ggood/user/domain/User.java

@@ -64,6 +64,10 @@ public User(Long id, String name, String email) { // TODO 테스트용
         this.email = new Email(email);
     }
 
+    public boolean isDifferent(String targetPassword) {
+        return password.isDifferent(targetPassword);
+    }
+
     @Override
     public boolean equals(Object o) {
         if (this == o) {

backend/bang-ggood/src/main/java/com/bang_ggood/user/repository/UserRepository.java

@@ -23,8 +23,8 @@ default User getUserById(Long id) {
     @Query("SELECT u FROM User u WHERE u.userType = :userType and u.deleted = false ")
     List<User> findUserByUserType(@Param("userType") UserType userType);
 
-    @Query("SELECT u FROM User u WHERE u.email = :email and u.deleted = false ")
-    Optional<User> findByEmail(@Param("email") Email email);
+    @Query("SELECT u FROM User u WHERE u.email = :email and u.loginType = :loginType and u.deleted = false")
+    Optional<User> findByEmailAndLoginType(@Param("email") Email email, @Param("loginType") LoginType loginType);
 
     @Transactional
     @Modifying(flushAutomatically = true, clearAutomatically = true)

backend/bang-ggood/src/main/resources/data.sql

@@ -1,6 +1,7 @@
 -- 비밀번호 : password1234
 INSERT INTO users(name, email, password, user_type, login_type, created_at, modified_at, deleted)
-VALUES ('방방이', '[email protected]', 'xDNYKEJqE/36U0Dt3nXRMFPNEMEgjCYM7R/A4B29baOsv4KYQ9MGgcO3HUa11sNKCFb9ZXyYBqJqxNglvBzFvg==:7yejAszEpxBb7AyZNKvAqpmMEJiKFXIa8JKwAx3n4loB2DRcAC2pfwkgo/dzKzRvBX4RbrATWaIlPYrgAhbHZQ==',
+VALUES ('방방이', '[email protected]',
+        'xDNYKEJqE/36U0Dt3nXRMFPNEMEgjCYM7R/A4B29baOsv4KYQ9MGgcO3HUa11sNKCFb9ZXyYBqJqxNglvBzFvg==:7yejAszEpxBb7AyZNKvAqpmMEJiKFXIa8JKwAx3n4loB2DRcAC2pfwkgo/dzKzRvBX4RbrATWaIlPYrgAhbHZQ==',
         'USER', 'LOCAL', '2024-07-22 07:56:42', '2024-07-22 07:56:42', false);
 
 INSERT INTO custom_checklist_question(user_id, question, created_at, modified_at, deleted)