From 447c1f9b48bf94a7e05400a5d9c82bec7343a6bf Mon Sep 17 00:00:00 2001 From: true Date: Tue, 9 Jul 2024 20:46:20 +0900 Subject: [PATCH 1/6] =?UTF-8?q?=F0=9F=8E=A8=20=EB=93=B1=EB=A1=9D=20?= =?UTF-8?q?=EC=9A=94=EC=B2=AD=20=EC=9C=A0=ED=9A=A8=EC=84=B1=20=EA=B2=80?= =?UTF-8?q?=EC=82=AC=20=EC=B6=94=EA=B0=80=20(=EC=98=81=EC=96=B4,=20?= =?UTF-8?q?=EA=B8=B0=ED=98=B8=EB=A7=8C=20=EA=B0=80=EB=8A=A5)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/routes/user/user.controller.js | 15 +++++++++++---- src/routes/user/user.schema.js | 29 ++++++++++++++++++++++++++++- 2 files changed, 39 insertions(+), 5 deletions(-) diff --git a/src/routes/user/user.controller.js b/src/routes/user/user.controller.js index c71e708..a0695e5 100755 --- a/src/routes/user/user.controller.js +++ b/src/routes/user/user.controller.js @@ -13,6 +13,7 @@ const { registerBodySchema, emailCheckReqQuerySchema, loginBodySchema, + requestBodySchema, } = require('./user.schema'); const { generateAccessToken, generateRefreshToken } = require('../../common/utils/auth'); const { getKakaoToken, getUserInfo } = require('../../common/utils/kakao'); @@ -223,21 +224,27 @@ exports.delRecentSearch = async (req, res) => { // 새로운 단어 등록 및 수정 exports.postWords = async (req, res) => { try { + const validData = validateRequest(requestBodySchema, req.body); const { _id } = req.user; - const { nickname } = req.params; // URL 파라미터에서 nickname 추출 - const { formData, type } = req.body; // formData와 type을 요청 본문에서 분리 - + const { nickname } = req.params; + const { formData, type } = req.body; const result = await userService.postWords(_id, formData, nickname, type); - sendResponse.ok(res, { message: SuccessMessage.REGISTER_WORDS_SUCCESS, data: result }); } catch (error) { console.log("Error during postWords:", error); + if (error?.type === 'ajv') { + return sendResponse.badRequest(res, "영어와 기호만 입력 가능합니다."); + } sendResponse.fail(req, res, ErrorMessage.REGISTER_WORDS_ERROR); } }; + + + + exports.UserRequests = async (req, res) => { try{ const { _id } = req.user; diff --git a/src/routes/user/user.schema.js b/src/routes/user/user.schema.js index 699e673..d5d33cc 100644 --- a/src/routes/user/user.schema.js +++ b/src/routes/user/user.schema.js @@ -15,6 +15,10 @@ const commonSchemas = { maxLength: 20, pattern: '^(?=.*[a-z])(?=.*[A-Z])(?=.*\\d)(?=.*[!@#$%^&*()_+\\-=\\[\\]{};:\'",.<>\\/\\\\?]).+$', }, + word: { + type: 'string', + pattern: '^[a-zA-Z!@#$%^&*()_+\\-=\\[\\]{};:\'",.<>/?]+$', + }, }; const registerBodySchema = { @@ -56,4 +60,27 @@ const loginBodySchema = { additionalProperties: false, }; -module.exports = { registerBodySchema, nicknameCheckReqQuerySchema, emailCheckReqQuerySchema, loginBodySchema }; +const requestBodySchema = { + type: 'object', + properties: { + word: commonSchemas.word, + type: { type: 'string' }, + nickname: { type: 'string' }, + formData: { + type: 'object', + properties: { + devTerm: { type: 'string' }, + commonPron: { type: 'string' }, + awkPron: { type: 'string' }, + addInfo: { type: 'string' } + }, + additionalProperties: false + } + }, + required: ['word', 'type', 'nickname', 'formData'], + additionalProperties: false, +}; + + + +module.exports = { registerBodySchema, nicknameCheckReqQuerySchema, emailCheckReqQuerySchema, loginBodySchema, requestBodySchema }; From 0816ead1f04db745e131fc2b56ca8daf15e58358 Mon Sep 17 00:00:00 2001 From: true Date: Tue, 9 Jul 2024 23:48:59 +0900 Subject: [PATCH 2/6] =?UTF-8?q?=F0=9F=8E=A8=20=EC=97=90=EB=9F=AC=EB=A9=94?= =?UTF-8?q?=EC=84=B8=EC=A7=80=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/common/constants/error-message.js | 1 + src/routes/user/user.controller.js | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/src/common/constants/error-message.js b/src/common/constants/error-message.js index 0261a19..21237ea 100644 --- a/src/common/constants/error-message.js +++ b/src/common/constants/error-message.js @@ -39,6 +39,7 @@ const ErrorMessage = Object.freeze({ GET_REQUESTS_ERROR: '요청 조회중 오류가 발생하였습니다.', DELETE_REQUEST_ERROR: '요청 삭제중 오류가 발생하였습니다.', UPDATE_REQUEST_STATE_ERROR: '요청 상태 변경중 오류가 발생하였습니다.', + ADD_REQUEST_WORDS_ERROR: '단어는 영어와 기호만 입력할 수 ' }); module.exports = ErrorMessage; diff --git a/src/routes/user/user.controller.js b/src/routes/user/user.controller.js index a0695e5..6bfceeb 100755 --- a/src/routes/user/user.controller.js +++ b/src/routes/user/user.controller.js @@ -236,7 +236,7 @@ exports.postWords = async (req, res) => { } catch (error) { console.log("Error during postWords:", error); if (error?.type === 'ajv') { - return sendResponse.badRequest(res, "영어와 기호만 입력 가능합니다."); + return sendResponse.badRequest(res, ErrorMessage.ADD_REQUEST_WORDS_ERROR); } sendResponse.fail(req, res, ErrorMessage.REGISTER_WORDS_ERROR); } From c6c7bde47ec283bd48eb81e03c252ebccecff55a Mon Sep 17 00:00:00 2001 From: jjikky Date: Wed, 10 Jul 2024 19:30:25 +0900 Subject: [PATCH 3/6] =?UTF-8?q?=E2=9C=A8=20=ED=9A=8C=EC=9B=90=ED=83=88?= =?UTF-8?q?=ED=87=B4=20=EA=B5=AC=ED=98=84?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/common/constants/error-message.js | 1 + src/common/constants/success-message.js | 2 +- src/routes/user/user.controller.js | 37 ++++++++++------ src/routes/user/user.repository.js | 57 ++++++++++++++----------- src/routes/user/user.route.js | 8 ++-- src/routes/user/user.service.js | 10 +++-- 6 files changed, 70 insertions(+), 45 deletions(-) diff --git a/src/common/constants/error-message.js b/src/common/constants/error-message.js index 0261a19..87baed5 100644 --- a/src/common/constants/error-message.js +++ b/src/common/constants/error-message.js @@ -25,6 +25,7 @@ const ErrorMessage = Object.freeze({ KAKAO_LOGIN_ERROR: '카카오 로그인중 오류가 발생하였습니다.', NO_REFRESH_TOKEN: 'refresh token이 존재하지 않습니다.', REFRESH_TOKEN_ERROR: 'refresh token 검증중 오류가 발생하였습니다.', + DELETE_USER_ERROR: '회원탈퇴중 오류가 발생하였습니다.', // WORD RECENT_WORDS_ERROR: '최근 검색어 조회중 오류가 발생하였습니다.', diff --git a/src/common/constants/success-message.js b/src/common/constants/success-message.js index e9575e3..b2c961f 100644 --- a/src/common/constants/success-message.js +++ b/src/common/constants/success-message.js @@ -8,8 +8,8 @@ const SuccessMessage = Object.freeze({ LOGIN_SUCCESSS: '로그인 성공', LOGOUT_SUCCESS: '로그아웃 성공', + DELETE_USER_SUCCESS: '회원 탈퇴 성공', REFRESH_TOKEN: 'access token 발급 성공', - GET_PROFILE_SUCCESS: '유저 정보 조회 성공', // WORD - 최근검색어 diff --git a/src/routes/user/user.controller.js b/src/routes/user/user.controller.js index c71e708..d5cf900 100755 --- a/src/routes/user/user.controller.js +++ b/src/routes/user/user.controller.js @@ -2,7 +2,6 @@ const passport = require('passport'); const jwt = require('jsonwebtoken'); const config = require('../../common/config'); - const userService = require('./user.service'); const sendResponse = require('../../common/utils/response-handler'); const ErrorMessage = require('../../common/constants/error-message'); @@ -231,15 +230,15 @@ exports.postWords = async (req, res) => { sendResponse.ok(res, { message: SuccessMessage.REGISTER_WORDS_SUCCESS, - data: result + data: result, }); } catch (error) { - console.log("Error during postWords:", error); + console.log('Error during postWords:', error); sendResponse.fail(req, res, ErrorMessage.REGISTER_WORDS_ERROR); } }; exports.UserRequests = async (req, res) => { - try{ + try { const { _id } = req.user; const requests = await userService.getUserRequests(_id); sendResponse.ok(res, { @@ -253,7 +252,7 @@ exports.UserRequests = async (req, res) => { }; exports.UserRequestsAll = async (req, res) => { - try{ + try { const requests = await userService.getUserRequestsAll(); sendResponse.ok(res, { message: SuccessMessage.GET_REQUESTS_SUCCESS, @@ -263,10 +262,10 @@ exports.UserRequestsAll = async (req, res) => { console.log(err); sendResponse.fail(req, res, ErrorMessage.GET_REQUESTS_ERROR); } -} +}; exports.deleteRequest = async (req, res) => { - try{ + try { const { _id } = req.user; // 현재 로그인한 사용자의 고유 식별자 const { word } = req.params; await userService.deleteRequest(_id, word); @@ -277,7 +276,7 @@ exports.deleteRequest = async (req, res) => { console.log(err); sendResponse.fail(req, res, ErrorMessage.DELETE_REQUEST_ERROR); } -} +}; exports.getRole = async (req, res) => { const { _id } = req.user; @@ -286,20 +285,20 @@ exports.getRole = async (req, res) => { message: SuccessMessage.GET_ROLE_SUCCESS, data: { role }, }); -} +}; exports.updateRequest = async (req, res) => { const { requestId } = req.params; const { formData } = req.body; await userService.updateRequest(requestId, formData); sendResponse.ok(res, { - message: SuccessMessage.UPDATE_REQUEST_SUCCESS + message: SuccessMessage.UPDATE_REQUEST_SUCCESS, }); -} +}; exports.updateRequestState = async (req, res) => { try { - const { _id} = req.user; + const { _id } = req.user; const { requestId } = req.params; const { status, formData, requestType } = req.body; @@ -311,5 +310,17 @@ exports.updateRequestState = async (req, res) => { console.log(err); sendResponse.fail(req, res, ErrorMessage.UPDATE_REQUEST_STATE_ERROR); } -} +}; +exports.deleteUser = async (req, res) => { + try { + const { _id } = req.user; + await userService.deleteUser(_id); + sendResponse.ok(res, { + message: SuccessMessage.DELETE_USER_SUCCESS, + }); + } catch (err) { + console.log(err); + sendResponse.fail(req, res, ErrorMessage.DELETE_USER_ERROR); + } +}; diff --git a/src/routes/user/user.repository.js b/src/routes/user/user.repository.js index 30e815b..21a6ff0 100644 --- a/src/routes/user/user.repository.js +++ b/src/routes/user/user.repository.js @@ -59,14 +59,14 @@ exports.delRecentSearch = async (_id, searchTerm) => { exports.updateRecentSearch = async (_id, searchTerm) => { try { - console.log("id", _id) - console.log("searchTerm", searchTerm) + console.log('id', _id); + console.log('searchTerm', searchTerm); const user = await User.findById(_id).exec(); if (!user) { console.log('User not found'); } const recentSearch = user.recentSearches.find((search) => search.searchTerm === searchTerm); - console.log("recentSearch", recentSearch) + console.log('recentSearch', recentSearch); if (recentSearch) { // 검색어가 이미 존재하는 경우 if (recentSearch.deletedAt) { @@ -94,7 +94,7 @@ exports.postWords = async (userId, formData, nickname, type) => { throw new Error('User not found'); } - console.log("User before modification:", JSON.stringify(user.requests, null, 2)); + console.log('User before modification:', JSON.stringify(user.requests, null, 2)); if (type === 'add') { user.requests.push({ @@ -105,10 +105,10 @@ exports.postWords = async (userId, formData, nickname, type) => { deletedAt: null, status: 'pend', type: 'add', - suggestedBy: nickname // nickname 추가 + suggestedBy: nickname, // nickname 추가 }); } else if (type === 'mod') { - const request = user.requests.find(req => req.word === formData.devTerm); + const request = user.requests.find((req) => req.word === formData.devTerm); if (!request) { user.requests.push({ word: formData.devTerm, @@ -118,8 +118,8 @@ exports.postWords = async (userId, formData, nickname, type) => { deletedAt: null, status: 'pend', type: 'mod', - suggestedBy: nickname // nickname 추가 - }) + suggestedBy: nickname, // nickname 추가 + }); } else { console.log('이미 같은 단어 수정 요청이 존재합니다.'); throw new Error('Word not found'); @@ -129,8 +129,8 @@ exports.postWords = async (userId, formData, nickname, type) => { } await user.save(); - console.log("User after modification:", JSON.stringify(user.requests, null, 2)); - return user.requests.find(req => req.word === formData.devTerm); + console.log('User after modification:', JSON.stringify(user.requests, null, 2)); + return user.requests.find((req) => req.word === formData.devTerm); } catch (err) { console.error(err); throw err; @@ -138,15 +138,14 @@ exports.postWords = async (userId, formData, nickname, type) => { }; exports.getUserRequests = async (userId) => { - try { + try { const user = await User.findById(userId).select('requests').exec(); if (!user) { throw new Error('User not found'); } // requests 배열에서 deletedAt이 null인 항목만 필터링 - const activeRequests = user.requests.filter(request => request.deletedAt === null); + const activeRequests = user.requests.filter((request) => request.deletedAt === null); return activeRequests; - } catch (err) { console.error(err); } @@ -157,8 +156,8 @@ exports.getUserRequestsAll = async () => { const users = await User.find({}, { requests: 1, _id: 0 }); // 모든 유저의 requests 필드만 가져옴 const allRequests = []; - users.forEach(user => { - user.requests.forEach(request => { + users.forEach((user) => { + user.requests.forEach((request) => { if (request.deletedAt === null) { allRequests.push(request); } @@ -169,29 +168,29 @@ exports.getUserRequestsAll = async () => { } catch (err) { console.error(err); } -} +}; exports.deleteRequest = async (userId, requestWord) => { try { const user = await User.findById(userId).select('requests').exec(); if (!user) { - console.log("사용자를 찾을 수 없음"); + console.log('사용자를 찾을 수 없음'); throw new Error('User not found'); } - const request = user.requests.find(req => req.word === requestWord && req.deletedAt === null); + const request = user.requests.find((req) => req.word === requestWord && req.deletedAt === null); if (request) { - console.log("삭제할 요청 찾음:", request); + console.log('삭제할 요청 찾음:', request); request.deletedAt = Date.now(); // 요청을 삭제로 표시 await user.save(); - console.log("요청 삭제 성공"); + console.log('요청 삭제 성공'); } else { } } catch (err) { console.error(err); } -} +}; exports.getRole = async (userId) => { try { @@ -200,7 +199,7 @@ exports.getRole = async (userId) => { } catch (err) { console.error(err); } -} +}; exports.updateRequest = async (requestId, formData) => { try { @@ -209,7 +208,7 @@ exports.updateRequest = async (requestId, formData) => { throw new Error('User not found'); } - const request = user.requests.find(req => req._id.toString() === requestId && req.deletedAt === null); + const request = user.requests.find((req) => req._id.toString() === requestId && req.deletedAt === null); if (request) { // formData의 각 속성 값으로 request의 해당 속성 값 업데이트 if (formData.addInfo !== undefined) { @@ -236,7 +235,7 @@ exports.updateRequest = async (requestId, formData) => { exports.updateRequestState = async (userId, requestId, status) => { try { - console.log("updateRequestState 레포진입!!!!!!!!!!!!", userId, requestId, status) + console.log('updateRequestState 레포진입!!!!!!!!!!!!', userId, requestId, status); const user = await User.findOneAndUpdate( { 'requests._id': requestId }, { $set: { 'requests.$.status': status } }, @@ -248,7 +247,15 @@ exports.updateRequestState = async (userId, requestId, status) => { } else { console.log('Request status updated successfully'); } + } catch (err) { + console.error(err); + } +}; +exports.deleteUserById = async (_id) => { + try { + return await User.findByIdAndDelete(_id); } catch (err) { console.error(err); - }} \ No newline at end of file + } +}; diff --git a/src/routes/user/user.route.js b/src/routes/user/user.route.js index 9934f25..836d9a0 100644 --- a/src/routes/user/user.route.js +++ b/src/routes/user/user.route.js @@ -17,10 +17,13 @@ const { updateRequest, getRole, updateRequestState, + deleteUser, } = require('./user.controller'); -const { isLoggedIn, isNotLoggedIn, isUser } = require('../../common/utils/auth'); +const { isLoggedIn, isNotLoggedIn } = require('../../common/utils/auth'); const userRouter = express.Router(); +userRouter.delete('/', isLoggedIn, deleteUser); + // 회원가입 userRouter.post('/register', isNotLoggedIn, register); userRouter.get('/check/nickname', isNicknameExist); @@ -49,8 +52,7 @@ userRouter.get('/role', isLoggedIn, getRole); // 사용자 역할 가져오기 userRouter.delete('/requests/:word', isLoggedIn, deleteRequest); // 사용자 요청 삭제 userRouter.post('/requests/:requestId', isLoggedIn, updateRequest); // 사용자 요청 수정 - -//요청 상태 변경 +//요청 상태 변경 userRouter.post('/requests/:requestId/status', isLoggedIn, updateRequestState); // 사용자 요청 status 변경 module.exports = userRouter; diff --git a/src/routes/user/user.service.js b/src/routes/user/user.service.js index 53fb77e..970287b 100644 --- a/src/routes/user/user.service.js +++ b/src/routes/user/user.service.js @@ -76,14 +76,14 @@ exports.getRole = async (userId) => { }; exports.updateRequest = async (requestId, formData) => { - if(requestId) { + if (requestId) { await userRepository.updateRequest(requestId, formData); } }; exports.updateRequestState = async (userId, requestId, status, formData, requestType) => { if (userId) { - console.log("업데이트 서비스 진입!!!!!!!!!!!!", userId, requestId, status, formData, requestType) + console.log('업데이트 서비스 진입!!!!!!!!!!!!', userId, requestId, status, formData, requestType); await userRepository.updateRequestState(userId, requestId, status, formData); if (requestType === 'add') { await wordRepository.addWord(requestId, formData); @@ -92,8 +92,12 @@ exports.updateRequestState = async (userId, requestId, status, formData, request await wordRepository.updateWord(requestId, formData); await userRepository.updateRequest(requestId, formData); //수정값 사용자 요청 업데이트 } else { - console.log("requestType 오류") + console.log('requestType 오류'); return; } } }; + +exports.deleteUser = async (_id) => { + return await userRepository.deleteUserById(_id); +}; From d0940c73e4a54a1bcb343ab145d5483781e80925 Mon Sep 17 00:00:00 2001 From: jjikky Date: Wed, 10 Jul 2024 22:04:59 +0900 Subject: [PATCH 4/6] =?UTF-8?q?=E2=99=BB=EF=B8=8F=20qa=EB=95=8C=EB=AC=B8?= =?UTF-8?q?=EC=97=90=20limit=201000=EB=B2=88=EC=9C=BC=EB=A1=9C=20=EB=B3=80?= =?UTF-8?q?=EA=B2=BD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/common/utils/rateLimit.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/common/utils/rateLimit.js b/src/common/utils/rateLimit.js index 8721a08..b29fdf9 100644 --- a/src/common/utils/rateLimit.js +++ b/src/common/utils/rateLimit.js @@ -15,7 +15,7 @@ exports.postApiLimiter = rateLimit({ exports.commonLimiter = rateLimit({ windowMs: 60 * 1000, // 1분 간격 - max: 50, // windowMs동안 최대 호출 횟수 + max: 1000, // windowMs동안 최대 호출 횟수 handler(req, res) { // 제한 초과 시 콜백 함수 res.status(this.statusCode).json({ From 6a740bab3659f85340dcd3932a32074429f298e3 Mon Sep 17 00:00:00 2001 From: jjikky Date: Wed, 10 Jul 2024 22:49:45 +0900 Subject: [PATCH 5/6] =?UTF-8?q?=E2=99=BB=EF=B8=8F=20=EB=A1=9C=EA=B7=B8?= =?UTF-8?q?=EC=95=84=EC=9B=83=20=ED=86=A0=ED=81=B0=20=EC=98=B5=EC=85=98=20?= =?UTF-8?q?=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/routes/user/user.controller.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/routes/user/user.controller.js b/src/routes/user/user.controller.js index 1442794..914f691 100755 --- a/src/routes/user/user.controller.js +++ b/src/routes/user/user.controller.js @@ -186,7 +186,7 @@ exports.getProfile = (req, res) => { }; exports.logout = (_, res) => { - res.clearCookie('refreshToken'); + res.clearCookie('refreshToken', config.cookieInRefreshTokenOptions); return sendResponse.ok(res, { message: SuccessMessage.LOGOUT_SUCCESS, }); From fee34e98e2e99f090ae42e74a2fdb9bd51a75bba Mon Sep 17 00:00:00 2001 From: jjikky Date: Wed, 10 Jul 2024 22:58:46 +0900 Subject: [PATCH 6/6] =?UTF-8?q?=E2=99=BB=EF=B8=8F=EC=82=AD=EC=A0=9C?= =?UTF-8?q?=EC=BF=A0=ED=82=A4=20=EC=98=B5=EC=85=98=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/common/config/index.js | 13 ++++++++++++- src/routes/user/user.controller.js | 2 +- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/src/common/config/index.js b/src/common/config/index.js index 001afb8..2b62b6e 100644 --- a/src/common/config/index.js +++ b/src/common/config/index.js @@ -41,6 +41,13 @@ switch (process.env.NODE_ENV) { domain: '.murakano.site', secure: true, }; + conf.cookieInRefreshTokenDeleteOptions = { + httpOnly: true, + maxAge: 0, + sameSite: 'Lax', + domain: '.murakano.site', + secure: true, + }; conf.envMode = 'prod'; break; case 'development': @@ -54,7 +61,11 @@ switch (process.env.NODE_ENV) { maxAge: 12 * 60 * 60 * 1000, sameSite: 'Lax', }; - 1; + conf.cookieInRefreshTokenDeleteOptions = { + httpOnly: true, + maxAge: 0, + sameSite: 'Lax', + }; conf.envMode = 'dev'; break; default: diff --git a/src/routes/user/user.controller.js b/src/routes/user/user.controller.js index 914f691..f86eaa4 100755 --- a/src/routes/user/user.controller.js +++ b/src/routes/user/user.controller.js @@ -186,7 +186,7 @@ exports.getProfile = (req, res) => { }; exports.logout = (_, res) => { - res.clearCookie('refreshToken', config.cookieInRefreshTokenOptions); + res.clearCookie('refreshToken', config.cookieInRefreshTokenDeleteOptions); return sendResponse.ok(res, { message: SuccessMessage.LOGOUT_SUCCESS, });