Merge pull request #151 from SWU-Elixir/feat/136-social-login

feat: 구글/카카오/네이버 소셜 로그인 구현

Author: seoyeon83

src/main/java/BE_Elixir/Elixir/domain/auth/controller/AuthController.java

@@ -2,10 +2,13 @@
 
 import BE_Elixir.Elixir.domain.auth.controller.api.AuthApi;
 import BE_Elixir.Elixir.domain.auth.dto.AccessTokenDTO;
+import BE_Elixir.Elixir.domain.auth.dto.request.SocialLoginRequestDTO;
+import BE_Elixir.Elixir.domain.auth.dto.response.SocialLoginResponseDTO;
 import BE_Elixir.Elixir.domain.auth.service.AuthService;
 import BE_Elixir.Elixir.domain.auth.dto.response.TokenResponseDTO;
 import BE_Elixir.Elixir.domain.auth.dto.request.LoginRequestDTO;
 import BE_Elixir.Elixir.domain.member.entity.MemberDetails;
+import BE_Elixir.Elixir.global.enums.LoginType;
 import BE_Elixir.Elixir.global.redis.RedisAuthService;
 import BE_Elixir.Elixir.global.response.CommonResponse;
 import BE_Elixir.Elixir.global.security.JwtProvider;
@@ -29,7 +32,9 @@ public class AuthController implements AuthApi {
 
     // 로그인
     @PostMapping("/login")
-    public ResponseEntity<CommonResponse<TokenResponseDTO>> login(@RequestBody LoginRequestDTO request) {
+    public ResponseEntity<CommonResponse<TokenResponseDTO>> login(
+            @RequestBody LoginRequestDTO request
+    ) {
         log.info("로그인 요청 - email: {}", request.getEmail());
 
         TokenResponseDTO token = authService.signIn(request);
@@ -71,4 +76,19 @@ public ResponseEntity<CommonResponse<AccessTokenDTO>> refresh (
         return ResponseEntity.ok(CommonResponse.success(HttpStatus.OK.value(), HttpStatus.OK.toString(),
                 "Access Token 재발급 성공", token));
     }
+
+    // sns 소셜 로그인
+    @PostMapping(value="/oauth/{loginType}")
+    public ResponseEntity<CommonResponse<SocialLoginResponseDTO>> socialLogin(
+            @PathVariable(name="loginType") LoginType loginType,
+            @RequestBody SocialLoginRequestDTO request
+    ) {
+        log.info("소셜 로그인 요청 - type: {}", loginType);
+        SocialLoginResponseDTO response = authService.handleSocialLogin(loginType, request.getAccessToken());
+
+        log.info("소셜 로그인 성공");
+        return ResponseEntity.ok(CommonResponse.success(HttpStatus.OK.value(), HttpStatus.OK.toString(),
+                "소셜 로그인 성공", response));
+    }
+
 }

src/main/java/BE_Elixir/Elixir/domain/auth/controller/api/AuthApi.java

@@ -1,9 +1,12 @@
 package BE_Elixir.Elixir.domain.auth.controller.api;
 
 import BE_Elixir.Elixir.domain.auth.dto.AccessTokenDTO;
+import BE_Elixir.Elixir.domain.auth.dto.request.SocialLoginRequestDTO;
+import BE_Elixir.Elixir.domain.auth.dto.response.SocialLoginResponseDTO;
 import BE_Elixir.Elixir.domain.auth.dto.response.TokenResponseDTO;
 import BE_Elixir.Elixir.domain.auth.dto.request.LoginRequestDTO;
 import BE_Elixir.Elixir.domain.member.entity.MemberDetails;
+import BE_Elixir.Elixir.global.enums.LoginType;
 import BE_Elixir.Elixir.global.response.CommonResponse;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.media.Content;
@@ -16,29 +19,30 @@
 import jakarta.servlet.http.HttpServletRequest;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.core.annotation.AuthenticationPrincipal;
+import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestBody;
 
 
 @Tag(name = "Auth API", description = "회원 인증 관련 API")
 public interface AuthApi {
 
-    @Operation(summary = "로그인", description = "이메일과 비밀번호로 로그인합니다..")
+    @Operation(summary = "일반 로그인", description = "이메일과 비밀번호로 로그인합니다.")
     @ApiResponses({
-            @ApiResponse(responseCode = "200", description = "로그인 성공",
+            @ApiResponse(responseCode = "200", description = "일반 로그인 성공",
                     content = @Content(schema = @Schema(implementation = CommonResponse.class),
                             examples = @ExampleObject(value = """
                                     {
                                       "status": 200,
                                       "code": "200 OK",
-                                      "message": "로그인 성공",
+                                      "message": "일반 로그인 성공",
                                       "data": {
                                         "grantType": "bearer",
                                         "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
                                         "refreshToken": "dGhpc2lzYXJlZnJlc2h0b2tlbg=="
                                       }
                                     }
                                     """))),
-            @ApiResponse(responseCode = "401", description = "로그인 실패",
+            @ApiResponse(responseCode = "401", description = "일반 로그인 실패",
                     content = @Content(schema = @Schema(implementation = CommonResponse.class),
                             examples = @ExampleObject(value = """
                                     {
@@ -112,4 +116,36 @@ ResponseEntity<CommonResponse<AccessTokenDTO>> refresh (
             @AuthenticationPrincipal MemberDetails memberDetails,
             HttpServletRequest request
     );
+
+    @Operation(summary = "소셜 로그인", description = "구글, 네이버, 카카오를 이용해 소셜 로그인을 진행합니다.")
+    @ApiResponses({
+            @ApiResponse(responseCode = "200", description = "소셜 로그인 성공",
+                    content = @Content(schema = @Schema(implementation = CommonResponse.class),
+                            examples = @ExampleObject(value = """
+                                    {
+                                      "status": 200,
+                                      "code": "200 OK",
+                                      "message": "소셜 로그인 성공",
+                                      "data": {
+                                        "grantType": "bearer",
+                                        "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
+                                        "refreshToken": "dGhpc2lzYXJlZnJlc2h0b2tlbg=="
+                                      }
+                                    }
+                                    """))),
+            @ApiResponse(responseCode = "401", description = "소셜 로그인 실패",
+                    content = @Content(schema = @Schema(implementation = CommonResponse.class),
+                            examples = @ExampleObject(value = """
+                                    {
+                                      "status": 409,
+                                      "code": "409 CONFLICT",
+                                      "message": "이미 가입된 이메일입니다. 일반 로그인을 사용해주세요.",
+                                      "data": null
+                                    }
+                                    """)))
+    })
+    ResponseEntity<CommonResponse<SocialLoginResponseDTO>> socialLogin(
+            @PathVariable(name="loginType") LoginType loginType,
+            @RequestBody SocialLoginRequestDTO request
+    );
 }

src/main/java/BE_Elixir/Elixir/domain/auth/dto/request/SocialLoginRequestDTO.java

@@ -0,0 +1,12 @@
+package BE_Elixir.Elixir.domain.auth.dto.request;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+
+@Builder
+@Data
+@AllArgsConstructor
+public class SocialLoginRequestDTO {
+    private String accessToken;
+}

src/main/java/BE_Elixir/Elixir/domain/auth/dto/response/SocialLoginResponseDTO.java

@@ -0,0 +1,20 @@
+package BE_Elixir.Elixir.domain.auth.dto.response;
+
+import BE_Elixir.Elixir.domain.auth.dto.social.SocialUserInfo;
+import BE_Elixir.Elixir.global.enums.LoginType;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+
+@Builder
+@Data
+@AllArgsConstructor
+public class SocialLoginResponseDTO {
+    private boolean isRegistered;
+
+    private String accessToken;
+    private String refreshToken;
+
+    private LoginType loginType;
+    private SocialUserInfo socialUserInfo;
+}

src/main/java/BE_Elixir/Elixir/domain/auth/dto/social/GoogleUserInfoResponse.java

@@ -0,0 +1,17 @@
+package BE_Elixir.Elixir.domain.auth.dto.social;
+
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+
+@Getter
+@NoArgsConstructor
+public class GoogleUserInfoResponse {
+    private String id;
+    private String email;
+    private String verified_email;
+    private String name;
+    private String given_name;
+    private String family_name;
+    private String picture;
+    private String locale;
+}

src/main/java/BE_Elixir/Elixir/domain/auth/dto/social/KakaoUserInfoResponse.java

@@ -0,0 +1,25 @@
+package BE_Elixir.Elixir.domain.auth.dto.social;
+
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+
+@Getter
+@NoArgsConstructor
+public class KakaoUserInfoResponse {
+    private Long id;
+    private KakaoAccount kakao_account;
+
+    @Getter
+    @NoArgsConstructor
+    public static class KakaoAccount {
+        private String email;
+        private Profile profile;
+
+        @Getter
+        @NoArgsConstructor
+        public static class Profile {
+            private String nickname;
+            private String profile_image_url;
+        }
+    }
+}

src/main/java/BE_Elixir/Elixir/domain/auth/dto/social/NaverUserInfoResponse.java

@@ -0,0 +1,22 @@
+package BE_Elixir.Elixir.domain.auth.dto.social;
+
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+
+@Getter
+@NoArgsConstructor
+public class NaverUserInfoResponse {
+    private NaverResponse response;
+
+    @Getter
+    @NoArgsConstructor
+    public static class NaverResponse {
+        private String id;
+        private String email;
+        private String name;
+        private String nickname;
+        private String profile_image;
+        private String gender;
+        private String birthyear;
+    }
+}

src/main/java/BE_Elixir/Elixir/domain/auth/dto/social/SocialUserInfo.java

@@ -0,0 +1,19 @@
+package BE_Elixir.Elixir.domain.auth.dto.social;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+
+@Builder
+@Data
+@AllArgsConstructor
+public class SocialUserInfo {
+
+    private String email;
+    private String nickname;
+    private String gender;
+    private Integer birthYear;
+
+    private String profileImage; // ??
+
+}

src/main/java/BE_Elixir/Elixir/domain/auth/service/AuthService.java

@@ -2,6 +2,8 @@
 
 import BE_Elixir.Elixir.domain.achievement.service.MemberStatsService;
 import BE_Elixir.Elixir.domain.auth.dto.AccessTokenDTO;
+import BE_Elixir.Elixir.domain.auth.dto.social.SocialUserInfo;
+import BE_Elixir.Elixir.domain.auth.dto.response.SocialLoginResponseDTO;
 import BE_Elixir.Elixir.domain.auth.dto.response.TokenResponseDTO;
 import BE_Elixir.Elixir.domain.auth.dto.request.LoginRequestDTO;
 import BE_Elixir.Elixir.domain.challenge.event.events.LoginSuccessEvent;
@@ -10,6 +12,7 @@
 import BE_Elixir.Elixir.domain.member.repository.MemberRepository;
 import BE_Elixir.Elixir.domain.member.service.MemberDetailsService;
 import BE_Elixir.Elixir.global.enums.AchievementType;
+import BE_Elixir.Elixir.global.enums.LoginType;
 import BE_Elixir.Elixir.global.exception.CustomException;
 import BE_Elixir.Elixir.global.exception.ErrorCode;
 import BE_Elixir.Elixir.global.redis.RedisAuthService;
@@ -24,6 +27,8 @@
 import org.springframework.security.core.Authentication;
 import org.springframework.stereotype.Service;
 
+import java.util.Optional;
+
 
 @Service
 @RequiredArgsConstructor
@@ -35,13 +40,21 @@ public class AuthService {
     private final JwtProvider jwtProvider;
     private final RedisAuthService redisAuthService;
     private final MemberDetailsService memberDetailsService;
+    private final OauthClientFactory oauthClientFactory;
+    private final MemberRepository memberRepository;
     private final ApplicationEventPublisher eventPublisher;
     private final MemberStatsService memberStatsService;
-    private final MemberRepository memberRepository;
 
     // 로그인 (jwt 발급 및 Redis 저장)
     public TokenResponseDTO signIn(LoginRequestDTO request) {
         try {
+            // 일반 회원 검증
+            LoginType loginType = memberRepository.findLoginTypeByEmail(request.getEmail())
+                    .orElseThrow(() -> new CustomException(ErrorCode.MEMBER_NOT_FOUND));
+            if (loginType != LoginType.LOCAL) {
+                throw new CustomException(ErrorCode.EMAIL_REGISTERED_WITH_SOCIAL);
+            }
+
             // email + password 기반 authentication 객체 생성
             UsernamePasswordAuthenticationToken authenticationToken =
                     new UsernamePasswordAuthenticationToken(request.getEmail(), request.getPassword());
@@ -109,4 +122,55 @@ public AccessTokenDTO refreshAccessToken(String email, String refreshToken) {
 
         return jwtProvider.generateAccessToken(authentication);
     }
+
+    // 소셜 로그인
+    public SocialLoginResponseDTO handleSocialLogin(LoginType loginType, String accessToken) {
+        OauthClient client = oauthClientFactory.getClient(loginType);
+        SocialUserInfo userInfo = client.getUserInfo(accessToken);
+
+        Optional<Member> existing = memberRepository.findByEmail(userInfo.getEmail());
+
+        if (existing.isPresent()) {
+            // 이미 회원가입된 경우
+            Member member = existing.get();
+
+            // 로그인 타입 확인
+            // 이미 일반 로그인 계정이 존재하는 경우
+            if (member.getLoginType() == LoginType.LOCAL) {
+                throw new CustomException(ErrorCode.EMAIL_REGISTERED_WITH_LOCAL);
+            }
+            // 가입된 타입과 로그인한 타입이 동일하지 않은 경우
+            if (member.getLoginType() != client.getType()) {
+                throw new CustomException(ErrorCode.EMAIL_REGISTERED_WITH_ANOTHER_SOCIAL);
+            }
+
+            // Spring Security Authentication 객체 생성
+            MemberDetails memberDetails = memberDetailsService.loadUserByUsername(member.getEmail());
+            Authentication authentication = new UsernamePasswordAuthenticationToken(
+                    memberDetails, "", memberDetails.getAuthorities()
+            );
+
+            // JWT 생성
+            TokenResponseDTO tokenResponse = jwtProvider.generateToken(authentication);
+            String refreshToken = tokenResponse.getRefreshToken();
+
+            // Redis에 Refresh Token 저장
+            redisAuthService.saveRefreshToken(member.getEmail(), refreshToken);
+            log.info("[소셜 로그인] Refresh Token Redis에 저장: email={}, token={}", member.getEmail(), refreshToken);
+
+            return SocialLoginResponseDTO.builder()
+                    .isRegistered(true)
+                    .accessToken(tokenResponse.getAccessToken())
+                    .refreshToken(refreshToken)
+                    .build();
+
+        } else {
+            return SocialLoginResponseDTO.builder()
+                    .isRegistered(false)
+                    .loginType(loginType)
+                    .socialUserInfo(userInfo)
+                    .build();
+        }
+    }
+
 }