Merge pull request #75 from UruruLab/feat/65-seller

판매자 회원가입 기능 구현 및 검증 로직 개선

Author: 1000hyehyang

src/main/java/com/ururulab/ururu/global/common/util/MaskingUtils.java

@@ -0,0 +1,58 @@
+package com.ururulab.ururu.global.common.util;
+
+import lombok.experimental.UtilityClass;
+
+/**
+ * 민감한 정보 마스킹을 위한 유틸리티 클래스
+ * 로그 출력 시 개인정보 보호를 위해 사용
+ */
+@UtilityClass
+public class MaskingUtils {
+
+    /**
+     * 이메일 마스킹
+     */
+    public static String maskEmail(final String email) {
+        if (email == null || email.length() <= 3) {
+            return "***";
+        }
+        final int atIndex = email.indexOf('@');
+        if (atIndex <= 1) {
+            return "***";
+        }
+        return email.substring(0, 1) + "***@" + email.substring(atIndex + 1);
+    }
+
+    /**
+     * 사업자등록번호 마스킹
+     */
+    public static String maskBusinessNumber(final String businessNumber) {
+        if (businessNumber == null || businessNumber.length() <= 7) {
+            return "***";
+        }
+        return businessNumber.substring(0, 3) + "****" + businessNumber.substring(7);
+    }
+
+    /**
+     * 전화번호 마스킹
+     */
+    public static String maskPhone(final String phone) {
+        if (phone == null || phone.length() <= 7) {
+            return "***";
+        }
+        return phone.substring(0, 3) + "****" + phone.substring(7);
+    }
+
+    /**
+     * 이름 마스킹
+     */
+    public static String maskName(final String name) {
+        if (name == null || name.length() <= 1) {
+            return "***";
+        }
+        if (name.length() == 2) {
+            return name.substring(0, 1) + "*";
+        }
+        return name.substring(0, 1) + "*" + name.substring(name.length() - 1);
+    }
+} 

src/main/java/com/ururulab/ururu/global/config/SecurityConfig.java

@@ -7,12 +7,22 @@
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.web.SecurityFilterChain;
 
 @Configuration
 @EnableWebSecurity
 public class SecurityConfig {
 
+    /**
+     * 비밀번호 암호화를 위한 PasswordEncoder 빈
+     */
+    @Bean
+    public PasswordEncoder passwordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
+
     /**
      * 개발 환경용 Security 설정
      * - 모든 요청 허용 (개발 편의성 우선)

src/main/java/com/ururulab/ururu/global/exception/GlobalExceptionHandler.java

@@ -12,6 +12,7 @@
 import io.jsonwebtoken.ExpiredJwtException;
 import io.jsonwebtoken.MalformedJwtException;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.dao.DataIntegrityViolationException;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.validation.FieldError;
@@ -100,6 +101,19 @@ public ResponseEntity<ApiResponseFormat<Void>> handleValidation(
                 .body(ApiResponseFormat.fail(errorMessage));
     }
 
+    /**
+     * DB 무결성 제약조건 위반 예외 처리.
+     */
+    @ExceptionHandler(DataIntegrityViolationException.class)
+    public ResponseEntity<ApiResponseFormat<Void>> handleDataIntegrityViolation(
+            final DataIntegrityViolationException exception
+    ) {
+        log.warn("Data integrity violation: {}", exception.getMessage());
+        return ResponseEntity
+                .status(HttpStatus.CONFLICT)
+                .body(ApiResponseFormat.fail("이미 사용 중인 정보입니다."));
+    }
+
     /**
      * IllegalArgumentException 처리.
      */

src/main/java/com/ururulab/ururu/seller/controller/SellerController.java

@@ -0,0 +1,104 @@
+package com.ururulab.ururu.seller.controller;
+
+import com.ururulab.ururu.global.common.dto.ApiResponseFormat;
+import com.ururulab.ururu.global.common.util.MaskingUtils;
+import com.ururulab.ururu.seller.domain.dto.request.SellerSignupRequest;
+import com.ururulab.ururu.seller.domain.dto.response.SellerAvailabilityResponse;
+import com.ururulab.ururu.seller.domain.dto.response.SellerResponse;
+import com.ururulab.ururu.seller.domain.dto.response.SellerSignupResponse;
+import com.ururulab.ururu.seller.service.SellerService;
+import jakarta.validation.Valid;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.*;
+
+@Slf4j
+@RestController
+@RequestMapping("/api/sellers")
+@RequiredArgsConstructor
+public class SellerController {
+
+    private final SellerService sellerService;
+
+    /**
+     * 판매자 회원가입
+     * @param request 판매자 회원가입 요청
+     * @return 회원가입 결과
+     */
+    @PostMapping("/signup")
+    public ResponseEntity<ApiResponseFormat<SellerSignupResponse>> signup(
+            @Valid @RequestBody final SellerSignupRequest request
+    ) {
+        final SellerSignupResponse response = sellerService.signup(request);
+        log.info("판매자 회원가입 API 호출 성공: ID={}", response.id());
+        
+        return ResponseEntity.status(HttpStatus.CREATED)
+                .body(ApiResponseFormat.success("판매자 회원가입이 완료되었습니다.", response));
+    }
+
+    /**
+     * 이메일 중복 체크
+     * @param email 체크할 이메일
+     * @return 가용성 결과
+     */
+    @GetMapping("/check/email")
+    public ResponseEntity<ApiResponseFormat<SellerAvailabilityResponse>> checkEmailAvailability(
+            @RequestParam final String email
+    ) {
+        final SellerAvailabilityResponse response = sellerService.checkEmailAvailability(email);
+        log.debug("이메일 중복 체크 API 호출: {}", MaskingUtils.maskEmail(email));
+        
+        return ResponseEntity.ok(
+                ApiResponseFormat.success("이메일 가용성 체크가 완료되었습니다.", response));
+    }
+
+    /**
+     * 사업자등록번호 중복 체크
+     * @param businessNumber 체크할 사업자등록번호
+     * @return 가용성 결과
+     */
+    @GetMapping("/check/business-number")
+    public ResponseEntity<ApiResponseFormat<SellerAvailabilityResponse>> checkBusinessNumberAvailability(
+            @RequestParam final String businessNumber
+    ) {
+        final SellerAvailabilityResponse response = sellerService.checkBusinessNumberAvailability(businessNumber);
+        log.debug("사업자등록번호 중복 체크 API 호출: {}", MaskingUtils.maskBusinessNumber(businessNumber));
+        
+        return ResponseEntity.ok(
+                ApiResponseFormat.success("사업자등록번호 가용성 체크가 완료되었습니다.", response));
+    }
+
+    /**
+     * 브랜드명 중복 체크
+     * @param name 체크할 브랜드명
+     * @return 가용성 결과
+     */
+    @GetMapping("/check/name")
+    public ResponseEntity<ApiResponseFormat<SellerAvailabilityResponse>> checkNameAvailability(
+            @RequestParam final String name
+    ) {
+        final SellerAvailabilityResponse response = sellerService.checkNameAvailability(name);
+        log.debug("브랜드명 중복 체크 API 호출: {}", name);
+        
+        return ResponseEntity.ok(
+                ApiResponseFormat.success("브랜드명 가용성 체크가 완료되었습니다.", response));
+    }
+
+    /**
+     * 판매자 프로필 조회
+     * @param sellerId 판매자 ID
+     * @return 판매자 정보
+     */
+    @GetMapping("/{sellerId}")
+    public ResponseEntity<ApiResponseFormat<SellerResponse>> getSellerProfile(
+            @PathVariable final Long sellerId
+    ) {
+        final SellerResponse response = sellerService.getSellerProfile(sellerId);
+        log.debug("판매자 프로필 조회 API 호출: ID={}", sellerId);
+        
+        return ResponseEntity.ok(
+                ApiResponseFormat.success("판매자 정보 조회가 완료되었습니다.", response));
+    }
+} 

…er/domain/dto/request/SellerRequest.java …ain/dto/request/SellerSignupRequest.javasrc/main/java/com/ururulab/ururu/seller/domain/dto/request/SellerRequest.java renamed to src/main/java/com/ururulab/ururu/seller/domain/dto/request/SellerSignupRequest.java src/main/java/com/ururulab/ururu/seller/domain/dto/request/SellerRequest.java renamed to src/main/java/com/ururulab/ururu/seller/domain/dto/request/SellerSignupRequest.java

@@ -5,7 +5,7 @@
 import com.ururulab.ururu.seller.domain.dto.validation.SellerValidationPatterns;
 import jakarta.validation.constraints.*;
 
-public record SellerRequest(
+public record SellerSignupRequest(
         @NotBlank(message = SellerValidationMessages.NAME_REQUIRED)
         @Size(max = SellerValidationConstants.NAME_MAX_LENGTH,
                 message = SellerValidationMessages.NAME_SIZE)
@@ -64,4 +64,4 @@ public record SellerRequest(
                 message = SellerValidationMessages.MAIL_ORDER_NUMBER_SIZE)
         String mailOrderNumber
 ) {
-}
+} 

src/main/java/com/ururulab/ururu/seller/domain/dto/response/SellerSignupResponse.java

@@ -0,0 +1,46 @@
+package com.ururulab.ururu.seller.domain.dto.response;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+import com.ururulab.ururu.seller.domain.entity.Seller;
+
+import java.time.ZonedDateTime;
+
+// 판매자 회원가입 응답 DTO
+public record SellerSignupResponse(
+        Long id,
+        String name,
+        @JsonProperty("business_name") String businessName,
+        @JsonProperty("owner_name") String ownerName,
+        @JsonProperty("business_number") String businessNumber,
+        String email,
+        String phone,
+        String image,
+        String address1,
+        String address2,
+        @JsonProperty("mail_order_number") String mailOrderNumber,
+        @JsonProperty("created_at") ZonedDateTime createdAt,
+        @JsonProperty("updated_at") ZonedDateTime updatedAt
+        // password 필드는 보안상 응답에서 제외 (민감한 인증 정보)
+) {
+    public static SellerSignupResponse of(final Seller seller) {
+        if (seller == null) {
+            throw new IllegalArgumentException("Seller는 필수입니다.");
+        }
+
+        return new SellerSignupResponse(
+                seller.getId(),
+                seller.getName(),
+                seller.getBusinessName(),
+                seller.getOwnerName(),
+                seller.getBusinessNumber(),
+                seller.getEmail(),
+                seller.getPhone(),
+                seller.getImage(),
+                seller.getAddress1(),
+                seller.getAddress2(),
+                seller.getMailOrderNumber(),
+                seller.getCreatedAt(),
+                seller.getUpdatedAt()
+        );
+    }
+} 

src/main/java/com/ururulab/ururu/seller/domain/dto/validation/SellerValidationMessages.java

@@ -27,6 +27,8 @@ public class SellerValidationMessages {
             SellerValidationConstants.EMAIL_MAX_LENGTH + "자 이하여야 합니다.";
 
     public static final String PASSWORD_REQUIRED = "비밀번호는 필수입니다.";
+    public static final String PASSWORD_SIZE = "비밀번호는 " +
+            SellerValidationConstants.PASSWORD_MAX_LENGTH + "자 이하여야 합니다.";
     public static final String PASSWORD_PATTERN = "비밀번호는 영문, 숫자, 특수문자를 포함하여 8자 이상이어야 합니다.";
 
     public static final String PHONE_REQUIRED = "전화번호는 필수입니다.";

src/main/java/com/ururulab/ururu/seller/domain/dto/validation/SellerValidationPatterns.java

@@ -7,4 +7,5 @@ public class SellerValidationPatterns {
     public static final String BUSINESS_NUMBER_PATTERN = "^[0-9]{10}$";
     public static final String PASSWORD_PATTERN = "^(?=.*[A-Za-z])(?=.*\\d)(?=.*[@$!%*#?&])[A-Za-z\\d@$!%*#?&]{8,}$";
     public static final String PHONE_PATTERN = "^[0-9]{10,11}$";
+    public static final String EMAIL_PATTERN = "^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$";
 }

src/main/java/com/ururulab/ururu/seller/domain/entity/Seller.java

@@ -90,10 +90,10 @@ public static Seller of(
         seller.businessNumber = businessNumber.trim();
         seller.email = email.trim();
         seller.password = password; // 암호화는 Service 레이어에서 처리
-        seller.phone = phone;
+        seller.phone = phone.trim();
         seller.image = image;
         seller.address1 = address1.trim();
-        seller.address2 = address2 != null ? address2.trim() : "";
+        seller.address2 = address2.trim();
         seller.mailOrderNumber = mailOrderNumber.trim();
         return seller;
     }
@@ -115,7 +115,7 @@ public void updateOwnerName(final String ownerName) {
 
     public void updatePhone(final String phone) {
         SellerPolicy.validatePhone(phone);
-        this.phone = phone;
+        this.phone = phone.trim();
     }
 
     public void updateImage(final String image) {

src/main/java/com/ururulab/ururu/seller/domain/policy/SellerPolicy.java

@@ -1,5 +1,6 @@
 package com.ururulab.ururu.seller.domain.policy;
 
+import com.ururulab.ururu.seller.domain.dto.validation.SellerValidationConstants;
 import com.ururulab.ururu.seller.domain.dto.validation.SellerValidationMessages;
 import com.ururulab.ururu.seller.domain.dto.validation.SellerValidationPatterns;
 import lombok.experimental.UtilityClass;
@@ -44,7 +45,10 @@ public static void validateEmail(String email) {
             throw new IllegalArgumentException(SellerValidationMessages.EMAIL_REQUIRED);
         }
 
-        if (!email.trim().contains("@")) {
+        // 이메일 정규화 (소문자 변환)
+        final String normalizedEmail = email.trim().toLowerCase();
+        
+        if (!normalizedEmail.matches(SellerValidationPatterns.EMAIL_PATTERN)) {
             throw new IllegalArgumentException(SellerValidationMessages.EMAIL_FORMAT);
         }
     }
@@ -54,6 +58,9 @@ public static void validatePassword(String password) {
         if (password == null || password.trim().isEmpty()) {
             throw new IllegalArgumentException(SellerValidationMessages.PASSWORD_REQUIRED);
         }
+        if (password.length() > SellerValidationConstants.PASSWORD_MAX_LENGTH) {
+            throw new IllegalArgumentException(SellerValidationMessages.PASSWORD_SIZE);
+        }
         if (!password.matches(SellerValidationPatterns.PASSWORD_PATTERN)) {
             throw new IllegalArgumentException(SellerValidationMessages.PASSWORD_PATTERN);
         }