본인인증 : block 된 사용자 정보로 본인인증을 시도하는 경우

- 본인인증 시도 계정 탈퇴 처리
2023-11-09 16:29:23 +09:00 · 2023-11-09 16:29:23 +09:00 · e0e24be688
parent db3ac923e1
commit e0e24be688
4 changed files with 82 additions and 3 deletions
--- a/src/main/kotlin/kr/co/vividnext/sodalive/member/auth/AuthController.kt
+++ b/src/main/kotlin/kr/co/vividnext/sodalive/member/auth/AuthController.kt
@ -19,6 +19,6 @@ class AuthController(private val service: AuthService) {
    ) = run {
        if (member == null) throw SodaException("로그인 정보를 확인해주세요.")

-        ApiResponse.ok(service.verify(member, request))
+        ApiResponse.ok(service.verify(member.id!!, request))
    }
 }
--- a/src/main/kotlin/kr/co/vividnext/sodalive/member/auth/AuthService.kt
+++ b/src/main/kotlin/kr/co/vividnext/sodalive/member/auth/AuthService.kt
@ -4,7 +4,12 @@ import com.fasterxml.jackson.databind.ObjectMapper
 import kr.co.bootpay.Bootpay
 import kr.co.vividnext.sodalive.common.SodaException
 import kr.co.vividnext.sodalive.member.Member
+import kr.co.vividnext.sodalive.member.MemberRepository
+import kr.co.vividnext.sodalive.member.MemberService
+import kr.co.vividnext.sodalive.member.SignOut
+import kr.co.vividnext.sodalive.member.SignOutRepository
 import org.springframework.beans.factory.annotation.Value
+import org.springframework.data.repository.findByIdOrNull
 import org.springframework.stereotype.Service
 import org.springframework.transaction.annotation.Transactional
 import java.time.LocalDate
@ -14,17 +19,25 @@ import java.time.LocalDate
 class AuthService(
    private val repository: AuthRepository,
    private val objectMapper: ObjectMapper,
+    private val blockAuthRepository: BlockAuthRepository,
+
+    private val memberService: MemberService,
+    private val memberRepository: MemberRepository,
+    private val signOutRepository: SignOutRepository,

    @Value("\${bootpay.application-id}")
    private val bootpayApplicationId: String,
    @Value("\${bootpay.private-key}")
    private val bootpayPrivateKey: String
 ) {
+    private val blockMessage = "운영정책을 위반하여 이용을 제한합니다."
+
    @Transactional
-    fun verify(member: Member, request: AuthVerifyRequest) {
+    fun verify(memberId: Long, request: AuthVerifyRequest) {
+        val member = memberRepository.findByIdOrNull(memberId) ?: throw SodaException("로그인 정보를 확인해주세요.")
        val bootpay = Bootpay(bootpayApplicationId, bootpayPrivateKey)

-        val authId = repository.getAuthIdByMemberId(memberId = member.id!!)
+        val authId = repository.getAuthIdByMemberId(memberId = memberId)
        if (authId != null) throw SodaException("이미 인증된 계정입니다.")

        try {
@ -42,6 +55,12 @@ class AuthService(
                val certificate = certificateResult.authenticateData
                val nowYear = LocalDate.now().year
                val certificateYear = certificate.birth.substring(0, 4).toInt()
+
+                if (isBlockAuth(certificate)) {
+                    signOut(member)
+                    throw SodaException(blockMessage)
+                }
+
                if (nowYear - certificateYear >= 19) {
                    val memberIds = repository.getActiveMemberIdsByDi(di = certificate.di)
                    if (memberIds.size >= 3) {
@ -71,4 +90,18 @@ class AuthService(
            throw SodaException(e.message ?: "인증정보에 오류가 있습니다.\n다시 시도해 주세요.")
        }
    }
+
+    private fun isBlockAuth(certificate: AuthVerifyCertificate): Boolean {
+        val blockAuthId = blockAuthRepository.findByUniqueCiAndDi(certificate.unique, certificate.di)
+        return blockAuthId != null && blockAuthId > 0
+    }
+
+    private fun signOut(member: Member) {
+        memberService.logoutAll(memberId = member.id!!)
+        member.isActive = false
+
+        val signOut = SignOut(reason = blockMessage)
+        signOut.member = member
+        signOutRepository.save(signOut)
+    }
 }
--- a/src/main/kotlin/kr/co/vividnext/sodalive/member/auth/BlockAuth.kt
+++ b/src/main/kotlin/kr/co/vividnext/sodalive/member/auth/BlockAuth.kt
@ -0,0 +1,19 @@
+package kr.co.vividnext.sodalive.member.auth
+
+import kr.co.vividnext.sodalive.common.BaseEntity
+import javax.persistence.Column
+import javax.persistence.Entity
+
+@Entity
+data class BlockAuth(
+    @Column(nullable = false)
+    val name: String,
+    @Column(nullable = false)
+    val birth: String,
+    @Column(columnDefinition = "TEXT", nullable = false)
+    val uniqueCi: String,
+    @Column(columnDefinition = "TEXT", nullable = false)
+    val di: String,
+    @Column(nullable = false)
+    val gender: Int
+) : BaseEntity()
--- a/src/main/kotlin/kr/co/vividnext/sodalive/member/auth/BlockAuthRepository.kt
+++ b/src/main/kotlin/kr/co/vividnext/sodalive/member/auth/BlockAuthRepository.kt
@ -0,0 +1,27 @@
+package kr.co.vividnext.sodalive.member.auth
+
+import com.querydsl.jpa.impl.JPAQueryFactory
+import kr.co.vividnext.sodalive.member.auth.QBlockAuth.blockAuth
+import org.springframework.data.jpa.repository.JpaRepository
+import org.springframework.stereotype.Repository
+
+@Repository
+interface BlockAuthRepository : JpaRepository<BlockAuth, Long>, BlockAuthQueryRepository
+
+interface BlockAuthQueryRepository {
+    fun findByUniqueCiAndDi(uniqueCi: String, di: String): Long?
+}
+
+@Repository
+class BlockAuthQueryRepositoryImpl(private val queryFactory: JPAQueryFactory) : BlockAuthQueryRepository {
+    override fun findByUniqueCiAndDi(uniqueCi: String, di: String): Long? {
+        return queryFactory
+            .select(blockAuth.id)
+            .from(blockAuth)
+            .where(
+                blockAuth.uniqueCi.eq(uniqueCi)
+                    .and(blockAuth.di.eq(di))
+            )
+            .fetchFirst()
+    }
+}