Test/26 test user 도메인 테스트

src/main/java/com/sparta/spring_deep/_delivery/domain/user/controller/UserController.java

@@ -53,7 +53,7 @@ public ResponseEntity<?> signup(@Valid @RequestBody UserDto userDto,
     }
 
     @PostMapping("/users/logout")
-    public ResponseEntity<?> logout(@RequestHeader(value = "Authorization") String token) {
+    public ResponseEntity<?> logout(@RequestHeader(value = "Authorization", required = false) String token) {
         // 클라이언트쪽에서 JWT 토큰 무효화해야 함!
         if (token != null && token.startsWith("Bearer ")) {
             String jwtToken = token.substring(7);
@@ -62,7 +62,7 @@ public ResponseEntity<?> logout(@RequestHeader(value = "Authorization") String t
             return ResponseEntity.ok().body("You've been logged out successfully.");
         }
         logger.error("Invalid token for logout attempt: {}", token);
-        return ResponseEntity.status(HttpStatus.BAD_REQUEST).body("Invalid Token");
+        return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("Invalid Token");
     }
 
     @GetMapping("/users/me")
@@ -91,7 +91,15 @@ public ResponseEntity<?> updateUser(@PathVariable String username,
     @PreAuthorize("authentication.name == #username")
     @PutMapping("/users/{username}/password")
     public ResponseEntity<?> changePassword(@PathVariable String username,
-        @RequestBody PasswordChangeDto passwordChangeDto) {
+        @Valid @RequestBody PasswordChangeDto passwordChangeDto, BindingResult bindingResult) {
+
+        if (bindingResult.hasErrors()) {
+            FieldError fieldError = bindingResult.getFieldError();
+            String errorMsg = fieldError != null ? fieldError.getDefaultMessage() : "Invalid input";
+            logger.error("Sign up error: {}", errorMsg);
+            return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(errorMsg);
+        }
+
         userService.changePassword(username, passwordChangeDto);
         return ResponseEntity.ok("Password updated successfully");
     }

src/main/java/com/sparta/spring_deep/_delivery/domain/user/dto/LoginRequestDto.java

@@ -1,11 +1,20 @@
 package com.sparta.spring_deep._delivery.domain.user.dto;
 
+import jakarta.validation.constraints.NotBlank;
+import jakarta.validation.constraints.Pattern;
 import lombok.Getter;
 import lombok.Setter;
 
 @Setter
 @Getter
 public class LoginRequestDto {
+    @NotBlank(message = "사용자 아이디는 필수 입력값입니다.")
+    @Pattern(regexp = "^[a-z0-9]{4,10}$",
+        message = "사용자 아이디는 영문 소문자, 숫자만 사용하여 4~10자리여야 합니다.")
     private String username;
+
+    @NotBlank(message = "비밀번호는 필수 입력값입니다.")
+    @Pattern(regexp = "^(?=.*[a-z])(?=.*[A-Z])(?=.*\\d)(?=.*[@$!%*?&])[A-Za-z\\d@$!%*?&]{8,15}$",
+        message = "비밀번호는 8~15자리여야 하며, 영문 대소문자, 숫자, 특수문자를 포함해야 합니다.")
     private String password;
 }

src/main/java/com/sparta/spring_deep/_delivery/domain/user/dto/PasswordChangeDto.java

@@ -1,11 +1,20 @@
 package com.sparta.spring_deep._delivery.domain.user.dto;
 
+import jakarta.validation.constraints.NotBlank;
+import jakarta.validation.constraints.Pattern;
 import lombok.Getter;
 import lombok.Setter;
 
 @Getter
 @Setter
 public class PasswordChangeDto {
+    @NotBlank(message = "비밀번호는 필수 입력값입니다.")
+    @Pattern(regexp = "^(?=.*[a-z])(?=.*[A-Z])(?=.*\\d)(?=.*[@$!%*?&])[A-Za-z\\d@$!%*?&]{8,15}$",
+        message = "비밀번호는 8~15자리여야 하며, 영문 대소문자, 숫자, 특수문자를 포함해야 합니다.")
     private String oldPassword;
+
+    @NotBlank(message = "비밀번호는 필수 입력값입니다.")
+    @Pattern(regexp = "^(?=.*[a-z])(?=.*[A-Z])(?=.*\\d)(?=.*[@$!%*?&])[A-Za-z\\d@$!%*?&]{8,15}$",
+        message = "비밀번호는 8~15자리여야 하며, 영문 대소문자, 숫자, 특수문자를 포함해야 합니다.")
     private String newPassword;
 }

src/main/java/com/sparta/spring_deep/_delivery/domain/user/service/UserService.java

@@ -6,12 +6,14 @@
 import com.sparta.spring_deep._delivery.domain.user.jwt.JwtUtil;
 import com.sparta.spring_deep._delivery.domain.user.repository.UserRepository;
 import com.sparta.spring_deep._delivery.exception.DuplicateResourceException;
+import com.sparta.spring_deep._delivery.exception.GlobalExceptionHandler;
 import com.sparta.spring_deep._delivery.exception.OwnershipMismatchException;
 import com.sparta.spring_deep._delivery.exception.ResourceNotFoundException;
 import java.time.LocalDateTime;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Import;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Service;
@@ -93,14 +95,18 @@ public void deleteUser(String userName) {
         userRepository.save(user);
     }
 
-    public void changePassword(String userName, PasswordChangeDto passwordChangeDto) {
+    public User changePassword(String userName, PasswordChangeDto passwordChangeDto) {
+        if (passwordChangeDto.getOldPassword().equals(passwordChangeDto.getNewPassword())) {
+            throw new DuplicateResourceException("새 비밀번호는 이전 비밀번호와 달라야 합니다.");
+        }
+
         log.info("change password " + userName);
 
         User user = userRepository.findByUsernameAndIsDeletedFalse(userName)
             .orElseThrow(ResourceNotFoundException::new);
         user.setPassword(passwordEncoder.encode(passwordChangeDto.getNewPassword()));
         user.update(userName);
-        userRepository.save(user);
+        return userRepository.save(user);
     }
 
 }