[BE] 비밀번호 재설정 기능을 구현한다.

backend/bang-ggood/build.gradle

@@ -26,6 +26,7 @@ dependencies {
     implementation 'org.projectlombok:lombok'
     implementation 'com.mysql:mysql-connector-j'
     implementation 'com.opencsv:opencsv:5.9'
+    implementation 'org.springframework.boot:spring-boot-starter-mail'
 
     implementation 'io.jsonwebtoken:jjwt-api:0.11.2'
     implementation 'io.jsonwebtoken:jjwt-impl:0.11.2'

backend/bang-ggood/src/main/java/com/bang_ggood/auth/controller/AuthController.java

@@ -3,12 +3,16 @@
 import com.bang_ggood.auth.config.AuthRequiredPrincipal;
 import com.bang_ggood.auth.controller.cookie.CookieProvider;
 import com.bang_ggood.auth.controller.cookie.CookieResolver;
+import com.bang_ggood.auth.dto.request.ConfirmPasswordResetCodeRequest;
+import com.bang_ggood.auth.dto.request.ForgotPasswordRequest;
 import com.bang_ggood.auth.dto.request.LocalLoginRequestV1;
 import com.bang_ggood.auth.dto.request.OauthLoginRequest;
 import com.bang_ggood.auth.dto.request.RegisterRequestV1;
+import com.bang_ggood.auth.dto.request.ResetPasswordRequest;
 import com.bang_ggood.auth.dto.response.AuthTokenResponse;
 import com.bang_ggood.auth.dto.response.TokenExistResponse;
 import com.bang_ggood.auth.service.AuthService;
+import com.bang_ggood.auth.service.PasswordResetService;
 import com.bang_ggood.user.domain.User;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.validation.Valid;
@@ -28,6 +32,7 @@
 public class AuthController {
 
     private final AuthService authService;
+    private final PasswordResetService passwordResetService;
     private final CookieProvider cookieProvider;
     private final CookieResolver cookieResolver;
 
@@ -99,6 +104,25 @@ public ResponseEntity<Void> logout(@AuthRequiredPrincipal User user,
                 .build();
     }
 
+    @PostMapping("/v1/password-reset/send-code")
+    public ResponseEntity<Void> sendPasswordResetEmail(@Valid @RequestBody ForgotPasswordRequest request) {
+        passwordResetService.sendPasswordResetEmail(request);
+        return ResponseEntity.noContent().build();
+    }
+
+    @PostMapping("/v1/password-reset/confirm")
+    public ResponseEntity<Void> confirmPasswordResetCode(@Valid @RequestBody ConfirmPasswordResetCodeRequest request) {
+        passwordResetService.confirmPasswordResetCode(request);
+        return ResponseEntity.noContent().build();
+    }
+
+    @PostMapping("/v1/password-reset")
+    public ResponseEntity<Void> resetPassword(@Valid @RequestBody ResetPasswordRequest request) {
+        passwordResetService.resetPassword(request);
+        return ResponseEntity.noContent().build();
+    }
+
+
     @PostMapping("/accessToken/reissue")
     public ResponseEntity<Void> reissueAccessToken(HttpServletRequest httpServletRequest) {
         cookieResolver.checkLoginRequired(httpServletRequest);

backend/bang-ggood/src/main/java/com/bang_ggood/auth/domain/PasswordResetCode.java

@@ -0,0 +1,56 @@
+package com.bang_ggood.auth.domain;
+
+import com.bang_ggood.BaseEntity;
+import com.bang_ggood.user.domain.Email;
+import jakarta.persistence.Entity;
+import jakarta.persistence.GeneratedValue;
+import jakarta.persistence.GenerationType;
+import jakarta.persistence.Id;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import java.util.Objects;
+
+import static lombok.AccessLevel.PROTECTED;
+
+@Getter
+@NoArgsConstructor(access = PROTECTED)
+@Entity
+public class PasswordResetCode extends BaseEntity {
+
+    @Id
+    @GeneratedValue(strategy = GenerationType.IDENTITY)
+    private Long id;
+
+    private Email email;
+
+    private String code;
+
+    private boolean verified;
+
+    public PasswordResetCode(String email, String code) {
+        this.email = new Email(email);
+        this.code = code;
+        this.verified = false;
+    }
+
+    public void verify() {
+        verified = true;
+    }
+
+    @Override
+    public boolean equals(Object o) {
+        if (this == o) {
+            return true;
+        }
+        if (o == null || getClass() != o.getClass()) {
+            return false;
+        }
+        PasswordResetCode that = (PasswordResetCode) o;
+        return Objects.equals(id, that.id);
+    }
+
+    @Override
+    public int hashCode() {
+        return Objects.hashCode(id);
+    }
+}

backend/bang-ggood/src/main/java/com/bang_ggood/auth/dto/request/ConfirmPasswordResetCodeRequest.java

@@ -0,0 +1,7 @@
+package com.bang_ggood.auth.dto.request;
+
+import jakarta.validation.constraints.Email;
+
+public record ConfirmPasswordResetCodeRequest(@Email(message = "유효하지 않은 이메일 형식입니다.") String email,
+                                              String code) {
+}

backend/bang-ggood/src/main/java/com/bang_ggood/auth/dto/request/ForgotPasswordRequest.java

@@ -0,0 +1,6 @@
+package com.bang_ggood.auth.dto.request;
+
+import jakarta.validation.constraints.Email;
+
+public record ForgotPasswordRequest(@Email(message = "유효하지 않은 이메일 형식입니다.") String email) {
+}

backend/bang-ggood/src/main/java/com/bang_ggood/auth/dto/request/ResetPasswordRequest.java

@@ -0,0 +1,7 @@
+package com.bang_ggood.auth.dto.request;
+
+import jakarta.validation.constraints.Email;
+
+public record ResetPasswordRequest(@Email(message = "유효하지 않은 이메일 형식입니다.") String email,
+                                   String code, String newPassword) {
+}

backend/bang-ggood/src/main/java/com/bang_ggood/auth/repository/PasswordResetCodeRepository.java

@@ -0,0 +1,37 @@
+package com.bang_ggood.auth.repository;
+
+import com.bang_ggood.auth.domain.PasswordResetCode;
+import com.bang_ggood.global.exception.BangggoodException;
+import com.bang_ggood.global.exception.ExceptionCode;
+import com.bang_ggood.user.domain.Email;
+import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.data.jpa.repository.Query;
+import org.springframework.data.repository.query.Param;
+import java.time.LocalDateTime;
+import java.util.Optional;
+
+public interface PasswordResetCodeRepository extends JpaRepository<PasswordResetCode, Long> {
+
+    boolean existsByEmailAndCodeAndVerifiedTrue(Email email, String code);
+
+    @Query("SELECT p FROM PasswordResetCode p " +
+            "WHERE p.email = :email " +
+            "AND p.code = :code " +
+            "AND p.createdAt >= :timeLimit")
+    Optional<PasswordResetCode> findByEmailAndCodeAndCreatedAtAfter(@Param("email") Email email,
+                                                                    @Param("code") String code,
+                                                                    @Param("timeLimit") LocalDateTime timeLimit);
+
+    default PasswordResetCode getByEmailAndCodeAndCreatedAtAfter(@Param("email") Email email,
+                                                                 @Param("code") String code,
+                                                                 @Param("timeLimit") LocalDateTime timeLimit) {
+        return findByEmailAndCodeAndCreatedAtAfter(email, code, timeLimit)
+                .orElseThrow(() -> new BangggoodException(ExceptionCode.AUTHENTICATION_PASSWORD_CODE_NOT_FOUND));
+    }
+
+    long countByEmail(Email email);
+
+    void deleteByEmailAndCode(Email email, String code);
+
+    void deleteByEmail(Email email);
+}

backend/bang-ggood/src/main/java/com/bang_ggood/auth/service/AuthService.java

@@ -17,8 +17,6 @@
 import com.bang_ggood.user.domain.UserType;
 import com.bang_ggood.user.repository.UserRepository;
 import lombok.RequiredArgsConstructor;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 import java.util.List;
@@ -27,7 +25,6 @@
 @Service
 public class AuthService {
 
-    private static final Logger log = LoggerFactory.getLogger(AuthService.class);
     private static final int GUEST_USER_LIMIT = 1;
 
     private final OauthClient oauthClient;

backend/bang-ggood/src/main/java/com/bang_ggood/auth/service/MailSender.java

@@ -0,0 +1,39 @@
+package com.bang_ggood.auth.service;
+
+import com.bang_ggood.global.exception.BangggoodException;
+import com.bang_ggood.global.exception.ExceptionCode;
+import jakarta.mail.MessagingException;
+import jakarta.mail.internet.MimeMessage;
+import lombok.RequiredArgsConstructor;
+import org.springframework.mail.javamail.JavaMailSender;
+import org.springframework.mail.javamail.MimeMessageHelper;
+import org.springframework.stereotype.Component;
+
+@RequiredArgsConstructor
+@Component
+public class MailSender {
+
+    private static final String FIND_PASSWORD_MAIL_SUBJECT = "방끗 비밀번호 찾기";
+
+    private final JavaMailSender javaMailSender;
+
+    public String sendPasswordResetEmail(String email) {
+        MimeMessage mimeMessage = javaMailSender.createMimeMessage();
+        try {
+            MimeMessageHelper mimeMessageHelper = new MimeMessageHelper(mimeMessage, false, "UTF-8");
+            String code = generatePasswordResetCode();
+            mimeMessageHelper.setTo(email);
+            mimeMessageHelper.setSubject(FIND_PASSWORD_MAIL_SUBJECT);
+            mimeMessageHelper.setText(code);
+            javaMailSender.send(mimeMessage);
+            return code;
+        } catch (MessagingException e) {
+            throw new BangggoodException(ExceptionCode.MAIL_SEND_ERROR);
+        }
+    }
+
+    private String generatePasswordResetCode() {
+        int code = (int) (Math.random() * 1000000);
+        return String.format("%06d", code);
+    }
+}

backend/bang-ggood/src/main/java/com/bang_ggood/auth/service/PasswordResetService.java

@@ -0,0 +1,57 @@
+package com.bang_ggood.auth.service;
+
+import com.bang_ggood.auth.domain.PasswordResetCode;
+import com.bang_ggood.auth.dto.request.ConfirmPasswordResetCodeRequest;
+import com.bang_ggood.auth.dto.request.ForgotPasswordRequest;
+import com.bang_ggood.auth.dto.request.ResetPasswordRequest;
+import com.bang_ggood.auth.repository.PasswordResetCodeRepository;
+import com.bang_ggood.global.exception.BangggoodException;
+import com.bang_ggood.global.exception.ExceptionCode;
+import com.bang_ggood.user.domain.Email;
+import com.bang_ggood.user.domain.LoginType;
+import com.bang_ggood.user.domain.Password;
+import com.bang_ggood.user.repository.UserRepository;
+import lombok.RequiredArgsConstructor;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+import java.time.Clock;
+import java.time.LocalDateTime;
+
+@RequiredArgsConstructor
+@Service
+public class PasswordResetService {
+
+    private static final int PASSWORD_RESET_CODE_EXPIRED_MINUTES = 5;
+
+    private final MailSender mailSender;
+    private final PasswordResetCodeRepository passwordResetCodeRepository;
+    private final Clock clock;
+    private final UserRepository userRepository;
+
+    public void sendPasswordResetEmail(ForgotPasswordRequest request) {
+        String code = mailSender.sendPasswordResetEmail(request.email());
+        passwordResetCodeRepository.deleteByEmail(new Email(request.email()));
+        passwordResetCodeRepository.save(new PasswordResetCode(request.email(), code));
+    }
+
+    @Transactional
+    public void confirmPasswordResetCode(ConfirmPasswordResetCodeRequest request) {
+        LocalDateTime timeLimit = LocalDateTime.now(clock).minusMinutes(PASSWORD_RESET_CODE_EXPIRED_MINUTES);
+        PasswordResetCode passwordResetCode = passwordResetCodeRepository.getByEmailAndCodeAndCreatedAtAfter(
+                new Email(request.email()), request.code(), timeLimit);
+        passwordResetCode.verify();
+    }
+
+    @Transactional
+    public void resetPassword(ResetPasswordRequest request) {
+        Email email = new Email(request.email());
+        String code = request.code();
+        if (!passwordResetCodeRepository.existsByEmailAndCodeAndVerifiedTrue(email, code)) {
+            throw new BangggoodException(ExceptionCode.AUTHENTICATION_PASSWORD_CODE_NOT_FOUND);
+        }
+
+        userRepository.updatePasswordByEmail(
+                new Email(request.email()), new Password(request.newPassword()), LoginType.LOCAL);
+        passwordResetCodeRepository.deleteByEmailAndCode(email, code);
+    }
+}

backend/bang-ggood/src/main/java/com/bang_ggood/global/config/MailConfig.java

@@ -0,0 +1,58 @@
+package com.bang_ggood.global.config;
+
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.mail.javamail.JavaMailSender;
+import org.springframework.mail.javamail.JavaMailSenderImpl;
+import java.util.Properties;
+
+@Configuration
+public class MailConfig {
+
+    private static final String MAIL_TRANSPORT_PROTOCOL = "mail.transport.protocol";
+    private static final String MAIL_SMTP_AUTH = "mail.smtp.auth";
+    private static final String MAIL_SMTP_STARTTLS_ENABLE = "mail.smtp.starttls.enable";
+    private static final String MAIL_DEBUG = "mail.debug";
+
+    @Value("${spring.mail.host}")
+    private String host;
+
+    @Value("${spring.mail.username}")
+    private String username;
+
+    @Value("${spring.mail.password}")
+    private String password;
+
+    @Value("${spring.mail.port}")
+    private int port;
+
+    @Value("${spring.mail.properties.mail.transport.protocol}")
+    private String protocol;
+
+    @Value("${spring.mail.properties.mail.smtp.auth}")
+    private boolean auth;
+
+    @Value("${spring.mail.properties.mail.starttls.enable}")
+    private boolean enable;
+
+    @Value("${spring.mail.properties.mail.smtp.debug}")
+    private boolean debug;
+
+    @Bean
+    public JavaMailSender getJavaMailSender() {
+        JavaMailSenderImpl mailSender = new JavaMailSenderImpl();
+        mailSender.setHost(host);
+        mailSender.setPort(port);
+        mailSender.setUsername(username);
+        mailSender.setPassword(password);
+
+        Properties props = mailSender.getJavaMailProperties();
+        props.put(MAIL_TRANSPORT_PROTOCOL, protocol);
+        props.put(MAIL_SMTP_AUTH, auth);
+        props.put(MAIL_SMTP_STARTTLS_ENABLE, enable);
+        props.put(MAIL_DEBUG, debug);
+
+        return mailSender;
+    }
+}

backend/bang-ggood/src/main/java/com/bang_ggood/global/config/TimeConfig.java

@@ -0,0 +1,14 @@
+package com.bang_ggood.global.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import java.time.Clock;
+
+@Configuration
+public class TimeConfig {
+
+    @Bean
+    public Clock clock() {
+        return Clock.systemDefaultZone();
+    }
+}

backend/bang-ggood/src/main/java/com/bang_ggood/global/exception/ClientExceptionCode.java

@@ -6,6 +6,7 @@ public enum ClientExceptionCode {
     AUTH_ACCESS_TOKEN_EMPTY,
     AUTH_TOKEN_EMPTY,
     AUTH_TOKEN_INVALID,
+    AUTH_PASSWORD_CODE_NOT_FOUND,
     CHECKLIST_ERROR,
     CHECKLIST_NOT_FOUND,
     CHECKLIST_SERVER_ERROR,
@@ -21,6 +22,7 @@ public enum ClientExceptionCode {
     USER_NOT_FOUND,
     LOGIN_ERROR,
     INVALID_PARAMETER,
+    MAIL_SEND_ERROR,
 
     // TODO: 임의 사용 지워질 코드
     AUTH_TOKEN_NOT_OWNED_BY_USER,