채팅 메시지 조회 API 추가

.github/ISSUE_TEMPLATE/bug-report.yml

@@ -0,0 +1,47 @@
+name: "\U0001F41E Bug Report"
+description: "버그를 제보하고 싶으신가요?"
+labels: "\U0001F41E Bug"
+body:
+  - type: textarea
+    attributes:
+      label: 🐞 설명
+      description: 버그에 대한 설명을 작성해 주세요.
+      placeholder: 자세히 적을수록 좋습니다!
+    validations:
+      required: false
+  - type: textarea
+    attributes:
+      label: 📄 기대한 동작
+      description: 기대한 동작에 대해 작성해주세요.
+      placeholder: 자세히 적을수록 좋습니다!
+    validations:
+      required: false
+  - type: textarea
+    attributes:
+      label: 📄 실제 동작
+      description: 실제로 동작한 내용에 대해 작성해주세요.
+      placeholder: 자세히 적을수록 좋습니다!
+    validations:
+      required: false
+  - type: textarea
+    attributes:
+      label: 🙋🏻 재현 방법
+      description: 버그를 재현할 수 있는 방법을 알고 계신다면 작성해주세요.
+      placeholder: 자세히 적을수록 좋습니다!
+    validations:
+      required: false
+  - type: textarea
+    attributes:
+      label: 🌏 버그 발생 환경
+      description: 버그가 발생한 환경에 대해 작성해 주세요.
+      placeholder: |
+        OS: macOS
+    validations:
+      required: false
+  - type: textarea
+    attributes:
+      label: 📄 비고
+      description: 추가적인 정보를 입력해주세요.
+      placeholder: 단순히 느낀 점, 하고 싶으신 말씀 등 아무 내용이나 상관 없습니다!
+    validations:
+      required: false

.github/ISSUE_TEMPLATE/bug.yml

@@ -1,5 +1,5 @@
 name: "\U0001F41E Bug"
-description: "버그가 발생했나요?"
+description: "개발 도중 버그가 발생했나요?"
 labels: "\U0001F41E Bug"
 body:
   - type: textarea

backend/ddang/src/main/java/com/ddang/ddang/auction/application/AuctionService.java

@@ -122,6 +122,6 @@ public void deleteByAuctionId(final Long auctionId, final Long userId) {
 
     private User findUser(final Long userId) {
         return userRepository.findById(userId)
-                                        .orElseThrow(() -> new UserNotFoundException("회원 정보를 찾을 수 없습니다."));
+                             .orElseThrow(() -> new UserNotFoundException("회원 정보를 찾을 수 없습니다."));
     }
 }

backend/ddang/src/main/java/com/ddang/ddang/auction/presentation/AuctionController.java

@@ -12,8 +12,6 @@
 import com.ddang.ddang.authentication.configuration.AuthenticateUser;
 import com.ddang.ddang.authentication.domain.dto.AuthenticationUserInfo;
 import jakarta.validation.Valid;
-import java.net.URI;
-import java.util.List;
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.DeleteMapping;
@@ -27,6 +25,9 @@
 import org.springframework.web.multipart.MultipartFile;
 import org.springframework.web.servlet.support.ServletUriComponentsBuilder;
 
+import java.net.URI;
+import java.util.List;
+
 @RestController
 @RequestMapping("/auctions")
 @RequiredArgsConstructor

backend/ddang/src/main/java/com/ddang/ddang/authentication/application/BlackListTokenService.java

@@ -0,0 +1,55 @@
+package com.ddang.ddang.authentication.application;
+
+import com.ddang.ddang.authentication.domain.BlackListToken;
+import com.ddang.ddang.authentication.domain.TokenDecoder;
+import com.ddang.ddang.authentication.domain.TokenType;
+import com.ddang.ddang.authentication.domain.exception.EmptyTokenException;
+import com.ddang.ddang.authentication.infrastructure.persistence.JpaBlackListTokenRepository;
+import java.util.ArrayList;
+import java.util.List;
+import lombok.RequiredArgsConstructor;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
+@Service
+@RequiredArgsConstructor
+@Transactional(readOnly = true)
+public class BlackListTokenService {
+
+    private final JpaBlackListTokenRepository blackListTokenRepository;
+    private final TokenDecoder tokenDecoder;
+
+    @Transactional
+    public void registerBlackListToken(final String accessToken, final String refreshToken) {
+        validateEmptyToken(accessToken, refreshToken);
+
+        final List<BlackListToken> blackListTokens = new ArrayList<>();
+
+        if (isValidToken(TokenType.ACCESS, accessToken)) {
+            blackListTokens.add(new BlackListToken(TokenType.ACCESS, accessToken));
+        }
+        if (isValidToken(TokenType.REFRESH, refreshToken)) {
+            blackListTokens.add(new BlackListToken(TokenType.REFRESH, refreshToken));
+        }
+
+        blackListTokenRepository.saveAll(blackListTokens);
+    }
+
+    private void validateEmptyToken(final String accessToken, final String refreshToken) {
+        if (isEmptyToken(accessToken) || isEmptyToken(refreshToken)) {
+            throw new EmptyTokenException("비어있는 토큰입니다.");
+        }
+    }
+
+    private boolean isValidToken(final TokenType tokenType, final String targetToken) {
+        return tokenDecoder.decode(tokenType, targetToken).isPresent();
+    }
+
+    private boolean isEmptyToken(final String targetToken) {
+        return targetToken == null || targetToken.isBlank();
+    }
+
+    public boolean existsBlackListToken(final TokenType tokenType, final String targetToken) {
+        return blackListTokenRepository.existsByTokenTypeAndToken(tokenType, targetToken);
+    }
+}

backend/ddang/src/main/java/com/ddang/ddang/authentication/configuration/AuthenticationInterceptor.java

@@ -1,5 +1,6 @@
 package com.ddang.ddang.authentication.configuration;
 
+import com.ddang.ddang.authentication.application.BlackListTokenService;
 import com.ddang.ddang.authentication.infrastructure.jwt.PrivateClaims;
 import com.ddang.ddang.authentication.domain.TokenDecoder;
 import com.ddang.ddang.authentication.domain.TokenType;
@@ -17,6 +18,7 @@
 @RequiredArgsConstructor
 public class AuthenticationInterceptor implements HandlerInterceptor {
 
+    private final BlackListTokenService blackListTokenService;
     private final TokenDecoder tokenDecoder;
     private final AuthenticationStore store;
 
@@ -26,16 +28,19 @@ public boolean preHandle(
             final HttpServletResponse response,
             final Object handler
     ) {
-        final String token = request.getHeader(HttpHeaders.AUTHORIZATION);
+        final String accessToken = request.getHeader(HttpHeaders.AUTHORIZATION);
 
-        if (isNotRequiredAuthenticate(token)) {
+        if (isNotRequiredAuthenticate(accessToken)) {
             store.set(new AuthenticationUserInfo(null));
             return true;
         }
 
-        final PrivateClaims privateClaims = tokenDecoder.decode(TokenType.ACCESS, token)
+        validateLogoutToken(accessToken);
+
+        final PrivateClaims privateClaims = tokenDecoder.decode(TokenType.ACCESS, accessToken)
                                                         .orElseThrow(() ->
-                                                                new InvalidTokenException("유효한 토큰이 아닙니다."));
+                                                                new InvalidTokenException("유효한 토큰이 아닙니다.")
+                                                        );
 
         store.set(new AuthenticationUserInfo(privateClaims.userId()));
         return true;
@@ -45,6 +50,12 @@ private boolean isNotRequiredAuthenticate(final String token) {
         return token == null || token.length() == 0;
     }
 
+    private void validateLogoutToken(final String accessToken) {
+        if (blackListTokenService.existsBlackListToken(TokenType.ACCESS, accessToken)) {
+            throw new InvalidTokenException("유효한 토큰이 아닙니다.");
+        }
+    }
+
     @Override
     public void afterCompletion(
             final HttpServletRequest request,

backend/ddang/src/main/java/com/ddang/ddang/authentication/domain/BlackListToken.java

@@ -0,0 +1,46 @@
+package com.ddang.ddang.authentication.domain;
+
+import com.ddang.ddang.authentication.domain.exception.EmptyTokenException;
+import jakarta.persistence.Column;
+import jakarta.persistence.Entity;
+import jakarta.persistence.EnumType;
+import jakarta.persistence.Enumerated;
+import jakarta.persistence.GeneratedValue;
+import jakarta.persistence.GenerationType;
+import jakarta.persistence.Id;
+import lombok.AccessLevel;
+import lombok.EqualsAndHashCode;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.ToString;
+
+@Entity
+@NoArgsConstructor(access = AccessLevel.PROTECTED)
+@Getter
+@EqualsAndHashCode(of = "id")
+@ToString(of = {"id", "tokenType", "token"})
+public class BlackListToken {
+
+    @Id
+    @GeneratedValue(strategy = GenerationType.IDENTITY)
+    private Long id;
+
+    @Enumerated(EnumType.STRING)
+    private TokenType tokenType;
+
+    @Column(length = 200, nullable = false)
+    private String token;
+
+    public BlackListToken(final TokenType tokenType, final String token) {
+        validateToken(token);
+
+        this.tokenType = tokenType;
+        this.token = token;
+    }
+
+    private void validateToken(final String targetToken) {
+        if (targetToken == null || targetToken.isBlank()) {
+            throw new EmptyTokenException("비어있는 토큰입니다.");
+        }
+    }
+}

backend/ddang/src/main/java/com/ddang/ddang/authentication/domain/exception/EmptyTokenException.java

@@ -0,0 +1,8 @@
+package com.ddang.ddang.authentication.domain.exception;
+
+public class EmptyTokenException extends IllegalArgumentException {
+
+    public EmptyTokenException(final String message) {
+        super(message);
+    }
+}

backend/ddang/src/main/java/com/ddang/ddang/authentication/infrastructure/persistence/JpaBlackListTokenRepository.java

@@ -0,0 +1,10 @@
+package com.ddang.ddang.authentication.infrastructure.persistence;
+
+import com.ddang.ddang.authentication.domain.BlackListToken;
+import com.ddang.ddang.authentication.domain.TokenType;
+import org.springframework.data.jpa.repository.JpaRepository;
+
+public interface JpaBlackListTokenRepository extends JpaRepository<BlackListToken, Long> {
+
+    boolean existsByTokenTypeAndToken(final TokenType tokenType, final String accessToken);
+}

backend/ddang/src/main/java/com/ddang/ddang/authentication/presentation/AuthenticationController.java

@@ -1,12 +1,15 @@
 package com.ddang.ddang.authentication.presentation;
 
 import com.ddang.ddang.authentication.application.AuthenticationService;
+import com.ddang.ddang.authentication.application.BlackListTokenService;
 import com.ddang.ddang.authentication.application.dto.TokenDto;
 import com.ddang.ddang.authentication.infrastructure.oauth2.Oauth2Type;
 import com.ddang.ddang.authentication.presentation.dto.request.AccessTokenRequest;
+import com.ddang.ddang.authentication.presentation.dto.request.LogoutRequest;
 import com.ddang.ddang.authentication.presentation.dto.request.RefreshTokenRequest;
 import com.ddang.ddang.authentication.presentation.dto.response.TokenResponse;
 import com.ddang.ddang.authentication.presentation.dto.response.ValidatedTokenResponse;
+import jakarta.validation.Valid;
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.ResponseEntity;
@@ -24,6 +27,7 @@
 public class AuthenticationController {
 
     private final AuthenticationService authenticationService;
+    private final BlackListTokenService blackListTokenService;
 
     @PostMapping("/login/{oauth2Type}")
     public ResponseEntity<Object> validate(
@@ -50,4 +54,15 @@ public ResponseEntity<ValidatedTokenResponse> validateToken(
 
         return ResponseEntity.ok(new ValidatedTokenResponse(validated));
     }
+
+    @PostMapping("/logout")
+    public ResponseEntity<Void> logout(
+            @RequestHeader(HttpHeaders.AUTHORIZATION) final String accessToken,
+            @RequestBody @Valid final LogoutRequest request
+    ) {
+        blackListTokenService.registerBlackListToken(accessToken, request.refreshToken());
+
+        return ResponseEntity.noContent()
+                             .build();
+    }
 }

backend/ddang/src/main/java/com/ddang/ddang/authentication/presentation/dto/request/LogoutRequest.java

@@ -0,0 +1,6 @@
+package com.ddang.ddang.authentication.presentation.dto.request;
+
+import jakarta.validation.constraints.NotEmpty;
+
+public record LogoutRequest(@NotEmpty(message = "refreshToken을 입력해주세요.") String refreshToken) {
+}

backend/ddang/src/main/java/com/ddang/ddang/bid/application/BidService.java

@@ -4,15 +4,14 @@
 import com.ddang.ddang.auction.domain.Auction;
 import com.ddang.ddang.auction.infrastructure.persistence.JpaAuctionRepository;
 import com.ddang.ddang.bid.application.dto.CreateBidDto;
-import com.ddang.ddang.bid.application.dto.LoginUserDto;
 import com.ddang.ddang.bid.application.dto.ReadBidDto;
 import com.ddang.ddang.bid.application.exception.InvalidAuctionToBidException;
 import com.ddang.ddang.bid.application.exception.InvalidBidPriceException;
 import com.ddang.ddang.bid.application.exception.InvalidBidderException;
-import com.ddang.ddang.user.application.exception.UserNotFoundException;
 import com.ddang.ddang.bid.domain.Bid;
 import com.ddang.ddang.bid.domain.BidPrice;
 import com.ddang.ddang.bid.infrastructure.persistence.JpaBidRepository;
+import com.ddang.ddang.user.application.exception.UserNotFoundException;
 import com.ddang.ddang.user.domain.User;
 import com.ddang.ddang.user.infrastructure.persistence.JpaUserRepository;
 import lombok.RequiredArgsConstructor;
@@ -32,9 +31,8 @@ public class BidService {
     private final JpaBidRepository bidRepository;
 
     @Transactional
-    public Long create(final LoginUserDto userDto, final CreateBidDto bidDto) {
-        // TODO: 2023/07/28 추후 User 패키지 내에 UserNotFoundException이 생긴다면 해당 예외를 사용하도록 수정 하겠습니다.
-        final User bidder = userRepository.findById(userDto.usedId())
+    public Long create(final CreateBidDto bidDto) {
+        final User bidder = userRepository.findById(bidDto.userId())
                                           .orElseThrow(() -> new UserNotFoundException("해당 사용자를 찾을 수 없습니다."));
         final Auction auction = auctionRepository.findById(bidDto.auctionId())
                                                  .orElseThrow(() -> new AuctionNotFoundException("해당 경매를 찾을 수 없습니다."));

backend/ddang/src/main/java/com/ddang/ddang/bid/application/dto/CreateBidDto.java

@@ -6,10 +6,10 @@
 import com.ddang.ddang.bid.presentation.dto.request.CreateBidRequest;
 import com.ddang.ddang.user.domain.User;
 
-public record CreateBidDto(Long auctionId, int bidPrice) {
+public record CreateBidDto(Long auctionId, int bidPrice, Long userId) {
 
-    public static CreateBidDto from(final CreateBidRequest bidRequest) {
-        return new CreateBidDto(bidRequest.auctionId(), bidRequest.bidPrice());
+    public static CreateBidDto of(final CreateBidRequest bidRequest, final Long userId) {
+        return new CreateBidDto(bidRequest.auctionId(), bidRequest.bidPrice(), userId);
     }
 
     public Bid toEntity(final Auction auction, final User user) {

backend/ddang/src/main/java/com/ddang/ddang/bid/presentation/BidController.java

@@ -1,14 +1,13 @@
 package com.ddang.ddang.bid.presentation;
 
+import com.ddang.ddang.authentication.configuration.AuthenticateUser;
+import com.ddang.ddang.authentication.domain.dto.AuthenticationUserInfo;
 import com.ddang.ddang.bid.application.BidService;
 import com.ddang.ddang.bid.application.dto.CreateBidDto;
-import com.ddang.ddang.bid.application.dto.LoginUserDto;
 import com.ddang.ddang.bid.application.dto.ReadBidDto;
 import com.ddang.ddang.bid.presentation.dto.request.CreateBidRequest;
-import com.ddang.ddang.bid.presentation.dto.request.LoginUserRequest;
 import com.ddang.ddang.bid.presentation.dto.response.ReadBidResponse;
 import com.ddang.ddang.bid.presentation.dto.response.ReadBidsResponse;
-import com.ddang.ddang.bid.presentation.resolver.LoginUser;
 import jakarta.validation.Valid;
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.ResponseEntity;
@@ -29,13 +28,12 @@ public class BidController {
 
     private final BidService bidService;
 
-    // TODO: 2023/08/09 임시로 사용하는 argument resolver 추후 수정
     @PostMapping
     public ResponseEntity<Void> create(
-            @LoginUser final LoginUserRequest userRequest,
+            @AuthenticateUser AuthenticationUserInfo userInfo,
             @RequestBody @Valid final CreateBidRequest bidRequest
     ) {
-        bidService.create(LoginUserDto.from(userRequest), CreateBidDto.from(bidRequest));
+        bidService.create(CreateBidDto.of(bidRequest, userInfo.userId()));
 
         return ResponseEntity.created(URI.create("/auctions/" + bidRequest.auctionId()))
                              .build();