Skip to content

Deploy / Merge to Main #129

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
eraser502 merged 5 commits into from
Dec 14, 2025
Merged

Deploy / Merge to Main #129

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
527429d
feat(docs): add validation annotations to request parameters in admin…
eraser502 Dec 12, 2025
0be4958
feat(controllers): specify multipart/form-data content type for image…
eraser502 Dec 12, 2025
899b03c
feat(s3): add ImageUrlResolver for converting between CDN and S3 paths
eraser502 Dec 14, 2025
d61d399
feat(s3): integrate ImageUrlResolver for profile image URL handling i…
eraser502 Dec 14, 2025
4878dc3
Feature / s3 / image path(#128)
eraser502 Dec 14, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion src/main/java/redot/redot_server/domain/admin/controller/AdminController.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@
import lombok.RequiredArgsConstructor;
import org.springframework.data.domain.Pageable;
import org.springframework.http.HttpHeaders;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseCookie;
import org.springframework.http.ResponseEntity;
import org.springframework.security.core.annotation.AuthenticationPrincipal;
Expand Down Expand Up @@ -91,7 +92,7 @@ public ResponseEntity<Void> deleteCurrentAdmin(HttpServletRequest request, @Auth
.build();
}

@PostMapping("/upload-profile-image")
@PostMapping(value = "/upload-profile-image", consumes = MediaType.MULTIPART_FORM_DATA_VALUE)
@Override
public ResponseEntity<UploadedImageUrlResponse> uploadProfileImage(
@AuthenticationPrincipal JwtPrincipal jwtPrincipal,
Expand Down
3 changes: 2 additions & 1 deletion ...java/redot/redot_server/domain/admin/controller/docs/AdminConsultationControllerDocs.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@
import io.swagger.v3.oas.annotations.media.Schema;
import io.swagger.v3.oas.annotations.responses.ApiResponse;
import io.swagger.v3.oas.annotations.tags.Tag;
import jakarta.validation.Valid;
import org.springframework.data.domain.Pageable;
import org.springframework.http.ResponseEntity;
import org.springdoc.core.annotations.ParameterObject;
Expand All @@ -32,6 +33,6 @@ ResponseEntity<PageResponse<ConsultationResponse>> getAllConsultations(
@Operation(summary = "상담 정보 수정", description = "상담 상태나 담당자 정보를 수정합니다.")
@ApiResponse(responseCode = "200", description = "수정 성공",
content = @Content(schema = @Schema(implementation = ConsultationResponse.class)))
ResponseEntity<ConsultationResponse> updateConsultationInfo(ConsultationUpdateRequest request,
ResponseEntity<ConsultationResponse> updateConsultationInfo(@Valid ConsultationUpdateRequest request,
@Parameter(description = "상담 ID", example = "1") Long consultationId);
}
10 changes: 6 additions & 4 deletions src/main/java/redot/redot_server/domain/admin/controller/docs/AdminControllerDocs.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,8 @@
import io.swagger.v3.oas.annotations.responses.ApiResponse;
import io.swagger.v3.oas.annotations.tags.Tag;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.validation.Valid;
import jakarta.validation.constraints.NotNull;
import org.springframework.data.domain.Pageable;
import org.springframework.http.ResponseEntity;
import org.springframework.web.multipart.MultipartFile;
Expand All @@ -30,7 +32,7 @@ public interface AdminControllerDocs {
@Operation(summary = "관리자 생성", description = "새로운 관리자를 생성합니다.")
@ApiResponse(responseCode = "200", description = "생성 성공",
content = @Content(schema = @Schema(implementation = AdminResponse.class)))
ResponseEntity<AdminResponse> createAdmin(AdminCreateRequest request);
ResponseEntity<AdminResponse> createAdmin(@Valid AdminCreateRequest request);

@Operation(summary = "관리자 목록 조회", description = "`page`, `size`, `sort` 파라미터를 사용해 페이징/정렬하며 `sort=필드명,정렬방향` (예: `sort=createdAt,desc`) 형식을 따릅니다.")
@ApiResponse(responseCode = "200", description = "조회 성공",
Expand All @@ -42,12 +44,12 @@ ResponseEntity<PageResponse<AdminResponse>> getAdminInfoList(@Parameter(descript
@ApiResponse(responseCode = "200", description = "수정 성공",
content = @Content(schema = @Schema(implementation = AdminResponse.class)))
ResponseEntity<AdminResponse> updateAdmin(@Parameter(description = "관리자 ID", example = "1") Long adminId,
AdminUpdateRequest request);
@Valid AdminUpdateRequest request);

@Operation(summary = "관리자 비밀번호 초기화", description = "관리자의 비밀번호를 재설정합니다.")
@ApiResponse(responseCode = "204", description = "재설정 완료")
ResponseEntity<Void> resetAdminPassword(@Parameter(description = "관리자 ID", example = "1") Long adminId,
AdminResetPasswordRequest request);
@Valid AdminResetPasswordRequest request);

@Operation(summary = "다른 관리자 삭제", description = "현재 로그인한 관리자가 다른 관리자를 삭제합니다.")
@ApiResponse(responseCode = "204", description = "삭제 완료")
Expand All @@ -63,5 +65,5 @@ ResponseEntity<Void> deleteCurrentAdmin(@Parameter(hidden = true) HttpServletReq
@ApiResponse(responseCode = "200", description = "업로드 성공",
content = @Content(schema = @Schema(implementation = UploadedImageUrlResponse.class)))
ResponseEntity<UploadedImageUrlResponse> uploadProfileImage(@Parameter(hidden = true) JwtPrincipal jwtPrincipal,
MultipartFile image);
@NotNull MultipartFile image);
}
3 changes: 2 additions & 1 deletion ...ain/java/redot/redot_server/domain/admin/controller/docs/AdminRedotAppControllerDocs.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
import io.swagger.v3.oas.annotations.media.Schema;
import io.swagger.v3.oas.annotations.responses.ApiResponse;
import io.swagger.v3.oas.annotations.tags.Tag;
import jakarta.validation.Valid;
import org.springframework.http.ResponseEntity;
import redot.redot_server.domain.redot.app.dto.request.RedotAppCreateRequest;
import redot.redot_server.domain.redot.app.dto.response.RedotAppInfoResponse;
Expand All @@ -15,5 +16,5 @@ public interface AdminRedotAppControllerDocs {
@Operation(summary = "Redot 앱 생성", description = "관리자 권한으로 신규 Redot 앱을 생성합니다.")
@ApiResponse(responseCode = "200", description = "생성 성공",
content = @Content(schema = @Schema(implementation = RedotAppInfoResponse.class)))
ResponseEntity<RedotAppInfoResponse> createRedotApp(RedotAppCreateRequest request);
ResponseEntity<RedotAppInfoResponse> createRedotApp(@Valid RedotAppCreateRequest request);
}
5 changes: 3 additions & 2 deletions src/main/java/redot/redot_server/domain/admin/dto/response/AdminResponse.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@

import java.time.LocalDateTime;
import redot.redot_server.domain.admin.entity.Admin;
import redot.redot_server.global.s3.util.ImageUrlResolver;

public record AdminResponse(
Long id,
Expand All @@ -10,11 +11,11 @@ public record AdminResponse(
String email,
LocalDateTime createdAt
) {
public static AdminResponse from(Admin admin) {
public static AdminResponse from(Admin admin, ImageUrlResolver imageUrlResolver) {
return new AdminResponse(
admin.getId(),
admin.getName(),
admin.getProfileImageUrl(),
imageUrlResolver.toPublicUrl(admin.getProfileImageUrl()),
admin.getEmail(),
admin.getCreatedAt()
);
Expand Down
22 changes: 13 additions & 9 deletions src/main/java/redot/redot_server/domain/admin/service/AdminService.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@
import redot.redot_server.global.s3.event.ImageDeletionEvent;
import redot.redot_server.global.s3.service.ImageStorageService;
import redot.redot_server.global.s3.util.ImageDirectory;
import redot.redot_server.global.s3.util.ImageUrlResolver;
import redot.redot_server.global.util.EmailUtils;
import redot.redot_server.global.util.dto.response.PageResponse;

Expand All @@ -32,6 +33,7 @@ public class AdminService {
private final PasswordEncoder passwordEncoder;
private final ImageStorageService imageStorageService;
private final ApplicationEventPublisher eventPublisher;
private final ImageUrlResolver imageUrlResolver;

@Transactional
public AdminResponse createAdmin(AdminCreateRequest request) {
Expand All @@ -42,14 +44,15 @@ public AdminResponse createAdmin(AdminCreateRequest request) {
}

try {
String profileImageUrl = imageUrlResolver.toStoredPath(request.profileImageUrl());
Admin admin = adminRepository.save(
Admin.create(
request.name(),
normalizedEmail,
request.profileImageUrl(),
profileImageUrl,
passwordEncoder.encode(request.password())
));
return AdminResponse.from(admin);
return AdminResponse.from(admin, imageUrlResolver);
} catch (DataIntegrityViolationException ex) {
throw new AuthException(AuthErrorCode.EMAIL_ALREADY_EXISTS, ex);
}
Expand All @@ -59,12 +62,12 @@ public AdminResponse getAdminInfo(Long adminId) {
Admin admin = adminRepository.findById(adminId)
.orElseThrow(() -> new AuthException(AuthErrorCode.ADMIN_NOT_FOUND));

return AdminResponse.from(admin);
return AdminResponse.from(admin, imageUrlResolver);
}

public PageResponse<AdminResponse> getAdminInfoList(Pageable pageable) {
Page<Admin> admins = adminRepository.findAll(pageable);
return PageResponse.from(admins.map(AdminResponse::from));
return PageResponse.from(admins.map(admin -> AdminResponse.from(admin, imageUrlResolver)));
}

@Transactional
Expand All @@ -78,19 +81,20 @@ public AdminResponse updateAdmin(Long adminId, AdminUpdateRequest request) {
throw new AuthException(AuthErrorCode.EMAIL_ALREADY_EXISTS);
}

deleteOldProfileImageUrlIfChanged(request, admin);
String newProfileImageUrl = imageUrlResolver.toStoredPath(request.profileImageUrl());
deleteOldProfileImageUrlIfChanged(newProfileImageUrl, admin);

admin.update(request.name(), normalizedEmail, request.profileImageUrl());
admin.update(request.name(), normalizedEmail, newProfileImageUrl);

return AdminResponse.from(admin);
return AdminResponse.from(admin, imageUrlResolver);
} catch (DataIntegrityViolationException ex) {
throw new AuthException(AuthErrorCode.EMAIL_ALREADY_EXISTS, ex);
}
}

private void deleteOldProfileImageUrlIfChanged(AdminUpdateRequest request, Admin admin) {
private void deleteOldProfileImageUrlIfChanged(String newProfileImageUrl, Admin admin) {
String oldProfileImageUrl = admin.getProfileImageUrl();
if (oldProfileImageUrl != null && !oldProfileImageUrl.equals(request.profileImageUrl())) {
if (oldProfileImageUrl != null && !oldProfileImageUrl.equals(newProfileImageUrl)) {
eventPublisher.publishEvent(new ImageDeletionEvent(oldProfileImageUrl));
}
}
Expand Down
7 changes: 4 additions & 3 deletions src/main/java/redot/redot_server/domain/auth/controller/docs/AdminAuthControllerDocs.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@
import io.swagger.v3.oas.annotations.responses.ApiResponse;
import io.swagger.v3.oas.annotations.tags.Tag;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.validation.Valid;
import org.springframework.http.ResponseEntity;
import redot.redot_server.domain.admin.dto.request.AdminCreateRequest;
import redot.redot_server.domain.admin.dto.response.AdminResponse;
Expand All @@ -22,12 +23,12 @@ public interface AdminAuthControllerDocs {
@ApiResponse(responseCode = "200", description = "로그인 성공",
content = @Content(schema = @Schema(implementation = TokenResponse.class)))
ResponseEntity<TokenResponse> signIn(@Parameter(hidden = true) HttpServletRequest request,
SignInRequest signInRequest);
@Valid SignInRequest signInRequest);

@Operation(summary = "관리자 회원가입", description = "새로운 Redot 관리자를 등록합니다.")
@ApiResponse(responseCode = "200", description = "생성 성공",
content = @Content(schema = @Schema(implementation = AdminResponse.class)))
ResponseEntity<AdminResponse> createAdmin(AdminCreateRequest request);
ResponseEntity<AdminResponse> createAdmin(@Valid AdminCreateRequest request);

@Operation(summary = "관리자 토큰 재발급", description = "만료 직전의 토큰을 쿠키 기반으로 재발급합니다.")
@ApiResponse(responseCode = "200", description = "재발급 성공",
Expand All @@ -45,5 +46,5 @@ ResponseEntity<TokenResponse> signIn(@Parameter(hidden = true) HttpServletReques

@Operation(summary = "관리자 비밀번호 재설정 확정", description = "비밀번호 재설정 코드를 확인하고 새 비밀번호를 저장합니다.")
@ApiResponse(responseCode = "204", description = "재설정 완료")
ResponseEntity<Void> confirmPasswordReset(PasswordResetConfirmRequest request);
ResponseEntity<Void> confirmPasswordReset(@Valid PasswordResetConfirmRequest request);
}
3 changes: 2 additions & 1 deletion ...java/redot/redot_server/domain/auth/controller/docs/AdminImpersonationControllerDocs.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@
import io.swagger.v3.oas.annotations.responses.ApiResponse;
import io.swagger.v3.oas.annotations.tags.Tag;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.validation.Valid;
import org.springframework.http.ResponseEntity;
import redot.redot_server.domain.auth.dto.request.CMSAdminImpersonationRequest;
import redot.redot_server.domain.auth.dto.response.TokenResponse;
Expand All @@ -19,6 +20,6 @@ public interface AdminImpersonationControllerDocs {
@ApiResponse(responseCode = "200", description = "발급 성공",
content = @Content(schema = @Schema(implementation = TokenResponse.class)))
ResponseEntity<TokenResponse> impersonateAsCMSAdmin(@Parameter(hidden = true) HttpServletRequest request,
CMSAdminImpersonationRequest cmsAdminImpersonationRequest,
@Valid CMSAdminImpersonationRequest cmsAdminImpersonationRequest,
@Parameter(hidden = true) JwtPrincipal jwtPrincipal);
Comment on lines 22 to 24
Copy link

@coderabbitai coderabbitai bot Dec 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash

# Step 1: Find the implementing controller for AdminImpersonationControllerDocs
echo "=== Finding implementing controller ==="
fd -e java | xargs rg -l "implements AdminImpersonationControllerDocs" | head -5

# Step 2: Check CMSAdminImpersonationRequest for validation constraints
echo -e "\n=== Checking CMSAdminImpersonationRequest DTO ==="
fd -e java | xargs rg -l "CMSAdminImpersonationRequest" | head -5

Repository: redotlabs/server

Length of output: 604

🏁 Script executed:

#!/bin/bash

# Step 1: Examine the implementing controller's impersonateAsCMSAdmin method
echo "=== AdminImpersonationController - impersonateAsCMSAdmin method ==="
rg -B 2 -A 10 "impersonateAsCMSAdmin" src/main/java/redot/redot_server/domain/auth/controller/AdminImpersonationController.java

# Step 2: Examine CMSAdminImpersonationRequest DTO structure and validation constraints
echo -e "\n=== CMSAdminImpersonationRequest DTO ==="
cat src/main/java/redot/redot_server/domain/auth/dto/request/CMSAdminImpersonationRequest.java

Repository: redotlabs/server

Length of output: 1104

🏁 Script executed:

#!/bin/bash

# Verify the exact state of AdminImpersonationControllerDocs.java around lines 22-24
echo "=== AdminImpersonationControllerDocs.java (lines 20-26) ==="
sed -n '20,26p' src/main/java/redot/redot_server/domain/auth/controller/docs/AdminImpersonationControllerDocs.java

Repository: redotlabs/server

Length of output: 613

문서화 인터페이스에 @RequestBody 애노테이션도 추가 필요

@Valid 애노테이션 추가는 적절하나, 실제 구현 컨트롤러와 일치시키기 위해 @RequestBody 애노테이션도 함께 추가되어야 합니다.

현재 문서화 인터페이스:

@Valid CMSAdminImpersonationRequest cmsAdminImpersonationRequest

실제 구현 컨트롤러:

@Valid @RequestBody CMSAdminImpersonationRequest cmsAdminImpersonationRequest

문서화 인터페이스에 @RequestBody를 추가하여 실제 구현과 일치시켜야 합니다. CMSAdminImpersonationRequest DTO는 @NotNull 검증 제약조건이 적절하게 정의되어 있습니다.

🤖 Prompt for AI Agents 
In
src/main/java/redot/redot_server/domain/auth/controller/docs/AdminImpersonationControllerDocs.java
around lines 22 to 24, the documented method parameter uses only @Valid for the
CMSAdminImpersonationRequest but the real controller declares @Valid
@RequestBody; update the docs interface to add the @RequestBody annotation to
the cmsAdminImpersonationRequest parameter so it matches the implementation
(retain @Valid) and ensures the generated API docs reflect request body binding
and validation.

}
5 changes: 3 additions & 2 deletions src/main/java/redot/redot_server/domain/auth/controller/docs/CMSAuthControllerDocs.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@
import io.swagger.v3.oas.annotations.responses.ApiResponse;
import io.swagger.v3.oas.annotations.tags.Tag;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.validation.Valid;
import org.springframework.http.ResponseEntity;
import redot.redot_server.domain.auth.dto.request.PasswordResetConfirmRequest;
import redot.redot_server.domain.auth.dto.request.SignInRequest;
Expand All @@ -24,7 +25,7 @@ public interface CMSAuthControllerDocs {
@ApiResponse(responseCode = "200", description = "로그인 성공",
content = @Content(schema = @Schema(implementation = TokenResponse.class)))
ResponseEntity<TokenResponse> signIn(@Parameter(hidden = true) HttpServletRequest request,
SignInRequest signInRequest,
@Valid SignInRequest signInRequest,
@Parameter(hidden = true) Long redotAppId);

@Parameter(name = "X-App-Subdomain", in = ParameterIn.HEADER, required = true,
Expand Down Expand Up @@ -52,5 +53,5 @@ ResponseEntity<CMSMemberResponse> getCurrentCMSMemberInfo(@Parameter(hidden = tr
@Operation(summary = "CMS 비밀번호 재설정 확정", description = "발급받은 인증 코드로 비밀번호 재설정을 확정합니다.")
@ApiResponse(responseCode = "204", description = "재설정 완료")
ResponseEntity<Void> confirmPasswordReset(@Parameter(hidden = true) Long redotAppId,
PasswordResetConfirmRequest request);
@Valid PasswordResetConfirmRequest request);
}
5 changes: 3 additions & 2 deletions .../java/redot/redot_server/domain/auth/controller/docs/EmailVerificationControllerDocs.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
import io.swagger.v3.oas.annotations.media.Schema;
import io.swagger.v3.oas.annotations.responses.ApiResponse;
import io.swagger.v3.oas.annotations.tags.Tag;
import jakarta.validation.Valid;
import org.springframework.http.ResponseEntity;
import redot.redot_server.domain.auth.dto.request.EmailVerificationSendRequest;
import redot.redot_server.domain.auth.dto.request.EmailVerificationVerifyRequest;
Expand All @@ -17,10 +18,10 @@ public interface EmailVerificationControllerDocs {
@Operation(summary = "이메일 인증 코드 발송", description = "입력한 이메일로 인증 코드를 발송합니다.")
@ApiResponse(responseCode = "200", description = "발송 성공",
content = @Content(schema = @Schema(implementation = EmailVerificationSendResponse.class)))
ResponseEntity<EmailVerificationSendResponse> send(EmailVerificationSendRequest request);
ResponseEntity<EmailVerificationSendResponse> send(@Valid EmailVerificationSendRequest request);

@Operation(summary = "이메일 인증 코드 검증", description = "발송된 인증 코드가 유효한지 검증합니다.")
@ApiResponse(responseCode = "200", description = "검증 성공",
content = @Content(schema = @Schema(implementation = EmailVerificationVerifyResponse.class)))
ResponseEntity<EmailVerificationVerifyResponse> verify(EmailVerificationVerifyRequest request);
ResponseEntity<EmailVerificationVerifyResponse> verify(@Valid EmailVerificationVerifyRequest request);
}
7 changes: 4 additions & 3 deletions ...in/java/redot/redot_server/domain/auth/controller/docs/RedotMemberAuthControllerDocs.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@
import io.swagger.v3.oas.annotations.responses.ApiResponse;
import io.swagger.v3.oas.annotations.tags.Tag;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.validation.Valid;
Copy link

@coderabbitai coderabbitai bot Dec 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

cat -n src/main/java/redot/redot_server/domain/auth/controller/docs/RedotMemberAuthControllerDocs.java

Repository: redotlabs/server

Length of output: 4189

🏁 Script executed:

# Find the actual controller implementation
find . -path ./target -prune -o -name "*MemberAuthController.java" -type f -print | grep -v docs | head -5

Repository: redotlabs/server

Length of output: 148

🏁 Script executed:

cat -n ./src/main/java/redot/redot_server/domain/auth/controller/RedotMemberAuthController.java

Repository: redotlabs/server

Length of output: 9253

🏁 Script executed:

# Check DTOs for constraint annotations
echo "=== RedotMemberCreateRequest ==="
rg -n "class RedotMemberCreateRequest" -A 30

echo -e "\n=== RedotMemberSignInRequest ==="
rg -n "class RedotMemberSignInRequest" -A 20

echo -e "\n=== PasswordResetConfirmRequest ==="
rg -n "class PasswordResetConfirmRequest" -A 20

Repository: redotlabs/server

Length of output: 163

🏁 Script executed:

# Find DTO files
echo "=== Finding DTOs ==="
fd "RedotMemberCreateRequest.java" -o "RedotMemberSignInRequest.java" -o "PasswordResetConfirmRequest.java"

Repository: redotlabs/server

Length of output: 275

🏁 Script executed:

# Find DTO files
echo "=== Finding RedotMemberCreateRequest ==="
fd "RedotMemberCreateRequest\.java"

echo -e "\n=== Finding RedotMemberSignInRequest ==="
fd "RedotMemberSignInRequest\.java"

echo -e "\n=== Finding PasswordResetConfirmRequest ==="
fd "PasswordResetConfirmRequest\.java"

Repository: redotlabs/server

Length of output: 459

🏁 Script executed:

echo "=== RedotMemberCreateRequest ==="
cat -n src/main/java/redot/redot_server/domain/redot/member/dto/request/RedotMemberCreateRequest.java

echo -e "\n=== RedotMemberSignInRequest ==="
cat -n src/main/java/redot/redot_server/domain/auth/dto/request/RedotMemberSignInRequest.java

echo -e "\n=== PasswordResetConfirmRequest ==="
cat -n src/main/java/redot/redot_server/domain/auth/dto/request/PasswordResetConfirmRequest.java

Repository: redotlabs/server

Length of output: 1847

🏁 Script executed:

# Verify if @Validated is used anywhere in the controller or if it's a standard pattern
echo "=== Checking for @Validated in similar controller classes ==="
fd "Controller.java" -x grep -l "@Validated" | head -5

Repository: redotlabs/server

Length of output: 218

🏁 Script executed:

# Check how @Validated is used in that controller
grep -n "@Validated\|@RestController\|class.*Controller" ./src/main/java/redot/redot_server/domain/cms/site/setting/controller/SiteSettingController.java | head -10

Repository: redotlabs/server

Length of output: 169

컨트롤러 클래스에 @validated 애노테이션이 누락되었습니다.

@Valid 애노테이션을 추가한 것은 좋은 개선이지만, 이를 실제로 동작하게 하려면 RedotMemberAuthController 클래스에 @Validated 애노테이션이 필요합니다. 현재 상태에서는 Spring이 메소드 레벨의 검증을 수행하지 않습니다.

필요한 변경:

  • RedotMemberAuthController 클래스에 @Validated 애노테이션 추가 (라인 37-39 부근)
  • 예: @RestController 다음 줄에 @Validated 추가

확인된 사항:

  • 세 개의 요청 DTO (RedotMemberCreateRequest, RedotMemberSignInRequest, PasswordResetConfirmRequest)는 모두 @Email, @NotBlank 등의 제약 애노테이션이 올바르게 정의되어 있습니다. ✓

추가 제안 (선택사항):

  • getSocialLoginUrl 메소드의 provider, redirectUri, failureUri 파라미터에 @NotBlank 제약을 추가하면 더욱 견고한 검증이 가능합니다.
🤖 Prompt for AI Agents 
In
src/main/java/redot/redot_server/domain/auth/controller/docs/RedotMemberAuthControllerDocs.java
around lines 37 to 39, the controller class is missing the @Validated annotation
so method-level @Valid checks are not triggered; add @Validated directly below
the @RestController declaration in the RedotMemberAuthController class to enable
Spring validation on request DTOs, and optionally annotate the getSocialLoginUrl
method parameters (provider, redirectUri, failureUri) with @NotBlank to
strengthen validation.

import org.springframework.http.ResponseEntity;
import redot.redot_server.domain.auth.dto.request.PasswordResetConfirmRequest;
import redot.redot_server.domain.auth.dto.request.RedotMemberSignInRequest;
Expand All @@ -22,13 +23,13 @@ public interface RedotMemberAuthControllerDocs {
@Operation(summary = "Redot 회원 회원가입", description = "새로운 Redot 회원 계정을 생성합니다.")
@ApiResponse(responseCode = "200", description = "회원가입 성공",
content = @Content(schema = @Schema(implementation = RedotMemberResponse.class)))
ResponseEntity<RedotMemberResponse> signUp(RedotMemberCreateRequest request);
ResponseEntity<RedotMemberResponse> signUp(@Valid RedotMemberCreateRequest request);

@Operation(summary = "Redot 회원 로그인", description = "Redot 회원 자격 증명을 사용해 로그인합니다.")
@ApiResponse(responseCode = "200", description = "로그인 성공",
content = @Content(schema = @Schema(implementation = TokenResponse.class)))
ResponseEntity<TokenResponse> signIn(@Parameter(hidden = true) HttpServletRequest request,
RedotMemberSignInRequest signInRequest);
@Valid RedotMemberSignInRequest signInRequest);

@Operation(summary = "Redot 회원 토큰 재발급", description = "로그인된 회원의 토큰을 재발급합니다.")
@ApiResponse(responseCode = "200", description = "재발급 성공",
Expand All @@ -46,7 +47,7 @@ ResponseEntity<TokenResponse> signIn(@Parameter(hidden = true) HttpServletReques

@Operation(summary = "Redot 회원 비밀번호 재설정 확정", description = "비밀번호 재설정 토큰을 확인하고 비밀번호를 교체합니다.")
@ApiResponse(responseCode = "204", description = "재설정 완료")
ResponseEntity<Void> confirmPasswordReset(PasswordResetConfirmRequest request);
ResponseEntity<Void> confirmPasswordReset(@Valid PasswordResetConfirmRequest request);

@Operation(summary = "소셜 로그인 인가 URL 조회", description = "선택한 소셜 제공자의 OAuth2 인가 URL을 제공합니다.")
@ApiResponse(responseCode = "200", description = "URL 생성 성공",
Expand Down
5 changes: 3 additions & 2 deletions src/main/java/redot/redot_server/domain/auth/service/AdminAuthService.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@
import redot.redot_server.domain.admin.dto.response.AdminResponse;
import redot.redot_server.domain.admin.entity.Admin;
import redot.redot_server.domain.admin.repository.AdminRepository;
import redot.redot_server.global.s3.util.ImageUrlResolver;
import redot.redot_server.global.jwt.token.TokenContext;
import redot.redot_server.global.jwt.token.TokenType;
import redot.redot_server.global.security.filter.jwt.refresh.RefreshTokenPayload;
Expand All @@ -29,6 +30,7 @@ public class AdminAuthService {
private final AuthTokenService authTokenService;
private final PasswordEncoder passwordEncoder;
private final EmailVerificationService emailVerificationService;
private final ImageUrlResolver imageUrlResolver;

public AuthResult signIn(HttpServletRequest request, SignInRequest signInRequest) {
Admin admin = adminRepository.findByEmailIgnoreCase(EmailUtils.normalize(signInRequest.email()))
Expand Down Expand Up @@ -68,8 +70,7 @@ public AdminResponse getCurrentAdminInfo(Long id) {
Admin admin = adminRepository.findById(id)
.orElseThrow(() -> new AuthException(AuthErrorCode.ADMIN_NOT_FOUND));

return new AdminResponse(admin.getId(), admin.getName(), admin.getProfileImageUrl(), admin.getEmail(),
admin.getCreatedAt());
return AdminResponse.from(admin, imageUrlResolver);
}

@Transactional
Expand Down
Loading