Check-Data-Out · Jihyun3478 · May 3, 2025 · Apr 20, 2025 · Apr 20, 2025 · Apr 21, 2025
diff --git a/src/controllers/qr.controller.ts b/src/controllers/qr.controller.ts
@@ -0,0 +1,95 @@
+import { NextFunction, Request, RequestHandler, Response } from 'express';
+import logger from '@/configs/logger.config';
+import { QRLoginTokenService } from "@/services/qr.service";
+import { QRLoginTokenResponseDto } from "@/types/dto/responses/qrResponse.type";
+import { InvalidTokenError, TokenExpiredError } from '@/exception/token.exception';
+import { UserService } from '@/services/user.service';
+import { NotFoundError } from '@/exception';
+import { CookieOptions } from 'express';
+
+type Token32 = string & { __lengthBrand: 32 };
+
+export class QRLoginController {
+ constructor(
+ private qrService: QRLoginTokenService,
+ private userService: UserService
+ ) {}
+
+ private cookieOption(): CookieOptions {
+ const isProd = process.env.NODE_ENV === 'production';
+
+ const baseOptions: CookieOptions = {
+ httpOnly: isProd,
+ secure: isProd,
+ };
+
+ if (isProd) {
+ baseOptions.sameSite = 'lax';
+ baseOptions.domain = "velog-dashboard.kro.kr";
+ } else {
+ baseOptions.domain = 'localhost';
+ }
+
+ return baseOptions;
+ }
+
+ createToken: RequestHandler = async (
+ req: Request,
+ res: Response<QRLoginTokenResponseDto>,
+ next: NextFunction,
+ ) => {
+ try {
+ const user = req.user;
+ const ip = req.ip ?? '';
+ const userAgent = req.headers['user-agent'] || '';
+
+ const token = await this.qrService.create(user.id, ip, userAgent);
+ const typedToken = token as Token32;
+
+ const response = new QRLoginTokenResponseDto(
+ true,
+ 'QR 토큰 생성 완료',
+ { token: typedToken },
+ null
+ );
+ res.status(200).json(response);
+ } catch (error) {
+ logger.error('QR 토큰 생성 실패:', error);
+ next(error);
+ }
+ };
+
+ getToken: RequestHandler = async (req: Request, res: Response, next: NextFunction) => {
+ try {
+ const token = req.query.token as string;
+ if (!token) {
+ throw new InvalidTokenError('토큰이 필요합니다.');
+ }
+
+ const found = await this.qrService.useToken(token);
+ if (!found) {
+ throw new TokenExpiredError();
+ }
+
+ const user = await this.userService.findByVelogUUID(found.user.toString());
+ if (!user) throw new NotFoundError('유저를 찾을 수 없습니다.');
+
+ const { decryptedAccessToken, decryptedRefreshToken } = this.userService.getDecryptedTokens( 
+ user.group_id, 
+ user.access_token, 
+ user.refresh_token 
+ );
+
+ res.clearCookie('access_token', this.cookieOption());
+ res.clearCookie('refresh_token', this.cookieOption());
+
+ res.cookie('access_token', decryptedAccessToken, this.cookieOption());
+ res.cookie('refresh_token', decryptedRefreshToken, this.cookieOption());
+
+ res.redirect('/main');
+ } catch (error) {
+ logger.error('QR 토큰 로그인 처리 실패', error);
+ next(error);
+ }
+ };
+}
diff --git a/src/repositories/__test__/qr.repo.test.ts b/src/repositories/__test__/qr.repo.test.ts
@@ -0,0 +1,80 @@
+import { QRLoginTokenRepository } from '@/repositories/qr.repository';
+import { DBError } from '@/exception';
+import { Pool } from 'pg';
+
+const mockPool: Partial<Pool> = {
+ query: jest.fn(),
+};
+
+describe('QRLoginTokenRepository', () => {
+ let repo: QRLoginTokenRepository;
+
+ beforeEach(() => {
+ repo = new QRLoginTokenRepository(mockPool as Pool);
+ });
+
+ afterEach(() => {
+ jest.clearAllMocks();
+ });
+
+ describe('createQRLoginToken', () => {
+ it('QR 토큰을 성공적으로 삽입해야 한다', async () => {
+ (mockPool.query as jest.Mock).mockResolvedValueOnce(undefined);
+
+ await expect(
+ repo.createQRLoginToken('token', 1, 'ip', 'agent')
+ ).resolves.not.toThrow();
+
+ expect(mockPool.query).toHaveBeenCalled();
+ });
+
+ it('삽입 중 오류 발생 시 DBError를 던져야 한다', async () => {
+ (mockPool.query as jest.Mock).mockRejectedValueOnce(new Error('fail'));
+
+ await expect(
+ repo.createQRLoginToken('token', 1, 'ip', 'agent')
+ ).rejects.toThrow(DBError);
+ });
+ });
+
+ describe('findQRLoginToken', () => {
+ it('토큰이 존재할 경우 반환해야 한다', async () => {
+ const mockTokenData = { token: 'token', user: 1 };
+ (mockPool.query as jest.Mock).mockResolvedValueOnce({ rows: [mockTokenData] });
+
+ const result = await repo.findQRLoginToken('token');
+ expect(result).toEqual(mockTokenData);
+ });
+
+ it('토큰이 존재하지 않으면 null을 반환해야 한다', async () => {
+ (mockPool.query as jest.Mock).mockResolvedValueOnce({ rows: [] });
+
+ const result = await repo.findQRLoginToken('token');
+ expect(result).toBeNull();
+ });
+
+ it('조회 중 오류 발생 시 DBError를 던져야 한다', async () => {
+ (mockPool.query as jest.Mock).mockRejectedValueOnce(new Error('fail'));
+
+ await expect(repo.findQRLoginToken('token')).rejects.toThrow(DBError);
+ });
+ });
+
+ describe('markTokenUsed', () => {
+ it('토큰을 사용 처리해야 한다', async () => {
+ (mockPool.query as jest.Mock).mockResolvedValueOnce(undefined);
+
+ await expect(repo.markTokenUsed('token')).resolves.not.toThrow();
+ expect(mockPool.query).toHaveBeenCalledWith(
+ expect.stringContaining('UPDATE qr_login_tokens SET is_used = true'),
+ ['token']
+ );
+ });
+
+ it('토큰 사용 처리 중 오류 발생 시 DBError를 던져야 한다', async () => {
+ (mockPool.query as jest.Mock).mockRejectedValueOnce(new Error('fail'));
+
+ await expect(repo.markTokenUsed('token')).rejects.toThrow(DBError);
+ });
+ });
+});
diff --git a/src/repositories/qr.repository.ts b/src/repositories/qr.repository.ts
@@ -0,0 +1,48 @@
+import { Pool } from 'pg';
+import logger from '@/configs/logger.config';
+import { DBError } from '@/exception';
+import { QRLoginToken } from '@/types/models/QRLoginToken.type';
+
+export class QRLoginTokenRepository {
+ constructor(private pool: Pool) { }
+
+ async createQRLoginToken(token: string, userId: number, ip: string, userAgent: string): Promise<void> {
+ try {
+ const query = `
+ INSERT INTO qr_login_tokens (token, user_id, created_at, expires_at, is_used, ip_address, user_agent)
+ VALUES ($1, $2, NOW(), NOW() + INTERVAL '5 minutes', false, $3, $4);
+ `;
+ await this.pool.query(query, [token, userId, ip, userAgent]);
+ } catch (error) {
+ logger.error('QRLoginToken Repo Create Error : ', error);
+ throw new DBError('QR 코드 토큰 생성 중 문제가 발생했습니다.');
+ }
+ }
+
+ async findQRLoginToken(token: string): Promise<QRLoginToken | null> {
+ try {
+ const query = `
+ SELECT *
+ FROM qr_login_tokens
+ WHERE token = $1 AND is_used = false AND expires_at > NOW();
+ `;
+ const result = await this.pool.query(query, [token]);
+ return result.rows[0] ?? null;
+ } catch (error) {
+ logger.error('QRLoginToken Repo find QR Code Error : ', error);
+ throw new DBError('QR 코드 토큰 조회 중 문제가 발생했습니다.');
+ }
+ }
+
+ async markTokenUsed(token: string): Promise<void> {
+ try {
+ const query = `
+ UPDATE qr_login_tokens SET is_used = true WHERE token = $1;
+ `;
+ await this.pool.query(query, [token]);
+ } catch (error) {
+ logger.error('QRLoginToken Repo mark as used Error : ', error);
+ throw new DBError('QR 코드 사용 처리 중 문제가 발생했습니다.');
+ }
+ }
+}
diff --git a/src/routes/index.ts b/src/routes/index.ts
@@ -2,6 +2,7 @@ import express, { Router } from 'express';
 import UserRouter from './user.router';
 import PostRouter from './post.router';
 import NotiRouter from './noti.router';
+import QrRouter from './qr.router';
 
 const router: Router = express.Router();
 
@@ -12,4 +13,6 @@ router.use('/ping', (req, res) => {
 router.use('/', UserRouter);
 router.use('/', PostRouter);
 router.use('/', NotiRouter);
+router.use('/', QrRouter);
+
 export default router;
diff --git a/src/routes/qr.router.ts b/src/routes/qr.router.ts
@@ -0,0 +1,56 @@
+import express, { Router } from 'express';
+import pool from '@/configs/db.config';
+
+import { authMiddleware } from '@/middlewares/auth.middleware';
+import { QRLoginTokenRepository } from '@/repositories/qr.repository';
+import { QRLoginTokenService } from '@/services/qr.service';
+import { QRLoginController } from '@/controllers/qr.controller';
+import { UserRepository } from '@/repositories/user.repository';
+import { UserService } from '@/services/user.service';
+
+const router: Router = express.Router();
+
+const qrRepository = new QRLoginTokenRepository(pool);
+const userRepository = new UserRepository(pool);
+const userService = new UserService(userRepository);
+const qrService = new QRLoginTokenService(qrRepository);
+const qrController = new QRLoginController(qrService, userService);
+
+/**
+ * @swagger
+ * /api/qr-login:
+ * post:
+ * summary: QR 로그인 토큰 생성
+ * tags: [QRLogin]
+ * security:
+ * - bearerAuth: []
+ * responses:
+ * 200:
+ * description: QR 로그인 토큰 생성 성공
+ */
+router.post('/qr-login', authMiddleware.login, qrController.createToken);
+
+/**
+ * @swagger
+ * /api/qr-login:
+ * get:
+ * summary: QR 로그인 토큰 조회 및 자동 로그인 처리
+ * tags: [QRLogin]
+ * parameters:
+ * - in: query
+ * name: token
+ * required: true
+ * schema:
+ * type: string
+ * description: 조회할 QR 토큰
+ * responses:
+ * 302:
+ * description: 자동 로그인 완료 후 메인 페이지로 리디렉션
+ * 400:
+ * description: 잘못된 토큰
+ * 404:
+ * description: 만료 또는 존재하지 않는 토큰
+ */
+router.get('/qr-login', qrController.getToken);
+
+export default router;