feat: 소셜 로그인(구글/애플)·세션·관리자 회원관리 백엔드
- users: 소셜 전용 전환(password_hash 제거) + role/provider/google_id/apple_id/profile_image (V2 마이그레이션) - auth_session 테이블: Redis 없이 DB 세션(슬라이딩 만료), Bearer 토큰 - 소셜 로그인: 구글 tokeninfo(aud) · 애플 JWKS(iss/aud/exp) 검증 → 이메일 계정연결/신규가입 - AuthInterceptor(세션)+AdminInterceptor(role=ADMIN) 2단 보호, 관리자 페이지는 웹 전용 - /api/admin/members: 목록·상태·티어·역할·삭제 (본인 잠금방지, 정지/삭제/역할변경 시 세션 무효화) - 예외는 기존 ApiExceptionHandler로 통합(ApiException 매핑 추가) Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -0,0 +1,72 @@
|
||||
package com.dog.dognation.admin;
|
||||
|
||||
import com.dog.dognation.admin.dto.MemberAdminResponse;
|
||||
import com.dog.dognation.admin.dto.RoleUpdateRequest;
|
||||
import com.dog.dognation.admin.dto.StatusUpdateRequest;
|
||||
import com.dog.dognation.admin.dto.TierUpdateRequest;
|
||||
import com.dog.dognation.auth.SessionUser;
|
||||
import com.dog.dognation.auth.web.AuthInterceptor;
|
||||
import jakarta.validation.Valid;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.web.bind.annotation.DeleteMapping;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.PathVariable;
|
||||
import org.springframework.web.bind.annotation.PutMapping;
|
||||
import org.springframework.web.bind.annotation.RequestAttribute;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* 관리자용 회원 관리 API. (/api/admin/members — AdminInterceptor 로 ADMIN 만 접근)
|
||||
* 관리자 페이지는 웹 전용.
|
||||
*/
|
||||
@RestController
|
||||
@RequestMapping("/api/admin/members")
|
||||
public class MemberAdminController {
|
||||
|
||||
private final MemberAdminService memberAdminService;
|
||||
|
||||
public MemberAdminController(MemberAdminService memberAdminService) {
|
||||
this.memberAdminService = memberAdminService;
|
||||
}
|
||||
|
||||
@GetMapping
|
||||
public List<MemberAdminResponse> list() {
|
||||
return memberAdminService.list();
|
||||
}
|
||||
|
||||
@PutMapping("/{id}/status")
|
||||
public MemberAdminResponse updateStatus(
|
||||
@PathVariable Long id,
|
||||
@Valid @RequestBody StatusUpdateRequest req,
|
||||
@RequestAttribute(AuthInterceptor.CURRENT_MEMBER) SessionUser current) {
|
||||
return memberAdminService.updateStatus(id, req.status(), current.id());
|
||||
}
|
||||
|
||||
@PutMapping("/{id}/tier")
|
||||
public MemberAdminResponse updateTier(
|
||||
@PathVariable Long id,
|
||||
@Valid @RequestBody TierUpdateRequest req,
|
||||
@RequestAttribute(AuthInterceptor.CURRENT_MEMBER) SessionUser current) {
|
||||
return memberAdminService.updateTier(id, req.tier(), current.id());
|
||||
}
|
||||
|
||||
@PutMapping("/{id}/role")
|
||||
public MemberAdminResponse updateRole(
|
||||
@PathVariable Long id,
|
||||
@Valid @RequestBody RoleUpdateRequest req,
|
||||
@RequestAttribute(AuthInterceptor.CURRENT_MEMBER) SessionUser current) {
|
||||
return memberAdminService.updateRole(id, req.role(), current.id());
|
||||
}
|
||||
|
||||
@DeleteMapping("/{id}")
|
||||
public ResponseEntity<Void> delete(
|
||||
@PathVariable Long id,
|
||||
@RequestAttribute(AuthInterceptor.CURRENT_MEMBER) SessionUser current) {
|
||||
memberAdminService.delete(id, current.id());
|
||||
return ResponseEntity.noContent().build();
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user