refactor: 탈퇴 시 로그인 불가능, 예외 처리 (#82)

src/main/java/com/ddabong/ddabongdotchiBE/domain/user/exception/UserErrorCode.java

@@ -12,7 +12,8 @@
 @AllArgsConstructor
 public enum UserErrorCode implements BaseErrorCode {
 	USER_NOT_FOUND(HttpStatus.NOT_FOUND, "USR4000", "존재하지 않는 사용자입니다."),
-	PASSWORD_NOT_EQUAL(HttpStatus.BAD_REQUEST, "USR4001", "비밀번호가 일치하지 않습니다.");
+	PASSWORD_NOT_EQUAL(HttpStatus.BAD_REQUEST, "USR4001", "비밀번호가 일치하지 않습니다."),
+	USER_ALREADY_INACTIVE(HttpStatus.BAD_REQUEST, "USR4002", "이미 탈퇴된 사용자입니다.");
 
 	private final HttpStatus httpStatus;
 	private final String code;

src/main/java/com/ddabong/ddabongdotchiBE/domain/user/jwt/filter/CustomLoginFilter.java

@@ -17,6 +17,7 @@
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 
 import com.ddabong.ddabongdotchiBE.domain.global.ApiResponse;
+import com.ddabong.ddabongdotchiBE.domain.user.enums.UserStatus;
 import com.ddabong.ddabongdotchiBE.domain.user.jwt.dto.JwtDto;
 import com.ddabong.ddabongdotchiBE.domain.user.jwt.userdetails.CustomUserDetails;
 import com.ddabong.ddabongdotchiBE.domain.user.jwt.util.HttpResponseUtil;
@@ -72,6 +73,11 @@ protected void successfulAuthentication(
 
 		CustomUserDetails customUserDetails = (CustomUserDetails)authentication.getPrincipal();
 
+		// 상태가 INACTIVE인 경우 예외 처리
+		if (customUserDetails.getUserStatus() == UserStatus.INACTIVE) {
+			throw new DisabledException("탈퇴한 사용자입니다."); // 예외 메시지 설정
+		}
+
 		log.info("[*] Login with " + customUserDetails.getUsername());
 
 		JwtDto jwtDto = new JwtDto(

src/main/java/com/ddabong/ddabongdotchiBE/domain/user/jwt/filter/JwtAuthenticationFilter.java

@@ -70,7 +70,8 @@ private void authenticateAccessToken(String accessToken) {
 		CustomUserDetails userDetails = new CustomUserDetails(
 			jwtUtil.getUsername(accessToken),
 			null,
-			jwtUtil.isStaff(accessToken)
+			jwtUtil.isStaff(accessToken),
+			jwtUtil.userStatus(accessToken)
 		);
 
 		log.info("[*] Authority Registration");

src/main/java/com/ddabong/ddabongdotchiBE/domain/user/jwt/userdetails/CustomUserDetails.java

@@ -8,16 +8,23 @@
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.userdetails.UserDetails;
 
+import com.ddabong.ddabongdotchiBE.domain.user.enums.UserStatus;
+
+import lombok.Getter;
+
 public class CustomUserDetails implements UserDetails {
 
 	private final String email;
 	private final String password;
 	private final String isStaff;
+	@Getter
+	private final UserStatus userStatus;
 
-	public CustomUserDetails(String email, String password, String isStaff) {
+	public CustomUserDetails(String email, String password, String isStaff, UserStatus userStatus) {
 		this.email = email;
 		this.password = password;
 		this.isStaff = isStaff;
+		this.userStatus = userStatus;
 	}
 
 	public String getStaff() {

src/main/java/com/ddabong/ddabongdotchiBE/domain/user/jwt/userdetails/CustomUserDetailsService.java

@@ -27,6 +27,7 @@ public UserDetails loadUserByUsername(String username) throws UsernameNotFoundEx
 
 		log.info("[*] User found : " + user.getUsername());
 
-		return new CustomUserDetails(user.getUsername(), user.getPassword(), user.getRoleType().toString());
+		return new CustomUserDetails(user.getUsername(), user.getPassword(), user.getRoleType().toString(),
+			user.getUserStatus());
 	}
 }

src/main/java/com/ddabong/ddabongdotchiBE/domain/user/jwt/util/JwtUtil.java

@@ -13,6 +13,7 @@
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Component;
 
+import com.ddabong.ddabongdotchiBE.domain.user.enums.UserStatus;
 import com.ddabong.ddabongdotchiBE.domain.user.jwt.dto.JwtDto;
 import com.ddabong.ddabongdotchiBE.domain.user.jwt.exception.SecurityCustomException;
 import com.ddabong.ddabongdotchiBE.domain.user.jwt.userdetails.CustomUserDetails;
@@ -32,6 +33,7 @@ public class JwtUtil {
 
 	private static final String USERNAME = "username";
 	private static final String IS_STAFF = "is_staff";
+	private static final String USER_STATUS = "user_status";
 	private final SecretKey secretKey;
 	private final Long accessExpMs;
 	private final Long refreshExpMs;
@@ -103,7 +105,9 @@ public JwtDto reissueToken(String refreshToken) throws SignatureException {
 				getUsername(refreshToken),
 				null,
 				// getAuthority(refreshToken)
-				isStaff(refreshToken)
+				isStaff(refreshToken),
+				userStatus(refreshToken)
+
 			);
 
 			return new JwtDto(
@@ -148,6 +152,10 @@ public String isStaff(String token) {
 		return getClaims(token).get(IS_STAFF, String.class);
 	}
 
+	public UserStatus userStatus(String token) {
+		return getClaims(token).get(USER_STATUS, UserStatus.class);
+	}
+
 	public Boolean isExpired(String token) {
 		// 여기서 토큰 형식 이상한 것도 걸러짐
 		return getClaims(token).getExpiration().before(Date.from(Instant.now()));

src/main/java/com/ddabong/ddabongdotchiBE/domain/user/service/UserService.java

@@ -13,6 +13,9 @@
 import com.ddabong.ddabongdotchiBE.domain.user.dto.response.UserJoinResponse;
 import com.ddabong.ddabongdotchiBE.domain.user.dto.response.UserUpdateResponse;
 import com.ddabong.ddabongdotchiBE.domain.user.entity.User;
+import com.ddabong.ddabongdotchiBE.domain.user.enums.UserStatus;
+import com.ddabong.ddabongdotchiBE.domain.user.exception.UserErrorCode;
+import com.ddabong.ddabongdotchiBE.domain.user.exception.UserExceptionHandler;
 import com.ddabong.ddabongdotchiBE.domain.user.jwt.util.JwtUtil;
 import com.ddabong.ddabongdotchiBE.domain.user.repository.UserRepository;
 
@@ -61,6 +64,12 @@ public UserUpdateResponse updateMyUser(User user, UserUpdateRequest request, Mul
 	}
 
 	public void deactivate(User user) {
+		// 이미 탈퇴한 사용자일 경우 예외를 던짐
+		if (user.getUserStatus() == UserStatus.INACTIVE) {
+			throw new UserExceptionHandler(UserErrorCode.USER_ALREADY_INACTIVE);
+		}
+		// 탈퇴 처리
 		user.deactivate();
+		userRepository.save(user);
 	}
 }