Merge branch 'dev' into choi_fix/#212

Neogasogaeseo · Oct 2, 2022 · 7701c3b · 7701c3b
2 parents b3f4d55 + f8c7fb0
commit 7701c3b
Show file tree

Hide file tree

Showing 31 changed files with 814 additions and 126 deletions.
diff --git a/functions/.eslintrc.js b/functions/.eslintrc.js
@@ -4,26 +4,26 @@ module.exports = {
     commonjs: true,
     es2021: true,
   },
-  extends: ["eslint:recommended", "eslint-config-prettier"],
+  extends: ['eslint:recommended', 'eslint-config-prettier'],
   parserOptions: {
     ecmaVersion: 12,
   },
   rules: {
-    "no-prototype-builtins": "off",
-    "no-self-assign": "off",
-    "no-empty": "off",
-    "no-case-declarations": "off",
-    "consistent-return": "off",
-    "arrow-body-style": "off",
-    camelcase: "off",
-    quotes: "off",
-    "no-unused-vars": "off",
-    "comma-dangle": "off",
-    "no-bitwise": "off",
-    "no-use-before-define": "off",
-    "no-extra-boolean-cast": "off",
-    "no-empty-pattern": "off",
-    curly: "off",
-    "no-unreachable": "off",
+    'no-prototype-builtins': 'off',
+    'no-self-assign': 'off',
+    'no-empty': 'off',
+    'no-case-declarations': 'off',
+    'consistent-return': 'off',
+    'arrow-body-style': 'off',
+    camelcase: 'off',
+    quotes: 'off',
+    'no-unused-vars': 'off',
+    'comma-dangle': 'off',
+    'no-bitwise': 'off',
+    'no-use-before-define': 'off',
+    'no-extra-boolean-cast': 'off',
+    'no-empty-pattern': 'off',
+    curly: 'off',
+    'no-unreachable': 'off',
   },
 };
diff --git a/functions/api/index.js b/functions/api/index.js
@@ -1,11 +1,11 @@
 // 각종 모듈들
-const functions = require("firebase-functions");
-const express = require("express");
-const cors = require("cors");
-const cookieParser = require("cookie-parser");
-const dotenv = require("dotenv");
-const hpp = require("hpp");
-const helmet = require("helmet");
+const functions = require('firebase-functions');
+const express = require('express');
+const cors = require('cors');
+const cookieParser = require('cookie-parser');
+const dotenv = require('dotenv');
+const hpp = require('hpp');
+const helmet = require('helmet');
 
 // 보안 상 깃허브에 올리면 안 되는 정보를 .env라는 파일로 관리하기 위해 사용하는 모듈
 dotenv.config();
@@ -15,11 +15,15 @@ const app = express();
 
 // Cross-Origin Resource Sharing을 열어주는 미들웨어
 // https://evan-moon.github.io/2020/05/21/about-cors/ 에서 자세한 정보 확인
-app.use(cors());
+const corsOpt = function (req, callback) {
+  callback(null, { origin: true });
+};
+
+app.use(cors(corsOpt));
 
 //  보안을 위한 미들웨어들
 //  process.env.NODE_ENV는 배포된 서버에서는 'production'으로, 로컬에서 돌아가는 서버에서는 'development'로 고정됨.
-if (process.env.NODE_ENV === "production") {
+if (process.env.NODE_ENV === 'production') {
   app.use(hpp());
   app.use(helmet());
 }
@@ -30,29 +34,29 @@ app.use(express.urlencoded({ extended: true }));
 app.use(cookieParser());
 
 // 라우팅: routes 폴더로 관리
-app.use("/", require("./routes"));
+app.use('/', require('./routes'));
 
 //  route 폴더에 우리가 지정할 경로가 아닌 다른 경로로 요청이 올 경우,
 //  잘못된 경로로 요청이 들어왔다는 메시지를 클라이언트에 보냄
-app.use("*", (req, res) => {
+app.use('*', (req, res) => {
   res.status(404).json({
     status: 404,
     success: false,
-    message: "잘못된 경로입니다.",
+    message: '잘못된 경로입니다.',
   });
 });
 
 // express를 firebase functions로 감싸주는 코드
 module.exports = functions
   .runWith({
     timeoutSeconds: 300, // 요청을 처리하는 과정이 300초를 초과하면 타임아웃 시키기
-    memory: "512MB", // 서버에 할당되는 메모리
+    memory: '512MB', // 서버에 할당되는 메모리
   })
-  .region("asia-northeast3") // 서버가 돌아갈 region. asia-northeast3는 서울
+  .region('asia-northeast3') // 서버가 돌아갈 region. asia-northeast3는 서울
   .https.onRequest(async (req, res) => {
     // 들어오는 요청에 대한 로그를 콘솔에 찍기. 디버깅 때 유용하게 쓰일 예정.
     // 콘솔에 찍고 싶은 내용을 원하는 대로 추가하면 됨. (req.headers, req.query 등)
-    console.log("\n\n", "[api]", `[${req.method.toUpperCase()}]`, req.originalUrl, req.body);
+    console.log('\n\n', '[api]', `[${req.method.toUpperCase()}]`, req.originalUrl, req.body);
 
     // 맨 위에 선언된 express app 객체를 리턴.
     // 요것이 functions/index.js 안의 api: require("./api")에 들어가는 것.

diff --git a/functions/api/routes/auth/authLoginPOST.js b/functions/api/routes/auth/authLoginPOST.js
@@ -14,7 +14,7 @@ module.exports = async (req, res) => {
   let kakao_profile;
   let authUser;
   let client;
-  if (!authenticationCode) {
+  if (!provider || !authenticationCode) {
     return res.status(statusCode.BAD_REQUEST).send(util.fail(statusCode.BAD_REQUEST, responseMessage.NULL_VALUE));
   }
   try {
@@ -34,7 +34,7 @@ module.exports = async (req, res) => {
     });
   } catch (error) {
     console.log(error);
-    return res.status(statusCode.NOT_FOUND).json(util.fail(statusCode.NOT_FOUND, responseMessage.WRONG_AUTH));
+    return res.status(statusCode.BAD_REQUEST).json(util.fail(statusCode.BAD_REQUEST, responseMessage.WRONG_AUTH));
   }
 
   try {
@@ -45,25 +45,26 @@ module.exports = async (req, res) => {
       },
     });
   } catch (error) {
-    return res.status(statusCode.NOT_FOUND).json(util.fail(statusCode.NOT_FOUND, responseMessage.WRONG_TOKEN));
+    return res.status(statusCode.BAD_REQUEST).json(util.fail(statusCode.BAD_REQUEST, responseMessage.WRONG_TOKEN));
   }
 
   try {
     client = await db.connect();
     authUser = await userDB.getUserByAuthenticationCode(client, kakao_profile.data.id); //^_^// kakao id == auth code
     if (!authUser) {
-      return res.status(statusCode.OK).send(util.success(statusCode.OK, responseMessage.NEED_REGISTER, { accesstoken: socialToken.data.access_token, refreshtoken: socialToken.data.refresh_token }));
-    }
-    const accesstoken = jwtHandlers.sign(authUser);
-    const refreshtoken = jwtHandlers.refresh(authUser);
-    const user = await userDB.updateRefreshTokenById(client, authUser.id, refreshtoken);
+      const tempUser = await userDB.addUser(client, '', '', kakao_profile.data.id, provider, '');
+      const accesstoken = jwtHandlers.sign(tempUser);
+      const refreshtoken = jwtHandlers.refresh(tempUser);
+      const user = await userDB.updateRefreshTokenById(client, tempUser.id, refreshtoken);
 
-    return res.status(statusCode.OK).send(
-      util.success(statusCode.OK, responseMessage.READ_USER_SUCCESS, {
-        user,
-        accesstoken,
-      }),
-    );
+      return res.status(statusCode.OK).send(util.success(statusCode.OK, responseMessage.CREATED_USER, { user, accesstoken }));
+    } else {
+      const accesstoken = jwtHandlers.sign(authUser);
+      const refreshtoken = jwtHandlers.refresh(authUser);
+      const user = await userDB.updateRefreshTokenById(client, authUser.id, refreshtoken);
+
+      return res.status(statusCode.OK).send(util.success(statusCode.OK, responseMessage.LOGIN_SUCCESS, { user, accesstoken }));
+    }
   } catch (error) {
     const slackMessage = `[ERROR] [${req.method.toUpperCase()}] ${req.originalUrl} ${req.user ? `uid:${req.user.id}` : 'req.user 없음'}
     ${JSON.stringify(error)}`;

diff --git a/functions/api/routes/auth/authRefreshPUT.js b/functions/api/routes/auth/authRefreshPUT.js
@@ -0,0 +1,48 @@
+const functions = require('firebase-functions');
+const util = require('../../../lib/util');
+const statusCode = require('../../../constants/statusCode');
+const responseMessage = require('../../../constants/responseMessage');
+const db = require('../../../db/db');
+const slackAPI = require('../../../lib/slackAPI');
+const { userDB } = require('../../../db');
+const jwtHandlers = require('../../../lib/jwtHandlers');
+const { TOKEN_INVALID, TOKEN_EXPIRED } = require('../../../constants/jwt');
+
+module.exports = async (req, res) => {
+  const { refreshToken } = req.body;
+
+  if (!refreshToken) {
+    return res.status(statusCode.BAD_REQUEST).send(util.fail(statusCode.BAD_REQUEST, responseMessage.NULL_VALUE));
+  }
+
+  let client;
+
+  try {
+    client = await db.connect(req);
+
+    const tokenUser = jwtHandlers.verify(refreshToken);
+    if (tokenUser == TOKEN_EXPIRED) {
+      return res.status(statusCode.BAD_REQUEST).send(util.fail(statusCode.BAD_REQUEST, responseMessage.TOKEN_EXPIRED));
+    }
+    if (tokenUser == TOKEN_INVALID) {
+      return res.status(statusCode.BAD_REQUEST).send(util.fail(statusCode.BAD_REQUEST, responseMessage.TOKEN_INVALID));
+    }
+
+    const tempUser = await userDB.getUserById(client, tokenUser.id);
+    const accesstoken = jwtHandlers.sign(tempUser);
+    const refreshtoken = jwtHandlers.refresh(tempUser);
+    const user = await userDB.updateRefreshTokenById(client, tempUser.id, refreshtoken);
+
+    res.status(statusCode.OK).send(util.success(statusCode.OK, responseMessage.TOKEN_REFRESH_SUCCESS, { user, accesstoken }));
+  } catch (error) {
+    functions.logger.error(`[ERROR] [${req.method.toUpperCase()}] ${req.originalUrl}`, `[CONTENT] ${error}`);
+    console.log(error);
+
+    const slackMessage = `[ERROR] [${req.method.toUpperCase()}] ${req.originalUrl} ${req.user ? `uid:${req.user.id}` : 'req.user 없음'}
+ ${JSON.stringify(error)}`;
+    slackAPI.sendMessageToSlack(slackMessage, slackAPI.DEV_WEB_HOOK_ERROR_MONITORING);
+    res.status(statusCode.INTERNAL_SERVER_ERROR).send(util.fail(statusCode.INTERNAL_SERVER_ERROR, responseMessage.INTERNAL_SERVER_ERROR));
+  } finally {
+    client.release();
+  }
+};
diff --git a/functions/api/routes/auth/authRegisterPOST.js b/functions/api/routes/auth/authRegisterPOST.js
@@ -8,43 +8,33 @@ const jwtHandlers = require('../../../lib/jwtHandlers');
 const slackAPI = require('../../../lib/slackAPI');
 
 module.exports = async (req, res) => {
-  const { profileId, name, provider, accesstoken, refreshtoken } = req.body;
+  const { id: userId, profileId: userProfileId } = req.user;
+  const { profileId, name, provider } = req.body;
   const imageUrls = req.imageUrls;
   let client;
-  let kakao_profile = '';
-  if (!profileId || !name || !provider || !accesstoken || !refreshtoken) {
+  if (!profileId || !name || !provider) {
     return res.status(statusCode.BAD_REQUEST).send(util.fail(statusCode.BAD_REQUEST, responseMessage.NULL_VALUE));
   }
 
-  try {
-    kakao_profile = await axios.get('https://kapi.kakao.com/v2/user/me', {
-      headers: {
-        Authorization: 'Bearer ' + accesstoken,
-        'Content-Type': 'application/json',
-      },
-    });
-  } catch (error) {
-    return res.status(statusCode.NOT_FOUND).json(util.fail(statusCode.NOT_FOUND, responseMessage.WRONG_TOKEN));
-  }
   try {
     client = await db.connect();
-    const check = await userDB.checkUserProfileId(client, profileId);
-    if (check) {
-      client.release();
+    if (userId && userProfileId) {
+      return res.status(statusCode.FORBIDDEN).send(util.fail(statusCode.FORBIDDEN, responseMessage.REGISTERED_USER));
+    }
+    const checkUser = await userDB.checkUserProfileId(client, profileId);
+    if (checkUser && checkUser.id != userId) {
       return res.status(statusCode.NO_CONTENT).send(util.fail(statusCode.NO_CONTENT, responseMessage.DUPLICATE_USER_PROFILE_ID));
     }
 
-    const tempUser = await userDB.addUser(client, profileId, name, kakao_profile.data.id, provider, imageUrls);
-    const accessToken = jwtHandlers.sign(tempUser);
-    const refreshToken = jwtHandlers.refresh(tempUser);
-    const user = await userDB.updateRefreshTokenById(client, tempUser.id, refreshToken);
+    let tempUser;
+    if (imageUrls) tempUser = await userDB.updateUserInformationIncludeImage(client, userId, profileId, name, imageUrls);
+    else tempUser = await userDB.updateUserInformationWithoutImage(client, userId, profileId, name);
+
+    const accesstoken = jwtHandlers.sign(tempUser);
+    const refreshtoken = jwtHandlers.refresh(tempUser);
+    const user = await userDB.updateRefreshTokenById(client, tempUser.id, refreshtoken);
 
-    return res.status(statusCode.OK).send(
-      util.success(statusCode.OK, responseMessage.CREATED_USER, {
-        user,
-        accesstoken: accessToken,
-      }),
-    );
+    return res.status(statusCode.OK).send(util.success(statusCode.OK, responseMessage.REGISTER_USER_SUCCESS, { user, accesstoken }));
   } catch (error) {
     const slackMessage = `[ERROR] [${req.method.toUpperCase()}] ${req.originalUrl} ${req.user ? `uid:${req.user.id}` : 'req.user 없음'}
     ${JSON.stringify(error)}`;

diff --git a/functions/api/routes/auth/index.js b/functions/api/routes/auth/index.js
@@ -1,8 +1,10 @@
 const express = require('express');
 const router = express.Router();
 const uploadImage = require('../../../middlewares/uploadImage');
+const { checkUser } = require('../../../middlewares/auth');
 
 router.post('/login', require('./authLoginPOST'));
-router.post('/register', uploadImage('user'), require('./authRegisterPOST'));
+router.post('/register', checkUser, uploadImage('user'), require('./authRegisterPOST'));
+router.put('/refresh', require('./authRefreshPUT'));
 
 module.exports = router;
diff --git a/functions/api/routes/form/formMyAllGET.js b/functions/api/routes/form/formMyAllGET.js
@@ -23,18 +23,20 @@ module.exports = async (req, res) => {
     client = await db.connect(req);
 
     //^_^// formId 답변 유무, 최신순 정렬
-    const myFormIdRecentList = await answerDB.getRecentFormIdListByUserId(client, userId);
+    const myFormIdRecentList = await answerDB.getFormIdListByUserId(client, userId);
     myFormIdRecentList.sort(function (a, b) {
       if (b.cnt === '0') return -1;
+      else if (b.createdAt < a.createdAt) return -1;
     });
 
     if (myFormIdRecentList.length === 0) {
       return res.status(statusCode.OK).send(util.success(statusCode.OK, responseMessage.NO_MY_FORM_CONTENT));
     }
     const idUnique = myFormIdRecentList.filter((form, index, arr) => {
-      return arr.findIndex((item) => item.formId === form.formId) === index;
+      return arr.findIndex((item) => item.id === form.id) === index;
     });
-    let idList = extractValues(idUnique, 'formId');
+
+    let idList = extractValues(idUnique, 'id');
     const count = idList.length;
 
     //^_^// form id로 form, answer 정보 가져오기

diff --git a/functions/api/routes/form/formMyGET.js b/functions/api/routes/form/formMyGET.js
@@ -23,18 +23,20 @@ module.exports = async (req, res) => {
     client = await db.connect(req);
 
     //^_^// formId 답변 유무, 최신순 정렬
-    const myFormIdRecentList = await answerDB.getRecentFormIdListByUserId(client, userId);
+    const myFormIdRecentList = await answerDB.getFormIdListByUserId(client, userId);
     myFormIdRecentList.sort(function (a, b) {
       if (b.cnt === '0') return -1;
+      else if (b.createdAt < a.createdAt) return -1;
     });
 
     if (myFormIdRecentList.length === 0) {
       return res.status(statusCode.OK).send(util.success(statusCode.OK, responseMessage.NO_MY_FORM_CONTENT));
     }
     const idUnique = myFormIdRecentList.filter((form, index, arr) => {
-      return arr.findIndex((item) => item.formId === form.formId) === index;
+      return arr.findIndex((item) => item.id === form.id) === index;
     });
-    let idList = extractValues(idUnique, 'formId');
+
+    let idList = extractValues(idUnique, 'id');
     const count = idList.length;
     if (idList.length > 2) idList = idList.slice(0, 2);