Check-Data-Out · Jihyun3478 · May 3, 2025 · Apr 20, 2025 · Apr 20, 2025 · Apr 21, 2025
diff --git a/src/controllers/user.controller.ts b/src/controllers/user.controller.ts
@@ -1,7 +1,13 @@
 import { NextFunction, Request, Response, RequestHandler, CookieOptions } from 'express';
 import logger from '@/configs/logger.config';
 import { EmptyResponseDto, LoginResponseDto, UserWithTokenDto } from '@/types';
+import { QRLoginTokenResponseDto } from '@/types/dto/responses/qrResponse.type';
 import { UserService } from '@/services/user.service';
+import { InvalidTokenError, TokenExpiredError } from '@/exception/token.exception';
+import { NotFoundError } from '@/exception';
+
+type Token32 = string & { __lengthBrand: 10 };
+
 export class UserController {
   constructor(private userService: UserService) { }
 
@@ -102,4 +108,64 @@ export class UserController {
 
     res.status(200).json(response);
   };
+
+  createToken: RequestHandler = async (
+    req: Request,
+    res: Response<QRLoginTokenResponseDto>,
+    next: NextFunction,
+  ) => {
+    try {
+      const user = req.user;
+      const ip = req.ip ?? '';
+      const userAgent = req.headers['user-agent'] || '';
+
+      const token = await this.userService.create(user.id, ip, userAgent);
+      const typedToken = token as Token32;
+
+      const response = new QRLoginTokenResponseDto(
+        true,
+        'QR 토큰 생성 완료',
+        { token: typedToken },
+        null
+      );
+      res.status(200).json(response);
+    } catch (error) {
+      logger.error('QR 토큰 생성 실패:', error);
+      next(error);
+    }
+  };
+
+  getToken: RequestHandler = async (req: Request, res: Response, next: NextFunction) => {
+    try {
+      const token = req.query.token as string;
+      if (!token) {
+        throw new InvalidTokenError('토큰이 필요합니다.');
+      }
+
+      const found = await this.userService.useToken(token);
+      if (!found) {
+        throw new TokenExpiredError();
+      }
+
+      const user = await this.userService.findByVelogUUID(found.user.toString());
+      if (!user) throw new NotFoundError('유저를 찾을 수 없습니다.');
+
+      const { decryptedAccessToken, decryptedRefreshToken } = this.userService.getDecryptedTokens(  
+        user.group_id,  
+        user.access_token,  
+        user.refresh_token  
+      );
+
+      res.clearCookie('access_token', this.cookieOption());
+      res.clearCookie('refresh_token', this.cookieOption());
+
+      res.cookie('access_token', decryptedAccessToken, this.cookieOption());
+      res.cookie('refresh_token', decryptedRefreshToken, this.cookieOption());
+
+      res.redirect('/main');
+    } catch (error) {
+      logger.error('QR 토큰 로그인 처리 실패', error);
+      next(error);
+    }
+  };
 }
diff --git a/src/repositories/__test__/qr.repo.integration.test.ts b/src/repositories/__test__/qr.repo.integration.test.ts
@@ -0,0 +1,133 @@
+import dotenv from 'dotenv';
+import { Pool } from 'pg';
+import pg from 'pg';
+import { UserRepository } from '@/repositories/user.repository';
+import { generateRandomToken } from '@/utils/generateRandomToken.util';
+import logger from '@/configs/logger.config';
+
+dotenv.config();
+jest.setTimeout(30000);
+
+describe('QRLoginTokenRepository 통합 테스트', () => {
+  let testPool: Pool;
+  let repo: UserRepository;
+
+  const TEST_DATA = {
+    USER_ID: 1,
+  };
+
+  beforeAll(async () => {
+    const testPoolConfig: pg.PoolConfig = {
+      database: process.env.DATABASE_NAME,
+      user: process.env.POSTGRES_USER,
+      host: process.env.POSTGRES_HOST,
+      password: process.env.POSTGRES_PASSWORD,
+      port: Number(process.env.POSTGRES_PORT),
+      max: 1,
+      idleTimeoutMillis: 30000,
+      connectionTimeoutMillis: 5000,
+      allowExitOnIdle: false,
+      statement_timeout: 30000,
+    };
+
+    if (process.env.POSTGRES_HOST !== 'localhost') {
+      testPoolConfig.ssl = { rejectUnauthorized: false };
+    }
+
+    testPool = new Pool(testPoolConfig);
+
+    await testPool.query('SELECT 1');
+    logger.info('테스트 DB 연결 성공');
+
+    repo = new UserRepository(testPool);
+  });
+
+  afterAll(async () => {
+    try {
+      await new Promise(resolve => setTimeout(resolve, 1000));
+      if (testPool) {
+        await testPool.end();
+      }
+      await new Promise(resolve => setTimeout(resolve, 1000));
+      logger.info('테스트 DB 연결 종료');
+    } catch (error) {
+      logger.error('테스트 종료 중 오류:', error);
+    }
+  });
+
+  describe('QR 토큰 생성 및 조회', () => {
+    it('QR 토큰을 생성하고 정상 조회할 수 있어야 한다', async () => {
+      const token = generateRandomToken();
+      const ip = '127.0.0.1';
+      const userAgent = 'test-agent';
+
+      await repo.createQRLoginToken(token, TEST_DATA.USER_ID, ip, userAgent);
+      const foundToken = await repo.findQRLoginToken(token);
+
+      expect(foundToken).not.toBeNull();
+      expect(foundToken?.token).toBe(token);
+      expect(foundToken?.is_used).toBe(false);
+      expect(new Date(foundToken!.expires_at).getTime()).toBeGreaterThan(new Date(foundToken!.created_at).getTime());
+    });
+
+    it('존재하지 않는 토큰 조회 시 null을 반환해야 한다', async () => {
+      const invalidToken = generateRandomToken();
+      const result = await repo.findQRLoginToken(invalidToken);
+
+      expect(result).toBeNull();
+    });
+  });
+
+  describe('QR 토큰 사용 처리', () => {
+    it('QR 토큰을 사용 처리한 후 조회되지 않아야 한다', async () => {
+      const token = generateRandomToken();
+      const ip = '127.0.0.1';
+      const userAgent = 'test-agent';
+
+      await repo.createQRLoginToken(token, TEST_DATA.USER_ID, ip, userAgent);
+      await repo.markTokenUsed(token);
+
+      const found = await repo.findQRLoginToken(token);
+
+      expect(found).toBeNull();
+    });
+  });
+
+  describe('QR 토큰 만료 처리', () => {
+    it('만료된 토큰은 조회되지 않아야 한다', async () => {
+      const token = generateRandomToken();
+      const ip = '127.0.0.1';
+      const userAgent = 'test-agent';
+
+      await testPool.query(
+        `
+          INSERT INTO users_qrlogintoken (token, user_id, created_at, expires_at, is_used, ip_address, user_agent)
+          VALUES ($1, $2, NOW() - INTERVAL '10 minutes', NOW() - INTERVAL '5 minutes', false, $3, $4)
+        `,
+        [token, TEST_DATA.USER_ID, ip, userAgent]
+      );
+
+      const found = await repo.findQRLoginToken(token);
+
+      expect(found).toBeNull();
+    });
+
+    it('만료되고 사용된 토큰도 조회되지 않아야 한다', async () => {
+      const token = generateRandomToken();
+      const ip = '127.0.0.1';
+      const userAgent = 'test-agent';
+
+      await testPool.query(
+        `
+          INSERT INTO users_qrlogintoken (token, user_id, created_at, expires_at, is_used, ip_address, user_agent)
+          VALUES ($1, $2, NOW() - INTERVAL '10 minutes', NOW() - INTERVAL '5 minutes', true, $3, $4)
+        `,
+        [token, TEST_DATA.USER_ID, ip, userAgent]
+      );
+
+      const found = await repo.findQRLoginToken(token);
+
+      expect(found).toBeNull();
+    });
+  });
+});
diff --git a/src/repositories/__test__/qr.repo.test.ts b/src/repositories/__test__/qr.repo.test.ts
@@ -0,0 +1,80 @@
+import { UserRepository } from '@/repositories/user.repository';
+import { DBError } from '@/exception';
+import { Pool } from 'pg';
+
+const mockPool: Partial<Pool> = {
+  query: jest.fn(),
+};
+
+describe('QRLoginTokenRepository', () => {
+  let repo: UserRepository;
+
+  beforeEach(() => {
+    repo = new UserRepository(mockPool as Pool);
+  });
+
+  afterEach(() => {
+    jest.clearAllMocks();
+  });
+
+  describe('createQRLoginToken', () => {
+    it('QR 토큰을 성공적으로 삽입해야 한다', async () => {
+      (mockPool.query as jest.Mock).mockResolvedValueOnce(undefined);
+
+      await expect(
+        repo.createQRLoginToken('token', 1, 'ip', 'agent')
+      ).resolves.not.toThrow();
+
+      expect(mockPool.query).toHaveBeenCalled();
+    });
+
+    it('삽입 중 오류 발생 시 DBError를 던져야 한다', async () => {
+      (mockPool.query as jest.Mock).mockRejectedValueOnce(new Error('fail'));
+
+      await expect(
+        repo.createQRLoginToken('token', 1, 'ip', 'agent')
+      ).rejects.toThrow(DBError);
+    });
+  });
+
+  describe('findQRLoginToken', () => {
+    it('토큰이 존재할 경우 반환해야 한다', async () => {
+      const mockTokenData = { token: 'token', user: 1 };
+      (mockPool.query as jest.Mock).mockResolvedValueOnce({ rows: [mockTokenData] });
+
+      const result = await repo.findQRLoginToken('token');
+      expect(result).toEqual(mockTokenData);
+    });
+
+    it('토큰이 존재하지 않으면 null을 반환해야 한다', async () => {
+      (mockPool.query as jest.Mock).mockResolvedValueOnce({ rows: [] });
+
+      const result = await repo.findQRLoginToken('token');
+      expect(result).toBeNull();
+    });
+
+    it('조회 중 오류 발생 시 DBError를 던져야 한다', async () => {
+      (mockPool.query as jest.Mock).mockRejectedValueOnce(new Error('fail'));
+
+      await expect(repo.findQRLoginToken('token')).rejects.toThrow(DBError);
+    });
+  });
+
+  describe('markTokenUsed', () => {
+    it('토큰을 사용 처리해야 한다', async () => {
+      (mockPool.query as jest.Mock).mockResolvedValueOnce(undefined);
+
+      await expect(repo.markTokenUsed('token')).resolves.not.toThrow();
+      expect(mockPool.query).toHaveBeenCalledWith(
+        expect.stringContaining('UPDATE users_qrlogintoken SET is_used = true'),
+        ['token']
+      );
+    });
+
+    it('토큰 사용 처리 중 오류 발생 시 DBError를 던져야 한다', async () => {
+      (mockPool.query as jest.Mock).mockRejectedValueOnce(new Error('fail'));
+
+      await expect(repo.markTokenUsed('token')).rejects.toThrow(DBError);
+    });
+  });
+});
diff --git a/src/repositories/user.repository.ts b/src/repositories/user.repository.ts
@@ -1,10 +1,11 @@
 import { Pool } from 'pg';
 import logger from '@/configs/logger.config';
 import { User } from '@/types';
+import { QRLoginToken } from "@/types/models/QRLoginToken.type";
 import { DBError } from '@/exception';
 
 export class UserRepository {
-  constructor(private readonly pool: Pool) { }
+  constructor(private readonly pool: Pool) {}
 
   async findByUserVelogUUID(uuid: string): Promise<User> {
     try {
@@ -91,4 +92,44 @@ export class UserRepository {
       throw new DBError('유저 생성 중 문제가 발생했습니다.');
     }
   }
+
+  async createQRLoginToken(token: string, userId: number, ip: string, userAgent: string): Promise<void> {
+    try {
+      const query = `
+            INSERT INTO users_qrlogintoken (token, user_id, created_at, expires_at, is_used, ip_address, user_agent)
+            VALUES ($1, $2, NOW(), NOW() + INTERVAL '5 minutes', false, $3, $4);
+        `;
+      await this.pool.query(query, [token, userId, ip, userAgent]);
+    } catch (error) {
+      logger.error('QRLoginToken Repo Create Error : ', error);
+      throw new DBError('QR 코드 토큰 생성 중 문제가 발생했습니다.');
+    }
+  }
+
+  async findQRLoginToken(token: string): Promise<QRLoginToken | null> {
+    try {
+      const query = `
+            SELECT *
+            FROM users_qrlogintoken
+            WHERE token = $1 AND is_used = false AND expires_at > NOW();
+        `;
+      const result = await this.pool.query(query, [token]);
+      return result.rows[0] ?? null;
+    } catch (error) {
+      logger.error('QRLoginToken Repo find QR Code Error : ', error);
+      throw new DBError('QR 코드 토큰 조회 중 문제가 발생했습니다.');
+    }
+  }
+
+  async markTokenUsed(token: string): Promise<void> {
+    try {
+      const query = `
+        UPDATE users_qrlogintoken SET is_used = true WHERE token = $1;
+      `;
+      await this.pool.query(query, [token]);
+    } catch (error) {
+      logger.error('QRLoginToken Repo mark as used Error : ', error);
+      throw new DBError('QR 코드 사용 처리 중 문제가 발생했습니다.');
+    }
+  }
 }
diff --git a/src/routes/index.ts b/src/routes/index.ts
@@ -14,4 +14,5 @@ router.use('/', UserRouter);
 router.use('/', PostRouter);
 router.use('/', NotiRouter);
 router.use('/', LeaderboardRouter);
+
 export default router;
diff --git a/src/routes/user.router.ts b/src/routes/user.router.ts
@@ -115,4 +115,41 @@ router.post('/logout', authMiddleware.verify, userController.logout);
  */
 router.get('/me', authMiddleware.login, userController.fetchCurrentUser);
 
+/**
+ * @swagger
+ * /api/qr-login:
+ *   post:
+ *     summary: QR 로그인 토큰 생성
+ *     tags: [QRLogin]
+ *     security:
+ *       - bearerAuth: []
+ *     responses:
+ *       200:
+ *         description: QR 로그인 토큰 생성 성공
+ */
+router.post('/qr-login', authMiddleware.login, userController.createToken);
+
+/**
+ * @swagger
+ * /api/qr-login:
+ *   get:
+ *     summary: QR 로그인 토큰 조회 및 자동 로그인 처리
+ *     tags: [QRLogin]
+ *     parameters:
+ *       - in: query
+ *         name: token
+ *         required: true
+ *         schema:
+ *           type: string
+ *         description: 조회할 QR 토큰
+ *     responses:
+ *       302:
+ *         description: 자동 로그인 완료 후 메인 페이지로 리디렉션
+ *       400:
+ *         description: 잘못된 토큰
+ *       404:
+ *         description: 만료 또는 존재하지 않는 토큰
+ */
+router.get('/qr-login', userController.getToken);
+
 export default router;