refactor(api): Map→SaveReq DTO 교체 + 입력 검증 + 잔여 Enum 적용 (리뷰 3b)
infra-reviewer가 지적한 입력 검증 누락 5건과 잔여 매직 스트링 정리.
Map<String,String> 입력 제거 — 신규 DTO 4종:
- auth/ChangePasswordReq (@NotBlank oldPassword/newPassword)
- auth/RefreshTokenReq (@NotBlank refreshToken)
- controller/settle/PaymentStatusUpdateReq (@NotBlank status)
- controller/receive/ResolveErrorReq (@NotBlank status, optional note)
검증 보강:
- PaymentController.generateTransferFile — settleMonth @Pattern("\d{6}")
- UploadController.preview — limit @Max(100)
잔여 매직 스트링 → 3a Enum 적용:
- AuthService 4곳 — UserStatus.LOCKED/RETIRED/ACTIVE
- UserService 2곳 — UserStatus.ACTIVE
- LedgerService:71 — ExceptionLedgerStatus.NEW
This commit is contained in:
@@ -8,8 +8,6 @@ import jakarta.validation.Valid;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import java.util.Map;
|
||||
|
||||
@Tag(name = "인증")
|
||||
@RestController
|
||||
@RequestMapping("/api/auth")
|
||||
@@ -24,8 +22,8 @@ public class AuthController {
|
||||
}
|
||||
|
||||
@PostMapping("/refresh")
|
||||
public ApiResponse<LoginResp> refresh(@RequestBody Map<String, String> body) {
|
||||
return ApiResponse.ok(authService.refresh(body.get("refreshToken")));
|
||||
public ApiResponse<LoginResp> refresh(@Valid @RequestBody RefreshTokenReq req) {
|
||||
return ApiResponse.ok(authService.refresh(req.getRefreshToken()));
|
||||
}
|
||||
|
||||
@GetMapping("/me")
|
||||
@@ -34,8 +32,8 @@ public class AuthController {
|
||||
}
|
||||
|
||||
@PostMapping("/password")
|
||||
public ApiResponse<Void> changePassword(@RequestBody Map<String, String> body) {
|
||||
authService.changePassword(body.get("oldPassword"), body.get("newPassword"));
|
||||
public ApiResponse<Void> changePassword(@Valid @RequestBody ChangePasswordReq req) {
|
||||
authService.changePassword(req.getOldPassword(), req.getNewPassword());
|
||||
return ApiResponse.ok();
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user