refactor: 토큰 재발급 로직 수정

[Jjiggu]

작업 요약

• 번호 및 마케팅 정보 입력 시 토큰 재발급 로직 수정

Issue Link

#310

문제점 및 어려움

해결 방안

Reference

Summary by CodeRabbit

• New Features
  • 사용자 정보 업데이트 시 새 액세스 토큰과 리프레시 토큰을 함께 반환하여 세션 지속성 향상.
• Bug Fixes
  • 인증을 로그인 쿠키 기반으로 일원화해 일관성 개선.
  • 인증 정보가 없을 경우 401 Unauthorized를 명확히 반환.
  • 응답을 표준화된 인증 응답 객체로 통일해 클라이언트 처리 안정성 개선.

[coderabbitai]

Caution

Review failed

The pull request is closed.

Walkthrough

컨트롤러가 사용자 식별을 OAuth2 사용자 주체에서 쿠키의 accessToken으로 전환했고, 서비스는 accessToken을 받아 사용자 조회·검증 후 새 access/refresh 토큰을 생성·저장하여 AuthenticationResponse로 반환하도록 변경되었습니다. 관련 시그니처와 의존성(TokenService)도 갱신되었습니다.

Changes

Cohort / File(s)	Summary of Changes
Controller: cookie 기반 토큰 수집 및 응답 타입 변경 nowait-app-user-api/src/main/java/com/nowait/applicationuser/user/controller/UserController.java	@AuthenticationPrincipal 제거, @CookieValue("accessToken")로 토큰 수집 및 없을 시 401 처리 경로 추가. 서비스 호출을 putOptional(accessToken, ...)로 변경. 반환 타입을 String에서 AuthenticationResponse로 변경하여 ApiUtils.success로 래핑. 관련 import 추가.
Service: accessToken 기반 처리·토큰 재발급·영속화 nowait-app-user-api/src/main/java/com/nowait/applicationuser/user/service/UserService.java	메서드 시그니처를 (Long userId, String, boolean) -> String에서 (String accessToken, String, boolean) -> AuthenticationResponse로 변경. 토큰에서 userId/role 추출 후 사용자 조회 및 전화번호 중복 검증. 새 access/refresh 토큰 생성, TokenService로 리프레시 토큰 저장. @RequiredArgsConstructor로 TokenService 의존성 추가.

Sequence Diagram(s)

sequenceDiagram
    autonumber
    actor Client
    participant Controller as UserController
    participant Service as UserService
    participant Repo as UserRepository
    participant Jwt as JwtUtil
    participant TokenSvc as TokenService

    Client->>Controller: PUT /user/optional (Cookie: accessToken, body: phone, consent)
    alt accessToken 누락
        Controller-->>Client: 401 Unauthorized
    else accessToken 존재
        Controller->>Service: putOptional(accessToken, phone, consent)
        Service->>Jwt: parse userId, role from accessToken
        Service->>Repo: findById(userId)
        Repo-->>Service: User
        Service->>Repo: validate phone uniqueness / update phone & consent
        Service->>Jwt: generate new access token
        Service->>Jwt: generate new refresh token
        Service->>TokenSvc: persist refresh token
        Service-->>Controller: AuthenticationResponse(access, refresh)
        Controller-->>Client: 200 OK (AuthenticationResponse)
    end

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between ade2b56 and c1b863e.

📒 Files selected for processing (2)

• nowait-app-user-api/src/main/java/com/nowait/applicationuser/user/controller/UserController.java (2 hunks)
• nowait-app-user-api/src/main/java/com/nowait/applicationuser/user/service/UserService.java (3 hunks)

✨ Finishing Touches

• 📝 Generate Docstrings

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feature/#310-phoneNumber

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbitai help to get the list of available commands.

Other keywords and placeholders

• Add @coderabbitai ignore or @coderabbit ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Status, Documentation and Community

• Visit our Status Page to check the current availability of CodeRabbit.
• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.