GTable · Jjiggu · Sep 5, 2025 · Sep 5, 2025
diff --git a/...app-user-api/src/main/java/com/nowait/applicationuser/user/controller/UserController.java b/...app-user-api/src/main/java/com/nowait/applicationuser/user/controller/UserController.java
@@ -3,11 +3,13 @@
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.core.annotation.AuthenticationPrincipal;
+import org.springframework.web.bind.annotation.CookieValue;
 import org.springframework.web.bind.annotation.PutMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
+import com.nowait.applicationuser.token.dto.AuthenticationResponse;
 import com.nowait.applicationuser.user.dto.UserUpdateRequest;
 import com.nowait.applicationuser.user.service.UserService;
 import com.nowait.common.api.ApiUtils;
@@ -25,17 +27,21 @@ public class UserController {
 
 	@PutMapping("/optional-info")
 	public ResponseEntity<?> putOptional(
-		@AuthenticationPrincipal CustomOAuth2User customOAuth2User,
+		@CookieValue(value = "accessToken", required = false) String accessToken,
 		@Valid @RequestBody UserUpdateRequest req) {
 
-		String newAccessToken = userService.putOptional(customOAuth2User.getUserId(), req.phoneNumber(),
+		if (accessToken == null) {
+			return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("accessToken not found in cookies");
+		}
+
+		AuthenticationResponse authenticationResponse = userService.putOptional(accessToken, req.phoneNumber(),
 			Boolean.TRUE.equals(req.consent()));
 
 		return ResponseEntity
 			.status(HttpStatus.OK)
 			.body(
 				ApiUtils.success(
-					newAccessToken
+					authenticationResponse
 				)
 			);
 	}

diff --git a/nowait-app-user-api/src/main/java/com/nowait/applicationuser/user/service/UserService.java b/nowait-app-user-api/src/main/java/com/nowait/applicationuser/user/service/UserService.java
@@ -2,10 +2,15 @@
 
 import java.time.LocalDateTime;
 
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.security.core.Authentication;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
 import com.nowait.applicationuser.security.jwt.JwtUtil;
+import com.nowait.applicationuser.token.dto.AuthenticationResponse;
+import com.nowait.applicationuser.token.service.TokenService;
 import com.nowait.domaincorerdb.user.entity.User;
 import com.nowait.domaincorerdb.user.exception.UserNotFoundException;
 import com.nowait.domaincorerdb.user.repository.UserRepository;
@@ -17,13 +22,17 @@
 public class UserService {
 
 	private final UserRepository userRepository;
+	private final TokenService tokenService;
 	private final JwtUtil jwtUtil;
 
 	@Transactional
-	public String putOptional(Long userId, String phoneNumber, boolean consent) {
+	public AuthenticationResponse putOptional(String accessToken, String phoneNumber, boolean consent) {
 
-		User user = userRepository.findById(userId)
-			.orElseThrow(UserNotFoundException::new);
+		Long userId = jwtUtil.getUserId(accessToken);;
+		String role = jwtUtil.getRole(accessToken);
+		AuthenticationResponse authenticationResponse;
+
+		User user = userRepository.findById(userId).orElseThrow(UserNotFoundException::new);
 
 		if (userRepository.existsByPhoneNumberAndIdNot(phoneNumber, userId)) {
 			throw new IllegalArgumentException("이미 사용 중인 휴대폰 번호입니다.");
@@ -32,11 +41,24 @@ public String putOptional(Long userId, String phoneNumber, boolean consent) {
 		user.setPhoneNumberAndMarkEntered(phoneNumber, LocalDateTime.now());
 		user.setIsMarketingAgree(consent, LocalDateTime.now());
 
-		String role = "ROLE_" + user.getRole().name();
-
-		return jwtUtil.createAccessToken("accessToken", user.getId(), role,
+		String newAccessToken = jwtUtil.createAccessToken(
+			"accessToken",
+			userId,
+			role,
 			Boolean.TRUE.equals(user.getPhoneEntered()),
 			Boolean.TRUE.equals(user.getIsMarketingAgree()),
-			60 * 60 * 1000L);
+			60 * 60 * 1000L
+		);
+		String newRefreshToken = jwtUtil.createRefreshToken(
+			"refreshToken",
+			userId,
+			60 * 60 * 1000L
+		);
+
+		tokenService.updateRefreshToken(userId, accessToken, newRefreshToken);
+
+		authenticationResponse = new AuthenticationResponse(newAccessToken, newRefreshToken);
+
+		return authenticationResponse;
 	}
 }