feat: 회원가입시 이메일과 비밀번호 보안 개선 (#540)

* feat(user): 기본 회원가입시 @student.42seoul.kr 금지 * feat(auth): 인트라 회원가입시 비밀번호 uuid로 랜덤 설정 * refactor(auth.controller): change import crypto to node:crypto Co-authored-by: scarf <greenscarf005@gmail.com> * build(package.json): remove uuid Co-authored-by: scarf <greenscarf005@gmail.com> * fix(users.controller): invalid exception code Co-authored-by: scarf <greenscarf005@gmail.com> --------- Co-authored-by: scarf <greenscarf005@gmail.com>
jiphyeonjeon-42 · Jul 12, 2023 · 3e7c219 · 3e7c219
1 parent 2e51856
commit 3e7c219
Show file tree

Hide file tree

Showing 4 changed files with 8 additions and 2 deletions.
diff --git a/backend/src/auth/auth.controller.ts b/backend/src/auth/auth.controller.ts
@@ -1,6 +1,7 @@
 import * as bcrypt from 'bcrypt';
 import { NextFunction, Request, Response } from 'express';
 import * as status from 'http-status';
+import { randomUUID } from 'node:crypto';
 import * as models from '../DTO/users.model';
 import { oauth42ApiOption, oauthUrlOption } from '../config';
 import { updateSlackIdByUserId } from '../slack/slack.service';
@@ -30,7 +31,7 @@ export const getToken = async (req: Request, res: Response, next: NextFunction):
       // 회원가입
       try {
         const email = `${nickName}@student.42seoul.kr`;
-        await usersService.createUser(String(email), await bcrypt.hash(String(email), 10));
+        await usersService.createUser(String(email), await bcrypt.hash(randomUUID(), 10));
         const newUser: { items: models.User[] } = await usersService.searchUserByEmail(email);
         await authService.updateAuthenticationUser(newUser.items[0].id, id, nickName);
         await updateSlackIdByUserId(newUser.items[0].id);

diff --git a/backend/src/routes/users.routes.ts b/backend/src/routes/users.routes.ts
@@ -168,7 +168,7 @@ export const router = Router();
  *            application/json:
  *              schema:
  *                type: object
- *                description: 200, 201, 205 에러 가능
+ *                description: 200, 201, 205, 209 에러 가능
  *                properties:
  *                  errorCode:
  *                    type: number

diff --git a/backend/src/users/users.controller.ts b/backend/src/users/users.controller.ts
@@ -67,6 +67,10 @@ export const create = async (req: Request, res: Response, next: NextFunction) =>
   if (!email || !password) {
     return next(new ErrorResponse(errorCode.INVALID_INPUT, status.BAD_REQUEST));
   }
+  const regex = /@student\.42seoul\.kr$/;
+  if (regex.test(email)) {
+    return next(new ErrorResponse(errorCode.STUDENT_42_SUBSCRIPTION_FORBIDDEN, status.BAD_REQUEST));
+  }
   try {
     pwSchema
       .is().min(10)

diff --git a/backend/src/utils/error/errorCode.ts b/backend/src/utils/error/errorCode.ts
@@ -22,6 +22,7 @@ export const INVALIDATE_PASSWORD = '205';
 export const INVALID_ROLE = '206';
 export const SLACK_OVERLAP = '207';
 export const INTRA_AUTHENTICATE_SUCCESS = '208';
+export const STUDENT_42_SUBSCRIPTION_FORBIDDEN = '209';
 
 export const SLACKID_OVERLAP = '301';
 export const NO_ISBN = '302';