Merge pull request #44 from boostcampwm-2024/develop

v1.1.0 release 배포

Author: github-actions[bot]

.github/workflows/cd-pipeline.yml

@@ -0,0 +1,66 @@
+name: auto  Workflow
+
+on:
+  push:
+    branches:
+      - main
+  workflow_dispatch:
+jobs:
+  image-build-and-push:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: checkout
+        uses: actions/checkout@v3
+
+      # root에 .env.local, .env.client, .env.server 복사
+      - name: copy .env
+        run: |
+          echo "${{ secrets.LOCAL_ENV }}" > .env.local
+          echo "${{ secrets.CLIENT_ENV }}" > .env.client
+          echo "${{ secrets.SERVER_ENV }}" > .env.server
+
+      # Docker 로그인
+      - name: docker hub login
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+
+      # Docker 이미지 빌드
+      - name: docker image build
+        run: |
+          docker build -f ./services/module/Dockerfile -t summersummerwhy/octodocs-modules .
+          docker build -f ./services/backend/Dockerfile.prod -t summersummerwhy/octodocs-backend .
+          docker build -f ./services/nginx/Dockerfile.prod -t summersummerwhy/octodocs-nginx .
+          docker build -f ./services/websocket/Dockerfile.prod -t summersummerwhy/octodocs-websocket .
+
+      # Docker 이미지 푸시
+      - name: docker image push
+        run: |
+          docker push summersummerwhy/octodocs-modules
+          docker push summersummerwhy/octodocs-backend
+          docker push summersummerwhy/octodocs-nginx
+          docker push summersummerwhy/octodocs-websocket
+
+  deploy:
+    needs: image-build-and-push
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: deploy
+        env:
+          REMOTE_HOST: ${{ secrets.REMOTE_SERVER_IP }}
+          REMOTE_USER: ${{ secrets.REMOTE_SERVER_USER }}
+          SSH_KEY: ${{ secrets.REMOTE_PRIVATE_KEY }}
+          DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
+        run: |
+          mkdir ~/.ssh
+          echo "$SSH_KEY" > ~/.ssh/id_rsa
+          chmod 600 ~/.ssh/id_rsa
+
+          ssh -o StrictHostKeyChecking=no $REMOTE_USER@$REMOTE_HOST << 'EOF'
+            cd /root/octodocs
+            docker-compose -f compose.prod.yml down
+            docker-compose -f compose.prod.yml pull
+            docker-compose -f compose.prod.yml up -d

.github/workflows/develop.yml

@@ -0,0 +1,15 @@
+# node_modules를 가지고 있는 이미지
+# 이 이미지를 기반으로 각 workspace 별 이미지를 만들면 
+# yarn install 레이어를 공유하게 된다.
+FROM node:20-alpine
+
+WORKDIR /app
+
+# 호이스팅을 위해
+COPY package.json yarn.lock ./
+COPY apps/backend/package.json ./apps/backend/
+COPY apps/frontend/package.json ./apps/frontend/
+COPY apps/websocket/package.json ./apps/websocket/
+
+# 의존성 설치
+RUN yarn install

Dockerfile.module

@@ -20,7 +20,6 @@ import { WorkspaceModule } from './workspace/workspace.module';
 import { RoleModule } from './role/role.module';
 import { TasksModule } from './tasks/tasks.module';
 import { ScheduleModule } from '@nestjs/schedule';
-import { RedLockModule } from './red-lock/red-lock.module';
 
 @Module({
   imports: [
@@ -54,7 +53,6 @@ import { RedLockModule } from './red-lock/red-lock.module';
     WorkspaceModule,
     RoleModule,
     TasksModule,
-    RedLockModule,
   ],
   controllers: [AppController],
   providers: [AppService],

apps/backend/src/app.module.ts

@@ -13,19 +13,22 @@ import { AuthService } from './auth.service';
 import { JwtAuthGuard } from './guards/jwt-auth.guard';
 import { Response } from 'express';
 import { MessageResponseDto } from './dtos/messageResponse.dto';
+import { LoginResponseDto } from './dtos/loginResponse.dto';
 import { ApiOperation, ApiResponse } from '@nestjs/swagger';
 import { TokenService } from './token/token.service';
 import { UpdateUserDto } from './dtos/UpdateUser.dto';
 
 export enum AuthResponseMessage {
   AUTH_LOGGED_OUT = '로그아웃하였습니다.',
+  AUTH_STATUS = '로그인 여부를 확인하였습니다',
 }
 
 @Controller('auth')
 export class AuthController {
   constructor(
     private readonly authService: AuthService,
     private readonly tokenService: TokenService,
+    private readonly jwtAuthGuard: JwtAuthGuard,
   ) {}
 
   @Get('naver')
@@ -94,6 +97,19 @@ export class AuthController {
     });
   }
 
+  // 클라이언트가 사용자가 로그인되어 있는지 확인할 수 있는 엔드포인트
+  // auth/status
+  @ApiResponse({ type: LoginResponseDto })
+  @ApiOperation({ summary: '사용자가 로그인 여부를 체크합니다.' })
+  @Get('status')
+  async checkLogin(@Req() req, @Res() res: Response) {
+    const isLoggedIn = await this.jwtAuthGuard.isLoggedIn(req, res);
+    return res.status(200).json({
+      message: AuthResponseMessage.AUTH_STATUS,
+      loggedIn: isLoggedIn,
+    });
+  }
+
   // 클라이언트가 사용자의 외부 id(snowflakeId) + 이름을 알 수 있는 엔드포인트
   // auth/profile
   @Get('profile')

apps/backend/src/auth/auth.controller.ts

@@ -0,0 +1,18 @@
+import { ApiProperty } from '@nestjs/swagger';
+import { IsString, IsBoolean } from 'class-validator';
+
+export class LoginResponseDto {
+  @ApiProperty({
+    example: 'OO 생성에 성공했습니다.',
+    description: 'api 요청 결과 메시지',
+  })
+  @IsString()
+  message: string;
+
+  @ApiProperty({
+    example: true,
+    description: '로그인 여부',
+  })
+  @IsBoolean()
+  loggedIn: string;
+}

apps/backend/src/auth/dtos/loginResponse.dto.ts

@@ -67,4 +67,48 @@ export class JwtAuthGuard implements CanActivate {
       }
     }
   }
+
+  // 제대로 로그인이 안되어있으면 exception 대신 false return
+  // 쿠키 처리해줌
+  async isLoggedIn(request, response): Promise<boolean> {
+    const cookies = request.cookies;
+
+    // 쿠키가 없는 경우 false 반환
+    if (!cookies || !cookies.accessToken || !cookies.refreshToken) {
+      return false;
+    }
+
+    const { accessToken, refreshToken } = cookies;
+
+    try {
+      // JWT 검증
+      this.jwtService.verify(accessToken, {
+        secret: process.env.JWT_SECRET,
+      });
+
+      return true;
+    } catch (error) {
+      // accessToken이 만료된 경우
+      if (error instanceof TokenExpiredError) {
+        try {
+          // 새로운 accessToken 발급받기
+          const newAccessToken =
+            await this.tokenService.refreshAccessToken(refreshToken);
+
+          // 쿠키 업데이트
+          this.tokenService.setAccessTokenCookie(response, newAccessToken);
+
+          return true;
+        } catch (refreshError) {
+          // refreshToken 디코딩 실패 시 처리 쿠키 비워줌
+          this.tokenService.clearCookies(response);
+          return false;
+        }
+      } else {
+        // accessToken 디코딩(만료가 아닌 이유로) 실패 시 처리 쿠키 비워줌
+        this.tokenService.clearCookies(response);
+        return false;
+      }
+    }
+  }
 }

apps/backend/src/auth/guards/jwt-auth.guard.ts

@@ -6,14 +6,12 @@ import { Page } from './page.entity';
 import { PageRepository } from './page.repository';
 import { NodeModule } from '../node/node.module';
 import { WorkspaceModule } from '../workspace/workspace.module';
-import { RedLockModule } from '../red-lock/red-lock.module';
 
 @Module({
   imports: [
     TypeOrmModule.forFeature([Page]),
     forwardRef(() => NodeModule),
     WorkspaceModule,
-    RedLockModule,
   ],
   controllers: [PageController],
   providers: [PageService, PageRepository],