Merge pull request #11 from YAPP-Github/feature/NDGL-18

[NDGL-18] 로그인 및 유저 생성 API 연동

Author: mj010504

app/src/main/AndroidManifest.xml

@@ -2,6 +2,8 @@
 <manifest xmlns:android="http://schemas.android.com/apk/res/android"
     xmlns:tools="http://schemas.android.com/tools">
 
+    <uses-permission android:name="android.permission.INTERNET" />
+
     <application
         android:name=".NDGLApplication"
         android:allowBackup="true"
@@ -11,7 +13,8 @@
         android:label="@string/app_name"
         android:roundIcon="@mipmap/ic_launcher_round"
         android:supportsRtl="true"
-        android:theme="@style/Theme.NDGL">
+        android:theme="@style/Theme.NDGL"
+        android:usesCleartextTraffic="true">
         <activity
             android:name=".MainActivity"
             android:exported="true"

build-logic/src/main/kotlin/NDGLDataPlugin.kt

@@ -24,6 +24,7 @@ class NDGLDataPlugin : Plugin<Project> {
         }
 
         dependencies {
+            "implementation"(project(":core:util"))
             "implementation"(libs.findLibrary("retrofit").get())
             "implementation"(libs.findLibrary("retrofit-kotlinx-serialization-json").get())
             "implementation"(libs.findLibrary("kotlinx-serialization-json").get())

data/auth/build.gradle.kts

@@ -4,8 +4,19 @@ plugins {
 
 android {
     namespace = "com.yapp.ndgl.data.auth"
+
+    buildFeatures {
+        buildConfig = true
+    }
+
+    defaultConfig {
+        buildConfigField("String", "VERSION_NAME", "\"${Configuration.VERSION_NAME}\"")
+    }
 }
 
 dependencies {
+    implementation(project(":data:core"))
+    implementation(platform(libs.firebase.bom))
+    implementation(libs.firebase.messaging)
     implementation(libs.androidx.datastore)
 }

data/auth/src/main/java/com/yapp/ndgl/data/auth/local/LocalAuthDataSource.kt

@@ -4,6 +4,7 @@ import androidx.datastore.core.DataStore
 import androidx.datastore.preferences.core.Preferences
 import androidx.datastore.preferences.core.edit
 import androidx.datastore.preferences.core.stringPreferencesKey
+import com.yapp.ndgl.data.auth.local.security.CryptoManager
 import com.yapp.ndgl.data.auth.local.util.handleException
 import kotlinx.coroutines.flow.Flow
 import kotlinx.coroutines.flow.first
@@ -14,17 +15,18 @@ import javax.inject.Singleton
 @Singleton
 class LocalAuthDataSource @Inject constructor(
     private val dataStore: DataStore<Preferences>,
+    private val cryptoManager: CryptoManager,
 ) {
     private val accessToken: Flow<String> = dataStore.data
         .handleException()
         .map { preferences ->
-            preferences[ACCESS_TOKEN_KEY] ?: ""
+            cryptoManager.decrypt(preferences[ACCESS_TOKEN_KEY] ?: "")
         }
 
     private val uuid: Flow<String> = dataStore.data
         .handleException()
         .map { preferences ->
-            preferences[UUID_KEY] ?: ""
+            cryptoManager.decrypt(preferences[UUID_KEY] ?: "")
         }
 
     suspend fun getAccessToken(): String = accessToken.first()
@@ -33,13 +35,13 @@ class LocalAuthDataSource @Inject constructor(
 
     suspend fun setAccessToken(token: String) {
         dataStore.edit { preferences ->
-            preferences[ACCESS_TOKEN_KEY] = token
+            preferences[ACCESS_TOKEN_KEY] = cryptoManager.encrypt(token)
         }
     }
 
     suspend fun setUuid(uuid: String) {
         dataStore.edit { preferences ->
-            preferences[UUID_KEY] = uuid
+            preferences[UUID_KEY] = cryptoManager.encrypt(uuid)
         }
     }
 

data/auth/src/main/java/com/yapp/ndgl/data/auth/local/security/CryptoManager.kt

@@ -0,0 +1,84 @@
+package com.yapp.ndgl.data.auth.local.security
+
+import android.security.keystore.KeyGenParameterSpec
+import android.security.keystore.KeyProperties
+import android.util.Base64
+import timber.log.Timber
+import java.security.KeyStore
+import javax.crypto.Cipher
+import javax.crypto.KeyGenerator
+import javax.crypto.SecretKey
+import javax.crypto.spec.GCMParameterSpec
+import javax.inject.Inject
+import javax.inject.Singleton
+
+@Singleton
+class CryptoManager @Inject constructor() {
+    private val keyStore = KeyStore.getInstance(KEYSTORE_PROVIDER).apply {
+        load(null)
+    }
+
+    private fun getKey(): SecretKey {
+        return keyStore.getKey(KEY_ALIAS, null) as? SecretKey ?: createKey()
+    }
+
+    private fun createKey(): SecretKey =
+        KeyGenerator.getInstance(
+            KeyProperties.KEY_ALGORITHM_AES,
+            KEYSTORE_PROVIDER,
+        ).apply {
+            init(
+                KeyGenParameterSpec.Builder(
+                    KEY_ALIAS,
+                    KeyProperties.PURPOSE_ENCRYPT or KeyProperties.PURPOSE_DECRYPT,
+                )
+                    .setBlockModes(KeyProperties.BLOCK_MODE_GCM)
+                    .setEncryptionPaddings(PADDING)
+                    .setUserAuthenticationRequired(false)
+                    .build(),
+            )
+        }.generateKey()
+
+    fun encrypt(plainText: String): String {
+        check(plainText.isNotEmpty()) { "Plain text is empty" }
+
+        val cipher = Cipher.getInstance(TRANSFORMATION)
+        cipher.init(Cipher.ENCRYPT_MODE, getKey())
+
+        val encryptedBytes = cipher.doFinal(plainText.toByteArray())
+        val combined = cipher.iv + encryptedBytes
+
+        return Base64.encodeToString(combined, Base64.NO_WRAP)
+    }
+
+    fun decrypt(encryptedText: String): String {
+        try {
+            check(encryptedText.isNotEmpty()) { "Encrypted text is empty" }
+
+            val combined = Base64.decode(encryptedText, Base64.NO_WRAP)
+            val iv = combined.copyOfRange(0, IV_SIZE)
+            val encryptedBytes = combined.copyOfRange(IV_SIZE, combined.size)
+
+            val cipher = Cipher.getInstance(TRANSFORMATION)
+            val spec = GCMParameterSpec(GCM_TAG_LENGTH, iv)
+            cipher.init(Cipher.DECRYPT_MODE, getKey(), spec)
+
+            val decryptedBytes = cipher.doFinal(encryptedBytes)
+            return String(decryptedBytes)
+        } catch (e: Exception) {
+            Timber.e(e, "Failed to decrypt")
+            return ""
+        }
+    }
+
+    companion object {
+        private const val KEYSTORE_PROVIDER = "AndroidKeyStore"
+        private const val KEY_ALIAS = "ndgl_encryption_key"
+        private const val ALGORITHM = KeyProperties.KEY_ALGORITHM_AES
+        private const val BLOCK_MODE = KeyProperties.BLOCK_MODE_GCM
+        private const val PADDING = KeyProperties.ENCRYPTION_PADDING_NONE
+        private const val TRANSFORMATION = "$ALGORITHM/$BLOCK_MODE/$PADDING"
+        private const val IV_SIZE = 12
+        private const val GCM_TAG_LENGTH = 128
+    }
+}

data/auth/src/main/java/com/yapp/ndgl/data/auth/repository/AuthRepository.kt

@@ -0,0 +1,64 @@
+package com.yapp.ndgl.data.auth.repository
+
+import com.google.android.gms.tasks.Tasks
+import com.google.firebase.messaging.FirebaseMessaging
+import com.yapp.ndgl.core.util.suspendRunCatching
+import com.yapp.ndgl.data.auth.BuildConfig
+import com.yapp.ndgl.data.auth.api.AuthApi
+import com.yapp.ndgl.data.auth.local.LocalAuthDataSource
+import com.yapp.ndgl.data.auth.model.AuthResponse
+import com.yapp.ndgl.data.auth.model.CreateUserRequest
+import com.yapp.ndgl.data.auth.model.LoginRequest
+import com.yapp.ndgl.data.auth.util.DeviceInfoUtil
+import com.yapp.ndgl.data.core.model.getData
+import kotlinx.coroutines.Dispatchers
+import kotlinx.coroutines.withContext
+import javax.inject.Inject
+import javax.inject.Singleton
+
+@Singleton
+class AuthRepository @Inject constructor(
+    private val api: AuthApi,
+    private val localAuthDataSource: LocalAuthDataSource,
+) {
+    suspend fun initSession() {
+        val uuid = localAuthDataSource.getUuid()
+        val response = if (uuid.isNotEmpty()) {
+            suspendRunCatching {
+                login(uuid)
+            }.getOrElse {
+                localAuthDataSource.clearSession()
+                createUser()
+            }
+        } else {
+            createUser()
+        }
+
+        localAuthDataSource.setAccessToken(response.accessToken)
+        localAuthDataSource.setUuid(response.uuid)
+    }
+
+    private suspend fun createUser(): AuthResponse {
+        return api.createUser(
+            CreateUserRequest(
+                fcmToken = getFCMToken(),
+                deviceModel = DeviceInfoUtil.deviceModel,
+                deviceOs = DeviceInfoUtil.DEVICE_OS,
+                deviceOsVersion = DeviceInfoUtil.deviceOsVersion,
+                appVersion = BuildConfig.VERSION_NAME,
+            ),
+        ).getData()
+    }
+
+    private suspend fun login(uuid: String): AuthResponse {
+        return api.login(LoginRequest(uuid)).getData()
+    }
+
+    private suspend fun getFCMToken(): String = withContext(Dispatchers.IO) {
+        try {
+            Tasks.await(FirebaseMessaging.getInstance().token)
+        } catch (e: Exception) {
+            throw IllegalStateException("Failed to get FCM token", e)
+        }
+    }
+}

data/auth/src/main/java/com/yapp/ndgl/data/auth/util/DeviceInfoUtil.kt

@@ -0,0 +1,9 @@
+package com.yapp.ndgl.data.auth.util
+
+import android.os.Build
+
+object DeviceInfoUtil {
+    const val DEVICE_OS: String = "Android"
+    val deviceModel: String = Build.MODEL
+    val deviceOsVersion: String = Build.VERSION.RELEASE
+}

feature/home/build.gradle.kts

@@ -8,4 +8,5 @@ android {
 
 dependencies {
     implementation(project(":data:travel"))
+    implementation(project(":data:auth"))
 }

feature/home/src/main/java/com/yapp/ndgl/feature/home/HomeContract.kt

@@ -0,0 +1,13 @@
+package com.yapp.ndgl.feature.home
+
+import com.yapp.ndgl.core.base.UiIntent
+import com.yapp.ndgl.core.base.UiSideEffect
+import com.yapp.ndgl.core.base.UiState
+
+data class HomeState(
+    val isLoading: Boolean = false,
+) : UiState
+
+sealed interface HomeIntent : UiIntent
+
+sealed interface HomeSideEffect : UiSideEffect

feature/home/src/main/java/com/yapp/ndgl/feature/home/HomeViewModel.kt

@@ -1,8 +1,35 @@
 package com.yapp.ndgl.feature.home
 
-import androidx.lifecycle.ViewModel
+import androidx.lifecycle.viewModelScope
+import com.yapp.ndgl.core.base.BaseViewModel
+import com.yapp.ndgl.core.util.suspendRunCatching
+import com.yapp.ndgl.data.auth.repository.AuthRepository
 import dagger.hilt.android.lifecycle.HiltViewModel
+import kotlinx.coroutines.launch
+import timber.log.Timber
 import javax.inject.Inject
 
 @HiltViewModel
-class HomeViewModel @Inject constructor() : ViewModel()
+class HomeViewModel @Inject constructor(
+    private val authRepository: AuthRepository,
+) : BaseViewModel<HomeState, HomeIntent, HomeSideEffect>(
+    initialState = HomeState(),
+) {
+    init {
+        initSession()
+    }
+
+    override suspend fun handleIntent(intent: HomeIntent) {
+        TODO("Not yet implemented")
+    }
+
+    private fun initSession() = viewModelScope.launch {
+        suspendRunCatching {
+            authRepository.initSession()
+        }.onSuccess {
+            Timber.d("initSession() 성공")
+        }.onFailure {
+            Timber.e("initSession() 실패")
+        }
+    }
+}