#527 회원 탈퇴 구현

src/lottery/services/globalState.js

@@ -20,7 +20,9 @@ const checkIsUserEligible = (user) => {
 const getUserGlobalStateHandler = async (req, res) => {
   try {
     const userId = isLogin(req) ? getLoginInfo(req).oid : null;
-    const user = userId && (await userModel.findOne({ _id: userId }).lean());
+    const user =
+      userId &&
+      (await userModel.findOne({ _id: userId, withdraw: false }).lean());
 
     const eventStatus =
       userId &&
@@ -99,7 +101,7 @@ const createUserGlobalStateHandler = async (req, res) => {
         error: "GlobalState/Create : inviter did not participate in the event",
       });
 
-    const user = await userModel.findOne({ _id: req.userOid });
+    const user = await userModel.findOne({ _id: req.userOid, withdraw: false });
     if (!user)
       return res
         .status(500)

src/lottery/services/invite.js

@@ -15,7 +15,10 @@ const searchInviterHandler = async (req, res) => {
     )
       return res.status(400).json({ error: "Invite/Search : invalid inviter" });
 
-    const inviterInfo = await userModel.findOne({ _id: inviterStatus.userId });
+    const inviterInfo = await userModel.findOne({
+      _id: inviterStatus.userId,
+      withdraw: false,
+    });
     if (!inviterInfo)
       return res
         .status(500)

src/lottery/services/publicNotice.js

@@ -41,7 +41,7 @@ const getRecentPurchaceItemListHandler = async (req, res) => {
         .find({ type: "use", itemType: 0 })
         .sort({ createAt: -1 })
         .limit(1000)
-        .populate(publicNoticePopulateOption)
+        .populate(publicNoticePopulateOption) // TODO: 회원 탈퇴 핸들링
         .lean()
     )
       .sort(
@@ -132,7 +132,9 @@ const getTicketLeaderboardHandler = async (req, res) => {
       );
     const leaderboard = await Promise.all(
       sortedUsers.slice(0, 20).map(async (user) => {
-        const userInfo = await userModel.findOne({ _id: user.userId }).lean();
+        const userInfo = await userModel
+          .findOne({ _id: user.userId, withdraw: false })
+          .lean();
         if (!userInfo) {
           logger.error(`Fail to find user ${user.userId}`);
           return null;
@@ -211,7 +213,9 @@ const getGroupLeaderboardHandler = async (req, res) => {
         if (mvp?.length !== 1)
           throw new Error(`Fail to find MVP in group ${group.group}`);
 
-        const mvpInfo = await userModel.findOne({ _id: mvp[0].userId }).lean();
+        const mvpInfo = await userModel
+          .findOne({ _id: mvp[0].userId, withdraw: false })
+          .lean();
         if (!mvpInfo) throw new Error(`Fail to find user ${mvp[0].userId}`);
 
         return {

src/middlewares/auth.js

@@ -8,8 +8,7 @@ const authMiddleware = (req, res, next) => {
       error: "not logged in",
     });
   } else {
-    const { id, oid } = getLoginInfo(req);
-    req.userId = id;
+    const { oid } = getLoginInfo(req);
     req.userOid = oid;
     next();
   }

src/middlewares/authAdmin.js

@@ -9,8 +9,8 @@ const authAdminMiddleware = async (req, res, next) => {
     if (!isLogin(req)) return res.redirect(req.origin);
 
     // 관리자 유무를 확인
-    const { id } = getLoginInfo(req);
-    const user = await userModel.findOne({ id });
+    const { oid } = getLoginInfo(req);
+    const user = await userModel.findOne({ _id: oid, withdraw: false });
     if (!user.isAdmin) return res.redirect(req.origin);
 
     // 접속한 IP가 화이트리스트에 있는지 확인

src/modules/fcm.js

@@ -91,6 +91,28 @@ const unregisterDeviceToken = async (deviceToken) => {
   }
 };
 
+/**
+ * 사용자의 ObjectId가 주어졌을 때, 해당 사용자의 모든 deviceToken을 DB에서 삭제합니다.
+ * @param {string} userId - 사용자의 ObjectId입니다.
+ * @return {Promise<boolean>} 해당 사용자로부터 deviceToken을 삭제하는 데 성공하면 true, 실패하면 false를 반환합니다. 삭제할 deviceToken이 존재하지 않는 경우에는 true를 반환합니다.
+ */
+const unregisterAllDeviceTokens = async (userId) => {
+  try {
+    // 사용자의 디바이스 토큰을 DB에서 가져옵니다.
+    // getTokensOfUsers 함수의 정의는 아래에 있습니다. (호이스팅)
+    const tokens = await getTokensOfUsers([userId]);
+
+    // 디바이스 토큰과 관련 설정을 DB에서 삭제합니다.
+    await deviceTokenModel.deleteMany({ userId });
+    await notificationOptionModel.deleteMany({ deviceToken: { $in: tokens } });
+
+    return true;
+  } catch (error) {
+    logger.error(error);
+    return false;
+  }
+};
+
 /**
  * 메시지 전송에 실패한 deviceToken을 DB에서 삭제합니다.
  * @param {Array<string>} deviceTokens - 사용자의 ObjectId입니다.
@@ -351,6 +373,7 @@ module.exports = {
   initializeApp,
   registerDeviceToken,
   unregisterDeviceToken,
+  unregisterAllDeviceTokens,
   validateDeviceToken,
   getTokensOfUsers,
   sendMessageByTokens,

src/modules/populates/chats.js

@@ -2,7 +2,10 @@
  * 쿼리를 통해 얻은 Chat Document를 populate할 설정값을 정의합니다.
  */
 const chatPopulateOption = [
-  { path: "authorId", select: "_id nickname profileImageUrl" },
+  {
+    path: "authorId",
+    select: "_id nickname profileImageUrl withdraw",
+  },
 ];
 
 module.exports = {

src/modules/populates/reports.js

@@ -1,7 +1,7 @@
 const reportPopulateOption = [
   {
     path: "reportedId",
-    select: "_id id name nickname profileImageUrl",
+    select: "_id id name nickname profileImageUrl withdraw",
   },
 ];
 

src/modules/populates/rooms.js

@@ -8,7 +8,10 @@ const roomPopulateOption = [
   {
     path: "part",
     select: "-_id user settlementStatus readAt",
-    populate: { path: "user", select: "_id id name nickname profileImageUrl" },
+    populate: {
+      path: "user",
+      select: "_id id name nickname profileImageUrl withdraw",
+    },
   },
 ];
 
@@ -27,14 +30,17 @@ const formatSettlement = (
   { includeSettlement = true, isOver = false, timestamp = Date.now() } = {}
 ) => {
   roomObject.part = roomObject.part.map((participantSubDocument) => {
-    const { _id, name, nickname, profileImageUrl } =
+    if (!participantSubDocument.user) return null;
+
+    const { _id, name, nickname, profileImageUrl, withdraw } =
       participantSubDocument.user;
     const { settlementStatus, readAt } = participantSubDocument;
     return {
       _id,
       name,
       nickname,
       profileImageUrl,
+      withdraw,
       isSettlement: includeSettlement ? settlementStatus : undefined,
       readAt: readAt ?? roomObject.madeat,
     };

src/modules/socket.js

@@ -35,8 +35,11 @@ const transformChatsForRoom = async (chats) => {
       const inOutUserIds = chat.content.split("|");
       chat.inOutNames = await Promise.all(
         inOutUserIds.map(async (userId) => {
-          const user = await userModel.findOne({ id: userId }, "nickname");
-          return user.nickname;
+          const user = await userModel.findOne(
+            { id: userId, withdraw: false }, // NOTE: SSO uid 쓰는 곳
+            "nickname"
+          );
+          return user?.nickname;
         })
       );
     }
@@ -46,6 +49,7 @@ const transformChatsForRoom = async (chats) => {
       authorId: chat.authorId?._id,
       authorName: chat.authorId?.nickname,
       authorProfileUrl: chat.authorId?.profileImageUrl,
+      authorIsWithdrew: chat.authorId?.withdraw,
       content: chat.content,
       time: chat.time,
       isValid: chat.isValid,
@@ -136,7 +140,10 @@ const emitChatEvent = async (io, chat) => {
 
     // chat optionally contains authorId
     const { nickname, profileImageUrl } = authorId
-      ? await userModel.findById(authorId, "nickname profileImageUrl")
+      ? await userModel.findOne(
+          { _id: authorId, withdraw: false },
+          "nickname profileImageUrl"
+        )
       : {};
     if (authorId && (!nickname || !profileImageUrl)) {
       throw new IllegalArgumentsException();
@@ -163,9 +170,6 @@ const emitChatEvent = async (io, chat) => {
       .lean()
       .populate(chatPopulateOption);
 
-    chatDocument.authorName = nickname;
-    chatDocument.authorProfileUrl = profileImageUrl;
-
     const userIds = part.map((participant) => participant.user);
     const userIdsExceptAuthor = authorId
       ? part

src/modules/stores/mongo.js

@@ -6,11 +6,12 @@ const logger = require("../logger");
 const userSchema = Schema({
   name: { type: String, required: true }, //실명
   nickname: { type: String, required: true }, //닉네임
-  id: { type: String, required: true, unique: true }, //택시 서비스에서만 사용되는 id
+  id: { type: String, required: true }, //택시 서비스에서만 사용되는 id
   profileImageUrl: { type: String, required: true }, //백엔드에서의 프로필 이미지 경로
   ongoingRoom: [{ type: Schema.Types.ObjectId, ref: "Room" }], // 참여중인 진행중인 방 배열
   doneRoom: [{ type: Schema.Types.ObjectId, ref: "Room" }], // 참여중인 완료된 방 배열
-  withdraw: { type: Boolean, default: false },
+  withdraw: { type: Boolean, default: false }, //탈퇴 여부
+  withdrawAt: { type: Date }, //탈퇴 시각
   phoneNumber: { type: String }, // 전화번호 (2023FALL 이벤트부터 추가)
   ban: { type: Boolean, default: false }, //계정 정지 여부
   joinat: { type: Date, required: true }, //가입 시각

src/routes/docs/users.js

@@ -468,4 +468,35 @@ usersDocs[`${apiPrefix}/getBanRecord`] = {
   },
 };
 
+usersDocs[`${apiPrefix}/withdraw`] = {
+  post: {
+    tags: [tag],
+    summary: "회원 탈퇴",
+    description: "회원 탈퇴를 요청합니다.",
+    responses: {
+      200: {
+        content: {
+          "text/html": {
+            example: "Users/withdraw : withdraw successful",
+          },
+        },
+      },
+      400: {
+        content: {
+          "text/html": {
+            example: "Users/withdraw : ongoing room exists",
+          },
+        },
+      },
+      500: {
+        content: {
+          "text/html": {
+            example: "Users/withdraw : internal server error",
+          },
+        },
+      },
+    },
+  },
+};
+
 module.exports = usersDocs;

src/routes/users.js

@@ -62,4 +62,7 @@ router.get("/isBanned", userHandlers.isBannedHandler);
 // 유저의 서비스 정지 기록들을 모두 반환합니다.
 router.get("/getBanRecord", userHandlers.getBanRecordHandler);
 
+// 회원 탈퇴를 요청합니다.
+router.post("/withdraw", userHandlers.withdrawHandler);
+
 module.exports = router;

src/schedules/deleteUserInfo.js

@@ -0,0 +1,40 @@
+const { userModel } = require("../modules/stores/mongo");
+const logger = require("../modules/logger");
+
+module.exports = async () => {
+  try {
+    // 탈퇴일로부터 1년 이상 경과한 사용자의 개인정보 삭제
+    await userModel.updateMany(
+      {
+        withdraw: true,
+        withdrawAt: { $lte: new Date(Date.now() - 365 * 24 * 60 * 60 * 1000) },
+        name: { $ne: "" },
+      },
+      {
+        $set: {
+          name: "",
+          nickname: "",
+          id: "",
+          profileImageUrl: "",
+          // ongoingRoom
+          // doneRoom
+          ban: false,
+          // joinat
+          agreeOnTermsOfService: false,
+          "subinfo.kaist": "",
+          "subinfo.sparcs": "",
+          "subinfo.facebook": "",
+          "subinfo.twitter": "",
+          email: "",
+          isAdmin: false,
+          account: "",
+        },
+        $unset: {
+          phoneNumber: "",
+        },
+      }
+    );
+  } catch (err) {
+    logger.error(err);
+  }
+};

src/schedules/index.js

@@ -3,6 +3,7 @@ const cron = require("node-cron");
 const registerSchedules = (app) => {
   cron.schedule("*/5 * * * *", require("./notifyBeforeDepart")(app));
   cron.schedule("*/10 * * * *", require("./notifyAfterArrival")(app));
+  cron.schedule("0 0 1 * *", require("./deleteUserInfo"));
 };
 
 module.exports = registerSchedules;

src/schedules/notifyAfterArrival.js

@@ -1,5 +1,4 @@
 const { roomModel, chatModel } = require("../modules/stores/mongo");
-// const { roomPopulateOption } = require("../modules/populates/rooms");
 const { emitChatEvent } = require("../modules/socket");
 const logger = require("../modules/logger");
 

src/services/auth.js

@@ -63,7 +63,7 @@ const update = async (userData) => {
     email: userData.email,
     "subinfo.kaist": userData.kaist,
   };
-  await userModel.updateOne({ id: userData.id }, updateInfo);
+  await userModel.updateOne({ id: userData.id, withdraw: false }, updateInfo); // NOTE: SSO uid 쓰는 곳
   logger.info(
     `Update user info: ${userData.id} ${userData.name} ${userData.email} ${userData.kaist}`
   );
@@ -72,7 +72,7 @@ const update = async (userData) => {
 const tryLogin = async (req, res, userData, redirectOrigin, redirectPath) => {
   try {
     const user = await userModel.findOne(
-      { id: userData.id },
+      { id: userData.id, withdraw: false }, // NOTE: SSO uid 쓰는 곳
       "_id name email subinfo id withdraw ban"
     );
     if (!user) {

src/services/auth.mobile.js

@@ -28,7 +28,7 @@ const tokenLoginHandler = async (req, res) => {
       return res.status(401).json({ message: "Not Access token" });
     }
 
-    const user = await userModel.findOne({ _id: data.id });
+    const user = await userModel.findOne({ _id: data.id, withdraw: false });
     if (!user) {
       return res.status(401).json({ message: "No corresponding user" });
     }