From 3638608c7c0cdcaeb6d420a2db0786cc4be65b6b Mon Sep 17 00:00:00 2001
From: kyubeom <be_man@naver.com>
Date: Thu, 28 Sep 2023 13:04:10 +0900
Subject: [PATCH] =?UTF-8?q?feature=20:=20=EB=9E=9C=EB=8D=A4=20=EB=B3=80?=
 =?UTF-8?q?=EC=88=98=20=EC=83=9D=EC=84=B1=20=EA=B4=80=EB=A0=A8=20=EB=B3=B4?=
 =?UTF-8?q?=EC=95=88=20=EC=9D=B4=EC=8A=88=20=EC=9D=91=EB=8C=80=20(#40)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../server/user/service/UserServiceImpl.java     | 16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/src/main/java/everymeal/server/user/service/UserServiceImpl.java b/src/main/java/everymeal/server/user/service/UserServiceImpl.java
index eb4a1d9..5834eb3 100644
--- a/src/main/java/everymeal/server/user/service/UserServiceImpl.java
+++ b/src/main/java/everymeal/server/user/service/UserServiceImpl.java
@@ -14,6 +14,8 @@
 import jakarta.mail.MessagingException;
 import jakarta.mail.internet.MimeMessage;
 import jakarta.mail.internet.MimeMessage.RecipientType;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
 import java.util.Random;
 import lombok.RequiredArgsConstructor;
 import org.springframework.mail.javamail.JavaMailSender;
@@ -28,7 +30,6 @@ public class UserServiceImpl implements UserService {
     private final UserRepository userRepository;
     private final JwtUtil jwtUtil;
     private final JavaMailSender javaMailSender;
-    private final Random random = new Random();
 
     @Override
     @Transactional
@@ -61,21 +62,22 @@ public Boolean isAuth(AuthenticatedUser authenticatedUser) {
     @Override
     public UserEmailAuthRes emailAuth(
             UserEmailAuthReq request, AuthenticatedUser authenticatedUser) {
-        int authCode = random.nextInt(900000) + 100000;
-        String mailJwt =
-                jwtUtil.generateEmailToken(
-                        authenticatedUser.getIdx(), request.getEmail(), Integer.toString(authCode));
         try {
+            Random random = SecureRandom.getInstanceStrong();
+            int authCode = random.nextInt(900000) + 100000;
+            String mailJwt =
+                jwtUtil.generateEmailToken(
+                    authenticatedUser.getIdx(), request.getEmail(), Integer.toString(authCode));
             MimeMessage mimeMessage = javaMailSender.createMimeMessage();
             mimeMessage.setSubject("[에브리밀] 대학교 이메일 인증");
             mimeMessage.setText("인증번호 : " + authCode);
             mimeMessage.setRecipients(RecipientType.TO, request.getEmail());
             javaMailSender.send(mimeMessage);
-        } catch (MessagingException e) {
+            return UserEmailAuthRes.builder().emailAuthToken(mailJwt).build();
+        } catch (MessagingException | NoSuchAlgorithmException e) {
             e.printStackTrace();
             return null;
         }
-        return UserEmailAuthRes.builder().emailAuthToken(mailJwt).build();
     }
 
     @Override