Open
Conversation
There was a problem hiding this comment.
Pull Request Overview
This PR introduces phone number encryption when storing user data, ensuring that sensitive data is encrypted before being persisted in the database.
- Updated the Student entity to use an encrypted converter and increased the column length for the phone number.
- Added a new endpoint and service method to retrieve the decrypted phone number.
- Implemented an EncryptionService and associated EncryptedConverter to perform AES encryption and decryption.
Reviewed Changes
Copilot reviewed 7 out of 8 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| src/main/java/com/team/buddyya/student/service/StudentService.java | Added a new service method to retrieve the user's phone number. |
| src/main/java/com/team/buddyya/student/domain/Student.java | Updated the phoneNumber field to use encryption with an increased column length. |
| src/main/java/com/team/buddyya/student/controller/UserController.java | Added an endpoint for fetching the phone number. |
| src/main/java/com/team/buddyya/common/service/EncryptionService.java | Introduced AES encryption and decryption functionality. |
| src/main/java/com/team/buddyya/common/service/EncryptedConverter.java | Created an AttributeConverter to integrate encryption with JPA. |
| src/main/java/com/team/buddyya/common/exception/CommonExceptionType.java | Added a specific exception type for encryption errors. |
| src/main/java/com/team/buddyya/common/config/ConverterConfig.java | Configured the EncryptedConverter with the EncryptionService dependency. |
Files not reviewed (1)
- src/main/resources/db/migration/V11__increase_phone_number_length.sql: Language not supported
Comments suppressed due to low confidence (3)
src/main/java/com/team/buddyya/student/service/StudentService.java:177
- [nitpick] The name 'findStudentService' may imply a service layer role, which could be confusing if this field is responsible for repository operations. Consider renaming it to more clearly reflect its purpose.
Student student = findStudentService.findByStudentId(studentInfo.id());
src/main/java/com/team/buddyya/common/service/EncryptionService.java:23
- Consider explicitly specifying the encryption mode and padding (for example, 'AES/ECB/PKCS5Padding') rather than relying on defaults, to ensure consistent and secure encryption behavior.
Cipher cipher = Cipher.getInstance(ALGORITHM);
src/main/java/com/team/buddyya/student/domain/Student.java:34
- With the phone number field now storing an encrypted value and the column length increased to 128, please verify that any phone number validations and constraints elsewhere in the application have been updated accordingly.
@Convert(converter = EncryptedConverter.class)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
📌 관련 이슈
사용자 전화번호 암호화하여 데이터베이스에 저장 [#220]
🛠️ 작업 내용
🎯 리뷰 포인트
📎 커밋 범위 링크