diff --git a/.gitignore b/.gitignore index 6d79688..ea16835 100644 --- a/.gitignore +++ b/.gitignore @@ -42,4 +42,5 @@ bin/ # Temporary files created by the OS .DS_Store -Thumbs.db \ No newline at end of file +Thumbs.db +/nginx-1.28.0/logs/nginx.pid diff --git a/README.md b/README.md index dc03b06..cbc77af 100644 --- a/README.md +++ b/README.md @@ -8,6 +8,7 @@ - **Security**: Spring Security + JWT - **Build Tool**: Gradle - **Container**: Docker + Kubernetes +- **API Documentation**: Swagger (SpringDoc OpenAPI) ## 개발 가이드 @@ -27,11 +28,126 @@ src/main/java/com/bio/bio_backend/ │ ├── config/ # 설정 클래스 │ ├── security/ # 보안 설정 │ ├── exception/ # 예외 처리 +│ ├── aop/ # AOP 로깅 +│ ├── filter/ # HTTP 로깅 필터 │ └── utils/ # 유틸리티 └── BioBackendApplication.java ``` -### 2. 트랜잭션 관리 +### 2. API 응답 표준화 (ApiResponseDto) + +#### 응답 구조 + +모든 API 응답은 `ApiResponseDto` 형태로 표준화되어 있습니다. + +```java +public class ApiResponseDto { + private int code; // HTTP 상태 코드 + private String message; // 응답 메시지 (ApiResponseCode enum 값) + private String description; // 응답 설명 + private T data; // 실제 데이터 (제네릭 타입) +} +``` + +#### 응답 예시 + +**성공 응답 (201 Created)** + +```json +{ + "code": 201, + "message": "COMMON_SUCCESS_CREATED", + "description": "Created successfully", + "data": { + "seq": 1, + "userId": "user123", + "name": "홍길동" + } +} +``` + +**실패 응답 (409 Conflict)** + +```json +{ + "code": 409, + "message": "USER_ID_DUPLICATE", + "description": "User ID already exists", + "data": null +} +``` + +#### 사용 방법 + +**Controller에서 응답 생성** + +```java +@PostMapping("/members") +public ResponseEntity> createMember(@RequestBody CreateMemberRequestDto requestDto) { + // ... 비즈니스 로직 ... + + // 성공 응답 + ApiResponseDto apiResponse = + ApiResponseDto.success(ApiResponseCode.COMMON_SUCCESS_CREATED, responseDto); + + return ResponseEntity.status(HttpStatus.CREATED).body(apiResponse); +} +``` + +**공용 응답 코드 사용** + +```java +// ApiResponseCode.java +public enum ApiResponseCode { + // 공용 성공 코드 + COMMON_SUCCESS_CREATED(HttpStatus.CREATED.value(), "Created successfully"), + COMMON_SUCCESS_UPDATED(HttpStatus.OK.value(), "Updated successfully"), + COMMON_SUCCESS_DELETED(HttpStatus.OK.value(), "Deleted successfully"), + COMMON_SUCCESS_RETRIEVED(HttpStatus.OK.value(), "Retrieved successfully"), + + // 공용 오류 코드 + COMMON_BAD_REQUEST(HttpStatus.BAD_REQUEST.value(), "Required request body is missing or Error"), + COMMON_UNAUTHORIZED(HttpStatus.UNAUTHORIZED.value(), "Unauthorized"), + COMMON_FORBIDDEN(HttpStatus.FORBIDDEN.value(), "Access is denied"), + COMMON_NOT_FOUND(HttpStatus.NOT_FOUND.value(), "Resource is not found"), + COMMON_INTERNAL_SERVER_ERROR(HttpStatus.INTERNAL_SERVER_ERROR.value(), "An error occurred on the server") +} +``` + +#### 핵심 규칙 + +- **모든 API 응답**: `ApiResponseDto`로 감싸서 반환 +- **공용 응답 코드**: `COMMON_` 접두사로 시작하는 범용 코드 사용 +- **일관된 구조**: `code`, `message`, `description`, `data` 필드로 표준화 +- **제네릭 활용**: ``를 통해 다양한 데이터 타입 지원 + +### 3. API 문서화 (Swagger) + +#### Swagger UI 접속 + +- **URL**: `http://localhost:8080/service/swagger-ui.html` +- **API Docs**: `http://localhost:8080/service/api-docs` + +#### 주요 어노테이션 + +```java +@Tag(name = "Member", description = "회원 관리 API") +@Operation(summary = "회원 가입", description = "새로운 회원을 등록합니다.") +@ApiResponses(value = { + @ApiResponse(responseCode = "201", description = "회원 가입 성공"), + @ApiResponse(responseCode = "400", description = "잘못된 요청 데이터", + content = @Content(schema = @Schema(implementation = ApiResponseDto.class))), + @ApiResponse(responseCode = "409", description = "중복된 사용자 정보", + content = @Content(schema = @Schema(implementation = ApiResponseDto.class))) +}) +``` + +#### 설정 파일 + +- **SwaggerConfig.java**: OpenAPI 기본 정보 설정 +- **application.properties**: Swagger UI 커스터마이징 + +### 4. 트랜잭션 관리 #### 기본 설정 @@ -54,3 +170,81 @@ public class MemberServiceImpl { - **클래스 레벨**: `@Transactional(readOnly = true)` 기본 설정 - **메서드별**: 데이터 수정 시에만 `@Transactional` 개별 적용 - **설정**: `spring.jpa.open-in-view=false` (성능 최적화) + +### 5. 오류 등록 및 사용 + +#### 오류 코드 등록 + +```java +// ApiResponseCode.java +public enum ApiResponseCode { + USER_ID_DUPLICATE(HttpStatus.CONFLICT.value(), "User ID already exists"), +} +``` + +#### 오류 사용 방법 + +```java +// Service에서 예외 발생 +throw new ApiException(ApiResponseCode.USER_ID_DUPLICATE); + +// Controller에서 예외 처리 (자동) +// GlobalExceptionHandler가 ApiException을 잡아서 응답 변환 +``` + +#### 핵심 규칙 + +- **오류 코드**: `ApiResponseCode` enum에 모든 오류 정의 +- **예외 클래스**: `ApiException`으로 비즈니스 로직 예외 처리 +- **자동 처리**: `GlobalExceptionHandler`가 일관된 응답 형태로 변환 + +### 6. 로깅 시스템 + +#### @LogExecution 어노테이션 사용법 + +**메서드 실행 로깅을 위한 필수 어노테이션입니다.** + +##### 기본 사용법 + +```java +@LogExecution("회원 등록") +@PostMapping("/register") +public ResponseEntity> createMember(@RequestBody CreateMemberRequestDto requestDto) { + // 메서드 실행 시 자동으로 로그 출력 +} +``` + +##### 로그 출력 예시 + +**메서드 시작 시:** +``` +[START] 회원 등록 | 호출경로: MemberController.createMember | 사용자: 고명빈(kmbin92) +``` + +**메서드 성공 시:** +``` +[SUCCESS] 회원 등록 | 호출경로: MemberController.createMember | 사용자: 고명빈(kmbin92) | 시간: 200ms +``` + +**메서드 실패 시:** +``` +[FAILED] 회원 등록 | 호출경로: MemberController.createMember | 사용자: 고명빈(kmbin92) | 시간: 23ms | 오류: 이미 존재하는 사용자 ID입니다 +``` + +##### 어노테이션 설정 + +```java +@LogExecution("사용자 정보 조회") +public UserDto getUserInfo() { } + +@LogExecution("주문 처리") +public OrderDto processOrder() { } +``` + +##### 로깅 시스템 구성 + +1. **MethodExecutionLoggingAspect**: 메서드 실행 로깅 (AOP) +2. **HttpLoggingFilter**: HTTP 요청/응답 로깅 (필터) +3. **logback-spring.xml**: 로그 파일 관리 및 설정 + +**중요**: `@LogExecution` 어노테이션이 없으면 메서드 실행 로그가 출력되지 않습니다 diff --git a/build.gradle b/build.gradle index 5753559..ccc0e45 100644 --- a/build.gradle +++ b/build.gradle @@ -61,6 +61,9 @@ dependencies { // p6spy implementation 'com.github.gavlyukovskiy:p6spy-spring-boot-starter:1.9.0' + + // SpringDoc OpenAPI (Swagger) + implementation 'org.springdoc:springdoc-openapi-starter-webmvc-ui:2.8.9' } tasks.named('test') { diff --git a/nginx-1.28.0/conf/nginx.conf b/nginx-1.28.0/conf/nginx.conf index 8f5f230..15effda 100644 --- a/nginx-1.28.0/conf/nginx.conf +++ b/nginx-1.28.0/conf/nginx.conf @@ -1,46 +1,49 @@ -# ./nginx/nginx.conf -# 이벤트 블록은 Nginx가 어떻게 연결을 처리할지 정의합니다. events { worker_connections 1024; } -# HTTP 블록은 웹 서버의 동작을 정의합니다. http { - # MIME 타입 파일을 포함하여 파일 확장자에 따라 콘텐츠 타입을 결정합니다. + include mime.types; - error_log logs/error.log warn; + default_type application/octet-stream; + sendfile on; + keepalive_timeout 65; - # <<< 여기서 log_format 'main'을 정의 >>> - log_format main '$remote_addr - $remote_user [$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - # 위에서 정의한 'main'을 사용 - access_log logs/access.log main; + # (선택) 로그 위치 + access_log logs/access.log; + error_log logs/error.log warn; + + # 웹소켓용 + map $http_upgrade $connection_upgrade { + default upgrade; + '' close; + } - # 기본 서버 설정을 정의합니다. server { - # 80번 포트에서 요청을 받습니다. listen 80; - server_name localhost; # 서버 이름을 localhost로 설정 + server_name localhost; - # 루트 경로(/)로 들어오는 모든 요청을 처리합니다. + # Nuxt(개발서버 3000) location / { - # 요청을 다른 서버(여기서는 Nuxt.js)로 전달합니다. proxy_pass http://localhost:3000; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + } - # 프록시 헤더를 설정하여 원본 요청 정보를 유지합니다. + # Spring Boot(8080) — /service 접두어 제거 + location /service/ { + proxy_pass http://localhost:8080; # 끝에 슬래시 넣으면 /service가 제거됨 proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } - # /api/ 경로로 들어오는 요청을 처리합니다. (Spring Boot 컨테이너를 가리킨다고 가정) - location /service { - proxy_pass http://localhost:8080; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - } + # (선택) 업로드 크게 받을 때 + # client_max_body_size 50m; } } \ No newline at end of file diff --git a/src/main/java/com/bio/bio_backend/domain/user/member/controller/MemberController.java b/src/main/java/com/bio/bio_backend/domain/user/member/controller/MemberController.java index 8394e2a..284b9fe 100644 --- a/src/main/java/com/bio/bio_backend/domain/user/member/controller/MemberController.java +++ b/src/main/java/com/bio/bio_backend/domain/user/member/controller/MemberController.java @@ -1,12 +1,11 @@ package com.bio.bio_backend.domain.user.member.controller; +import com.bio.bio_backend.global.dto.ApiResponseDto; +import io.swagger.v3.oas.annotations.tags.Tag; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; -import org.springframework.web.bind.annotation.GetMapping; -import org.springframework.web.bind.annotation.PostMapping; -import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RestController; +import org.springframework.web.bind.annotation.*; import jakarta.validation.Valid; import com.bio.bio_backend.domain.user.member.dto.MemberDto; @@ -16,8 +15,17 @@ import com.bio.bio_backend.domain.user.member.service.MemberService; import com.bio.bio_backend.domain.user.member.mapper.MemberMapper; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; +import io.swagger.v3.oas.annotations.Operation; +import io.swagger.v3.oas.annotations.responses.ApiResponse; +import io.swagger.v3.oas.annotations.responses.ApiResponses; +import io.swagger.v3.oas.annotations.media.Content; +import io.swagger.v3.oas.annotations.media.Schema; +import com.bio.bio_backend.global.constants.ApiResponseCode; +import com.bio.bio_backend.global.annotation.LogExecution; +@Tag(name = "Member", description = "회원 관련 API") @RestController +@RequestMapping("/members") @RequiredArgsConstructor @Slf4j public class MemberController { @@ -26,13 +34,21 @@ public class MemberController { private final MemberMapper memberMapper; private final BCryptPasswordEncoder bCryptPasswordEncoder; - @PostMapping("/members") - public ResponseEntity createMember(@RequestBody @Valid CreateMemberRequestDto requestDto) { + @LogExecution("회원 등록") + @Operation(summary = "회원 등록", description = "새로운 회원을 등록합니다.") + @ApiResponses({ + @ApiResponse(responseCode = "201", description = "회원 가입 성공"), + @ApiResponse(responseCode = "400", description = "잘못된 요청 데이터", content = @Content(schema = @Schema(implementation = ApiResponseDto.class))), + @ApiResponse(responseCode = "409", description = "중복된 사용자 정보", content = @Content(schema = @Schema(implementation = ApiResponseDto.class))) + }) + @PostMapping("/register") + public ResponseEntity> createMember(@RequestBody @Valid CreateMemberRequestDto requestDto) { MemberDto member = memberMapper.toMemberDto(requestDto); MemberDto createdMember = memberService.createMember(member); CreateMemberResponseDto responseDto = memberMapper.toCreateMemberResponseDto(createdMember); - - return ResponseEntity.status(HttpStatus.CREATED).body(responseDto); + ApiResponseDto apiResponse = ApiResponseDto.success(ApiResponseCode.COMMON_SUCCESS_CREATED, responseDto); + + return ResponseEntity.status(HttpStatus.CREATED).body(apiResponse); } // @PostMapping("/member/list") @@ -64,7 +80,7 @@ public class MemberController { // } // @PutMapping("/member") - // public CustomApiResponse updateMember(@RequestBody @Valid CreateMemberRequestDTO requestMember, @AuthenticationPrincipal MemberDTO registrant) { + // public ApiResponseDto updateMember(@RequestBody @Valid CreateMemberRequestDTO requestMember, @AuthenticationPrincipal MemberDTO registrant) { // // 현재 JWT는 사용자 id 값을 통하여 생성, 회원정보 변경 시 JWT 재발급 여부 검토 // MemberDTO member = mapper.map(requestMember, MemberDTO.class); @@ -76,31 +92,31 @@ public class MemberController { // member.setRegSeq(registrant.getSeq()); // memberService.updateMember(member); - // return CustomApiResponse.success(ApiResponseCode.USER_INFO_CHANGE, null); + // return ApiResponseDto.success(ApiResponseCode.USER_INFO_CHANGE, null); // } // @DeleteMapping("/member") - // public CustomApiResponse deleteMember(@RequestBody @Valid CreateMemberRequestDTO requestMember){ + // public ApiResponseDto deleteMember(@RequestBody @Valid CreateMemberRequestDTO requestMember){ // MemberDTO member = mapper.map(requestMember, MemberDTO.class); // memberService.deleteMember(member); - // return CustomApiResponse.success(ApiResponseCode.USER_DELETE_SUCCESSFUL, null); + // return ApiResponseDto.success(ApiResponseCode.USER_DELETE_SUCCESSFUL, null); // } // @PostMapping("/logout") - // public CustomApiResponse logout(@AuthenticationPrincipal MemberDTO member) { + // public ApiResponseDto logout(@AuthenticationPrincipal MemberDTO member) { // String id = member.getId(); // try { // memberService.deleteRefreshToken(id); // } catch (Exception e) { - // return CustomApiResponse.fail(ApiResponseCode.INTERNAL_SERVER_ERROR, null); + // return ApiResponseDto.fail(ApiResponseCode.INTERNAL_SERVER_ERROR, null); // } - // return CustomApiResponse.success(ApiResponseCode.LOGOUT_SUCCESSFUL, null); + // return ApiResponseDto.success(ApiResponseCode.LOGOUT_SUCCESSFUL, null); // } } diff --git a/src/main/java/com/bio/bio_backend/domain/user/member/exception/UserDuplicateException.java b/src/main/java/com/bio/bio_backend/domain/user/member/exception/UserDuplicateException.java deleted file mode 100644 index c399d48..0000000 --- a/src/main/java/com/bio/bio_backend/domain/user/member/exception/UserDuplicateException.java +++ /dev/null @@ -1,12 +0,0 @@ -package com.bio.bio_backend.domain.user.member.exception; - -public class UserDuplicateException extends RuntimeException { - - public UserDuplicateException(String message) { - super(message); - } - - public UserDuplicateException(String message, Throwable cause) { - super(message, cause); - } -} diff --git a/src/main/java/com/bio/bio_backend/domain/user/member/service/MemberServiceImpl.java b/src/main/java/com/bio/bio_backend/domain/user/member/service/MemberServiceImpl.java index 65ed12c..673566f 100644 --- a/src/main/java/com/bio/bio_backend/domain/user/member/service/MemberServiceImpl.java +++ b/src/main/java/com/bio/bio_backend/domain/user/member/service/MemberServiceImpl.java @@ -5,7 +5,8 @@ import com.bio.bio_backend.domain.user.member.entity.Member; import com.bio.bio_backend.domain.user.member.enums.MemberRole; import com.bio.bio_backend.domain.user.member.mapper.MemberMapper; import com.bio.bio_backend.domain.user.member.repository.MemberRepository; -import com.bio.bio_backend.domain.user.member.exception.UserDuplicateException; +import com.bio.bio_backend.global.exception.ApiException; +import com.bio.bio_backend.global.constants.ApiResponseCode; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; import org.springframework.security.core.userdetails.UserDetails; @@ -46,7 +47,7 @@ public class MemberServiceImpl implements MemberService { public MemberDto createMember(MemberDto memberDTO) { // userId 중복 체크 if (memberRepository.existsByUserId(memberDTO.getUserId())) { - throw new UserDuplicateException("User ID already exists"); + throw new ApiException(ApiResponseCode.USER_ID_DUPLICATE); } Member member = Member.builder() diff --git a/src/main/java/com/bio/bio_backend/global/annotation/LogExecution.java b/src/main/java/com/bio/bio_backend/global/annotation/LogExecution.java new file mode 100644 index 0000000..7ca161d --- /dev/null +++ b/src/main/java/com/bio/bio_backend/global/annotation/LogExecution.java @@ -0,0 +1,15 @@ +package com.bio.bio_backend.global.annotation; + +import java.lang.annotation.ElementType; +import java.lang.annotation.Retention; +import java.lang.annotation.RetentionPolicy; +import java.lang.annotation.Target; + +/** + * 메서드 실행 로깅 어노테이션 + */ +@Target(ElementType.METHOD) +@Retention(RetentionPolicy.RUNTIME) +public @interface LogExecution { + String value() default ""; +} diff --git a/src/main/java/com/bio/bio_backend/global/aop/MethodExecutionLoggingAspect.java b/src/main/java/com/bio/bio_backend/global/aop/MethodExecutionLoggingAspect.java new file mode 100644 index 0000000..3041aa1 --- /dev/null +++ b/src/main/java/com/bio/bio_backend/global/aop/MethodExecutionLoggingAspect.java @@ -0,0 +1,55 @@ +package com.bio.bio_backend.global.aop; + +import lombok.extern.slf4j.Slf4j; +import org.aspectj.lang.ProceedingJoinPoint; +import org.aspectj.lang.annotation.Around; +import org.aspectj.lang.annotation.Aspect; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.stereotype.Component; + +@Aspect +@Component +@Slf4j +public class MethodExecutionLoggingAspect { + + @Around("@annotation(logExecution)") + public Object logExecution(ProceedingJoinPoint pjp, com.bio.bio_backend.global.annotation.LogExecution logExecution) throws Throwable { + String message = logExecution.value().isEmpty() ? + pjp.getSignature().getName() : logExecution.value(); + + String className = pjp.getTarget().getClass().getSimpleName(); + String methodName = pjp.getSignature().getName(); + + String userInfo = getCurrentUser(); + + long startTime = System.currentTimeMillis(); + log.info("[START] {} | 호출경로: {}.{} | 사용자: {}", + message, className, methodName, userInfo); + + try { + Object result = pjp.proceed(); + long duration = System.currentTimeMillis() - startTime; + log.info("[SUCCESS] {} | 호출경로: {}.{} | 사용자: {} | 시간: {}ms", + message, className, methodName, userInfo, duration); + return result; + } catch (Exception e) { + long duration = System.currentTimeMillis() - startTime; + log.error("[FAILED] {} | 호출경로: {}.{} | 사용자: {} | 시간: {}ms | 오류: {}", + message, className, methodName, userInfo, duration, e.getMessage()); + throw e; + } + } + + private String getCurrentUser() { + try { + Authentication auth = SecurityContextHolder.getContext().getAuthentication(); + if (auth != null && auth.isAuthenticated() && !"anonymousUser".equals(auth.getName())) { + return auth.getName(); + } + return "인증되지 않은 사용자"; + } catch (Exception e) { + return "알 수 없는 사용자"; + } + } +} diff --git a/src/main/java/com/bio/bio_backend/global/config/SwaggerConfig.java b/src/main/java/com/bio/bio_backend/global/config/SwaggerConfig.java new file mode 100644 index 0000000..4b5a186 --- /dev/null +++ b/src/main/java/com/bio/bio_backend/global/config/SwaggerConfig.java @@ -0,0 +1,26 @@ +package com.bio.bio_backend.global.config; + +import io.swagger.v3.oas.models.OpenAPI; +import io.swagger.v3.oas.models.info.Info; +import io.swagger.v3.oas.models.info.License; +import io.swagger.v3.oas.models.servers.Server; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; + +import java.util.List; + +@Configuration +public class SwaggerConfig { + + @Bean + public OpenAPI openAPI() { + return new OpenAPI() + .info(new Info() + .title("대상 미생물 분석 시스템 Backend API") + .description("대상 미생물 분석 시스템 Backend 서비스의 REST API 문서") + .version("v1.0.0") + .license(new License() + .name("STAM License") + .url("https://stam.kr/"))); + } +} diff --git a/src/main/java/com/bio/bio_backend/global/constants/ApiResponseCode.java b/src/main/java/com/bio/bio_backend/global/constants/ApiResponseCode.java new file mode 100644 index 0000000..be3c7b0 --- /dev/null +++ b/src/main/java/com/bio/bio_backend/global/constants/ApiResponseCode.java @@ -0,0 +1,71 @@ +package com.bio.bio_backend.global.constants; + +import lombok.AllArgsConstructor; +import lombok.Getter; +import org.springframework.http.HttpStatus; + +/* + * API 관련 RESPONSE ENUM + */ + +@Getter +@AllArgsConstructor +public enum ApiResponseCode { + + /*공통 Code*/ + // 200 OK + COMMON_SUCCESS(HttpStatus.OK.value(), "요청 성공"), + COMMON_SUCCESS_CREATED(HttpStatus.CREATED.value(), "성공적으로 생성되었습니다"), + COMMON_SUCCESS_UPDATED(HttpStatus.OK.value(), "성공적으로 수정되었습니다"), + COMMON_SUCCESS_DELETED(HttpStatus.OK.value(), "성공적으로 삭제되었습니다"), + COMMON_SUCCESS_RETRIEVED(HttpStatus.OK.value(), "성공적으로 조회되었습니다"), + + // 400 Bad Request + COMMON_BAD_REQUEST(HttpStatus.BAD_REQUEST.value(), "필수 요청 본문이 누락되었거나 오류가 발생했습니다"), + COMMON_FORMAT_WRONG(HttpStatus.BAD_REQUEST.value(), "요청 형식이 올바르지 않습니다"), + COMMON_ARGUMENT_NOT_VALID(HttpStatus.BAD_REQUEST.value(), "인자가 유효하지 않습니다"), + + // 401 Unauthorized + COMMON_UNAUTHORIZED(HttpStatus.UNAUTHORIZED.value(), "인증에 실패했습니다"), + + // 403 Forbidden + COMMON_FORBIDDEN(HttpStatus.FORBIDDEN.value(), "접근이 거부되었습니다"), + + // 404 Not Found + COMMON_NOT_FOUND(HttpStatus.NOT_FOUND.value(), "리소스를 찾을 수 없습니다"), + + // 405 Method Not Allowed + COMMON_METHOD_NOT_ALLOWED(HttpStatus.METHOD_NOT_ALLOWED.value(), "허용되지 않는 메소드입니다"), + + // 409 Conflict + COMMON_CONFLICT(HttpStatus.CONFLICT.value(), "충돌이 발생했습니다"), + + // 500 Internal Server Error + COMMON_INTERNAL_SERVER_ERROR(HttpStatus.INTERNAL_SERVER_ERROR.value(), "서버에서 오류가 발생했습니다"), + COMMON_INDEX_OUT_OF_BOUND(HttpStatus.INTERNAL_SERVER_ERROR.value(), "인덱스가 범위를 벗어났습니다"), + COMMON_JSON_PROCESSING_EXCEPTION(HttpStatus.INTERNAL_SERVER_ERROR.value(), "유효한 JSON 형식인지 확인해주세요"), + + /*사용자 관련 Code*/ + // 200 OK + LOGIN_SUCCESSFUL(HttpStatus.OK.value(), "로그인에 성공했습니다"), + LOGOUT_SUCCESSFUL(HttpStatus.OK.value(), "로그아웃에 성공했습니다"), + USER_INFO_CHANGE(HttpStatus.OK.value(), "사용자 정보가 성공적으로 수정되었습니다"), + USER_DELETE_SUCCESSFUL(HttpStatus.OK.value(), "사용자가 성공적으로 삭제되었습니다"), + + // 409 Conflict + USER_ID_DUPLICATE(HttpStatus.CONFLICT.value(), "이미 존재하는 사용자 ID입니다"), + + // 401 Unauthorized + USER_NOT_FOUND(HttpStatus.UNAUTHORIZED.value(), "사용자를 찾을 수 없습니다. 인증에 실패했습니다"), + USER_PASSWORD_INVALID(HttpStatus.UNAUTHORIZED.value(), "비밀번호가 올바르지 않습니다"), + + // JWT 관련 + JWT_SIGNATURE_MISMATCH(HttpStatus.UNAUTHORIZED.value(), "JWT 서명이 일치하지 않습니다. 인증에 실패했습니다"), + JWT_TOKEN_NULL(HttpStatus.UNAUTHORIZED.value(), "JWT 토큰이 null입니다"), + JWT_TOKEN_EXPIRED(HttpStatus.UNAUTHORIZED.value(), "토큰이 만료되었습니다"), + ALL_TOKEN_INVALID(HttpStatus.UNAUTHORIZED.value(), "액세스 토큰과 리프레시 토큰이 모두 만료되었거나 유효하지 않습니다"); + + private final int statusCode; + private final String description; + +} diff --git a/src/main/java/com/bio/bio_backend/global/dto/ApiResponseDto.java b/src/main/java/com/bio/bio_backend/global/dto/ApiResponseDto.java new file mode 100644 index 0000000..baebd96 --- /dev/null +++ b/src/main/java/com/bio/bio_backend/global/dto/ApiResponseDto.java @@ -0,0 +1,38 @@ +package com.bio.bio_backend.global.dto; + + +import com.fasterxml.jackson.annotation.JsonInclude; + +import com.bio.bio_backend.global.constants.ApiResponseCode; +import lombok.Data; +import lombok.RequiredArgsConstructor; + +@Data +@RequiredArgsConstructor +@JsonInclude(JsonInclude.Include.NON_NULL) +public class ApiResponseDto { + + private int code; + private String message; + private String description; + private T data; + + private static final int SUCCESS = 200; + + private ApiResponseDto(int code, String message, String description, T data){ + this.code = code; + this.message = message; + this.description = description; + this.data = data; + } + + public static ApiResponseDto success(ApiResponseCode responseCode, T data) { + return new ApiResponseDto(SUCCESS, responseCode.name(), responseCode.getDescription(), data); + } + + public static ApiResponseDto fail(ApiResponseCode responseCode, T data) { + return new ApiResponseDto(responseCode.getStatusCode(), responseCode.name(), responseCode.getDescription(), data); + } + +} + diff --git a/src/main/java/com/bio/bio_backend/global/dto/CustomApiResponse.java b/src/main/java/com/bio/bio_backend/global/dto/CustomApiResponse.java deleted file mode 100644 index 0634a8a..0000000 --- a/src/main/java/com/bio/bio_backend/global/dto/CustomApiResponse.java +++ /dev/null @@ -1,39 +0,0 @@ -package com.bio.bio_backend.global.dto; - - -import com.fasterxml.jackson.annotation.JsonInclude; - -import com.bio.bio_backend.global.utils.ApiResponseCode; -import lombok.Data; -import lombok.RequiredArgsConstructor; - -//공통 response Class -@Data -@RequiredArgsConstructor -@JsonInclude(JsonInclude.Include.NON_NULL) -public class CustomApiResponse { - - private int code; - private String message; - private String description; - private T data; - - private static final int SUCCESS = 200; - - private CustomApiResponse(int code, String message, String description, T data){ - this.code = code; - this.message = message; - this.description = description; - this.data = data; - } - - public static CustomApiResponse success(ApiResponseCode responseCode, T data) { - return new CustomApiResponse(SUCCESS, responseCode.name(), responseCode.getDescription(), data); - } - - public static CustomApiResponse fail(ApiResponseCode responseCode, T data) { - return new CustomApiResponse(responseCode.getStatusCode(), responseCode.name(), responseCode.getDescription(), data); - } - -} - diff --git a/src/main/java/com/bio/bio_backend/global/exception/ApiException.java b/src/main/java/com/bio/bio_backend/global/exception/ApiException.java new file mode 100644 index 0000000..c352375 --- /dev/null +++ b/src/main/java/com/bio/bio_backend/global/exception/ApiException.java @@ -0,0 +1,24 @@ +package com.bio.bio_backend.global.exception; + +import lombok.Getter; +import com.bio.bio_backend.global.constants.ApiResponseCode; + +@Getter +public class ApiException extends RuntimeException { + private final ApiResponseCode responseCode; + + public ApiException(ApiResponseCode responseCode) { + super(responseCode.getDescription()); + this.responseCode = responseCode; + } + + public ApiException(ApiResponseCode responseCode, String message) { + super(message); + this.responseCode = responseCode; + } + + public ApiException(ApiResponseCode responseCode, Throwable cause) { + super(responseCode.getDescription(), cause); + this.responseCode = responseCode; + } +} \ No newline at end of file diff --git a/src/main/java/com/bio/bio_backend/global/exception/CustomAuthenticationFailureHandler.java b/src/main/java/com/bio/bio_backend/global/exception/CustomAuthenticationFailureHandler.java index 65b7563..2cc9ceb 100644 --- a/src/main/java/com/bio/bio_backend/global/exception/CustomAuthenticationFailureHandler.java +++ b/src/main/java/com/bio/bio_backend/global/exception/CustomAuthenticationFailureHandler.java @@ -14,8 +14,8 @@ import com.fasterxml.jackson.databind.ObjectMapper; import jakarta.servlet.ServletException; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; -import com.bio.bio_backend.global.dto.CustomApiResponse; -import com.bio.bio_backend.global.utils.ApiResponseCode; +import com.bio.bio_backend.global.dto.ApiResponseDto; +import com.bio.bio_backend.global.constants.ApiResponseCode; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; @@ -36,14 +36,14 @@ public class CustomAuthenticationFailureHandler implements AuthenticationFailure response.setCharacterEncoding("UTF-8"); response.setStatus(HttpStatus.UNAUTHORIZED.value()); - CustomApiResponse apiResponse; + ApiResponseDto apiResponse; if (exception instanceof UsernameNotFoundException) { - apiResponse = CustomApiResponse.fail(ApiResponseCode.USER_NOT_FOUND, null); + apiResponse = ApiResponseDto.fail(ApiResponseCode.USER_NOT_FOUND, null); } else if (exception instanceof BadCredentialsException) { - apiResponse = CustomApiResponse.fail(ApiResponseCode.AUTHENTICATION_FAILED, null); + apiResponse = ApiResponseDto.fail(ApiResponseCode.COMMON_UNAUTHORIZED, null); } else { response.setStatus(HttpStatus.INTERNAL_SERVER_ERROR.value()); - apiResponse = CustomApiResponse.fail(ApiResponseCode.INTERNAL_SERVER_ERROR, null); + apiResponse = ApiResponseDto.fail(ApiResponseCode.COMMON_INTERNAL_SERVER_ERROR, null); } String jsonResponse = objectMapper.writeValueAsString(apiResponse); diff --git a/src/main/java/com/bio/bio_backend/global/exception/GlobalExceptionHandler.java b/src/main/java/com/bio/bio_backend/global/exception/GlobalExceptionHandler.java index 558197b..5cc592e 100644 --- a/src/main/java/com/bio/bio_backend/global/exception/GlobalExceptionHandler.java +++ b/src/main/java/com/bio/bio_backend/global/exception/GlobalExceptionHandler.java @@ -1,80 +1,34 @@ package com.bio.bio_backend.global.exception; -import java.util.Objects; - -import org.springframework.http.converter.HttpMessageNotReadableException; -import org.springframework.web.HttpRequestMethodNotSupportedException; import org.springframework.web.bind.annotation.ExceptionHandler; import org.springframework.web.bind.annotation.RestControllerAdvice; -import org.springframework.web.servlet.resource.NoResourceFoundException; +import org.springframework.web.bind.MethodArgumentNotValidException; -import com.fasterxml.jackson.core.JsonProcessingException; - -import io.jsonwebtoken.ExpiredJwtException; -import io.jsonwebtoken.JwtException; -import io.jsonwebtoken.MalformedJwtException; -import io.jsonwebtoken.security.SignatureException; -import com.bio.bio_backend.global.dto.CustomApiResponse; -import com.bio.bio_backend.global.utils.ApiResponseCode; -import com.bio.bio_backend.domain.user.member.exception.UserDuplicateException; +import com.bio.bio_backend.global.dto.ApiResponseDto; +import com.bio.bio_backend.global.constants.ApiResponseCode; +import org.springframework.http.HttpStatus; +import org.springframework.http.ResponseEntity; @RestControllerAdvice public class GlobalExceptionHandler { - @ExceptionHandler(HttpMessageNotReadableException.class) - public CustomApiResponse handleHttpMessageNotReadableException(HttpMessageNotReadableException e) { - if (Objects.requireNonNull(e.getMessage()).contains("JSON parse error")) { - return CustomApiResponse.fail(ApiResponseCode.COMMON_FORMAT_WRONG, null); - } - return CustomApiResponse.fail(ApiResponseCode.COMMON_BAD_REQUEST, null); - } - @ExceptionHandler(HttpRequestMethodNotSupportedException.class) - public CustomApiResponse handleHttpRequestMethodNotSupportedException(HttpRequestMethodNotSupportedException e) { - return CustomApiResponse.fail(ApiResponseCode.COMMON_METHOD_NOT_ALLOWED, null); - } - - @ExceptionHandler(NoResourceFoundException.class) - public CustomApiResponse handleNoResourceFoundException(NoResourceFoundException e){ - return CustomApiResponse.fail(ApiResponseCode.COMMON_NOT_FOUND, null); - } - - @ExceptionHandler(IllegalArgumentException.class) - public CustomApiResponse handleIllegalArgumentException(IllegalArgumentException e){ - return CustomApiResponse.fail(ApiResponseCode.ARGUMENT_NOT_VALID, null); - } - - @ExceptionHandler(IndexOutOfBoundsException.class) - public CustomApiResponse handleIndexOutOfBoundsException(IndexOutOfBoundsException e){ - return CustomApiResponse.fail(ApiResponseCode.INDEX_OUT_OF_BOUND, null); - } - - @ExceptionHandler(SignatureException.class) - public CustomApiResponse handleSignatureException(SignatureException e) { - return CustomApiResponse.fail(ApiResponseCode.JWT_SIGNATURE_MISMATCH, null); - } - - @ExceptionHandler(MalformedJwtException.class) - public CustomApiResponse handleMalformedJwtException(MalformedJwtException e) { - return CustomApiResponse.fail(ApiResponseCode.JWT_SIGNATURE_MISMATCH, null); - } - - @ExceptionHandler(JwtException.class) - public CustomApiResponse handleJwtExceptionException(JwtException e) { - return CustomApiResponse.fail(ApiResponseCode.JWT_TOKEN_NULL, null); - } - - @ExceptionHandler(ExpiredJwtException.class) - public CustomApiResponse handleExpiredJwtException(ExpiredJwtException e) { - return CustomApiResponse.fail(ApiResponseCode.JWT_TOKEN_EXPIRED, null); + @ExceptionHandler(ApiException.class) + public ResponseEntity> handleApiException(ApiException e) { + ApiResponseDto response = ApiResponseDto.fail(e.getResponseCode(), null); + return ResponseEntity.status(e.getResponseCode().getStatusCode()).body(response); } - @ExceptionHandler(JsonProcessingException.class) - public CustomApiResponse handleExpiredJwtException(JsonProcessingException e) { - return CustomApiResponse.fail(ApiResponseCode.JSON_PROCESSING_EXCEPTION, null); - } - - @ExceptionHandler(UserDuplicateException.class) - public CustomApiResponse handleUserDuplicateException(UserDuplicateException e) { - return CustomApiResponse.fail(ApiResponseCode.USER_ID_DUPLICATE, null); + @ExceptionHandler(MethodArgumentNotValidException.class) + public ResponseEntity> handleMethodArgumentNotValidException(MethodArgumentNotValidException e) { + // 검증 실패한 필드들의 상세 오류 정보 추출 + var errors = e.getBindingResult().getFieldErrors().stream() + .map(error -> new ValidationError(error.getField(), error.getDefaultMessage())) + .toList(); + + ApiResponseDto response = ApiResponseDto.fail(ApiResponseCode.COMMON_ARGUMENT_NOT_VALID, errors); + return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(response); } + + // 검증 오류 상세 정보를 위한 내부 클래스 + private record ValidationError(String field, String message) { } } diff --git a/src/main/java/com/bio/bio_backend/global/exception/JwtAccessDeniedHandler.java b/src/main/java/com/bio/bio_backend/global/exception/JwtAccessDeniedHandler.java index dfe92f9..3056d84 100644 --- a/src/main/java/com/bio/bio_backend/global/exception/JwtAccessDeniedHandler.java +++ b/src/main/java/com/bio/bio_backend/global/exception/JwtAccessDeniedHandler.java @@ -14,8 +14,8 @@ import com.fasterxml.jackson.databind.ObjectMapper; import jakarta.servlet.ServletException; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; -import com.bio.bio_backend.global.dto.CustomApiResponse; -import com.bio.bio_backend.global.utils.ApiResponseCode; +import com.bio.bio_backend.global.dto.ApiResponseDto; +import com.bio.bio_backend.global.constants.ApiResponseCode; @Component public class JwtAccessDeniedHandler implements AccessDeniedHandler { @@ -35,8 +35,7 @@ public class JwtAccessDeniedHandler implements AccessDeniedHandler { } else { response.setStatus(HttpServletResponse.SC_FORBIDDEN); response.setContentType(MediaType.APPLICATION_JSON_VALUE); - new ObjectMapper().writeValue(response.getWriter(), - CustomApiResponse.fail(ApiResponseCode.COMMON_FORBIDDEN, null)); + new ObjectMapper().writeValue(response.getWriter(), ApiResponseDto.fail(ApiResponseCode.COMMON_FORBIDDEN, null)); } } } diff --git a/src/main/java/com/bio/bio_backend/global/filter/HttpLoggingFilter.java b/src/main/java/com/bio/bio_backend/global/filter/HttpLoggingFilter.java index 91c98dd..80ee717 100644 --- a/src/main/java/com/bio/bio_backend/global/filter/HttpLoggingFilter.java +++ b/src/main/java/com/bio/bio_backend/global/filter/HttpLoggingFilter.java @@ -1,57 +1,109 @@ -//package com.bio.bio_backend.filter; -// -//import java.io.IOException; -//import java.sql.Timestamp; -// -//import org.springframework.security.core.Authentication; -//import org.springframework.security.core.context.SecurityContextHolder; -//import org.springframework.web.filter.OncePerRequestFilter; -// -//import jakarta.servlet.FilterChain; -//import jakarta.servlet.ServletException; -//import jakarta.servlet.http.HttpServletRequest; -//import jakarta.servlet.http.HttpServletResponse; -//import com.bio.bio_backend.domain.common.dto.AccessLogDTO; -//import com.bio.bio_backend.domain.common.service.AccessLogService; -//import com.bio.bio_backend.domain.user.member.dto.MemberDTO; -//import com.bio.bio_backend.global.utils.HttpUtils; -// -//public class HttpLoggingFilter extends OncePerRequestFilter { -// -//// private AccessLogService accessLogService; -// private HttpUtils httpUtils; -// -// public HttpLoggingFilter(AccessLogService accessLogService, HttpUtils httpUtils) { -// this.accessLogService = accessLogService; -// this.httpUtils = httpUtils; -// } -// -// @Override -// protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) -// throws ServletException, IOException { -// // Request 요청 시간 -// Long startedAt = System.currentTimeMillis(); -// filterChain.doFilter(request, response); -// Long finishedAt = System.currentTimeMillis(); -// -// Authentication auth = SecurityContextHolder.getContext().getAuthentication(); -// MemberDTO member = null; -// if(auth != null && auth.getPrincipal() instanceof MemberDTO) { -// member = (MemberDTO) auth.getPrincipal(); -// } -// -// AccessLogDTO log = new AccessLogDTO(); -// log.setMbrSeq(member == null ? -1 : member.getSeq()); -// log.setType(httpUtils.getResponseType(response.getContentType())); -// log.setMethod(request.getMethod()); -// log.setIp(httpUtils.getClientIp()); -// log.setUri(request.getRequestURI()); -// log.setReqAt(new Timestamp(startedAt)); -// log.setResAt(new Timestamp(finishedAt)); -// log.setElapsedTime(finishedAt - startedAt); -// log.setResStatus(String.valueOf(response.getStatus())); -// -// accessLogService.createAccessLog(log); -// } -// -//} +package com.bio.bio_backend.global.filter; + +import jakarta.servlet.FilterChain; +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import lombok.extern.slf4j.Slf4j; +import org.springframework.stereotype.Component; +import org.springframework.web.filter.OncePerRequestFilter; +import org.springframework.web.util.ContentCachingRequestWrapper; +import org.springframework.web.util.ContentCachingResponseWrapper; + +import java.io.IOException; +import java.util.HashMap; +import java.util.Map; + +@Slf4j +@Component +public class HttpLoggingFilter extends OncePerRequestFilter { + + @Override + protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) + throws ServletException, IOException { + + long startTime = System.currentTimeMillis(); + + // 요청 정보 로깅 (IP 정보 제거) + log.info("HTTP REQUEST: {} {} | Headers: {} | Body: {}", + request.getMethod(), request.getRequestURI(), + getRequestHeaders(request), getRequestBody(request)); + + ContentCachingRequestWrapper wrappedRequest = new ContentCachingRequestWrapper(request); + ContentCachingResponseWrapper wrappedResponse = new ContentCachingResponseWrapper(response); + + try { + filterChain.doFilter(wrappedRequest, wrappedResponse); + } finally { + long duration = System.currentTimeMillis() - startTime; + + // 응답 정보 로깅 + log.info("HTTP RESPONSE: {} {} | Status: {} | Time: {}ms | Headers: {} | Body: {}", + request.getMethod(), request.getRequestURI(), + wrappedResponse.getStatus(), duration, getResponseHeaders(wrappedResponse), getResponseBody(wrappedResponse)); + + wrappedResponse.copyBodyToResponse(); + } + } + + // 민감 정보 마스킹 메서드 + private String maskSensitiveData(String body) { + if (body == null || body.isEmpty()) return "N/A"; + + // 비밀번호, 토큰 등 민감 정보 마스킹 + return body.replaceAll("\"password\"\\s*:\\s*\"[^\"]*\"", "\"password\":\"***\"") + .replaceAll("\"token\"\\s*:\\s*\"[^\"]*\"", "\"token\":\"***\"") + .replaceAll("\"refreshToken\"\\s*:\\s*\"[^\"]*\"", "\"refreshToken\":\"***\""); + } + + private String getRequestHeaders(HttpServletRequest request) { + // 주요 헤더만 (Content-Type, Authorization, User-Agent) + Map headers = new HashMap<>(); + headers.put("Content-Type", request.getContentType()); + headers.put("User-Agent", request.getHeader("User-Agent")); + + // Authorization 헤더는 마스킹 + String auth = request.getHeader("Authorization"); + if (auth != null) { + headers.put("Authorization", auth.startsWith("Bearer ") ? "Bearer ***" : "***"); + } + + return headers.toString(); + } + + private String getRequestBody(HttpServletRequest request) { + try { + ContentCachingRequestWrapper wrapper = (ContentCachingRequestWrapper) request; + String body = new String(wrapper.getContentAsByteArray()); + return maskSensitiveData(body); + } catch (Exception e) { + return "N/A"; + } + } + + private String getResponseHeaders(HttpServletResponse response) { + // 응답 헤더 정보 + return "Content-Type: " + response.getContentType(); + } + + private String getResponseBody(HttpServletResponse response) { + try { + ContentCachingResponseWrapper wrapper = (ContentCachingResponseWrapper) response; + String body = new String(wrapper.getContentAsByteArray()); + return maskSensitiveData(body); + } catch (Exception e) { + return "N/A"; + } + } + + @Override + protected boolean shouldNotFilter(HttpServletRequest request) { + String path = request.getRequestURI(); + return path.startsWith("/static/") || + path.startsWith("/css/") || + path.startsWith("/js/") || + path.startsWith("/images/") || + path.equals("/actuator/health") || + path.equals("/favicon.ico"); + } +} diff --git a/src/main/java/com/bio/bio_backend/global/security/JwtAuthenticationFilter.java b/src/main/java/com/bio/bio_backend/global/security/JwtAuthenticationFilter.java index 84df2b9..631bf5c 100644 --- a/src/main/java/com/bio/bio_backend/global/security/JwtAuthenticationFilter.java +++ b/src/main/java/com/bio/bio_backend/global/security/JwtAuthenticationFilter.java @@ -6,12 +6,12 @@ import jakarta.servlet.ServletException; import jakarta.servlet.http.Cookie; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; -import com.bio.bio_backend.global.dto.CustomApiResponse; +import com.bio.bio_backend.global.dto.ApiResponseDto; import com.bio.bio_backend.domain.user.member.dto.LoginRequestDto; import com.bio.bio_backend.domain.user.member.dto.LoginResponseDto; import com.bio.bio_backend.domain.user.member.dto.MemberDto; import com.bio.bio_backend.domain.user.member.service.MemberService; -import com.bio.bio_backend.global.utils.ApiResponseCode; +import com.bio.bio_backend.global.constants.ApiResponseCode; import com.bio.bio_backend.global.utils.JwtUtils; import lombok.RequiredArgsConstructor; import lombok.SneakyThrows; @@ -20,7 +20,6 @@ import org.springframework.core.env.Environment; import org.springframework.http.HttpStatus; import org.springframework.http.MediaType; import org.springframework.security.authentication.AuthenticationManager; -import org.springframework.security.authentication.AuthenticationServiceException; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; @@ -31,7 +30,6 @@ import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; import java.io.IOException; -import java.sql.Timestamp; import java.time.LocalDateTime; import java.util.Objects; @@ -116,6 +114,6 @@ public class JwtAuthenticationFilter extends UsernamePasswordAuthenticationFilte response.setStatus(HttpStatus.OK.value()); response.setContentType(MediaType.APPLICATION_JSON_VALUE); new ObjectMapper().writeValue(response.getWriter(), - CustomApiResponse.success(ApiResponseCode.LOGIN_SUCCESSFUL, memberData)); + ApiResponseDto.success(ApiResponseCode.LOGIN_SUCCESSFUL, memberData)); } } diff --git a/src/main/java/com/bio/bio_backend/global/security/JwtTokenFilter.java b/src/main/java/com/bio/bio_backend/global/security/JwtTokenFilter.java index ca48a7a..5680d36 100644 --- a/src/main/java/com/bio/bio_backend/global/security/JwtTokenFilter.java +++ b/src/main/java/com/bio/bio_backend/global/security/JwtTokenFilter.java @@ -1,10 +1,8 @@ package com.bio.bio_backend.global.security; import java.io.IOException; -import java.util.Arrays; import java.util.Objects; -import org.springframework.beans.factory.annotation.Autowired; import org.springframework.core.env.Environment; import org.springframework.http.MediaType; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; @@ -20,9 +18,9 @@ import jakarta.servlet.FilterChain; import jakarta.servlet.ServletException; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; -import com.bio.bio_backend.global.dto.CustomApiResponse; +import com.bio.bio_backend.global.dto.ApiResponseDto; import com.bio.bio_backend.domain.user.member.service.MemberService; -import com.bio.bio_backend.global.utils.ApiResponseCode; +import com.bio.bio_backend.global.constants.ApiResponseCode; import com.bio.bio_backend.global.utils.JwtUtils; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; @@ -50,7 +48,7 @@ public class JwtTokenFilter extends OncePerRequestFilter { String refreshToken = jwtUtils.extractRefreshJwtFromCookie(request); if(accessToken == null){ - sendJsonResponse(response, CustomApiResponse.fail(ApiResponseCode.JWT_TOKEN_NULL, null)); + sendJsonResponse(response, ApiResponseDto.fail(ApiResponseCode.JWT_TOKEN_NULL, null)); return; } @@ -83,7 +81,7 @@ public class JwtTokenFilter extends OncePerRequestFilter { response.setHeader("Authorization", "Bearer " + newAccessToken); filterChain.doFilter(request, response); } else { - sendJsonResponse(response, CustomApiResponse.fail(ApiResponseCode.All_TOKEN_INVALID, null)); + sendJsonResponse(response, ApiResponseDto.fail(ApiResponseCode.ALL_TOKEN_INVALID, null)); } } catch (Exception e) { request.setAttribute("exception", e); @@ -92,7 +90,7 @@ public class JwtTokenFilter extends OncePerRequestFilter { filterChain.doFilter(request, response); } - private void sendJsonResponse(HttpServletResponse response, CustomApiResponse apiResponse) throws IOException { + private void sendJsonResponse(HttpServletResponse response, ApiResponseDto apiResponse) throws IOException { response.setContentType(MediaType.APPLICATION_JSON_VALUE); response.setCharacterEncoding("UTF-8"); response.setStatus(apiResponse.getCode()); diff --git a/src/main/java/com/bio/bio_backend/global/utils/ApiResponseCode.java b/src/main/java/com/bio/bio_backend/global/utils/ApiResponseCode.java deleted file mode 100644 index e819ef6..0000000 --- a/src/main/java/com/bio/bio_backend/global/utils/ApiResponseCode.java +++ /dev/null @@ -1,74 +0,0 @@ -package com.bio.bio_backend.global.utils; - -import lombok.AllArgsConstructor; -import lombok.Getter; -import org.springframework.http.HttpStatus; - -/* - * API 관련 RESPONSE ENUM - */ - -@Getter -@AllArgsConstructor -public enum ApiResponseCode { - - /*login & logout*/ - - // 200 OK - LOGIN_SUCCESSFUL(HttpStatus.OK.value(), "Login successful"), - - LOGOUT_SUCCESSFUL(HttpStatus.OK.value(), "Logout successful"), - - USER_INFO_CHANGE(HttpStatus.OK.value(), "User info update successful"), - - USER_DELETE_SUCCESSFUL(HttpStatus.OK.value(), "User delete is successful"), - - // 401 Unauthorized - USER_NOT_FOUND(HttpStatus.UNAUTHORIZED.value(), "User not found. Authentication failed"), - - AUTHENTICATION_FAILED(HttpStatus.UNAUTHORIZED.value(), "Password is invalid"), - - // 409 Conflict - USER_ID_DUPLICATE(HttpStatus.CONFLICT.value(), "User ID already exists"), - - /*auth*/ - // 401 Unauthorized - JWT_SIGNATURE_MISMATCH(HttpStatus.UNAUTHORIZED.value(), "JWT signature does not match. Authentication failed"), - - JWT_TOKEN_NULL(HttpStatus.UNAUTHORIZED.value(), "JWT token is null"), - - JWT_TOKEN_EXPIRED(HttpStatus.UNAUTHORIZED.value(), "Token is Expired"), - - All_TOKEN_INVALID(HttpStatus.UNAUTHORIZED.value(), "Access and Refresh tokens are expired or invalid"), - - /*공통 Code*/ - // 400 Bad Request - COMMON_BAD_REQUEST(HttpStatus.BAD_REQUEST.value(), "Required request body is missing or Error"), - - COMMON_FORMAT_WRONG(HttpStatus.BAD_REQUEST.value(), "Request format is incorrect"), - - // 401 Unauthorized - COMMON_UNAUTHORIZED(HttpStatus.UNAUTHORIZED.value(), "Unauthorized"), - - // 403 Forbidden - COMMON_FORBIDDEN(HttpStatus.FORBIDDEN.value(), "Access is denied"), - - // 404 Not Found - COMMON_NOT_FOUND(HttpStatus.NOT_FOUND.value(), "Resource is not found"), - - // 405 Method Not Allowed - COMMON_METHOD_NOT_ALLOWED(HttpStatus.METHOD_NOT_ALLOWED.value(), "Method not Allowed"), - - // 500 Internal Server Error - INTERNAL_SERVER_ERROR(HttpStatus.INTERNAL_SERVER_ERROR.value(), "An error occurred on the server"), - - ARGUMENT_NOT_VALID(HttpStatus.INTERNAL_SERVER_ERROR.value(), "Argument is not valid"), - - INDEX_OUT_OF_BOUND(HttpStatus.INTERNAL_SERVER_ERROR.value(), "Index out of bounds for length"), - - JSON_PROCESSING_EXCEPTION(HttpStatus.INTERNAL_SERVER_ERROR.value(), "Check if it is a valid JSON format"); - - private final int statusCode; - private final String description; - -} diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index cfa157e..667b6cf 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -1,56 +1,98 @@ +# ======================================== +# 기본 애플리케이션 설정 +# ======================================== server.port=8080 server.servlet.context-path=/service spring.application.name=bio_backend +spring.output.ansi.enabled=always + +# ======================================== +# 개발 도구 설정 +# ======================================== spring.devtools.livereload.enabled=true -#spring.devtools.restart.poll-interval=2000 -# 추가로 감시할 경로 (자바 소스 폴더) spring.devtools.restart.additional-paths=src/main/java - -# 데이터베이스 연결 정보 -# URL 형식: jdbc:postgresql://[호스트명]:[포트번호]/[데이터베이스명] +# ======================================== +# 데이터베이스 설정 +# ======================================== spring.datasource.url=jdbc:postgresql://stam.kr:15432/imas spring.datasource.username=imas_user spring.datasource.password=stam1201 spring.datasource.driver-class-name=org.postgresql.Driver +# ======================================== # JPA/Hibernate 설정 -# ddl-auto: 엔티티(Entity)에 맞춰 데이터베이스 스키마를 자동 생성/업데이트합니다. -# - create: 애플리케이션 시작 시 기존 스키마를 삭제하고 새로 생성 (개발용) -# - create-drop: 시작 시 생성, 종료 시 삭제 (테스트용) -# - update: 엔티티 변경 시 스키마 업데이트 (개발용) -# - validate: 엔티티와 스키마 일치 여부만 검증 (운영용) -# - none: 아무 작업도 하지 않음 +# ======================================== spring.jpa.hibernate.ddl-auto=none -spring.jpa.properties.javax.persistence.schema-generation.scripts.action=create -spring.jpa.properties.javax.persistence.schema-generation.scripts.create-target=ddl/schema.sql -spring.jpa.properties.hibernate.hbm2ddl.schema-generation.script.append=false - -# Hibernate log +spring.jpa.open-in-view=false spring.jpa.show-sql=false spring.jpa.properties.hibernate.format_sql=true spring.jpa.properties.hibernate.highlight_sql=true spring.jpa.properties.hibernate.use_sql_comments=false + +# 스키마 생성 설정 +spring.jpa.properties.javax.persistence.schema-generation.scripts.action=create +spring.jpa.properties.javax.persistence.schema-generation.scripts.create-target=ddl/schema.sql +spring.jpa.properties.hibernate.hbm2ddl.schema-generation.script.append=false + +# ======================================== +# 로그 레벨 설정 +# ======================================== +# 전체 애플리케이션 기본 로그 레벨 +logging.level.root=INFO + +# 프로젝트 패키지 로그 레벨 +logging.level.com.bio.bio_backend=DEBUG + +# 세부 패키지별 로그 레벨 +logging.level.com.bio.bio_backend..*.controller=INFO +logging.level.com.bio.bio_backend..*.service=DEBUG +logging.level.com.bio.bio_backend..*.repository=DEBUG +logging.level.com.bio.bio_backend.global.aop=DEBUG +logging.level.com.bio.bio_backend.global.filter=INFO + +# JPA/Hibernate 로깅 logging.level.org.hibernate.SQL=DEBUG logging.level.org.hibernate.orm.jdbc.bind=TRACE +logging.level.org.hibernate.type.descriptor.sql.BasicBinder=TRACE logging.level.org.springframework.data.jpa=DEBUG +logging.level.org.springframework.orm.jpa=INFO +logging.level.org.springframework.transaction=DEBUG -# Open Session in View 설정 (권장: false) -spring.jpa.open-in-view=false +# Spring Framework 로깅 +logging.level.org.springframework.web=WARN +logging.level.org.springframework.web.servlet.DispatcherServlet=WARN +logging.level.org.springframework.security=INFO -# P6Spy + +# ======================================== +# 로그 패턴 설정 +# ======================================== +logging.pattern.console=%d{yyyy-MM-dd HH:mm:ss} [%thread] %-5level %logger{36} - %msg%n +logging.pattern.file=%d{yyyy-MM-dd HH:mm:ss} [%thread] %-5level %logger{36} - %msg%n + +# ======================================== +# P6Spy 설정 (SQL 로깅) +# ======================================== decorator.datasource.p6spy.enable-logging=true decorator.datasource.p6spy.log-format=%(sqlSingleLine) -# CONSOLE -spring.output.ansi.enabled=always - -# HikariCP 연결 풀 크기 설정 (선택사항) -# spring.datasource.hikari.maximum-pool-size=10 - -##JWT 설정 -## access : 30분 / refresh : 7일 +# ======================================== +# JWT 설정 +# ======================================== token.expiration_time_access=180000 token.expiration_time_refresh=604800000 -token.secret_key= c3RhbV9qd3Rfc2VjcmV0X3Rva2Vuc3RhbV9qd3Rfc2VjcmV0X3Rva2Vu +token.secret_key=c3RhbV9qd3Rfc2VjcmV0X3Rva2Vuc3RhbV9qd3Rfc2VjcmV0X3RhbV9qd3Rfc2VjcmV0X3Rva2Vu + +# ======================================== +# Swagger 설정 +# ======================================== +springdoc.api-docs.path=/api-docs +springdoc.swagger-ui.path=/swagger-ui.html +springdoc.swagger-ui.operationsSorter=method +springdoc.swagger-ui.tagsSorter=alpha +springdoc.swagger-ui.doc-expansion=none +springdoc.swagger-ui.disable-swagger-default-url=true +springdoc.default-produces-media-type=application/json +springdoc.default-consumes-media-type=application/json diff --git a/src/main/resources/logback-spring.xml b/src/main/resources/logback-spring.xml new file mode 100644 index 0000000..1eab898 --- /dev/null +++ b/src/main/resources/logback-spring.xml @@ -0,0 +1,92 @@ + + + + + + %d{yyyy-MM-dd HH:mm:ss} [%thread] %-5level %logger{36} - %msg%n + + + + + + logs/bio-backend.log + + + logs/bio-backend-%d{yyyy-MM-dd}.%i.log + + 30 + + 10MB + + 1GB + + + %d{yyyy-MM-dd HH:mm:ss} [%thread] %-5level %logger{36} - %msg%n + + + + + + logs/bio-backend-error.log + + ERROR + ACCEPT + DENY + + + logs/bio-backend-error-%d{yyyy-MM-dd}.%i.log + 30 + 10MB + 500MB + + + %d{yyyy-MM-dd HH:mm:ss} [%thread] %-5level %logger{36} - %msg%n + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file