leejisun9/bio_backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'main' of https://demo.stam.kr/leejisun9/bio_backend

Browse Source
This commit is contained in:
leejisun9
2025-08-19 08:56:06 +09:00
parent 331d242ac3 eff011f9fd
commit 33b33ef7a3
23 changed files with 799 additions and 342 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.gitignore vendored
View File

@@ -42,4 +42,5 @@ bin/
# Temporary files created by the OS # Temporary files created by the OS
.DS_Store .DS_Store
Thumbs.db Thumbs.db
/nginx-1.28.0/logs/nginx.pid

196
README.md
View File

@@ -8,6 +8,7 @@
- **Security**: Spring Security + JWT - **Security**: Spring Security + JWT
- **Build Tool**: Gradle - **Build Tool**: Gradle
- **Container**: Docker + Kubernetes - **Container**: Docker + Kubernetes
- **API Documentation**: Swagger (SpringDoc OpenAPI)
## 개발 가이드 ## 개발 가이드
@@ -27,11 +28,126 @@ src/main/java/com/bio/bio_backend/
│ ├── config/ # 설정 클래스 │ ├── config/ # 설정 클래스
│ ├── security/ # 보안 설정 │ ├── security/ # 보안 설정
│ ├── exception/ # 예외 처리 │ ├── exception/ # 예외 처리
│ ├── aop/ # AOP 로깅
│ ├── filter/ # HTTP 로깅 필터
│ └── utils/ # 유틸리티 │ └── utils/ # 유틸리티
└── BioBackendApplication.java └── BioBackendApplication.java
``` ```
### 2. 트랜잭션 관리 ### 2. API 응답 표준화 (ApiResponseDto)
#### 응답 구조
모든 API 응답은 `ApiResponseDto<T>` 형태로 표준화되어 있습니다.
```java
public class ApiResponseDto<T> {
private int code; // HTTP 상태 코드
private String message; // 응답 메시지 (ApiResponseCode enum 값)
private String description; // 응답 설명
private T data; // 실제 데이터 (제네릭 타입)
}
```
#### 응답 예시
**성공 응답 (201 Created)**
```json
{
"code": 201,
"message": "COMMON_SUCCESS_CREATED",
"description": "Created successfully",
"data": {
"seq": 1,
"userId": "user123",
"name": "홍길동"
}
}
```
**실패 응답 (409 Conflict)**
```json
{
"code": 409,
"message": "USER_ID_DUPLICATE",
"description": "User ID already exists",
"data": null
}
```
#### 사용 방법
**Controller에서 응답 생성**
```java
@PostMapping("/members")
public ResponseEntity<ApiResponseDto<CreateMemberResponseDto>> createMember(@RequestBody CreateMemberRequestDto requestDto) {
// ... 비즈니스 로직 ...
// 성공 응답
ApiResponseDto<CreateMemberResponseDto> apiResponse =
ApiResponseDto.success(ApiResponseCode.COMMON_SUCCESS_CREATED, responseDto);
return ResponseEntity.status(HttpStatus.CREATED).body(apiResponse);
}
```
**공용 응답 코드 사용**
```java
// ApiResponseCode.java
public enum ApiResponseCode {
// 공용 성공 코드
COMMON_SUCCESS_CREATED(HttpStatus.CREATED.value(), "Created successfully"),
COMMON_SUCCESS_UPDATED(HttpStatus.OK.value(), "Updated successfully"),
COMMON_SUCCESS_DELETED(HttpStatus.OK.value(), "Deleted successfully"),
COMMON_SUCCESS_RETRIEVED(HttpStatus.OK.value(), "Retrieved successfully"),
// 공용 오류 코드
COMMON_BAD_REQUEST(HttpStatus.BAD_REQUEST.value(), "Required request body is missing or Error"),
COMMON_UNAUTHORIZED(HttpStatus.UNAUTHORIZED.value(), "Unauthorized"),
COMMON_FORBIDDEN(HttpStatus.FORBIDDEN.value(), "Access is denied"),
COMMON_NOT_FOUND(HttpStatus.NOT_FOUND.value(), "Resource is not found"),
COMMON_INTERNAL_SERVER_ERROR(HttpStatus.INTERNAL_SERVER_ERROR.value(), "An error occurred on the server")
}
```
#### 핵심 규칙
- **모든 API 응답**: `ApiResponseDto<T>`로 감싸서 반환
- **공용 응답 코드**: `COMMON_` 접두사로 시작하는 범용 코드 사용
- **일관된 구조**: `code`, `message`, `description`, `data` 필드로 표준화
- **제네릭 활용**: `<T>`를 통해 다양한 데이터 타입 지원
### 3. API 문서화 (Swagger)
#### Swagger UI 접속
- **URL**: `http://localhost:8080/service/swagger-ui.html`
- **API Docs**: `http://localhost:8080/service/api-docs`
#### 주요 어노테이션
```java
@Tag(name = "Member", description = "회원 관리 API")
@Operation(summary = "회원 가입", description = "새로운 회원을 등록합니다.")
@ApiResponses(value = {
@ApiResponse(responseCode = "201", description = "회원 가입 성공"),
@ApiResponse(responseCode = "400", description = "잘못된 요청 데이터",
content = @Content(schema = @Schema(implementation = ApiResponseDto.class))),
@ApiResponse(responseCode = "409", description = "중복된 사용자 정보",
content = @Content(schema = @Schema(implementation = ApiResponseDto.class)))
})
```
#### 설정 파일
- **SwaggerConfig.java**: OpenAPI 기본 정보 설정
- **application.properties**: Swagger UI 커스터마이징
### 4. 트랜잭션 관리
#### 기본 설정 #### 기본 설정
@@ -54,3 +170,81 @@ public class MemberServiceImpl {
- **클래스 레벨**: `@Transactional(readOnly = true)` 기본 설정 - **클래스 레벨**: `@Transactional(readOnly = true)` 기본 설정
- **메서드별**: 데이터 수정 시에만 `@Transactional` 개별 적용 - **메서드별**: 데이터 수정 시에만 `@Transactional` 개별 적용
- **설정**: `spring.jpa.open-in-view=false` (성능 최적화) - **설정**: `spring.jpa.open-in-view=false` (성능 최적화)
### 5. 오류 등록 및 사용
#### 오류 코드 등록
```java
// ApiResponseCode.java
public enum ApiResponseCode {
USER_ID_DUPLICATE(HttpStatus.CONFLICT.value(), "User ID already exists"),
}
```
#### 오류 사용 방법
```java
// Service에서 예외 발생
throw new ApiException(ApiResponseCode.USER_ID_DUPLICATE);
// Controller에서 예외 처리 (자동)
// GlobalExceptionHandler가 ApiException을 잡아서 응답 변환
```
#### 핵심 규칙
- **오류 코드**: `ApiResponseCode` enum에 모든 오류 정의
- **예외 클래스**: `ApiException`으로 비즈니스 로직 예외 처리
- **자동 처리**: `GlobalExceptionHandler`가 일관된 응답 형태로 변환
### 6. 로깅 시스템
#### @LogExecution 어노테이션 사용법
**메서드 실행 로깅을 위한 필수 어노테이션입니다.**
##### 기본 사용법
```java
@LogExecution("회원 등록")
@PostMapping("/register")
public ResponseEntity<ApiResponseDto<CreateMemberResponseDto>> createMember(@RequestBody CreateMemberRequestDto requestDto) {
// 메서드 실행 시 자동으로 로그 출력
}
```
##### 로그 출력 예시
**메서드 시작 시:**
```
[START] 회원 등록 | 호출경로: MemberController.createMember | 사용자: 고명빈(kmbin92)
```
**메서드 성공 시:**
```
[SUCCESS] 회원 등록 | 호출경로: MemberController.createMember | 사용자: 고명빈(kmbin92) | 시간: 200ms
```
**메서드 실패 시:**
```
[FAILED] 회원 등록 | 호출경로: MemberController.createMember | 사용자: 고명빈(kmbin92) | 시간: 23ms | 오류: 이미 존재하는 사용자 ID입니다
```
##### 어노테이션 설정
```java
@LogExecution("사용자 정보 조회")
public UserDto getUserInfo() { }
@LogExecution("주문 처리")
public OrderDto processOrder() { }
```
##### 로깅 시스템 구성
1. **MethodExecutionLoggingAspect**: 메서드 실행 로깅 (AOP)
2. **HttpLoggingFilter**: HTTP 요청/응답 로깅 (필터)
3. **logback-spring.xml**: 로그 파일 관리 및 설정
**중요**: `@LogExecution` 어노테이션이 없으면 메서드 실행 로그가 출력되지 않습니다

3
build.gradle
View File

@@ -61,6 +61,9 @@ dependencies {
// p6spy // p6spy
implementation 'com.github.gavlyukovskiy:p6spy-spring-boot-starter:1.9.0' implementation 'com.github.gavlyukovskiy:p6spy-spring-boot-starter:1.9.0'
// SpringDoc OpenAPI (Swagger)
implementation 'org.springdoc:springdoc-openapi-starter-webmvc-ui:2.8.9'
} }
tasks.named('test') { tasks.named('test') {

51
nginx-1.28.0/conf/nginx.conf
View File

@@ -1,46 +1,49 @@
# ./nginx/nginx.conf
# 이벤트 블록은 Nginx가 어떻게 연결을 처리할지 정의합니다.
events { events {
worker_connections 1024; worker_connections 1024;
} }
# HTTP 블록은 웹 서버의 동작을 정의합니다.
http { http {
# MIME 타입 파일을 포함하여 파일 확장자에 따라 콘텐츠 타입을 결정합니다.
include mime.types; include mime.types;
error_log logs/error.log warn; default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
# <<< 여기서 log_format 'main'을 정의 >>> # (선택) 로그 위치
log_format main '$remote_addr - $remote_user [$time_local] "$request" ' access_log logs/access.log;
'$status $body_bytes_sent "$http_referer" ' error_log logs/error.log warn;
'"$http_user_agent" "$http_x_forwarded_for"';
# 위에서 정의한 'main'을 사 # 웹소켓
access_log logs/access.log main; map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
# 기본 서버 설정을 정의합니다.
server { server {
# 80번 포트에서 요청을 받습니다.
listen 80; listen 80;
server_name localhost; # 서버 이름을 localhost로 설정 server_name localhost;
# 루트 경로(/)로 들어오는 모든 요청을 처리합니다. # Nuxt(개발서버 3000)
location / { location / {
# 요청을 다른 서버(여기서는 Nuxt.js)로 전달합니다.
proxy_pass http://localhost:3000; proxy_pass http://localhost:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
# 프록시 헤더를 설정하여 원본 요청 정보를 유지합니다. # Spring Boot(8080) — /service 접두어 제거
location /service/ {
proxy_pass http://localhost:8080; # 끝에 슬래시 넣으면 /service가 제거됨
proxy_set_header Host $host; proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
} }
# /api/ 경로로 들어오는 요청을 처리합니다. (Spring Boot 컨테이너를 가리킨다고 가정) # (선택) 업로드 크게 받을 때
location /service { # client_max_body_size 50m;
proxy_pass http://localhost:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
} }
} }

46
src/main/java/com/bio/bio_backend/domain/user/member/controller/MemberController.java
View File

@@ -1,12 +1,11 @@
package com.bio.bio_backend.domain.user.member.controller; package com.bio.bio_backend.domain.user.member.controller;
import com.bio.bio_backend.global.dto.ApiResponseDto;
import io.swagger.v3.oas.annotations.tags.Tag;
import org.springframework.http.HttpStatus; import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity; import org.springframework.http.ResponseEntity;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.*;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RestController;
import jakarta.validation.Valid; import jakarta.validation.Valid;
import com.bio.bio_backend.domain.user.member.dto.MemberDto; import com.bio.bio_backend.domain.user.member.dto.MemberDto;
@@ -16,8 +15,17 @@ import com.bio.bio_backend.domain.user.member.service.MemberService;
import com.bio.bio_backend.domain.user.member.mapper.MemberMapper; import com.bio.bio_backend.domain.user.member.mapper.MemberMapper;
import lombok.RequiredArgsConstructor; import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.responses.ApiResponse;
import io.swagger.v3.oas.annotations.responses.ApiResponses;
import io.swagger.v3.oas.annotations.media.Content;
import io.swagger.v3.oas.annotations.media.Schema;
import com.bio.bio_backend.global.constants.ApiResponseCode;
import com.bio.bio_backend.global.annotation.LogExecution;
@Tag(name = "Member", description = "회원 관련 API")
@RestController @RestController
@RequestMapping("/members")
@RequiredArgsConstructor @RequiredArgsConstructor
@Slf4j @Slf4j
public class MemberController { public class MemberController {
@@ -26,13 +34,21 @@ public class MemberController {
private final MemberMapper memberMapper; private final MemberMapper memberMapper;
private final BCryptPasswordEncoder bCryptPasswordEncoder; private final BCryptPasswordEncoder bCryptPasswordEncoder;
@PostMapping("/members") @LogExecution("회원 등록")
public ResponseEntity<CreateMemberResponseDto> createMember(@RequestBody @Valid CreateMemberRequestDto requestDto) { @Operation(summary = "회원 등록", description = "새로운 회원을 등록합니다.")
@ApiResponses({
@ApiResponse(responseCode = "201", description = "회원 가입 성공"),
@ApiResponse(responseCode = "400", description = "잘못된 요청 데이터", content = @Content(schema = @Schema(implementation = ApiResponseDto.class))),
@ApiResponse(responseCode = "409", description = "중복된 사용자 정보", content = @Content(schema = @Schema(implementation = ApiResponseDto.class)))
})
@PostMapping("/register")
public ResponseEntity<ApiResponseDto<CreateMemberResponseDto>> createMember(@RequestBody @Valid CreateMemberRequestDto requestDto) {
MemberDto member = memberMapper.toMemberDto(requestDto); MemberDto member = memberMapper.toMemberDto(requestDto);
MemberDto createdMember = memberService.createMember(member); MemberDto createdMember = memberService.createMember(member);
CreateMemberResponseDto responseDto = memberMapper.toCreateMemberResponseDto(createdMember); CreateMemberResponseDto responseDto = memberMapper.toCreateMemberResponseDto(createdMember);
ApiResponseDto<CreateMemberResponseDto> apiResponse = ApiResponseDto.success(ApiResponseCode.COMMON_SUCCESS_CREATED, responseDto);
return ResponseEntity.status(HttpStatus.CREATED).body(responseDto);
return ResponseEntity.status(HttpStatus.CREATED).body(apiResponse);
} }
// @PostMapping("/member/list") // @PostMapping("/member/list")
@@ -64,7 +80,7 @@ public class MemberController {
// } // }
// @PutMapping("/member") // @PutMapping("/member")
// public CustomApiResponse<Void> updateMember(@RequestBody @Valid CreateMemberRequestDTO requestMember, @AuthenticationPrincipal MemberDTO registrant) { // public ApiResponseDto<Void> updateMember(@RequestBody @Valid CreateMemberRequestDTO requestMember, @AuthenticationPrincipal MemberDTO registrant) {
// // 현재 JWT는 사용자 id 값을 통하여 생성, 회원정보 변경 시 JWT 재발급 여부 검토 // // 현재 JWT는 사용자 id 값을 통하여 생성, 회원정보 변경 시 JWT 재발급 여부 검토
// MemberDTO member = mapper.map(requestMember, MemberDTO.class); // MemberDTO member = mapper.map(requestMember, MemberDTO.class);
@@ -76,31 +92,31 @@ public class MemberController {
// member.setRegSeq(registrant.getSeq()); // member.setRegSeq(registrant.getSeq());
// memberService.updateMember(member); // memberService.updateMember(member);
// return CustomApiResponse.success(ApiResponseCode.USER_INFO_CHANGE, null); // return ApiResponseDto.success(ApiResponseCode.USER_INFO_CHANGE, null);
// } // }
// @DeleteMapping("/member") // @DeleteMapping("/member")
// public CustomApiResponse<Void> deleteMember(@RequestBody @Valid CreateMemberRequestDTO requestMember){ // public ApiResponseDto<Void> deleteMember(@RequestBody @Valid CreateMemberRequestDTO requestMember){
// MemberDTO member = mapper.map(requestMember, MemberDTO.class); // MemberDTO member = mapper.map(requestMember, MemberDTO.class);
// memberService.deleteMember(member); // memberService.deleteMember(member);
// return CustomApiResponse.success(ApiResponseCode.USER_DELETE_SUCCESSFUL, null); // return ApiResponseDto.success(ApiResponseCode.USER_DELETE_SUCCESSFUL, null);
// } // }
// @PostMapping("/logout") // @PostMapping("/logout")
// public CustomApiResponse<Void> logout(@AuthenticationPrincipal MemberDTO member) { // public ApiResponseDto<Void> logout(@AuthenticationPrincipal MemberDTO member) {
// String id = member.getId(); // String id = member.getId();
// try { // try {
// memberService.deleteRefreshToken(id); // memberService.deleteRefreshToken(id);
// } catch (Exception e) { // } catch (Exception e) {
// return CustomApiResponse.fail(ApiResponseCode.INTERNAL_SERVER_ERROR, null); // return ApiResponseDto.fail(ApiResponseCode.INTERNAL_SERVER_ERROR, null);
// } // }
// return CustomApiResponse.success(ApiResponseCode.LOGOUT_SUCCESSFUL, null); // return ApiResponseDto.success(ApiResponseCode.LOGOUT_SUCCESSFUL, null);
// } // }
} }

12
src/main/java/com/bio/bio_backend/domain/user/member/exception/UserDuplicateException.java
View File

@@ -1,12 +0,0 @@
package com.bio.bio_backend.domain.user.member.exception;
public class UserDuplicateException extends RuntimeException {
public UserDuplicateException(String message) {
super(message);
}
public UserDuplicateException(String message, Throwable cause) {
super(message, cause);
}
}

5
src/main/java/com/bio/bio_backend/domain/user/member/service/MemberServiceImpl.java
View File

@@ -5,7 +5,8 @@ import com.bio.bio_backend.domain.user.member.entity.Member;
import com.bio.bio_backend.domain.user.member.enums.MemberRole; import com.bio.bio_backend.domain.user.member.enums.MemberRole;
import com.bio.bio_backend.domain.user.member.mapper.MemberMapper; import com.bio.bio_backend.domain.user.member.mapper.MemberMapper;
import com.bio.bio_backend.domain.user.member.repository.MemberRepository; import com.bio.bio_backend.domain.user.member.repository.MemberRepository;
import com.bio.bio_backend.domain.user.member.exception.UserDuplicateException; import com.bio.bio_backend.global.exception.ApiException;
import com.bio.bio_backend.global.constants.ApiResponseCode;
import lombok.RequiredArgsConstructor; import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetails;
@@ -46,7 +47,7 @@ public class MemberServiceImpl implements MemberService {
public MemberDto createMember(MemberDto memberDTO) { public MemberDto createMember(MemberDto memberDTO) {
// userId 중복 체크 // userId 중복 체크
if (memberRepository.existsByUserId(memberDTO.getUserId())) { if (memberRepository.existsByUserId(memberDTO.getUserId())) {
throw new UserDuplicateException("User ID already exists"); throw new ApiException(ApiResponseCode.USER_ID_DUPLICATE);
} }
Member member = Member.builder() Member member = Member.builder()

15
src/main/java/com/bio/bio_backend/global/annotation/LogExecution.java Normal file
View File

@@ -0,0 +1,15 @@
package com.bio.bio_backend.global.annotation;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
/**
* 메서드 실행 로깅 어노테이션
*/
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
public @interface LogExecution {
String value() default "";
}

55
src/main/java/com/bio/bio_backend/global/aop/MethodExecutionLoggingAspect.java Normal file
View File

@@ -0,0 +1,55 @@
package com.bio.bio_backend.global.aop;
import lombok.extern.slf4j.Slf4j;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;
@Aspect
@Component
@Slf4j
public class MethodExecutionLoggingAspect {
@Around("@annotation(logExecution)")
public Object logExecution(ProceedingJoinPoint pjp, com.bio.bio_backend.global.annotation.LogExecution logExecution) throws Throwable {
String message = logExecution.value().isEmpty() ?
pjp.getSignature().getName() : logExecution.value();
String className = pjp.getTarget().getClass().getSimpleName();
String methodName = pjp.getSignature().getName();
String userInfo = getCurrentUser();
long startTime = System.currentTimeMillis();
log.info("[START] {} | 호출경로: {}.{} | 사용자: {}",
message, className, methodName, userInfo);
try {
Object result = pjp.proceed();
long duration = System.currentTimeMillis() - startTime;
log.info("[SUCCESS] {} | 호출경로: {}.{} | 사용자: {} | 시간: {}ms",
message, className, methodName, userInfo, duration);
return result;
} catch (Exception e) {
long duration = System.currentTimeMillis() - startTime;
log.error("[FAILED] {} | 호출경로: {}.{} | 사용자: {} | 시간: {}ms | 오류: {}",
message, className, methodName, userInfo, duration, e.getMessage());
throw e;
}
}
private String getCurrentUser() {
try {
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
if (auth != null && auth.isAuthenticated() && !"anonymousUser".equals(auth.getName())) {
return auth.getName();
}
return "인증되지 않은 사용자";
} catch (Exception e) {
return "알 수 없는 사용자";
}
}
}

26
src/main/java/com/bio/bio_backend/global/config/SwaggerConfig.java Normal file
View File

@@ -0,0 +1,26 @@
package com.bio.bio_backend.global.config;
import io.swagger.v3.oas.models.OpenAPI;
import io.swagger.v3.oas.models.info.Info;
import io.swagger.v3.oas.models.info.License;
import io.swagger.v3.oas.models.servers.Server;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import java.util.List;
@Configuration
public class SwaggerConfig {
@Bean
public OpenAPI openAPI() {
return new OpenAPI()
.info(new Info()
.title("대상 미생물 분석 시스템 Backend API")
.description("대상 미생물 분석 시스템 Backend 서비스의 REST API 문서")
.version("v1.0.0")
.license(new License()
.name("STAM License")
.url("https://stam.kr/")));
}
}

71
src/main/java/com/bio/bio_backend/global/constants/ApiResponseCode.java Normal file
View File

@@ -0,0 +1,71 @@
package com.bio.bio_backend.global.constants;
import lombok.AllArgsConstructor;
import lombok.Getter;
import org.springframework.http.HttpStatus;
/*
* API 관련 RESPONSE ENUM
*/
@Getter
@AllArgsConstructor
public enum ApiResponseCode {
/*공통 Code*/
// 200 OK
COMMON_SUCCESS(HttpStatus.OK.value(), "요청 성공"),
COMMON_SUCCESS_CREATED(HttpStatus.CREATED.value(), "성공적으로 생성되었습니다"),
COMMON_SUCCESS_UPDATED(HttpStatus.OK.value(), "성공적으로 수정되었습니다"),
COMMON_SUCCESS_DELETED(HttpStatus.OK.value(), "성공적으로 삭제되었습니다"),
COMMON_SUCCESS_RETRIEVED(HttpStatus.OK.value(), "성공적으로 조회되었습니다"),
// 400 Bad Request
COMMON_BAD_REQUEST(HttpStatus.BAD_REQUEST.value(), "필수 요청 본문이 누락되었거나 오류가 발생했습니다"),
COMMON_FORMAT_WRONG(HttpStatus.BAD_REQUEST.value(), "요청 형식이 올바르지 않습니다"),
COMMON_ARGUMENT_NOT_VALID(HttpStatus.BAD_REQUEST.value(), "인자가 유효하지 않습니다"),
// 401 Unauthorized
COMMON_UNAUTHORIZED(HttpStatus.UNAUTHORIZED.value(), "인증에 실패했습니다"),
// 403 Forbidden
COMMON_FORBIDDEN(HttpStatus.FORBIDDEN.value(), "접근이 거부되었습니다"),
// 404 Not Found
COMMON_NOT_FOUND(HttpStatus.NOT_FOUND.value(), "리소스를 찾을 수 없습니다"),
// 405 Method Not Allowed
COMMON_METHOD_NOT_ALLOWED(HttpStatus.METHOD_NOT_ALLOWED.value(), "허용되지 않는 메소드입니다"),
// 409 Conflict
COMMON_CONFLICT(HttpStatus.CONFLICT.value(), "충돌이 발생했습니다"),
// 500 Internal Server Error
COMMON_INTERNAL_SERVER_ERROR(HttpStatus.INTERNAL_SERVER_ERROR.value(), "서버에서 오류가 발생했습니다"),
COMMON_INDEX_OUT_OF_BOUND(HttpStatus.INTERNAL_SERVER_ERROR.value(), "인덱스가 범위를 벗어났습니다"),
COMMON_JSON_PROCESSING_EXCEPTION(HttpStatus.INTERNAL_SERVER_ERROR.value(), "유효한 JSON 형식인지 확인해주세요"),
/*사용자 관련 Code*/
// 200 OK
LOGIN_SUCCESSFUL(HttpStatus.OK.value(), "로그인에 성공했습니다"),
LOGOUT_SUCCESSFUL(HttpStatus.OK.value(), "로그아웃에 성공했습니다"),
USER_INFO_CHANGE(HttpStatus.OK.value(), "사용자 정보가 성공적으로 수정되었습니다"),
USER_DELETE_SUCCESSFUL(HttpStatus.OK.value(), "사용자가 성공적으로 삭제되었습니다"),
// 409 Conflict
USER_ID_DUPLICATE(HttpStatus.CONFLICT.value(), "이미 존재하는 사용자 ID입니다"),
// 401 Unauthorized
USER_NOT_FOUND(HttpStatus.UNAUTHORIZED.value(), "사용자를 찾을 수 없습니다. 인증에 실패했습니다"),
USER_PASSWORD_INVALID(HttpStatus.UNAUTHORIZED.value(), "비밀번호가 올바르지 않습니다"),
// JWT 관련
JWT_SIGNATURE_MISMATCH(HttpStatus.UNAUTHORIZED.value(), "JWT 서명이 일치하지 않습니다. 인증에 실패했습니다"),
JWT_TOKEN_NULL(HttpStatus.UNAUTHORIZED.value(), "JWT 토큰이 null입니다"),
JWT_TOKEN_EXPIRED(HttpStatus.UNAUTHORIZED.value(), "토큰이 만료되었습니다"),
ALL_TOKEN_INVALID(HttpStatus.UNAUTHORIZED.value(), "액세스 토큰과 리프레시 토큰이 모두 만료되었거나 유효하지 않습니다");
private final int statusCode;
private final String description;
}

38
src/main/java/com/bio/bio_backend/global/dto/ApiResponseDto.java Normal file
View File

@@ -0,0 +1,38 @@
package com.bio.bio_backend.global.dto;
import com.fasterxml.jackson.annotation.JsonInclude;
import com.bio.bio_backend.global.constants.ApiResponseCode;
import lombok.Data;
import lombok.RequiredArgsConstructor;
@Data
@RequiredArgsConstructor
@JsonInclude(JsonInclude.Include.NON_NULL)
public class ApiResponseDto<T> {
private int code;
private String message;
private String description;
private T data;
private static final int SUCCESS = 200;
private ApiResponseDto(int code, String message, String description, T data){
this.code = code;
this.message = message;
this.description = description;
this.data = data;
}
public static <T> ApiResponseDto<T> success(ApiResponseCode responseCode, T data) {
return new ApiResponseDto<T>(SUCCESS, responseCode.name(), responseCode.getDescription(), data);
}
public static <T> ApiResponseDto<T> fail(ApiResponseCode responseCode, T data) {
return new ApiResponseDto<T>(responseCode.getStatusCode(), responseCode.name(), responseCode.getDescription(), data);
}
}

39
src/main/java/com/bio/bio_backend/global/dto/CustomApiResponse.java
View File

@@ -1,39 +0,0 @@
package com.bio.bio_backend.global.dto;
import com.fasterxml.jackson.annotation.JsonInclude;
import com.bio.bio_backend.global.utils.ApiResponseCode;
import lombok.Data;
import lombok.RequiredArgsConstructor;
//공통 response Class
@Data
@RequiredArgsConstructor
@JsonInclude(JsonInclude.Include.NON_NULL)
public class CustomApiResponse<T> {
private int code;
private String message;
private String description;
private T data;
private static final int SUCCESS = 200;
private CustomApiResponse(int code, String message, String description, T data){
this.code = code;
this.message = message;
this.description = description;
this.data = data;
}
public static <T> CustomApiResponse<T> success(ApiResponseCode responseCode, T data) {
return new CustomApiResponse<T>(SUCCESS, responseCode.name(), responseCode.getDescription(), data);
}
public static <T> CustomApiResponse<T> fail(ApiResponseCode responseCode, T data) {
return new CustomApiResponse<T>(responseCode.getStatusCode(), responseCode.name(), responseCode.getDescription(), data);
}
}

24
src/main/java/com/bio/bio_backend/global/exception/ApiException.java Normal file
View File

@@ -0,0 +1,24 @@
package com.bio.bio_backend.global.exception;
import lombok.Getter;
import com.bio.bio_backend.global.constants.ApiResponseCode;
@Getter
public class ApiException extends RuntimeException {
private final ApiResponseCode responseCode;
public ApiException(ApiResponseCode responseCode) {
super(responseCode.getDescription());
this.responseCode = responseCode;
}
public ApiException(ApiResponseCode responseCode, String message) {
super(message);
this.responseCode = responseCode;
}
public ApiException(ApiResponseCode responseCode, Throwable cause) {
super(responseCode.getDescription(), cause);
this.responseCode = responseCode;
}
}

12
src/main/java/com/bio/bio_backend/global/exception/CustomAuthenticationFailureHandler.java
View File

@@ -14,8 +14,8 @@ import com.fasterxml.jackson.databind.ObjectMapper;
import jakarta.servlet.ServletException; import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse; import jakarta.servlet.http.HttpServletResponse;
import com.bio.bio_backend.global.dto.CustomApiResponse; import com.bio.bio_backend.global.dto.ApiResponseDto;
import com.bio.bio_backend.global.utils.ApiResponseCode; import com.bio.bio_backend.global.constants.ApiResponseCode;
import lombok.RequiredArgsConstructor; import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
@@ -36,14 +36,14 @@ public class CustomAuthenticationFailureHandler implements AuthenticationFailure
response.setCharacterEncoding("UTF-8"); response.setCharacterEncoding("UTF-8");
response.setStatus(HttpStatus.UNAUTHORIZED.value()); response.setStatus(HttpStatus.UNAUTHORIZED.value());
CustomApiResponse<String> apiResponse; ApiResponseDto<String> apiResponse;
if (exception instanceof UsernameNotFoundException) { if (exception instanceof UsernameNotFoundException) {
apiResponse = CustomApiResponse.fail(ApiResponseCode.USER_NOT_FOUND, null); apiResponse = ApiResponseDto.fail(ApiResponseCode.USER_NOT_FOUND, null);
} else if (exception instanceof BadCredentialsException) { } else if (exception instanceof BadCredentialsException) {
apiResponse = CustomApiResponse.fail(ApiResponseCode.AUTHENTICATION_FAILED, null); apiResponse = ApiResponseDto.fail(ApiResponseCode.COMMON_UNAUTHORIZED, null);
} else { } else {
response.setStatus(HttpStatus.INTERNAL_SERVER_ERROR.value()); response.setStatus(HttpStatus.INTERNAL_SERVER_ERROR.value());
apiResponse = CustomApiResponse.fail(ApiResponseCode.INTERNAL_SERVER_ERROR, null); apiResponse = ApiResponseDto.fail(ApiResponseCode.COMMON_INTERNAL_SERVER_ERROR, null);
} }
String jsonResponse = objectMapper.writeValueAsString(apiResponse); String jsonResponse = objectMapper.writeValueAsString(apiResponse);

88
src/main/java/com/bio/bio_backend/global/exception/GlobalExceptionHandler.java
View File

@@ -1,80 +1,34 @@
package com.bio.bio_backend.global.exception; package com.bio.bio_backend.global.exception;
import java.util.Objects;
import org.springframework.http.converter.HttpMessageNotReadableException;
import org.springframework.web.HttpRequestMethodNotSupportedException;
import org.springframework.web.bind.annotation.ExceptionHandler; import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.RestControllerAdvice; import org.springframework.web.bind.annotation.RestControllerAdvice;
import org.springframework.web.servlet.resource.NoResourceFoundException; import org.springframework.web.bind.MethodArgumentNotValidException;
import com.fasterxml.jackson.core.JsonProcessingException; import com.bio.bio_backend.global.dto.ApiResponseDto;
import com.bio.bio_backend.global.constants.ApiResponseCode;
import io.jsonwebtoken.ExpiredJwtException; import org.springframework.http.HttpStatus;
import io.jsonwebtoken.JwtException; import org.springframework.http.ResponseEntity;
import io.jsonwebtoken.MalformedJwtException;
import io.jsonwebtoken.security.SignatureException;
import com.bio.bio_backend.global.dto.CustomApiResponse;
import com.bio.bio_backend.global.utils.ApiResponseCode;
import com.bio.bio_backend.domain.user.member.exception.UserDuplicateException;
@RestControllerAdvice @RestControllerAdvice
public class GlobalExceptionHandler { public class GlobalExceptionHandler {
@ExceptionHandler(HttpMessageNotReadableException.class)
public CustomApiResponse<Void> handleHttpMessageNotReadableException(HttpMessageNotReadableException e) {
if (Objects.requireNonNull(e.getMessage()).contains("JSON parse error")) {
return CustomApiResponse.fail(ApiResponseCode.COMMON_FORMAT_WRONG, null);
}
return CustomApiResponse.fail(ApiResponseCode.COMMON_BAD_REQUEST, null);
}
@ExceptionHandler(HttpRequestMethodNotSupportedException.class) @ExceptionHandler(ApiException.class)
public CustomApiResponse<Void> handleHttpRequestMethodNotSupportedException(HttpRequestMethodNotSupportedException e) { public ResponseEntity<ApiResponseDto<Void>> handleApiException(ApiException e) {
return CustomApiResponse.fail(ApiResponseCode.COMMON_METHOD_NOT_ALLOWED, null); ApiResponseDto<Void> response = ApiResponseDto.fail(e.getResponseCode(), null);
} return ResponseEntity.status(e.getResponseCode().getStatusCode()).body(response);
@ExceptionHandler(NoResourceFoundException.class)
public CustomApiResponse<Void> handleNoResourceFoundException(NoResourceFoundException e){
return CustomApiResponse.fail(ApiResponseCode.COMMON_NOT_FOUND, null);
}
@ExceptionHandler(IllegalArgumentException.class)
public CustomApiResponse<Void> handleIllegalArgumentException(IllegalArgumentException e){
return CustomApiResponse.fail(ApiResponseCode.ARGUMENT_NOT_VALID, null);
}
@ExceptionHandler(IndexOutOfBoundsException.class)
public CustomApiResponse<Void> handleIndexOutOfBoundsException(IndexOutOfBoundsException e){
return CustomApiResponse.fail(ApiResponseCode.INDEX_OUT_OF_BOUND, null);
}
@ExceptionHandler(SignatureException.class)
public CustomApiResponse<Void> handleSignatureException(SignatureException e) {
return CustomApiResponse.fail(ApiResponseCode.JWT_SIGNATURE_MISMATCH, null);
}
@ExceptionHandler(MalformedJwtException.class)
public CustomApiResponse<Void> handleMalformedJwtException(MalformedJwtException e) {
return CustomApiResponse.fail(ApiResponseCode.JWT_SIGNATURE_MISMATCH, null);
}
@ExceptionHandler(JwtException.class)
public CustomApiResponse<Void> handleJwtExceptionException(JwtException e) {
return CustomApiResponse.fail(ApiResponseCode.JWT_TOKEN_NULL, null);
}
@ExceptionHandler(ExpiredJwtException.class)
public CustomApiResponse<Void> handleExpiredJwtException(ExpiredJwtException e) {
return CustomApiResponse.fail(ApiResponseCode.JWT_TOKEN_EXPIRED, null);
} }
@ExceptionHandler(JsonProcessingException.class) @ExceptionHandler(MethodArgumentNotValidException.class)
public CustomApiResponse<Void> handleExpiredJwtException(JsonProcessingException e) { public ResponseEntity<ApiResponseDto<Object>> handleMethodArgumentNotValidException(MethodArgumentNotValidException e) {
return CustomApiResponse.fail(ApiResponseCode.JSON_PROCESSING_EXCEPTION, null); // 검증 실패한 필드들의 상세 오류 정보 추출
} var errors = e.getBindingResult().getFieldErrors().stream()
.map(error -> new ValidationError(error.getField(), error.getDefaultMessage()))
@ExceptionHandler(UserDuplicateException.class) .toList();
public CustomApiResponse<Void> handleUserDuplicateException(UserDuplicateException e) {
return CustomApiResponse.fail(ApiResponseCode.USER_ID_DUPLICATE, null); ApiResponseDto<Object> response = ApiResponseDto.fail(ApiResponseCode.COMMON_ARGUMENT_NOT_VALID, errors);
return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(response);
} }
// 검증 오류 상세 정보를 위한 내부 클래스
private record ValidationError(String field, String message) { }
} }

7
src/main/java/com/bio/bio_backend/global/exception/JwtAccessDeniedHandler.java
View File

@@ -14,8 +14,8 @@ import com.fasterxml.jackson.databind.ObjectMapper;
import jakarta.servlet.ServletException; import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse; import jakarta.servlet.http.HttpServletResponse;
import com.bio.bio_backend.global.dto.CustomApiResponse; import com.bio.bio_backend.global.dto.ApiResponseDto;
import com.bio.bio_backend.global.utils.ApiResponseCode; import com.bio.bio_backend.global.constants.ApiResponseCode;
@Component @Component
public class JwtAccessDeniedHandler implements AccessDeniedHandler { public class JwtAccessDeniedHandler implements AccessDeniedHandler {
@@ -35,8 +35,7 @@ public class JwtAccessDeniedHandler implements AccessDeniedHandler {
} else { } else {
response.setStatus(HttpServletResponse.SC_FORBIDDEN); response.setStatus(HttpServletResponse.SC_FORBIDDEN);
response.setContentType(MediaType.APPLICATION_JSON_VALUE); response.setContentType(MediaType.APPLICATION_JSON_VALUE);
new ObjectMapper().writeValue(response.getWriter(), new ObjectMapper().writeValue(response.getWriter(), ApiResponseDto.fail(ApiResponseCode.COMMON_FORBIDDEN, null));
CustomApiResponse.fail(ApiResponseCode.COMMON_FORBIDDEN, null));
} }
} }
} }

166
src/main/java/com/bio/bio_backend/global/filter/HttpLoggingFilter.java
View File

@@ -1,57 +1,109 @@
//package com.bio.bio_backend.filter; package com.bio.bio_backend.global.filter;
//
//import java.io.IOException; import jakarta.servlet.FilterChain;
//import java.sql.Timestamp; import jakarta.servlet.ServletException;
// import jakarta.servlet.http.HttpServletRequest;
//import org.springframework.security.core.Authentication; import jakarta.servlet.http.HttpServletResponse;
//import org.springframework.security.core.context.SecurityContextHolder; import lombok.extern.slf4j.Slf4j;
//import org.springframework.web.filter.OncePerRequestFilter; import org.springframework.stereotype.Component;
// import org.springframework.web.filter.OncePerRequestFilter;
//import jakarta.servlet.FilterChain; import org.springframework.web.util.ContentCachingRequestWrapper;
//import jakarta.servlet.ServletException; import org.springframework.web.util.ContentCachingResponseWrapper;
//import jakarta.servlet.http.HttpServletRequest;
//import jakarta.servlet.http.HttpServletResponse; import java.io.IOException;
//import com.bio.bio_backend.domain.common.dto.AccessLogDTO; import java.util.HashMap;
//import com.bio.bio_backend.domain.common.service.AccessLogService; import java.util.Map;
//import com.bio.bio_backend.domain.user.member.dto.MemberDTO;
//import com.bio.bio_backend.global.utils.HttpUtils; @Slf4j
// @Component
//public class HttpLoggingFilter extends OncePerRequestFilter { public class HttpLoggingFilter extends OncePerRequestFilter {
//
//// private AccessLogService accessLogService; @Override
// private HttpUtils httpUtils; protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
// throws ServletException, IOException {
// public HttpLoggingFilter(AccessLogService accessLogService, HttpUtils httpUtils) {
// this.accessLogService = accessLogService; long startTime = System.currentTimeMillis();
// this.httpUtils = httpUtils;
// } // 요청 정보 로깅 (IP 정보 제거)
// log.info("HTTP REQUEST: {} {} | Headers: {} | Body: {}",
// @Override request.getMethod(), request.getRequestURI(),
// protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) getRequestHeaders(request), getRequestBody(request));
// throws ServletException, IOException {
// // Request 요청 시간 ContentCachingRequestWrapper wrappedRequest = new ContentCachingRequestWrapper(request);
// Long startedAt = System.currentTimeMillis(); ContentCachingResponseWrapper wrappedResponse = new ContentCachingResponseWrapper(response);
// filterChain.doFilter(request, response);
// Long finishedAt = System.currentTimeMillis(); try {
// filterChain.doFilter(wrappedRequest, wrappedResponse);
// Authentication auth = SecurityContextHolder.getContext().getAuthentication(); } finally {
// MemberDTO member = null; long duration = System.currentTimeMillis() - startTime;
// if(auth != null && auth.getPrincipal() instanceof MemberDTO) {
// member = (MemberDTO) auth.getPrincipal(); // 응답 정보 로깅
// } log.info("HTTP RESPONSE: {} {} | Status: {} | Time: {}ms | Headers: {} | Body: {}",
// request.getMethod(), request.getRequestURI(),
// AccessLogDTO log = new AccessLogDTO(); wrappedResponse.getStatus(), duration, getResponseHeaders(wrappedResponse), getResponseBody(wrappedResponse));
// log.setMbrSeq(member == null ? -1 : member.getSeq());
// log.setType(httpUtils.getResponseType(response.getContentType())); wrappedResponse.copyBodyToResponse();
// log.setMethod(request.getMethod()); }
// log.setIp(httpUtils.getClientIp()); }
// log.setUri(request.getRequestURI());
// log.setReqAt(new Timestamp(startedAt)); // 민감 정보 마스킹 메서드
// log.setResAt(new Timestamp(finishedAt)); private String maskSensitiveData(String body) {
// log.setElapsedTime(finishedAt - startedAt); if (body == null || body.isEmpty()) return "N/A";
// log.setResStatus(String.valueOf(response.getStatus()));
// // 비밀번호, 토큰 등 민감 정보 마스킹
// accessLogService.createAccessLog(log); return body.replaceAll("\"password\"\\s*:\\s*\"[^\"]*\"", "\"password\":\"***\"")
// } .replaceAll("\"token\"\\s*:\\s*\"[^\"]*\"", "\"token\":\"***\"")
// .replaceAll("\"refreshToken\"\\s*:\\s*\"[^\"]*\"", "\"refreshToken\":\"***\"");
//} }
private String getRequestHeaders(HttpServletRequest request) {
// 주요 헤더만 (Content-Type, Authorization, User-Agent)
Map<String, String> headers = new HashMap<>();
headers.put("Content-Type", request.getContentType());
headers.put("User-Agent", request.getHeader("User-Agent"));
// Authorization 헤더는 마스킹
String auth = request.getHeader("Authorization");
if (auth != null) {
headers.put("Authorization", auth.startsWith("Bearer ") ? "Bearer ***" : "***");
}
return headers.toString();
}
private String getRequestBody(HttpServletRequest request) {
try {
ContentCachingRequestWrapper wrapper = (ContentCachingRequestWrapper) request;
String body = new String(wrapper.getContentAsByteArray());
return maskSensitiveData(body);
} catch (Exception e) {
return "N/A";
}
}
private String getResponseHeaders(HttpServletResponse response) {
// 응답 헤더 정보
return "Content-Type: " + response.getContentType();
}
private String getResponseBody(HttpServletResponse response) {
try {
ContentCachingResponseWrapper wrapper = (ContentCachingResponseWrapper) response;
String body = new String(wrapper.getContentAsByteArray());
return maskSensitiveData(body);
} catch (Exception e) {
return "N/A";
}
}
@Override
protected boolean shouldNotFilter(HttpServletRequest request) {
String path = request.getRequestURI();
return path.startsWith("/static/") ||
path.startsWith("/css/") ||
path.startsWith("/js/") ||
path.startsWith("/images/") ||
path.equals("/actuator/health") ||
path.equals("/favicon.ico");
}
}

8
src/main/java/com/bio/bio_backend/global/security/JwtAuthenticationFilter.java
View File

@@ -6,12 +6,12 @@ import jakarta.servlet.ServletException;
import jakarta.servlet.http.Cookie; import jakarta.servlet.http.Cookie;
import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse; import jakarta.servlet.http.HttpServletResponse;
import com.bio.bio_backend.global.dto.CustomApiResponse; import com.bio.bio_backend.global.dto.ApiResponseDto;
import com.bio.bio_backend.domain.user.member.dto.LoginRequestDto; import com.bio.bio_backend.domain.user.member.dto.LoginRequestDto;
import com.bio.bio_backend.domain.user.member.dto.LoginResponseDto; import com.bio.bio_backend.domain.user.member.dto.LoginResponseDto;
import com.bio.bio_backend.domain.user.member.dto.MemberDto; import com.bio.bio_backend.domain.user.member.dto.MemberDto;
import com.bio.bio_backend.domain.user.member.service.MemberService; import com.bio.bio_backend.domain.user.member.service.MemberService;
import com.bio.bio_backend.global.utils.ApiResponseCode; import com.bio.bio_backend.global.constants.ApiResponseCode;
import com.bio.bio_backend.global.utils.JwtUtils; import com.bio.bio_backend.global.utils.JwtUtils;
import lombok.RequiredArgsConstructor; import lombok.RequiredArgsConstructor;
import lombok.SneakyThrows; import lombok.SneakyThrows;
@@ -20,7 +20,6 @@ import org.springframework.core.env.Environment;
import org.springframework.http.HttpStatus; import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType; import org.springframework.http.MediaType;
import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication; import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.AuthenticationException;
@@ -31,7 +30,6 @@ import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import java.io.IOException; import java.io.IOException;
import java.sql.Timestamp;
import java.time.LocalDateTime; import java.time.LocalDateTime;
import java.util.Objects; import java.util.Objects;
@@ -116,6 +114,6 @@ public class JwtAuthenticationFilter extends UsernamePasswordAuthenticationFilte
response.setStatus(HttpStatus.OK.value()); response.setStatus(HttpStatus.OK.value());
response.setContentType(MediaType.APPLICATION_JSON_VALUE); response.setContentType(MediaType.APPLICATION_JSON_VALUE);
new ObjectMapper().writeValue(response.getWriter(), new ObjectMapper().writeValue(response.getWriter(),
CustomApiResponse.success(ApiResponseCode.LOGIN_SUCCESSFUL, memberData)); ApiResponseDto.success(ApiResponseCode.LOGIN_SUCCESSFUL, memberData));
} }
} }

12
src/main/java/com/bio/bio_backend/global/security/JwtTokenFilter.java
View File

@@ -1,10 +1,8 @@
package com.bio.bio_backend.global.security; package com.bio.bio_backend.global.security;
import java.io.IOException; import java.io.IOException;
import java.util.Arrays;
import java.util.Objects; import java.util.Objects;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.env.Environment; import org.springframework.core.env.Environment;
import org.springframework.http.MediaType; import org.springframework.http.MediaType;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
@@ -20,9 +18,9 @@ import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException; import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse; import jakarta.servlet.http.HttpServletResponse;
import com.bio.bio_backend.global.dto.CustomApiResponse; import com.bio.bio_backend.global.dto.ApiResponseDto;
import com.bio.bio_backend.domain.user.member.service.MemberService; import com.bio.bio_backend.domain.user.member.service.MemberService;
import com.bio.bio_backend.global.utils.ApiResponseCode; import com.bio.bio_backend.global.constants.ApiResponseCode;
import com.bio.bio_backend.global.utils.JwtUtils; import com.bio.bio_backend.global.utils.JwtUtils;
import lombok.RequiredArgsConstructor; import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
@@ -50,7 +48,7 @@ public class JwtTokenFilter extends OncePerRequestFilter {
String refreshToken = jwtUtils.extractRefreshJwtFromCookie(request); String refreshToken = jwtUtils.extractRefreshJwtFromCookie(request);
if(accessToken == null){ if(accessToken == null){
sendJsonResponse(response, CustomApiResponse.fail(ApiResponseCode.JWT_TOKEN_NULL, null)); sendJsonResponse(response, ApiResponseDto.fail(ApiResponseCode.JWT_TOKEN_NULL, null));
return; return;
} }
@@ -83,7 +81,7 @@ public class JwtTokenFilter extends OncePerRequestFilter {
response.setHeader("Authorization", "Bearer " + newAccessToken); response.setHeader("Authorization", "Bearer " + newAccessToken);
filterChain.doFilter(request, response); filterChain.doFilter(request, response);
} else { } else {
sendJsonResponse(response, CustomApiResponse.fail(ApiResponseCode.All_TOKEN_INVALID, null)); sendJsonResponse(response, ApiResponseDto.fail(ApiResponseCode.ALL_TOKEN_INVALID, null));
} }
} catch (Exception e) { } catch (Exception e) {
request.setAttribute("exception", e); request.setAttribute("exception", e);
@@ -92,7 +90,7 @@ public class JwtTokenFilter extends OncePerRequestFilter {
filterChain.doFilter(request, response); filterChain.doFilter(request, response);
} }
private void sendJsonResponse(HttpServletResponse response, CustomApiResponse<?> apiResponse) throws IOException { private void sendJsonResponse(HttpServletResponse response, ApiResponseDto<?> apiResponse) throws IOException {
response.setContentType(MediaType.APPLICATION_JSON_VALUE); response.setContentType(MediaType.APPLICATION_JSON_VALUE);
response.setCharacterEncoding("UTF-8"); response.setCharacterEncoding("UTF-8");
response.setStatus(apiResponse.getCode()); response.setStatus(apiResponse.getCode());

74
src/main/java/com/bio/bio_backend/global/utils/ApiResponseCode.java
View File

@@ -1,74 +0,0 @@
package com.bio.bio_backend.global.utils;
import lombok.AllArgsConstructor;
import lombok.Getter;
import org.springframework.http.HttpStatus;
/*
* API 관련 RESPONSE ENUM
*/
@Getter
@AllArgsConstructor
public enum ApiResponseCode {
/*login & logout*/
// 200 OK
LOGIN_SUCCESSFUL(HttpStatus.OK.value(), "Login successful"),
LOGOUT_SUCCESSFUL(HttpStatus.OK.value(), "Logout successful"),
USER_INFO_CHANGE(HttpStatus.OK.value(), "User info update successful"),
USER_DELETE_SUCCESSFUL(HttpStatus.OK.value(), "User delete is successful"),
// 401 Unauthorized
USER_NOT_FOUND(HttpStatus.UNAUTHORIZED.value(), "User not found. Authentication failed"),
AUTHENTICATION_FAILED(HttpStatus.UNAUTHORIZED.value(), "Password is invalid"),
// 409 Conflict
USER_ID_DUPLICATE(HttpStatus.CONFLICT.value(), "User ID already exists"),
/*auth*/
// 401 Unauthorized
JWT_SIGNATURE_MISMATCH(HttpStatus.UNAUTHORIZED.value(), "JWT signature does not match. Authentication failed"),
JWT_TOKEN_NULL(HttpStatus.UNAUTHORIZED.value(), "JWT token is null"),
JWT_TOKEN_EXPIRED(HttpStatus.UNAUTHORIZED.value(), "Token is Expired"),
All_TOKEN_INVALID(HttpStatus.UNAUTHORIZED.value(), "Access and Refresh tokens are expired or invalid"),
/*공통 Code*/
// 400 Bad Request
COMMON_BAD_REQUEST(HttpStatus.BAD_REQUEST.value(), "Required request body is missing or Error"),
COMMON_FORMAT_WRONG(HttpStatus.BAD_REQUEST.value(), "Request format is incorrect"),
// 401 Unauthorized
COMMON_UNAUTHORIZED(HttpStatus.UNAUTHORIZED.value(), "Unauthorized"),
// 403 Forbidden
COMMON_FORBIDDEN(HttpStatus.FORBIDDEN.value(), "Access is denied"),
// 404 Not Found
COMMON_NOT_FOUND(HttpStatus.NOT_FOUND.value(), "Resource is not found"),
// 405 Method Not Allowed
COMMON_METHOD_NOT_ALLOWED(HttpStatus.METHOD_NOT_ALLOWED.value(), "Method not Allowed"),
// 500 Internal Server Error
INTERNAL_SERVER_ERROR(HttpStatus.INTERNAL_SERVER_ERROR.value(), "An error occurred on the server"),
ARGUMENT_NOT_VALID(HttpStatus.INTERNAL_SERVER_ERROR.value(), "Argument is not valid"),
INDEX_OUT_OF_BOUND(HttpStatus.INTERNAL_SERVER_ERROR.value(), "Index out of bounds for length"),
JSON_PROCESSING_EXCEPTION(HttpStatus.INTERNAL_SERVER_ERROR.value(), "Check if it is a valid JSON format");
private final int statusCode;
private final String description;
}

98
src/main/resources/application.properties
View File

@@ -1,56 +1,98 @@
# ========================================
# 기본 애플리케이션 설정
# ========================================
server.port=8080 server.port=8080
server.servlet.context-path=/service server.servlet.context-path=/service
spring.application.name=bio_backend spring.application.name=bio_backend
spring.output.ansi.enabled=always
# ========================================
# 개발 도구 설정
# ========================================
spring.devtools.livereload.enabled=true spring.devtools.livereload.enabled=true
#spring.devtools.restart.poll-interval=2000
# 추가로 감시할 경로 (자바 소스 폴더)
spring.devtools.restart.additional-paths=src/main/java spring.devtools.restart.additional-paths=src/main/java
# ========================================
# 데이터베이스 연결 정보 # 데이터베이스 설정
# URL 형식: jdbc:postgresql://[호스트명]:[포트번호]/[데이터베이스명] # ========================================
spring.datasource.url=jdbc:postgresql://stam.kr:15432/imas spring.datasource.url=jdbc:postgresql://stam.kr:15432/imas
spring.datasource.username=imas_user spring.datasource.username=imas_user
spring.datasource.password=stam1201 spring.datasource.password=stam1201
spring.datasource.driver-class-name=org.postgresql.Driver spring.datasource.driver-class-name=org.postgresql.Driver
# ========================================
# JPA/Hibernate 설정 # JPA/Hibernate 설정
# ddl-auto: 엔티티(Entity)에 맞춰 데이터베이스 스키마를 자동 생성/업데이트합니다. # ========================================
# - create: 애플리케이션 시작 시 기존 스키마를 삭제하고 새로 생성 (개발용)
# - create-drop: 시작 시 생성, 종료 시 삭제 (테스트용)
# - update: 엔티티 변경 시 스키마 업데이트 (개발용)
# - validate: 엔티티와 스키마 일치 여부만 검증 (운영용)
# - none: 아무 작업도 하지 않음
spring.jpa.hibernate.ddl-auto=none spring.jpa.hibernate.ddl-auto=none
spring.jpa.properties.javax.persistence.schema-generation.scripts.action=create spring.jpa.open-in-view=false
spring.jpa.properties.javax.persistence.schema-generation.scripts.create-target=ddl/schema.sql
spring.jpa.properties.hibernate.hbm2ddl.schema-generation.script.append=false
# Hibernate log
spring.jpa.show-sql=false spring.jpa.show-sql=false
spring.jpa.properties.hibernate.format_sql=true spring.jpa.properties.hibernate.format_sql=true
spring.jpa.properties.hibernate.highlight_sql=true spring.jpa.properties.hibernate.highlight_sql=true
spring.jpa.properties.hibernate.use_sql_comments=false spring.jpa.properties.hibernate.use_sql_comments=false
# 스키마 생성 설정
spring.jpa.properties.javax.persistence.schema-generation.scripts.action=create
spring.jpa.properties.javax.persistence.schema-generation.scripts.create-target=ddl/schema.sql
spring.jpa.properties.hibernate.hbm2ddl.schema-generation.script.append=false
# ========================================
# 로그 레벨 설정
# ========================================
# 전체 애플리케이션 기본 로그 레벨
logging.level.root=INFO
# 프로젝트 패키지 로그 레벨
logging.level.com.bio.bio_backend=DEBUG
# 세부 패키지별 로그 레벨
logging.level.com.bio.bio_backend..*.controller=INFO
logging.level.com.bio.bio_backend..*.service=DEBUG
logging.level.com.bio.bio_backend..*.repository=DEBUG
logging.level.com.bio.bio_backend.global.aop=DEBUG
logging.level.com.bio.bio_backend.global.filter=INFO
# JPA/Hibernate 로깅
logging.level.org.hibernate.SQL=DEBUG logging.level.org.hibernate.SQL=DEBUG
logging.level.org.hibernate.orm.jdbc.bind=TRACE logging.level.org.hibernate.orm.jdbc.bind=TRACE
logging.level.org.hibernate.type.descriptor.sql.BasicBinder=TRACE
logging.level.org.springframework.data.jpa=DEBUG logging.level.org.springframework.data.jpa=DEBUG
logging.level.org.springframework.orm.jpa=INFO
logging.level.org.springframework.transaction=DEBUG
# Open Session in View 설정 (권장: false) # Spring Framework 로깅
spring.jpa.open-in-view=false logging.level.org.springframework.web=WARN
logging.level.org.springframework.web.servlet.DispatcherServlet=WARN
logging.level.org.springframework.security=INFO
# P6Spy
# ========================================
# 로그 패턴 설정
# ========================================
logging.pattern.console=%d{yyyy-MM-dd HH:mm:ss} [%thread] %-5level %logger{36} - %msg%n
logging.pattern.file=%d{yyyy-MM-dd HH:mm:ss} [%thread] %-5level %logger{36} - %msg%n
# ========================================
# P6Spy 설정 (SQL 로깅)
# ========================================
decorator.datasource.p6spy.enable-logging=true decorator.datasource.p6spy.enable-logging=true
decorator.datasource.p6spy.log-format=%(sqlSingleLine) decorator.datasource.p6spy.log-format=%(sqlSingleLine)
# CONSOLE # ========================================
spring.output.ansi.enabled=always # JWT 설정
# ========================================
# HikariCP 연결 풀 크기 설정 (선택사항)
# spring.datasource.hikari.maximum-pool-size=10
##JWT 설정
## access : 30분 / refresh : 7일
token.expiration_time_access=180000 token.expiration_time_access=180000
token.expiration_time_refresh=604800000 token.expiration_time_refresh=604800000
token.secret_key= c3RhbV9qd3Rfc2VjcmV0X3Rva2Vuc3RhbV9qd3Rfc2VjcmV0X3Rva2Vu token.secret_key=c3RhbV9qd3Rfc2VjcmV0X3Rva2Vuc3RhbV9qd3Rfc2VjcmV0X3RhbV9qd3Rfc2VjcmV0X3Rva2Vu
# ========================================
# Swagger 설정
# ========================================
springdoc.api-docs.path=/api-docs
springdoc.swagger-ui.path=/swagger-ui.html
springdoc.swagger-ui.operationsSorter=method
springdoc.swagger-ui.tagsSorter=alpha
springdoc.swagger-ui.doc-expansion=none
springdoc.swagger-ui.disable-swagger-default-url=true
springdoc.default-produces-media-type=application/json
springdoc.default-consumes-media-type=application/json

92
src/main/resources/logback-spring.xml Normal file
View File

@@ -0,0 +1,92 @@
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<!-- 콘솔 출력 -->
<appender name="CONSOLE" class="ch.qos.logback.core.ConsoleAppender">
<encoder>
<pattern>%d{yyyy-MM-dd HH:mm:ss} [%thread] %-5level %logger{36} - %msg%n</pattern>
</encoder>
</appender>
<!-- 파일 출력 -->
<appender name="FILE" class="ch.qos.logback.core.rolling.RollingFileAppender">
<file>logs/bio-backend.log</file>
<rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
<!-- 일별 로그 파일 생성 -->
<fileNamePattern>logs/bio-backend-%d{yyyy-MM-dd}.%i.log</fileNamePattern>
<!-- 30일간 보관 -->
<maxHistory>30</maxHistory>
<!-- 파일 크기 제한 -->
<maxFileSize>10MB</maxFileSize>
<!-- 총 용량 제한 -->
<totalSizeCap>1GB</totalSizeCap>
</rollingPolicy>
<encoder>
<pattern>%d{yyyy-MM-dd HH:mm:ss} [%thread] %-5level %logger{36} - %msg%n</pattern>
</encoder>
</appender>
<!-- 에러 로그만 별도 파일로 분리 -->
<appender name="ERROR_FILE" class="ch.qos.logback.core.rolling.RollingFileAppender">
<file>logs/bio-backend-error.log</file>
<filter class="ch.qos.logback.classic.filter.LevelFilter">
<level>ERROR</level>
<onMatch>ACCEPT</onMatch>
<onMismatch>DENY</onMismatch>
</filter>
<rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
<fileNamePattern>logs/bio-backend-error-%d{yyyy-MM-dd}.%i.log</fileNamePattern>
<maxHistory>30</maxHistory>
<maxFileSize>10MB</maxFileSize>
<totalSizeCap>500MB</totalSizeCap>
</rollingPolicy>
<encoder>
<pattern>%d{yyyy-MM-dd HH:mm:ss} [%thread] %-5level %logger{36} - %msg%n</pattern>
</encoder>
</appender>
<!-- 루트 로거 설정 -->
<root level="INFO">
<appender-ref ref="CONSOLE" />
<appender-ref ref="FILE" />
<appender-ref ref="ERROR_FILE" />
</root>
<!-- 프로젝트 패키지 로그 레벨 설정 -->
<logger name="com.bio.bio_backend" level="INFO" additivity="false">
<appender-ref ref="CONSOLE" />
<appender-ref ref="FILE" />
</logger>
<!-- Spring Security 로그 레벨 -->
<logger name="org.springframework.security" level="INFO" additivity="false">
<appender-ref ref="CONSOLE" />
<appender-ref ref="FILE" />
</logger>
<!-- Spring Web 로그 레벨 -->
<logger name="org.springframework.web" level="WARN" additivity="false">
<appender-ref ref="CONSOLE" />
<appender-ref ref="FILE" />
</logger>
<!-- JPA/Hibernate 로그 레벨 -->
<logger name="org.hibernate.SQL" level="DEBUG" additivity="false">
<appender-ref ref="CONSOLE" />
<appender-ref ref="FILE" />
</logger>
<logger name="org.hibernate.orm.jdbc.bind" level="INFO" additivity="false">
<appender-ref ref="CONSOLE" />
<appender-ref ref="FILE" />
</logger>
<logger name="org.springframework.data.jpa" level="INFO" additivity="false">
<appender-ref ref="CONSOLE" />
<appender-ref ref="FILE" />
</logger>
<logger name="org.springframework.orm.jpa" level="INFO" additivity="false">
<appender-ref ref="CONSOLE" />
<appender-ref ref="FILE" />
</logger>
</configuration>