leejisun9/bio_backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: leejisun9:kmbin92_2025081302
Branches Tags
leejisun9:main leejisun9:kmbin92_2025081302 leejisun9:2025081301 leejisun9:kmbin92_2025081101
...
compare: leejisun9:eb2efbb0ea70bf3fdb26628ff77badcb29b47c00
Branches Tags
leejisun9:main leejisun9:kmbin92_2025081302 leejisun9:2025081301 leejisun9:kmbin92_2025081101

34 Commits
kmbin92_20 ... eb2efbb0ea

Author SHA1 Message Date
sohot8653
eb2efbb0ea Merge branch 'main' of https://demo.stam.kr/leejisun9/bio_backend 2025-08-26 13:31:25 +09:00
sohot8653
12aa3ae5a3 [파일 업로드 개선] FileUploadResponseDto 및 MultipleFileUploadResponseDto에 groupOid 필드 추가, FileServiceImpl에서 응답 DTO 생성 로직 수정 및 createUploadResponse 메서드 제거. FileUtils 클래스에 파일 업로드 메서드 추가 및 불필요한 메서드 제거로 코드 정리. 2025-08-26 13:31:03 +09:00
leejisun9
1bd499fe10 Merge branch 'main' of https://demo.stam.kr/leejisun9/bio_backend 2025-08-26 13:21:23 +09:00
leejisun9
71bcbbb396 JIB 설정 추가 , skaffold,k8s 배포 설정 삭제 2025-08-26 13:21:15 +09:00
sohot8653
f9472d1ccd [회원 정보 개선] MemberRepository에서 불필요한 import 문 제거하여 코드 정리. 2025-08-26 10:40:56 +09:00
sohot8653
56c8893f9e [회원 정보 개선] MemberRepositoryCustom에서 불필요한 import 문 제거 및 코드 정리. 2025-08-26 10:40:35 +09:00
sohot8653
690724c77c [파일 업로드 개선] 파일 업로드 처리 메서드에 groupOid 매개변수 추가 및 관련 로직 수정. MemberRepository와 MemberService에서 불필요한 메서드 제거 및 활성화된 회원 조회 로직 개선. 2025-08-26 10:39:46 +09:00
sohot8653
b5d6d213f3 [로그아웃 기능 구현현] 2025-08-26 10:17:07 +09:00
sohot8653
e7105215b8 [파일 업로드 기능 추가] 파일 업로드 및 다운로드 API 구현 2025-08-26 09:39:09 +09:00
sohot8653
d8fe8399f7 [회원 정보 개선] Member 엔티티 및 DTO에 login_ip 필드 추가, JWT 관련 필터에서 클라이언트 IP 처리 로직 개선. Refresh Token 생성 및 검증 시 IP 정보 포함하여 보안 강화. 2025-08-25 11:25:45 +09:00
sohot8653
8cee267f36 [회원 정보 개선] Member 엔티티의 테이블 이름을 AppConstants.TABLE_PREFIX를 사용하여 동적으로 설정하도록 수정하고, AppConstants 클래스를 추가하여 테이블 접두사를 정의 2025-08-25 09:45:49 +09:00
sohot8653
b1218ab9bb [보안 설정 업데이트] application.properties에서 허용된 경로에 Swagger UI 관련 경로 추가. 보안 설정을 개선하여 API 문서 접근성을 향상. 2025-08-22 16:56:52 +09:00
sohot8653
7ae5871ae0 [회원 조회 개선] MemberRepository와 MemberService에서 사용자 ID로 활성화된 회원을 조회하는 메서드 이름 변경 및 쿼리 조건 수정. 사용자 조회 로직을 개선하여 더 명확한 기능 제공. 2025-08-22 13:52:09 +09:00
sohot8653
1ce08cb981 [회원 정보 개선] refresh_token 필드 길이 증가 및 MemberMapper에 DTO 업데이트 메서드 추가. MemberService에서 사용자 조회 및 업데이트 로직 개선, JWT 필터에서 refresh_token 저장 로직 제거. 2025-08-22 12:56:25 +09:00
sohot8653
a4c14c69f0 [회원 정보 업데이트] Member 엔티티에 name 및 email 필드 추가, 관련 DTO 및 서비스 로직 수정. 사용자 역할에서 USER 제거 및 검증 어노테이션 추가. 2025-08-22 10:48:14 +09:00
sohot8653
9e7929da6b [회원 조회 개선] loadUserByUsername 메서드에서 사용자 조회 실패 시 발생하는 예외 메시지를 한국어로 변경 2025-08-22 10:17:12 +09:00
sohot8653
f9cd84f740 Add .gitkeep file to logs directory to ensure it is tracked in version control. 2025-08-22 09:57:23 +09:00
sohot8653
224006b6cb Initialize log and temp directories with .gitkeep files to ensure they are tracked in version control. 2025-08-22 09:51:46 +09:00
sohot8653
dbac9f4702 [예외 처리 개선] GlobalExceptionHandler에서 검증 오류 상세 정보를 위한 내부 클래스 추가 및 불필요한 주석 제거. application.properties에 운영 환경 변수 설정 및 배치 처리 설정 추가. 2025-08-22 09:09:21 +09:00
sohot8653
2a1f211159 [README.md 업데이트] 모든 엔티티가 BaseEntity를 상속하도록 문구 수정 2025-08-22 08:41:34 +09:00
sohot8653
7430f1606f [README.md 업데이트] 모든 엔티티가 BaseEntity를 상속하도록 규정하고, 자동 생성 필드 및 사용 예시를 추가하여 문서화 개선 2025-08-22 01:10:25 +09:00
sohot8653
1153f164fc [코드 개선] Lombok의 @Getter 및 @Setter 어노테이션을 추가 2025-08-22 01:05:51 +09:00
sohot8653
1850227d24 [보안 설정 개선] JwtTokenIssuanceFilter 및 JwtTokenValidationFilter 추가로 JWT 인증 로직을 강화하고, SecurityPathConfig를 통해 허용 경로 설정을 외부화하여 보안 유연성 향상. JwtAccessDeniedHandler 및 JwtAuthenticationEntryPoint 삭제로 코드 정리. 2025-08-22 00:58:15 +09:00
sohot8653
09e06cd10b [JWT 필터 개선] JwtTokenValidationFilter에서 JWT 검증 로직을 개선하여 Access Token 유효성 검사 후 자동으로 Refresh Token을 갱신하는 기능 추가. WebSecurity에서 필터 설명을 업데이트하고, 허용 경로 설정을 정리하여 보안 설정을 강화. 2025-08-21 17:06:14 +09:00
sohot8653
6d1b89609b [예외 처리 개선] GlobalExceptionHandler에 일반 예외 처리 메서드 추가 및 로그 기능 통합. CustomAuthenticationFailureHandler에서 불필요한 줄 제거. JwtTokenValidationFilter에서 JWT 검증 오류 시 로그 기록 추가. 2025-08-21 16:29:27 +09:00
sohot8653
baaa003d9a [README.md 업데이트] ApiResponseDto 및 ApiResponseCode의 메시지를 한국어로 번역하고, 중복 사용자 ID 오류 코드 추가로 응답 메시지 개선 2025-08-21 15:45:00 +09:00
sohot8653
d9d3be86a9 [README.md 업데이트] 기본 도메인 구조 및 공통 설정 항목 추가, MapStruct 매퍼 사용 예시 포함으로 문서화 개선 2025-08-21 15:40:33 +09:00
sohot8653
1b46b95ad5 [JWT 인증 시스템 추가] README.md에 JWT 인증 시스템에 대한 설명 추가 및 Access Token과 Refresh Token의 구성 및 자동 갱신 로직 설명. application.properties에서 Access Token의 만료 시간을 수정하여 15분으로 설정. 2025-08-20 16:35:35 +09:00
sohot8653
8aa96d5fbd [JWT 기능 개선] Refresh Token 생성 및 갱신 로직을 모듈화하여 JwtUtils 클래스에 메서드 추가. JwtTokenIssuanceFilter와 JwtTokenValidationFilter에서 새로운 메서드 사용으로 코드 간결화 및 유지보수성 향상. 2025-08-20 16:30:46 +09:00
sohot8653
0dc32f2b39 [회원 관리 기능 추가] 회원 등록 및 로그인 API 구현, JWT 토큰 발급 및 검증 필터 추가. Member 관련 DTO, Entity, Mapper, Repository, Service 구현으로 회원 관리 기능을 강화하고, Swagger 설정을 통해 API 문서화 개선. 2025-08-20 16:22:11 +09:00
sohot8653
bfb87b8e33 [회원 관리 기능 추가] MemberController에 로그아웃 API 추가 및 ApiResponseDto의 fail 메서드 오버로딩으로 응답 처리 개선. CustomAuthenticationFailureHandler, GlobalExceptionHandler, JwtAccessDeniedHandler에서 null 데이터 제거로 응답 일관성 향상. 2025-08-20 10:18:54 +09:00
leejisun9
33b33ef7a3 Merge branch 'main' of https://demo.stam.kr/leejisun9/bio_backend 2025-08-19 08:56:06 +09:00
leejisun9
331d242ac3 erd 문가 추가, nginx 에러 로그 추가 2025-08-19 08:54:31 +09:00
sohot8653
eff011f9fd Merge pull request 'kmbin92_2025081302' (#3) from kmbin92_2025081302 into main 
Reviewed-on: https://demo.stam.kr/leejisun9/bio_backend/pulls/3
 2025-08-15 00:54:14 +09:00
61 changed files with 1646 additions and 871 deletions
Expand all files Collapse all files

4
.erd
View File

@@ -4,8 +4,8 @@
"settings": { "settings": {
"width": 2800, "width": 2800,
"height": 2800, "height": 2800,
"scrollTop": -1200, "scrollTop": -202,
"scrollLeft": -1098.5144, "scrollLeft": -1026.5803,
"zoomLevel": 0.82, "zoomLevel": 0.82,
"show": 431, "show": 431,
"database": 16, "database": 16,

3
.gitignore vendored
View File

@@ -44,3 +44,6 @@ bin/
.DS_Store .DS_Store
Thumbs.db Thumbs.db
/nginx-1.28.0/logs/nginx.pid /nginx-1.28.0/logs/nginx.pid
# Upload files
uploads/

123
README.md
View File

@@ -17,21 +17,28 @@
``` ```
src/main/java/com/bio/bio_backend/ src/main/java/com/bio/bio_backend/
├── domain/ # 도메인별 패키지 ├── domain/ # 도메인별 패키지
│ └── user/ │ └── base/ # 기본 도메인
│ └── member/ # 회원 도메인 │ └── member/ # 회원 도메인
│ ├── controller/ # API 엔드포인트 │ ├── controller/ # API 엔드포인트
│ ├── service/ # 비즈니스 로직 │ ├── service/ # 비즈니스 로직
│ ├── repository/ # 데이터 접근 │ ├── repository/ # 데이터 접근
│ ├── entity/ # JPA 엔티티 │ ├── entity/ # JPA 엔티티
── dto/ # 데이터 전송 객체 ── dto/ # 데이터 전송 객체
│ ├── mapper/ # MapStruct 매퍼
│ └── enums/ # 도메인 열거형
├── global/ # 공통 설정 ├── global/ # 공통 설정
│ ├── config/ # 설정 클래스 │ ├── config/ # 설정 클래스
│ ├── security/ # 보안 설정 │ ├── security/ # 보안 설정
│ ├── exception/ # 예외 처리 │ ├── exception/ # 예외 처리
│ ├── aop/ # AOP 로깅 │ ├── aop/ # AOP 로깅
│ ├── filter/ # HTTP 로깅 필터 │ ├── filter/ # HTTP 로깅 필터
── utils/ # 유틸리티 ── utils/ # 유틸리티
└── BioBackendApplication.java │ ├── constants/ # 상수 정의
│ ├── dto/ # 공통 DTO
│ ├── entity/ # 공통 엔티티
│ └── annotation/ # 커스텀 어노테이션
├── BioBackendApplication.java
└── ServletInitializer.java
``` ```
### 2. API 응답 표준화 (ApiResponseDto) ### 2. API 응답 표준화 (ApiResponseDto)
@@ -72,8 +79,7 @@ public class ApiResponseDto<T> {
{ {
"code": 409, "code": 409,
"message": "USER_ID_DUPLICATE", "message": "USER_ID_DUPLICATE",
"description": "User ID already exists", "description": "User ID already exists"
"data": null
} }
``` ```
@@ -100,17 +106,24 @@ public ResponseEntity<ApiResponseDto<CreateMemberResponseDto>> createMember(@Req
// ApiResponseCode.java // ApiResponseCode.java
public enum ApiResponseCode { public enum ApiResponseCode {
// 공용 성공 코드 // 공용 성공 코드
COMMON_SUCCESS_CREATED(HttpStatus.CREATED.value(), "Created successfully"), COMMON_SUCCESS(HttpStatus.OK.value(), "요청 성공"),
COMMON_SUCCESS_UPDATED(HttpStatus.OK.value(), "Updated successfully"), COMMON_SUCCESS_CREATED(HttpStatus.CREATED.value(), "성공적으로 생성되었습니다"),
COMMON_SUCCESS_DELETED(HttpStatus.OK.value(), "Deleted successfully"), COMMON_SUCCESS_UPDATED(HttpStatus.OK.value(), "성공적으로 수정되었습니다"),
COMMON_SUCCESS_RETRIEVED(HttpStatus.OK.value(), "Retrieved successfully"), COMMON_SUCCESS_DELETED(HttpStatus.OK.value(), "성공적으로 삭제되었습니다"),
COMMON_SUCCESS_RETRIEVED(HttpStatus.OK.value(), "성공적으로 조회되었습니다"),
// 공용 오류 코드 // 공용 오류 코드
COMMON_BAD_REQUEST(HttpStatus.BAD_REQUEST.value(), "Required request body is missing or Error"), COMMON_BAD_REQUEST(HttpStatus.BAD_REQUEST.value(), "필수 요청 본문이 누락되었거나 오류가 발생했습니다"),
COMMON_UNAUTHORIZED(HttpStatus.UNAUTHORIZED.value(), "Unauthorized"), COMMON_UNAUTHORIZED(HttpStatus.UNAUTHORIZED.value(), "인증에 실패했습니다"),
COMMON_FORBIDDEN(HttpStatus.FORBIDDEN.value(), "Access is denied"), COMMON_FORBIDDEN(HttpStatus.FORBIDDEN.value(), "접근이 거부되었습니다"),
COMMON_NOT_FOUND(HttpStatus.NOT_FOUND.value(), "Resource is not found"), COMMON_NOT_FOUND(HttpStatus.NOT_FOUND.value(), "리소스를 찾을 수 없습니다"),
COMMON_INTERNAL_SERVER_ERROR(HttpStatus.INTERNAL_SERVER_ERROR.value(), "An error occurred on the server") COMMON_CONFLICT(HttpStatus.CONFLICT.value(), "충돌이 발생했습니다"),
COMMON_INTERNAL_SERVER_ERROR(HttpStatus.INTERNAL_SERVER_ERROR.value(), "서버에서 오류가 발생했습니다"),
// 사용자 관련 코드
USER_ID_DUPLICATE(HttpStatus.CONFLICT.value(), "이미 존재하는 사용자 ID입니다"),
USER_NOT_FOUND(HttpStatus.UNAUTHORIZED.value(), "사용자를 찾을 수 없습니다. 인증에 실패했습니다"),
USER_PASSWORD_INVALID(HttpStatus.UNAUTHORIZED.value(), "비밀번호가 올바르지 않습니다")
} }
``` ```
@@ -121,7 +134,29 @@ public enum ApiResponseCode {
- **일관된 구조**: `code`, `message`, `description`, `data` 필드로 표준화 - **일관된 구조**: `code`, `message`, `description`, `data` 필드로 표준화
- **제네릭 활용**: `<T>`를 통해 다양한 데이터 타입 지원 - **제네릭 활용**: `<T>`를 통해 다양한 데이터 타입 지원
### 3. API 문서화 (Swagger) ### 3. JWT 인증 시스템
#### 토큰 구성
- **Access Token**: 15분 (900,000ms) - API 요청 시 사용
- **Refresh Token**: 7일 (604,800,000ms) - 쿠키에 저장, 자동 갱신
#### 자동 토큰 갱신
**모든 API 요청마다 자동으로 처리됩니다:**
1. **Access Token 유효**: 정상 요청 처리
2. **Access Token 만료**: Refresh Token으로 자동 갱신
3. **새 Access Token 발급**: 응답 헤더에 자동 설정
4. **Refresh Token 갱신**: 보안을 위해 매번 새로운 토큰 발급
#### 주요 컴포넌트
- **`JwtTokenIssuanceFilter`**: 로그인 시 토큰 발급
- **`JwtTokenValidationFilter`**: 요청마다 토큰 검증 및 갱신
- **`JwtUtils`**: 토큰 생성, 검증, 갱신 유틸리티
### 4. API 문서화 (Swagger)
#### Swagger UI 접속 #### Swagger UI 접속
@@ -147,7 +182,7 @@ public enum ApiResponseCode {
- **SwaggerConfig.java**: OpenAPI 기본 정보 설정 - **SwaggerConfig.java**: OpenAPI 기본 정보 설정
- **application.properties**: Swagger UI 커스터마이징 - **application.properties**: Swagger UI 커스터마이징
### 4. 트랜잭션 관리 ### 5. 트랜잭션 관리
#### 기본 설정 #### 기본 설정
@@ -171,7 +206,7 @@ public class MemberServiceImpl {
- **메서드별**: 데이터 수정 시에만 `@Transactional` 개별 적용 - **메서드별**: 데이터 수정 시에만 `@Transactional` 개별 적용
- **설정**: `spring.jpa.open-in-view=false` (성능 최적화) - **설정**: `spring.jpa.open-in-view=false` (성능 최적화)
### 5. 오류 등록 및 사용 ### 6. 오류 등록 및 사용
#### 오류 코드 등록 #### 오류 코드 등록
@@ -198,7 +233,7 @@ throw new ApiException(ApiResponseCode.USER_ID_DUPLICATE);
- **예외 클래스**: `ApiException`으로 비즈니스 로직 예외 처리 - **예외 클래스**: `ApiException`으로 비즈니스 로직 예외 처리
- **자동 처리**: `GlobalExceptionHandler`가 일관된 응답 형태로 변환 - **자동 처리**: `GlobalExceptionHandler`가 일관된 응답 형태로 변환
### 6. 로깅 시스템 ### 7. 로깅 시스템
#### @LogExecution 어노테이션 사용법 #### @LogExecution 어노테이션 사용법
@@ -217,16 +252,19 @@ public ResponseEntity<ApiResponseDto<CreateMemberResponseDto>> createMember(@Req
##### 로그 출력 예시 ##### 로그 출력 예시
**메서드 시작 시:** **메서드 시작 시:**
``` ```
[START] 회원 등록 | 호출경로: MemberController.createMember | 사용자: 고명빈(kmbin92) [START] 회원 등록 | 호출경로: MemberController.createMember | 사용자: 고명빈(kmbin92)
``` ```
**메서드 성공 시:** **메서드 성공 시:**
``` ```
[SUCCESS] 회원 등록 | 호출경로: MemberController.createMember | 사용자: 고명빈(kmbin92) | 시간: 200ms [SUCCESS] 회원 등록 | 호출경로: MemberController.createMember | 사용자: 고명빈(kmbin92) | 시간: 200ms
``` ```
**메서드 실패 시:** **메서드 실패 시:**
``` ```
[FAILED] 회원 등록 | 호출경로: MemberController.createMember | 사용자: 고명빈(kmbin92) | 시간: 23ms | 오류: 이미 존재하는 사용자 ID입니다 [FAILED] 회원 등록 | 호출경로: MemberController.createMember | 사용자: 고명빈(kmbin92) | 시간: 23ms | 오류: 이미 존재하는 사용자 ID입니다
``` ```
@@ -248,3 +286,50 @@ public OrderDto processOrder() { }
3. **logback-spring.xml**: 로그 파일 관리 및 설정 3. **logback-spring.xml**: 로그 파일 관리 및 설정
**중요**: `@LogExecution` 어노테이션이 없으면 메서드 실행 로그가 출력되지 않습니다 **중요**: `@LogExecution` 어노테이션이 없으면 메서드 실행 로그가 출력되지 않습니다
### 8. MapStruct
**매퍼 인터페이스**
```java
@Mapper(componentModel = "spring")
public interface MemberMapper {
MemberDto toDto(Member member);
Member toEntity(MemberDto dto);
}
```
**사용 예시**
```java
// Entity → DTO
MemberDto dto = memberMapper.toDto(member);
// DTO → Entity
Member entity = memberMapper.toEntity(dto);
```
**자동 생성**: 컴파일 시 `MemberMapperImpl` 구현체 생성
### 9. BaseEntity 상속
**모든 엔티티는 `BaseEntity` 상속을 원칙으로 합니다.**
#### 자동 생성 필드
- **OID**: `@PrePersist`에서 자동 생성 (고유 식별자)
- **생성일시**: `@CreatedDate`로 자동 설정
- **수정일시**: `@LastModifiedDate`로 자동 갱신
- **생성자/수정자 OID**: 사용자 추적용
#### 사용 예시
```java
@Entity
@Table(name = "st_members")
public class Member extends BaseEntity {
// OID, 생성일시, 수정일시 등이 자동으로 관리됨
private String userId;
private String name;
}
```

38
build.gradle
View File

@@ -2,6 +2,7 @@ plugins {
id 'java' id 'java'
id 'org.springframework.boot' version '3.5.4' id 'org.springframework.boot' version '3.5.4'
id 'io.spring.dependency-management' version '1.1.7' id 'io.spring.dependency-management' version '1.1.7'
id 'com.google.cloud.tools.jib' version '3.4.0' // Jib 플러그인 추가
} }
group = 'com.bio' group = 'com.bio'
@@ -26,6 +27,7 @@ repositories {
dependencies { dependencies {
developmentOnly 'org.springframework.boot:spring-boot-devtools' developmentOnly 'org.springframework.boot:spring-boot-devtools'
implementation 'org.springframework.boot:spring-boot-starter-data-jpa' implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
// PostgreSQL JDBC // PostgreSQL JDBC
runtimeOnly 'org.postgresql:postgresql' runtimeOnly 'org.postgresql:postgresql'
implementation 'org.springframework.boot:spring-boot-starter-web' implementation 'org.springframework.boot:spring-boot-starter-web'
@@ -45,6 +47,8 @@ dependencies {
// jwt // jwt
implementation 'io.jsonwebtoken:jjwt-api:0.12.5' implementation 'io.jsonwebtoken:jjwt-api:0.12.5'
runtimeOnly 'io.jsonwebtoken:jjwt-impl:0.12.5'
runtimeOnly 'io.jsonwebtoken:jjwt-jackson:0.12.5'
// lombok // lombok
compileOnly 'org.projectlombok:lombok' compileOnly 'org.projectlombok:lombok'
@@ -77,4 +81,38 @@ clean {
} }
tasks.withType(JavaCompile).configureEach { tasks.withType(JavaCompile).configureEach {
options.generatedSourceOutputDirectory = file(generatedSrcDir) options.generatedSourceOutputDirectory = file(generatedSrcDir)
}
jib {
from {
image = 'demo.stam.kr/leejisun9/eclipse-temurin:17-jre' // 가벼운 JRE 베이스
// (선택) 인증서 추가/회사 CA 필요 시 extraDirectories 사용
}
to {
image = 'demo.stam.kr/leejisun9/bio-backend'; tags = ['1.0.0'] // 기본 대상 레지스트리
// tags는 skaffold가 자동 주입. 로컬 단독 빌드시 -Djib.to.tags=로 지정 가능
}
container {
// Spring Boot 컨테이너 런타임 옵션
ports = ['8080']
jvmFlags = [
'-XX:+UseContainerSupport',
'-Dserver.port=8080',
'-XX:InitialRAMPercentage=50.0',
'-XX:MaxRAMPercentage=75.0'
]
environment = [ 'SPRING_PROFILES_ACTIVE': 'dev' ]
// (선택) non-root 권장 (권한 필요한 리소스 없는 경우)
// user = '65532:65532'
// workingDirectory = '/app'
}
// (선택) 계층 최적화/추가 파일
// extraDirectories {
// paths {
// path {
// from = file('docker/extra') // 예: CA cert, 설정 템플릿
// into = '/opt/extra'
// }
// }
// }
} }

28
ddl/schema.sql
View File

@@ -1,4 +1,23 @@
create table st_file (
use_flag boolean not null,
created_at timestamp(6) not null,
created_oid bigint,
file_size bigint not null,
group_oid bigint,
oid bigint not null,
updated_at timestamp(6) not null,
updated_oid bigint,
content_type varchar(255) not null,
created_id varchar(255),
description varchar(255),
file_path varchar(255) not null,
original_file_name varchar(255) not null,
stored_file_name varchar(255) not null,
updated_id varchar(255),
primary key (oid)
);
create table st_member ( create table st_member (
use_flag boolean not null, use_flag boolean not null,
created_at timestamp(6) not null, created_at timestamp(6) not null,
@@ -7,10 +26,15 @@
oid bigint not null, oid bigint not null,
updated_at timestamp(6) not null, updated_at timestamp(6) not null,
updated_oid bigint, updated_oid bigint,
role varchar(40) not null check (role in ('MEMBER','ADMIN','USER','SYSTEM_ADMIN')), role varchar(40) not null check (role in ('MEMBER','ADMIN','SYSTEM_ADMIN')),
login_ip varchar(45),
name varchar(100) not null,
password varchar(100) not null, password varchar(100) not null,
user_id varchar(100) not null, user_id varchar(100) not null,
refresh_token varchar(200), refresh_token varchar(1024),
created_id varchar(255),
email varchar(255) not null,
updated_id varchar(255),
primary key (oid) primary key (oid)
); );

21
k8s/deployment.yaml
View File

@@ -1,21 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: bio-backend-deployment
labels:
app: bio-backend
spec:
replicas: 1
selector:
matchLabels:
app: bio-backend
template:
metadata:
labels:
app: bio-backend
spec:
containers:
- name: bio-backend
image: backend-0.0.1:latest # 여기에 Skaffold가 빌드할 이미지 이름을 사용합니다.
ports:
- containerPort: 8081

1
nginx-1.28.0/conf/nginx.conf
View File

@@ -4,6 +4,7 @@ events {
} }
http { http {
include mime.types; include mime.types;
default_type application/octet-stream; default_type application/octet-stream;
sendfile on; sendfile on;

0
nginx-1.28.0/logs/.gitkeep Normal file
View File

0
nginx-1.28.0/temp/.gitkeep Normal file
View File

12
skaffold.yaml
View File

@@ -1,12 +0,0 @@
apiVersion: skaffold/v4beta13
kind: Config
metadata:
name: bio-backend
build:
artifacts:
- image: backend-0.0.1
docker:
dockerfile: Dockerfile
manifests:
rawYaml:
- k8s/deployment.yaml

2
src/main/java/com/bio/bio_backend/BioBackendApplication.java
View File

@@ -2,10 +2,12 @@ package com.bio.bio_backend;
import org.springframework.boot.SpringApplication; import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.data.jpa.repository.config.EnableJpaAuditing; import org.springframework.data.jpa.repository.config.EnableJpaAuditing;
@SpringBootApplication @SpringBootApplication
@EnableJpaAuditing @EnableJpaAuditing
@EnableConfigurationProperties
public class BioBackendApplication { public class BioBackendApplication {
public static void main(String[] args) { public static void main(String[] args) {

101
src/main/java/com/bio/bio_backend/domain/base/file/controller/FileController.java Normal file
View File

@@ -0,0 +1,101 @@
package com.bio.bio_backend.domain.base.file.controller;
import com.bio.bio_backend.domain.base.file.dto.FileUploadRequestDto;
import com.bio.bio_backend.domain.base.file.dto.FileUploadResponseDto;
import com.bio.bio_backend.domain.base.file.dto.MultipleFileUploadRequestDto;
import com.bio.bio_backend.domain.base.file.dto.MultipleFileUploadResponseDto;
import com.bio.bio_backend.domain.base.file.service.FileService;
import com.bio.bio_backend.global.dto.ApiResponseDto;
import com.bio.bio_backend.global.constants.ApiResponseCode;
import com.bio.bio_backend.global.annotation.LogExecution;
import com.bio.bio_backend.global.utils.FileUtils;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.tags.Tag;
import io.swagger.v3.oas.annotations.responses.ApiResponse;
import io.swagger.v3.oas.annotations.responses.ApiResponses;
import io.swagger.v3.oas.annotations.media.Content;
import io.swagger.v3.oas.annotations.media.Schema;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.core.io.ByteArrayResource;
import org.springframework.http.HttpHeaders;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.*;
import com.bio.bio_backend.domain.base.file.entity.File;
@Tag(name = "File", description = "파일 업로드/다운로드 API")
@RestController
@RequestMapping("/files")
@RequiredArgsConstructor
@Slf4j
public class FileController {
private final FileService fileService;
@LogExecution("파일 업로드")
@Operation(summary = "파일 업로드", description = "단일 파일을 업로드합니다.")
@ApiResponses({
@ApiResponse(responseCode = "200", description = "파일 업로드 성공"),
@ApiResponse(responseCode = "400", description = "잘못된 요청 데이터", content = @Content(schema = @Schema(implementation = ApiResponseDto.class))),
@ApiResponse(responseCode = "500", description = "파일 업로드 실패", content = @Content(schema = @Schema(implementation = ApiResponseDto.class)))
})
@PostMapping("/upload")
public ResponseEntity<ApiResponseDto<FileUploadResponseDto>> uploadFile(
@ModelAttribute FileUploadRequestDto requestDto) {
FileUploadResponseDto responseDto = fileService.uploadFile(requestDto);
return ResponseEntity.ok(ApiResponseDto.success(ApiResponseCode.FILE_UPLOAD_SUCCESS, responseDto));
}
@LogExecution("다중 파일 업로드")
@Operation(summary = "다중 파일 업로드", description = "여러 파일을 동시에 업로드합니다.")
@ApiResponses({
@ApiResponse(responseCode = "200", description = "다중 파일 업로드 성공"),
@ApiResponse(responseCode = "400", description = "잘못된 요청 데이터", content = @Content(schema = @Schema(implementation = ApiResponseDto.class))),
@ApiResponse(responseCode = "500", description = "다중 파일 업로드 실패", content = @Content(schema = @Schema(implementation = ApiResponseDto.class)))
})
@PostMapping("/upload-multiple")
public ResponseEntity<ApiResponseDto<MultipleFileUploadResponseDto>> uploadMultipleFiles(
@ModelAttribute MultipleFileUploadRequestDto requestDto) {
MultipleFileUploadResponseDto responseDto = fileService.uploadMultipleFiles(requestDto);
return ResponseEntity.ok(ApiResponseDto.success(ApiResponseCode.FILE_UPLOAD_SUCCESS, responseDto));
}
@LogExecution("파일 다운로드")
@Operation(summary = "파일 다운로드", description = "파일 ID로 파일을 다운로드합니다.")
@ApiResponses({
@ApiResponse(responseCode = "200", description = "파일 다운로드 성공"),
@ApiResponse(responseCode = "404", description = "파일을 찾을 수 없음", content = @Content(schema = @Schema(implementation = ApiResponseDto.class))),
@ApiResponse(responseCode = "500", description = "파일 다운로드 실패", content = @Content(schema = @Schema(implementation = ApiResponseDto.class)))
})
@GetMapping("/download/{oid}")
public ResponseEntity<ByteArrayResource> downloadFile(@PathVariable Long oid) {
// 파일 정보 먼저 조회
File file = fileService.getFileByOid(oid);
byte[] fileData = fileService.downloadFile(oid);
ByteArrayResource resource = new ByteArrayResource(fileData);
return ResponseEntity.ok()
.header(HttpHeaders.CONTENT_DISPOSITION,
"attachment; filename=\"" + file.getOriginalFileName() + "\"")
.header(HttpHeaders.CONTENT_TYPE, file.getContentType())
.body(resource);
}
@LogExecution("파일 논리적 삭제")
@Operation(summary = "파일 논리적 삭제", description = "파일 ID로 파일을 논리적으로 삭제합니다. (use_flag를 false로 변경)")
@ApiResponses({
@ApiResponse(responseCode = "200", description = "파일 논리적 삭제 성공"),
@ApiResponse(responseCode = "404", description = "파일을 찾을 수 없음", content = @Content(schema = @Schema(implementation = ApiResponseDto.class))),
@ApiResponse(responseCode = "500", description = "파일 논리적 삭제 실패", content = @Content(schema = @Schema(implementation = ApiResponseDto.class)))
})
@DeleteMapping("/{oid}")
public ResponseEntity<ApiResponseDto<Void>> deleteFile(@PathVariable Long oid) {
fileService.deleteFile(oid);
return ResponseEntity.ok(ApiResponseDto.success(ApiResponseCode.FILE_DELETE_SUCCESS));
}
}

16
src/main/java/com/bio/bio_backend/domain/base/file/dto/FileUploadDto.java Normal file
View File

@@ -0,0 +1,16 @@
package com.bio.bio_backend.domain.base.file.dto;
import lombok.Builder;
import lombok.Data;
import java.util.List;
@Data
@Builder
public class FileUploadDto {
private Long groupOid;
private List<FileUploadResponseDto> files; // 파일 정보들
private int totalCount;
private int successCount;
private int failureCount;
private List<String> errorMessages;
}

11
src/main/java/com/bio/bio_backend/domain/base/file/dto/FileUploadRequestDto.java Normal file
View File

@@ -0,0 +1,11 @@
package com.bio.bio_backend.domain.base.file.dto;
import lombok.Data;
import org.springframework.web.multipart.MultipartFile;
@Data
public class FileUploadRequestDto {
private MultipartFile file;
private String description;
private Long groupOid;
}

15
src/main/java/com/bio/bio_backend/domain/base/file/dto/FileUploadResponseDto.java Normal file
View File

@@ -0,0 +1,15 @@
package com.bio.bio_backend.domain.base.file.dto;
import com.fasterxml.jackson.annotation.JsonInclude;
import lombok.Builder;
import lombok.Data;
@Data
@Builder
@JsonInclude(JsonInclude.Include.NON_NULL)
public class FileUploadResponseDto {
private Long oid;
private Long groupOid;
private String originalFileName;
private String downloadUrl;
}

13
src/main/java/com/bio/bio_backend/domain/base/file/dto/MultipleFileUploadRequestDto.java Normal file
View File

@@ -0,0 +1,13 @@
package com.bio.bio_backend.domain.base.file.dto;
import lombok.Builder;
import lombok.Data;
import org.springframework.web.multipart.MultipartFile;
import java.util.List;
@Data
@Builder
public class MultipleFileUploadRequestDto {
private List<MultipartFile> files;
private String description;
}

16
src/main/java/com/bio/bio_backend/domain/base/file/dto/MultipleFileUploadResponseDto.java Normal file
View File

@@ -0,0 +1,16 @@
package com.bio.bio_backend.domain.base.file.dto;
import lombok.Builder;
import lombok.Data;
import java.util.List;
@Data
@Builder
public class MultipleFileUploadResponseDto {
private List<FileUploadResponseDto> files;
private Long groupOid;
private int totalCount;
private int successCount;
private int failureCount;
private List<String> errorMessages;
}

41
src/main/java/com/bio/bio_backend/domain/base/file/entity/File.java Normal file
View File

@@ -0,0 +1,41 @@
package com.bio.bio_backend.domain.base.file.entity;
import com.bio.bio_backend.global.constants.AppConstants;
import com.bio.bio_backend.global.entity.BaseEntity;
import jakarta.persistence.*;
import lombok.*;
@Entity
@Table(name = AppConstants.TABLE_PREFIX + "file")
@Getter
@Setter
@NoArgsConstructor
@AllArgsConstructor
@Builder
public class File extends BaseEntity {
@Column(nullable = false)
private String originalFileName;
@Column(nullable = false)
private String storedFileName;
@Column(nullable = false)
private String filePath;
@Column(nullable = false)
private Long fileSize;
@Column(nullable = false)
private String contentType;
@Column
private String description;
@Column
private Long groupOid;
@Column(nullable = false)
@Builder.Default
private Boolean useFlag = true;
}

20
src/main/java/com/bio/bio_backend/domain/base/file/repository/FileRepository.java Normal file
View File

@@ -0,0 +1,20 @@
package com.bio.bio_backend.domain.base.file.repository;
import com.bio.bio_backend.domain.base.file.entity.File;
import org.springframework.data.jpa.repository.JpaRepository;
import org.springframework.data.jpa.repository.Query;
import org.springframework.stereotype.Repository;
import java.util.List;
import java.util.Optional;
@Repository
public interface FileRepository extends JpaRepository<File, Long> {
// use_flag가 true인 파일만 조회
Optional<File> findByOidAndUseFlagTrue(Long id);
// use_flag가 true인 파일만 조회 (List 형태로 필요시 사용)
@Query("SELECT f FROM File f WHERE f.useFlag = true")
List<File> findAllActiveFiles();
}

15
src/main/java/com/bio/bio_backend/domain/base/file/service/FileService.java Normal file
View File

@@ -0,0 +1,15 @@
package com.bio.bio_backend.domain.base.file.service;
import com.bio.bio_backend.domain.base.file.dto.FileUploadRequestDto;
import com.bio.bio_backend.domain.base.file.dto.FileUploadResponseDto;
import com.bio.bio_backend.domain.base.file.dto.MultipleFileUploadRequestDto;
import com.bio.bio_backend.domain.base.file.dto.MultipleFileUploadResponseDto;
import com.bio.bio_backend.domain.base.file.entity.File;
public interface FileService {
FileUploadResponseDto uploadFile(FileUploadRequestDto requestDto);
MultipleFileUploadResponseDto uploadMultipleFiles(MultipleFileUploadRequestDto requestDto);
File getFileByOid(Long oid);
byte[] downloadFile(Long oid);
void deleteFile(Long oid); // 논리적 삭제 (use_flag를 false로 변경)
}

212
src/main/java/com/bio/bio_backend/domain/base/file/service/FileServiceImpl.java Normal file
View File

@@ -0,0 +1,212 @@
package com.bio.bio_backend.domain.base.file.service;
import com.bio.bio_backend.domain.base.file.dto.FileUploadRequestDto;
import com.bio.bio_backend.domain.base.file.dto.FileUploadResponseDto;
import com.bio.bio_backend.domain.base.file.dto.MultipleFileUploadRequestDto;
import com.bio.bio_backend.domain.base.file.dto.MultipleFileUploadResponseDto;
import com.bio.bio_backend.domain.base.file.entity.File;
import com.bio.bio_backend.domain.base.file.repository.FileRepository;
import com.bio.bio_backend.global.exception.ApiException;
import com.bio.bio_backend.global.constants.ApiResponseCode;
import com.bio.bio_backend.global.utils.FileUtils;
import com.bio.bio_backend.global.utils.OidUtils;
import com.bio.bio_backend.global.utils.SecurityUtils;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.multipart.MultipartFile;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.util.ArrayList;
import java.util.List;
import static com.bio.bio_backend.global.utils.OidUtils.generateOid;
@Service
@RequiredArgsConstructor
@Slf4j
@Transactional(readOnly = true)
public class FileServiceImpl implements FileService {
private final FileRepository fileRepository;
@Value("${app.file.upload.path}")
private String uploadPath;
@Value("${server.servlet.context-path}")
private String contextPath;
@Override
@Transactional
public FileUploadResponseDto uploadFile(FileUploadRequestDto requestDto) {
MultipartFile multipartFile = requestDto.getFile();
try {
// 파일 유효성 검사
FileUtils.validateFile(multipartFile);
} catch (IllegalArgumentException e) {
throw new ApiException(ApiResponseCode.FILE_EMPTY);
}
// 파일 업로드 처리
File savedFile = processFileUpload(multipartFile, requestDto.getDescription(), generateOid());
// 응답 DTO 생성 및 반환
return FileUploadResponseDto.builder()
.oid(savedFile.getOid())
.groupOid(savedFile.getGroupOid())
.originalFileName(savedFile.getOriginalFileName())
.downloadUrl(contextPath + "/files/download/" + savedFile.getOid())
.build();
}
@Override
@Transactional
public MultipleFileUploadResponseDto uploadMultipleFiles(MultipleFileUploadRequestDto requestDto) {
List<MultipartFile> files = requestDto.getFiles();
try {
// 파일 리스트 유효성 검사
FileUtils.validateFileList(files);
} catch (IllegalArgumentException e) {
throw new ApiException(ApiResponseCode.FILE_EMPTY);
}
List<FileUploadResponseDto> uploadedFiles = new ArrayList<>();
List<String> errorMessages = new ArrayList<>();
int successCount = 0;
int failureCount = 0;
Long groupOid = generateOid();
for (MultipartFile multipartFile : files) {
try {
// 개별 파일 유효성 검사
if (multipartFile.isEmpty()) {
String errorMsg = "파일 '" + multipartFile.getOriginalFilename() + "'이 비어있습니다.";
errorMessages.add(errorMsg);
failureCount++;
continue;
}
// 단일 파일 업로드 처리
File savedFile = processFileUpload(multipartFile, requestDto.getDescription(), groupOid);
FileUploadResponseDto uploadedFile = FileUploadResponseDto.builder()
.oid(savedFile.getOid())
.originalFileName(savedFile.getOriginalFileName())
.downloadUrl(contextPath + "/files/download/" + savedFile.getOid())
.build();
uploadedFiles.add(uploadedFile);
successCount++;
log.info("파일 업로드 성공: {}", multipartFile.getOriginalFilename());
} catch (Exception ex) {
String fileName = multipartFile.getOriginalFilename() != null ? multipartFile.getOriginalFilename() : "알 수 없는 파일";
log.error("파일 업로드 실패: {}", fileName, ex);
errorMessages.add("파일 '" + fileName + "' 업로드 실패: " + ex.getMessage());
failureCount++;
}
}
return MultipleFileUploadResponseDto.builder()
.groupOid(groupOid)
.files(uploadedFiles)
.totalCount(files.size())
.successCount(successCount)
.failureCount(failureCount)
.errorMessages(errorMessages)
.build();
}
/**
* 파일 업로드 처리
*/
private File processFileUpload(MultipartFile multipartFile, String description, Long groupOid) {
String originalFileName = FileUtils.cleanFileName(multipartFile.getOriginalFilename());
try {
// 항상 년월일 기반으로 폴더 생성 (예: uploads/2024/01/15/)
Path uploadDir = FileUtils.createYearMonthUploadDirectory(uploadPath);
log.debug("년월 기반 폴더 사용: {}", uploadDir);
// 파일명 및 확장자 처리
String fileExtension = FileUtils.extractFileExtension(originalFileName);
String storedFileName = FileUtils.generateUniqueFileName(fileExtension);
// 파일 저장
Path targetLocation = FileUtils.saveFileToDisk(multipartFile, uploadDir, storedFileName);
// DB에 파일 정보 저장
File file = createFileEntity(originalFileName, storedFileName, targetLocation, multipartFile, description, groupOid);
file.setCreator(SecurityUtils.getCurrentUserOid(), SecurityUtils.getCurrentUserId());
return fileRepository.save(file);
} catch (IOException ex) {
log.error("파일 업로드 실패: {}", originalFileName, ex);
throw new ApiException(ApiResponseCode.FILE_UPLOAD_FAILED, ex);
}
}
private File createFileEntity(String originalFileName, String storedFileName, Path targetLocation,
MultipartFile multipartFile, String description, Long groupOid) {
return File.builder()
.originalFileName(originalFileName)
.storedFileName(storedFileName)
.filePath(targetLocation.toString())
.fileSize(multipartFile.getSize())
.contentType(multipartFile.getContentType())
.description(description)
.groupOid(groupOid)
.build();
}
@Override
public File getFileByOid(Long oid) {
return fileRepository.findByOidAndUseFlagTrue(oid)
.orElseThrow(() -> new ApiException(ApiResponseCode.FILE_NOT_FOUND));
}
@Override
public byte[] downloadFile(Long oid) {
File file = fileRepository.findByOidAndUseFlagTrue(oid)
.orElseThrow(() -> new ApiException(ApiResponseCode.FILE_NOT_FOUND));
try {
Path filePath = Paths.get(file.getFilePath());
return Files.readAllBytes(filePath);
} catch (IOException ex) {
log.error("파일 다운로드 실패: {}", file.getOriginalFileName(), ex);
throw new ApiException(ApiResponseCode.FILE_DOWNLOAD_FAILED, ex);
}
}
@Override
@Transactional
public void deleteFile(Long oid) {
File file = fileRepository.findByOidAndUseFlagTrue(oid)
.orElseThrow(() -> new ApiException(ApiResponseCode.FILE_NOT_FOUND));
Long currentUserOid = SecurityUtils.getCurrentUserOid();
String currentUserId = SecurityUtils.getCurrentUserId();
// 현재 사용자가 파일 소유자인지 확인
if (currentUserId == null || !currentUserId.equals(file.getCreatedId())) {
throw new ApiException(ApiResponseCode.COMMON_FORBIDDEN);
}
// 수정자 정보 업데이트
file.setUpdater(currentUserOid, currentUserId);
// 논리적 삭제: use_flag를 false로 변경
file.setUseFlag(false);
fileRepository.save(file);
log.info("파일 논리적 삭제 완료: oid={}, fileName={}", oid, file.getOriginalFileName());
}
}

73
src/main/java/com/bio/bio_backend/domain/base/member/controller/MemberController.java Normal file
View File

@@ -0,0 +1,73 @@
package com.bio.bio_backend.domain.base.member.controller;
import com.bio.bio_backend.global.dto.ApiResponseDto;
import io.swagger.v3.oas.annotations.tags.Tag;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.*;
import jakarta.validation.Valid;
import com.bio.bio_backend.domain.base.member.dto.MemberDto;
import com.bio.bio_backend.domain.base.member.dto.CreateMemberRequestDto;
import com.bio.bio_backend.domain.base.member.dto.CreateMemberResponseDto;
import com.bio.bio_backend.domain.base.member.service.MemberService;
import com.bio.bio_backend.domain.base.member.mapper.MemberMapper;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.responses.ApiResponse;
import io.swagger.v3.oas.annotations.responses.ApiResponses;
import io.swagger.v3.oas.annotations.media.Content;
import io.swagger.v3.oas.annotations.media.Schema;
import com.bio.bio_backend.global.constants.ApiResponseCode;
import com.bio.bio_backend.global.annotation.LogExecution;
import com.bio.bio_backend.global.utils.SecurityUtils;
@Tag(name = "Member", description = "회원 관련 API")
@RestController
@RequestMapping("/members")
@RequiredArgsConstructor
@Slf4j
public class MemberController {
private final MemberService memberService;
private final MemberMapper memberMapper;
@LogExecution("회원 등록")
@Operation(summary = "회원 등록", description = "새로운 회원을 등록합니다.")
@ApiResponses({
@ApiResponse(responseCode = "201", description = "회원 가입 성공"),
@ApiResponse(responseCode = "400", description = "잘못된 요청 데이터", content = @Content(schema = @Schema(implementation = ApiResponseDto.class))),
@ApiResponse(responseCode = "409", description = "중복된 사용자 정보", content = @Content(schema = @Schema(implementation = ApiResponseDto.class)))
})
@PostMapping("/register")
public ResponseEntity<ApiResponseDto<CreateMemberResponseDto>> createMember(@RequestBody @Valid CreateMemberRequestDto requestDto) {
MemberDto createdMember = memberService.createMember(memberMapper.toMemberDto(requestDto));
CreateMemberResponseDto responseDto = memberMapper.toCreateMemberResponseDto(createdMember);
ApiResponseDto<CreateMemberResponseDto> apiResponse = ApiResponseDto.success(ApiResponseCode.COMMON_SUCCESS_CREATED, responseDto);
return ResponseEntity.status(HttpStatus.CREATED).body(apiResponse);
}
@LogExecution("로그아웃")
@Operation(summary = "로그아웃", description = "사용자 로그아웃을 처리합니다.")
@ApiResponses({
@ApiResponse(responseCode = "200", description = "로그아웃 성공"),
@ApiResponse(responseCode = "401", description = "인증 실패", content = @Content(schema = @Schema(implementation = ApiResponseDto.class)))
})
@PostMapping("/logout")
public ResponseEntity<ApiResponseDto<Void>> logout() {
try {
String userId = SecurityUtils.getCurrentUserId();
memberService.deleteRefreshToken(userId);
log.info("사용자 로그아웃 완료: {}", userId);
return ResponseEntity.ok(ApiResponseDto.success(ApiResponseCode.COMMON_SUCCESS));
} catch (Exception e) {
log.error("로그아웃 처리 중 오류 발생: {}", e.getMessage());
return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR)
.body(ApiResponseDto.fail(ApiResponseCode.COMMON_INTERNAL_SERVER_ERROR));
}
}
}

10
src/main/java/com/bio/bio_backend/domain/user/member/dto/CreateMemberRequestDto.java → src/main/java/com/bio/bio_backend/domain/base/member/dto/CreateMemberRequestDto.java
View File

@@ -1,4 +1,4 @@
package com.bio.bio_backend.domain.user.member.dto; package com.bio.bio_backend.domain.base.member.dto;
import lombok.AllArgsConstructor; import lombok.AllArgsConstructor;
import lombok.Builder; import lombok.Builder;
@@ -6,6 +6,7 @@ import lombok.Data;
import lombok.NoArgsConstructor; import lombok.NoArgsConstructor;
import jakarta.validation.constraints.NotBlank; import jakarta.validation.constraints.NotBlank;
import jakarta.validation.constraints.Email;
@Data @Data
@Builder @Builder
@@ -18,4 +19,11 @@ public class CreateMemberRequestDto {
@NotBlank(message = "비밀번호는 필수입니다.") @NotBlank(message = "비밀번호는 필수입니다.")
private String password; private String password;
@NotBlank(message = "사용자명은 필수입니다.")
private String name;
@NotBlank(message = "이메일은 필수입니다.")
@Email(message = "올바른 이메일 형식이 아닙니다.")
private String email;
} }

4
src/main/java/com/bio/bio_backend/domain/user/member/dto/CreateMemberResponseDto.java → src/main/java/com/bio/bio_backend/domain/base/member/dto/CreateMemberResponseDto.java
View File

@@ -1,6 +1,6 @@
package com.bio.bio_backend.domain.user.member.dto; package com.bio.bio_backend.domain.base.member.dto;
import com.bio.bio_backend.domain.user.member.enums.MemberRole; import com.bio.bio_backend.domain.base.member.enums.MemberRole;
import lombok.AllArgsConstructor; import lombok.AllArgsConstructor;
import lombok.Builder; import lombok.Builder;
import lombok.Data; import lombok.Data;

2
src/main/java/com/bio/bio_backend/domain/user/member/dto/LoginRequestDto.java → src/main/java/com/bio/bio_backend/domain/base/member/dto/LoginRequestDto.java
View File

@@ -1,4 +1,4 @@
package com.bio.bio_backend.domain.user.member.dto; package com.bio.bio_backend.domain.base.member.dto;
import lombok.AllArgsConstructor; import lombok.AllArgsConstructor;
import lombok.Builder; import lombok.Builder;

2
src/main/java/com/bio/bio_backend/domain/user/member/dto/LoginResponseDto.java → src/main/java/com/bio/bio_backend/domain/base/member/dto/LoginResponseDto.java
View File

@@ -1,4 +1,4 @@
package com.bio.bio_backend.domain.user.member.dto; package com.bio.bio_backend.domain.base.member.dto;
import lombok.AllArgsConstructor; import lombok.AllArgsConstructor;
import lombok.Builder; import lombok.Builder;

17
src/main/java/com/bio/bio_backend/domain/user/member/dto/MemberDto.java → src/main/java/com/bio/bio_backend/domain/base/member/dto/MemberDto.java
View File

@@ -1,6 +1,6 @@
package com.bio.bio_backend.domain.user.member.dto; package com.bio.bio_backend.domain.base.member.dto;
import com.bio.bio_backend.domain.user.member.enums.MemberRole; import com.bio.bio_backend.domain.base.member.enums.MemberRole;
import lombok.AllArgsConstructor; import lombok.AllArgsConstructor;
import lombok.Builder; import lombok.Builder;
import lombok.Data; import lombok.Data;
@@ -22,9 +22,12 @@ public class MemberDto implements UserDetails {
private Long oid; private Long oid;
private String userId; private String userId;
private String password; private String password;
private String name;
private String email;
private MemberRole role; private MemberRole role;
private Boolean useFlag; private Boolean useFlag;
private String refreshToken; private String refreshToken;
private String loginIp;
private LocalDateTime lastLoginAt; private LocalDateTime lastLoginAt;
private LocalDateTime createdAt; private LocalDateTime createdAt;
private LocalDateTime updatedAt; private LocalDateTime updatedAt;
@@ -39,21 +42,11 @@ public class MemberDto implements UserDetails {
return this.userId; return this.userId;
} }
@Override
public boolean isAccountNonExpired() {
return true;
}
@Override @Override
public boolean isAccountNonLocked() { public boolean isAccountNonLocked() {
return this.useFlag != null && this.useFlag; return this.useFlag != null && this.useFlag;
} }
@Override
public boolean isCredentialsNonExpired() {
return true;
}
@Override @Override
public boolean isEnabled() { public boolean isEnabled() {
return this.useFlag != null && this.useFlag; return this.useFlag != null && this.useFlag;

18
src/main/java/com/bio/bio_backend/domain/user/member/entity/Member.java → src/main/java/com/bio/bio_backend/domain/base/member/entity/Member.java
View File

@@ -1,6 +1,7 @@
package com.bio.bio_backend.domain.user.member.entity; package com.bio.bio_backend.domain.base.member.entity;
import com.bio.bio_backend.domain.user.member.enums.MemberRole; import com.bio.bio_backend.domain.base.member.enums.MemberRole;
import com.bio.bio_backend.global.constants.AppConstants;
import com.bio.bio_backend.global.entity.BaseEntity; import com.bio.bio_backend.global.entity.BaseEntity;
import jakarta.persistence.*; import jakarta.persistence.*;
import lombok.AllArgsConstructor; import lombok.AllArgsConstructor;
@@ -17,7 +18,7 @@ import java.time.LocalDateTime;
@AllArgsConstructor @AllArgsConstructor
@Builder @Builder
@Table( @Table(
name = "st_member", name = AppConstants.TABLE_PREFIX + "member",
indexes = { indexes = {
@Index(name = "idx_member_user_id", columnList = "user_id") @Index(name = "idx_member_user_id", columnList = "user_id")
} }
@@ -30,6 +31,12 @@ public class Member extends BaseEntity {
@Column(name = "password", nullable = false, length = 100) @Column(name = "password", nullable = false, length = 100)
private String password; private String password;
@Column(name = "name", nullable = false, length = 100)
private String name;
@Column(name = "email", nullable = false, length = 255)
private String email;
@Enumerated(EnumType.STRING) @Enumerated(EnumType.STRING)
@Column(name = "role", nullable = false, length = 40) @Column(name = "role", nullable = false, length = 40)
private MemberRole role; private MemberRole role;
@@ -38,9 +45,12 @@ public class Member extends BaseEntity {
@Builder.Default @Builder.Default
private Boolean useFlag = true; private Boolean useFlag = true;
@Column(name = "refresh_token", length = 200) @Column(name = "refresh_token", length = 1024)
private String refreshToken; private String refreshToken;
@Column(name = "login_ip", length = 45) // IPv6 지원을 위해 45자
private String loginIp;
@Column(name = "last_login_at") @Column(name = "last_login_at")
private LocalDateTime lastLoginAt; private LocalDateTime lastLoginAt;

3
src/main/java/com/bio/bio_backend/domain/user/member/enums/MemberRole.java → src/main/java/com/bio/bio_backend/domain/base/member/enums/MemberRole.java
View File

@@ -1,4 +1,4 @@
package com.bio.bio_backend.domain.user.member.enums; package com.bio.bio_backend.domain.base.member.enums;
import lombok.Getter; import lombok.Getter;
import lombok.RequiredArgsConstructor; import lombok.RequiredArgsConstructor;
@@ -12,7 +12,6 @@ public enum MemberRole {
MEMBER("MEMBER", "일반 회원"), MEMBER("MEMBER", "일반 회원"),
ADMIN("ADMIN", "관리자"), ADMIN("ADMIN", "관리자"),
USER("USER", "사용자"),
SYSTEM_ADMIN("SYSTEM_ADMIN", "시스템 관리자"); SYSTEM_ADMIN("SYSTEM_ADMIN", "시스템 관리자");
private final String value; private final String value;

21
src/main/java/com/bio/bio_backend/domain/user/member/mapper/MemberMapper.java → src/main/java/com/bio/bio_backend/domain/base/member/mapper/MemberMapper.java
View File

@@ -1,10 +1,10 @@
package com.bio.bio_backend.domain.user.member.mapper; package com.bio.bio_backend.domain.base.member.mapper;
import com.bio.bio_backend.domain.user.member.dto.CreateMemberRequestDto; import com.bio.bio_backend.domain.base.member.dto.CreateMemberRequestDto;
import com.bio.bio_backend.domain.user.member.dto.CreateMemberResponseDto; import com.bio.bio_backend.domain.base.member.dto.CreateMemberResponseDto;
import com.bio.bio_backend.domain.user.member.dto.MemberDto; import com.bio.bio_backend.domain.base.member.dto.MemberDto;
import com.bio.bio_backend.domain.user.member.entity.Member; import com.bio.bio_backend.domain.base.member.entity.Member;
import com.bio.bio_backend.domain.user.member.enums.MemberRole; import com.bio.bio_backend.global.annotation.IgnoreBaseEntityMapping;
import org.mapstruct.Mapper; import org.mapstruct.Mapper;
import org.mapstruct.Mapping; import org.mapstruct.Mapping;
import org.mapstruct.factory.Mappers; import org.mapstruct.factory.Mappers;
@@ -20,9 +20,10 @@ public interface MemberMapper {
* 기본값 설정: role = MemberRole.MEMBER, useFlag = true * 기본값 설정: role = MemberRole.MEMBER, useFlag = true
*/ */
@Mapping(target = "oid", ignore = true) @Mapping(target = "oid", ignore = true)
@Mapping(target = "role", expression = "java(com.bio.bio_backend.domain.user.member.enums.MemberRole.getDefault())") @Mapping(target = "role", expression = "java(com.bio.bio_backend.domain.base.member.enums.MemberRole.getDefault())")
@Mapping(target = "useFlag", constant = "true") @Mapping(target = "useFlag", constant = "true")
@Mapping(target = "refreshToken", ignore = true) @Mapping(target = "refreshToken", ignore = true)
@Mapping(target = "loginIp", ignore = true)
@Mapping(target = "lastLoginAt", ignore = true) @Mapping(target = "lastLoginAt", ignore = true)
@Mapping(target = "createdAt", ignore = true) @Mapping(target = "createdAt", ignore = true)
@Mapping(target = "updatedAt", ignore = true) @Mapping(target = "updatedAt", ignore = true)
@@ -47,4 +48,10 @@ public interface MemberMapper {
* MemberDto를 CreateMemberResponseDto로 변환 * MemberDto를 CreateMemberResponseDto로 변환
*/ */
CreateMemberResponseDto toCreateMemberResponseDto(MemberDto memberDto); CreateMemberResponseDto toCreateMemberResponseDto(MemberDto memberDto);
/**
* MemberDto의 값으로 기존 Member 엔티티 업데이트 (null이 아닌 필드만)
*/
@IgnoreBaseEntityMapping
void updateMemberFromDto(MemberDto memberDto, @org.mapstruct.MappingTarget Member member);
} }

18
src/main/java/com/bio/bio_backend/domain/user/member/repository/MemberRepository.java → src/main/java/com/bio/bio_backend/domain/base/member/repository/MemberRepository.java
View File

@@ -1,17 +1,17 @@
package com.bio.bio_backend.domain.user.member.repository; package com.bio.bio_backend.domain.base.member.repository;
import org.springframework.data.jpa.repository.JpaRepository; import org.springframework.data.jpa.repository.JpaRepository;
import org.springframework.stereotype.Repository; import org.springframework.stereotype.Repository;
import com.bio.bio_backend.domain.user.member.entity.Member; import com.bio.bio_backend.domain.base.member.entity.Member;
import java.util.Optional; import java.util.List;
@Repository @Repository
public interface MemberRepository extends JpaRepository<Member, Long> { public interface MemberRepository extends JpaRepository<Member, Long>, MemberRepositoryCustom {
// 사용자 ID로 회원 조회 (Optional 반환)
Optional<Member> findByUserId(String userId);
// 사용자 ID 존재 여부 확인 // 사용자 ID 존재 여부 확인
boolean existsByUserId(String userId); boolean existsByUserId(String userId);
}
// 활성화된 회원 목록 조회
List<Member> findByUseFlagTrue();
}

19
src/main/java/com/bio/bio_backend/domain/base/member/repository/MemberRepositoryCustom.java Normal file
View File

@@ -0,0 +1,19 @@
package com.bio.bio_backend.domain.base.member.repository;
import com.bio.bio_backend.domain.base.member.entity.Member;
import java.util.Optional;
/**
* QueryDSL을 활용한 커스텀 쿼리 메서드들을 정의하는 인터페이스
* 복잡한 쿼리나 동적 쿼리가 필요한 경우 이 인터페이스를 구현하여 사용합니다.
*/
public interface MemberRepositoryCustom {
/**
* 활성화된 사용자 중에서 사용자 ID로 검색하여 조회합니다.
*
* @param userId 사용자 ID
* @return Optional<Member> 회원 정보 (없으면 empty)
*/
Optional<Member> findActiveMemberByUserId(String userId);
}

38
src/main/java/com/bio/bio_backend/domain/base/member/repository/MemberRepositoryImpl.java Normal file
View File

@@ -0,0 +1,38 @@
package com.bio.bio_backend.domain.base.member.repository;
import com.bio.bio_backend.domain.base.member.entity.Member;
import com.bio.bio_backend.domain.base.member.entity.QMember;
import com.querydsl.jpa.impl.JPAQueryFactory;
import lombok.RequiredArgsConstructor;
import org.springframework.stereotype.Repository;
import java.util.Optional;
/**
* QueryDSL을 활용하여 MemberRepositoryCustom 인터페이스를 구현하는 클래스
* 복잡한 쿼리나 동적 쿼리를 QueryDSL로 작성하여 성능과 가독성을 향상시킵니다.
*/
@Repository
@RequiredArgsConstructor
public class MemberRepositoryImpl implements MemberRepositoryCustom {
private final JPAQueryFactory queryFactory;
/**
* QMember 인스턴스를 생성하여 쿼리에서 사용합니다.
* QueryDSL의 Q클래스를 통해 타입 안전한 쿼리 작성이 가능합니다.
*/
private final QMember member = QMember.member;
@Override
public Optional<Member> findActiveMemberByUserId(String userId) {
// 활성화된 사용자 중에서 사용자 ID로 검색
Member foundMember = queryFactory
.selectFrom(member)
.where(member.userId.eq(userId)
.and(member.useFlag.eq(true)))
.fetchOne();
return Optional.ofNullable(foundMember);
}
}

10
src/main/java/com/bio/bio_backend/domain/user/member/service/MemberService.java → src/main/java/com/bio/bio_backend/domain/base/member/service/MemberService.java
View File

@@ -1,4 +1,4 @@
package com.bio.bio_backend.domain.user.member.service; package com.bio.bio_backend.domain.base.member.service;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
@@ -6,7 +6,7 @@ import java.util.Map;
import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UserDetailsService;
import com.bio.bio_backend.domain.user.member.dto.MemberDto; import com.bio.bio_backend.domain.base.member.dto.MemberDto;
public interface MemberService extends UserDetailsService { public interface MemberService extends UserDetailsService {
@@ -14,17 +14,11 @@ public interface MemberService extends UserDetailsService {
MemberDto createMember(MemberDto memberDTO); MemberDto createMember(MemberDto memberDTO);
void updateRefreshToken(MemberDto memberDTO);
String getRefreshToken(String id); String getRefreshToken(String id);
int deleteRefreshToken(String id); int deleteRefreshToken(String id);
List<MemberDto> selectMemberList(Map<String, String> params); List<MemberDto> selectMemberList(Map<String, String> params);
MemberDto selectMember(long seq);
int updateMember(MemberDto member); int updateMember(MemberDto member);
int deleteMember(MemberDto member);
} }

102
src/main/java/com/bio/bio_backend/domain/base/member/service/MemberServiceImpl.java Normal file
View File

@@ -0,0 +1,102 @@
package com.bio.bio_backend.domain.base.member.service;
import com.bio.bio_backend.domain.base.member.dto.MemberDto;
import com.bio.bio_backend.domain.base.member.entity.Member;
import com.bio.bio_backend.domain.base.member.enums.MemberRole;
import com.bio.bio_backend.domain.base.member.mapper.MemberMapper;
import com.bio.bio_backend.domain.base.member.repository.MemberRepository;
import com.bio.bio_backend.global.exception.ApiException;
import com.bio.bio_backend.global.constants.ApiResponseCode;
import com.bio.bio_backend.global.constants.AppConstants;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import java.util.List;
import java.util.Map;
import static com.bio.bio_backend.global.utils.OidUtils.generateOid;
@Service
@RequiredArgsConstructor
@Slf4j
@Transactional(readOnly = true)
public class MemberServiceImpl implements MemberService {
private final MemberMapper memberMapper; // MapStruct Mapper 사용
private final MemberRepository memberRepository;
private final BCryptPasswordEncoder bCryptPasswordEncoder;
@Override
public UserDetails loadUserByUsername(String id) throws UsernameNotFoundException {
Member member = memberRepository.findActiveMemberByUserId(id)
.orElseThrow(() -> new UsernameNotFoundException("사용자를 찾을 수 없습니다: " + id));
return memberMapper.toMemberDto(member);
}
@Override
@Transactional
public MemberDto createMember(MemberDto memberDto) {
// userId 중복 체크
if (memberRepository.existsByUserId(memberDto.getUserId())) {
throw new ApiException(ApiResponseCode.USER_ID_DUPLICATE);
}
Member member = Member.builder()
.userId(memberDto.getUserId())
.password(bCryptPasswordEncoder.encode(memberDto.getPassword()))
.name(memberDto.getName())
.email(memberDto.getEmail())
.role(MemberRole.getDefault())
.build();
Long oid = generateOid();
member.setOid(oid);
member.setCreator(AppConstants.ADMIN_OID, AppConstants.ADMIN_USER_ID);
Member savedMember = memberRepository.save(member);
return memberMapper.toMemberDto(savedMember);
}
@Override
@Transactional
public int updateMember(MemberDto memberDto) {
Member member = memberRepository.findActiveMemberByUserId(memberDto.getUserId())
.orElseThrow(() -> new ApiException(ApiResponseCode.USER_NOT_FOUND));
memberMapper.updateMemberFromDto(memberDto, member);
memberRepository.save(member);
return 1;
}
@Override
public String getRefreshToken(String id) {
Member member = memberRepository.findActiveMemberByUserId(id)
.orElseThrow(() -> new ApiException(ApiResponseCode.USER_NOT_FOUND));
return member.getRefreshToken();
}
@Override
@Transactional
public int deleteRefreshToken(String id) {
Member member = memberRepository.findActiveMemberByUserId(id)
.orElseThrow(() -> new ApiException(ApiResponseCode.USER_NOT_FOUND));
member.setRefreshToken(null);
memberRepository.save(member);
return 1;
}
@Override
public List<MemberDto> selectMemberList(Map<String, String> params) {
List<Member> members = memberRepository.findByUseFlagTrue();
return memberMapper.toMemberDtoList(members);
}
}

122
src/main/java/com/bio/bio_backend/domain/user/member/controller/MemberController.java
View File

@@ -1,122 +0,0 @@
package com.bio.bio_backend.domain.user.member.controller;
import com.bio.bio_backend.global.dto.ApiResponseDto;
import io.swagger.v3.oas.annotations.tags.Tag;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.web.bind.annotation.*;
import jakarta.validation.Valid;
import com.bio.bio_backend.domain.user.member.dto.MemberDto;
import com.bio.bio_backend.domain.user.member.dto.CreateMemberRequestDto;
import com.bio.bio_backend.domain.user.member.dto.CreateMemberResponseDto;
import com.bio.bio_backend.domain.user.member.service.MemberService;
import com.bio.bio_backend.domain.user.member.mapper.MemberMapper;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.responses.ApiResponse;
import io.swagger.v3.oas.annotations.responses.ApiResponses;
import io.swagger.v3.oas.annotations.media.Content;
import io.swagger.v3.oas.annotations.media.Schema;
import com.bio.bio_backend.global.constants.ApiResponseCode;
import com.bio.bio_backend.global.annotation.LogExecution;
@Tag(name = "Member", description = "회원 관련 API")
@RestController
@RequestMapping("/members")
@RequiredArgsConstructor
@Slf4j
public class MemberController {
private final MemberService memberService;
private final MemberMapper memberMapper;
private final BCryptPasswordEncoder bCryptPasswordEncoder;
@LogExecution("회원 등록")
@Operation(summary = "회원 등록", description = "새로운 회원을 등록합니다.")
@ApiResponses({
@ApiResponse(responseCode = "201", description = "회원 가입 성공"),
@ApiResponse(responseCode = "400", description = "잘못된 요청 데이터", content = @Content(schema = @Schema(implementation = ApiResponseDto.class))),
@ApiResponse(responseCode = "409", description = "중복된 사용자 정보", content = @Content(schema = @Schema(implementation = ApiResponseDto.class)))
})
@PostMapping("/register")
public ResponseEntity<ApiResponseDto<CreateMemberResponseDto>> createMember(@RequestBody @Valid CreateMemberRequestDto requestDto) {
MemberDto member = memberMapper.toMemberDto(requestDto);
MemberDto createdMember = memberService.createMember(member);
CreateMemberResponseDto responseDto = memberMapper.toCreateMemberResponseDto(createdMember);
ApiResponseDto<CreateMemberResponseDto> apiResponse = ApiResponseDto.success(ApiResponseCode.COMMON_SUCCESS_CREATED, responseDto);
return ResponseEntity.status(HttpStatus.CREATED).body(apiResponse);
}
// @PostMapping("/member/list")
// public ResponseEntity<List<ResponseMember>> getMemberList(@RequestBody(required = false) Map<String, String> params) {
// if(params == null){
// params = new HashMap<>();
// }
// Iterable<MemberDTO> memberList = memberService.selectMemberList(params);
// List<ResponseMember> result = new ArrayList<>();
// memberList.forEach(m -> {
// result.add(new ModelMapper().map(m, ResponseMember.class));
// });
// return ResponseEntity.status(HttpStatus.OK).body(result);
// }
// @GetMapping("/member/{seq}")
// public ResponseEntity<ResponseMember> selectMember(@PathVariable("seq") int seq) {
// MemberDTO member = memberService.selectMember(seq);
// ResponseMember responseMember = mapper.map(member, ResponseMember.class);
// return ResponseEntity.status(HttpStatus.OK).body(responseMember);
// }
// @PutMapping("/member")
// public ApiResponseDto<Void> updateMember(@RequestBody @Valid CreateMemberRequestDTO requestMember, @AuthenticationPrincipal MemberDTO registrant) {
// // 현재 JWT는 사용자 id 값을 통하여 생성, 회원정보 변경 시 JWT 재발급 여부 검토
// MemberDTO member = mapper.map(requestMember, MemberDTO.class);
// if (requestMember.getPassword() != null) {
// member.setPw(bCryptPasswordEncoder.encode(requestMember.getPassword()));
// }
// member.setRegSeq(registrant.getSeq());
// memberService.updateMember(member);
// return ApiResponseDto.success(ApiResponseCode.USER_INFO_CHANGE, null);
// }
// @DeleteMapping("/member")
// public ApiResponseDto<Void> deleteMember(@RequestBody @Valid CreateMemberRequestDTO requestMember){
// MemberDTO member = mapper.map(requestMember, MemberDTO.class);
// memberService.deleteMember(member);
// return ApiResponseDto.success(ApiResponseCode.USER_DELETE_SUCCESSFUL, null);
// }
// @PostMapping("/logout")
// public ApiResponseDto<Void> logout(@AuthenticationPrincipal MemberDTO member) {
// String id = member.getId();
// try {
// memberService.deleteRefreshToken(id);
// } catch (Exception e) {
// return ApiResponseDto.fail(ApiResponseCode.INTERNAL_SERVER_ERROR, null);
// }
// return ApiResponseDto.success(ApiResponseCode.LOGOUT_SUCCESSFUL, null);
// }
}

68
src/main/java/com/bio/bio_backend/domain/user/member/repository/MemberRepositoryCustom.java
View File

@@ -1,68 +0,0 @@
package com.bio.bio_backend.domain.user.member.repository;
import com.bio.bio_backend.domain.user.member.entity.Member;
import org.springframework.data.domain.Page;
import org.springframework.data.domain.Pageable;
import java.util.List;
import java.util.Optional;
/**
* QueryDSL을 활용한 커스텀 쿼리 메서드들을 정의하는 인터페이스
* 복잡한 쿼리나 동적 쿼리가 필요한 경우 이 인터페이스를 구현하여 사용합니다.
*/
public interface MemberRepositoryCustom {
/**
* 사용자 ID로 회원을 조회합니다.
* QueryDSL을 사용하여 더 유연한 쿼리 작성이 가능합니다.
*
* @param userId 사용자 ID
* @return Optional<Member> 회원 정보 (없으면 empty)
*/
Optional<Member> findByUserIdCustom(String userId);
/**
* 역할(Role)별로 회원 목록을 조회합니다.
*
* @param role 회원 역할
* @return List<Member> 해당 역할을 가진 회원 목록
*/
List<Member> findByRole(String role);
/**
* 사용 여부별로 회원 목록을 조회합니다.
*
* @param useFlag 사용 여부
* @return List<Member> 해당 사용 여부를 가진 회원 목록
*/
List<Member> findByUseFlag(Boolean useFlag);
/**
* 사용자 ID와 사용 여부로 회원을 조회합니다.
*
* @param userId 사용자 ID
* @param useFlag 사용 여부
* @return Optional<Member> 회원 정보
*/
Optional<Member> findByUserIdAndUseFlag(String userId, Boolean useFlag);
/**
* 검색 조건에 따른 회원 목록을 페이징하여 조회합니다.
*
* @param userId 사용자 ID (부분 검색)
* @param role 회원 역할
* @param useFlag 사용 여부
* @param pageable 페이징 정보
* @return Page<Member> 페이징된 회원 목록
*/
Page<Member> findMembersByCondition(String userId, String role, Boolean useFlag, Pageable pageable);
/**
* 마지막 로그인 시간이 특정 시간 이후인 회원들을 조회합니다.
*
* @param lastLoginAfter 마지막 로그인 기준 시간
* @return List<Member> 해당 조건을 만족하는 회원 목록
*/
List<Member> findActiveMembersByLastLogin(java.time.LocalDateTime lastLoginAfter);
}

131
src/main/java/com/bio/bio_backend/domain/user/member/repository/MemberRepositoryImpl.java
View File

@@ -1,131 +0,0 @@
package com.bio.bio_backend.domain.user.member.repository;
import com.bio.bio_backend.domain.user.member.entity.Member;
import com.bio.bio_backend.domain.user.member.entity.QMember;
import com.bio.bio_backend.domain.user.member.enums.MemberRole;
import com.querydsl.core.BooleanBuilder;
import com.querydsl.core.types.dsl.BooleanExpression;
import com.querydsl.jpa.impl.JPAQueryFactory;
import lombok.RequiredArgsConstructor;
import org.springframework.data.domain.Page;
import org.springframework.data.domain.PageImpl;
import org.springframework.data.domain.Pageable;
import org.springframework.stereotype.Repository;
import java.time.LocalDateTime;
import java.util.List;
import java.util.Optional;
/**
* QueryDSL을 활용하여 MemberRepositoryCustom 인터페이스를 구현하는 클래스
* 복잡한 쿼리나 동적 쿼리를 QueryDSL로 작성하여 성능과 가독성을 향상시킵니다.
*/
@Repository
@RequiredArgsConstructor
public class MemberRepositoryImpl implements MemberRepositoryCustom {
private final JPAQueryFactory queryFactory;
/**
* QMember 인스턴스를 생성하여 쿼리에서 사용합니다.
* QueryDSL의 Q클래스를 통해 타입 안전한 쿼리 작성이 가능합니다.
*/
private final QMember member = QMember.member;
@Override
public Optional<Member> findByUserIdCustom(String userId) {
// QueryDSL을 사용하여 사용자 ID로 회원을 조회합니다.
// eq() 메서드를 사용하여 정확한 일치 조건을 설정합니다.
Member foundMember = queryFactory
.selectFrom(member)
.where(member.userId.eq(userId))
.fetchOne();
return Optional.ofNullable(foundMember);
}
@Override
public List<Member> findByRole(String role) {
// 역할별로 회원을 조회합니다.
// String을 MemberRole enum으로 변환하여 비교합니다.
return queryFactory
.selectFrom(member)
.where(member.role.eq(MemberRole.fromValue(role)))
.fetch();
}
@Override
public List<Member> findByUseFlag(Boolean useFlag) {
// 사용 여부별로 회원을 조회합니다.
return queryFactory
.selectFrom(member)
.where(member.useFlag.eq(useFlag))
.fetch();
}
@Override
public Optional<Member> findByUserIdAndUseFlag(String userId, Boolean useFlag) {
// 사용자 ID와 사용 여부를 모두 만족하는 회원을 조회합니다.
// and() 메서드를 사용하여 여러 조건을 결합합니다.
Member foundMember = queryFactory
.selectFrom(member)
.where(member.userId.eq(userId)
.and(member.useFlag.eq(useFlag)))
.fetchOne();
return Optional.ofNullable(foundMember);
}
@Override
public Page<Member> findMembersByCondition(String userId, String role, Boolean useFlag, Pageable pageable) {
// BooleanBuilder를 사용하여 동적 쿼리를 구성합니다.
// null이 아닌 조건만 쿼리에 포함시킵니다.
BooleanBuilder builder = new BooleanBuilder();
// 사용자 ID가 제공된 경우 부분 검색 조건을 추가합니다.
if (userId != null && !userId.trim().isEmpty()) {
builder.and(member.userId.containsIgnoreCase(userId));
}
// 역할이 제공된 경우 정확한 일치 조건을 추가합니다.
if (role != null && !role.trim().isEmpty()) {
builder.and(member.role.eq(MemberRole.fromValue(role)));
}
// 사용 여부가 제공된 경우 정확한 일치 조건을 추가합니다.
if (useFlag != null) {
builder.and(member.useFlag.eq(useFlag));
}
// 전체 개수를 조회합니다.
long total = queryFactory
.selectFrom(member)
.where(builder)
.fetchCount();
// 페이징 조건을 적용하여 결과를 조회합니다.
List<Member> content = queryFactory
.selectFrom(member)
.where(builder)
.orderBy(member.createdAt.desc()) // 생성일 기준 내림차순 정렬
.offset(pageable.getOffset())
.limit(pageable.getPageSize())
.fetch();
// Page 객체를 생성하여 반환합니다.
return new PageImpl<>(content, pageable, total);
}
@Override
public List<Member> findActiveMembersByLastLogin(LocalDateTime lastLoginAfter) {
// 마지막 로그인 시간이 특정 시간 이후인 활성 회원들을 조회합니다.
// 여러 조건을 조합하여 복잡한 쿼리를 작성합니다.
return queryFactory
.selectFrom(member)
.where(member.useFlag.eq(true) // 사용 중인 상태
.and(member.lastLoginAt.isNotNull()) // 마지막 로그인 시간이 존재
.and(member.lastLoginAt.after(lastLoginAfter))) // 특정 시간 이후
.orderBy(member.lastLoginAt.desc()) // 마지막 로그인 시간 기준 내림차순 정렬
.fetch();
}
}

148
src/main/java/com/bio/bio_backend/domain/user/member/service/MemberServiceImpl.java
View File

@@ -1,148 +0,0 @@
package com.bio.bio_backend.domain.user.member.service;
import com.bio.bio_backend.domain.user.member.dto.MemberDto;
import com.bio.bio_backend.domain.user.member.entity.Member;
import com.bio.bio_backend.domain.user.member.enums.MemberRole;
import com.bio.bio_backend.domain.user.member.mapper.MemberMapper;
import com.bio.bio_backend.domain.user.member.repository.MemberRepository;
import com.bio.bio_backend.global.exception.ApiException;
import com.bio.bio_backend.global.constants.ApiResponseCode;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import java.util.List;
import java.util.Map;
import static com.bio.bio_backend.global.utils.OidUtil.generateOid;
@Service
@RequiredArgsConstructor
@Slf4j
@Transactional(readOnly = true)
public class MemberServiceImpl implements MemberService {
private final MemberMapper memberMapper; // MapStruct Mapper 사용
private final MemberRepository memberRepository;
private final BCryptPasswordEncoder bCryptPasswordEncoder;
@Override
public UserDetails loadUserByUsername(String id) throws UsernameNotFoundException {
// JPA 레파지토리를 사용하여 회원 조회
Member member = memberRepository.findByUserId(id)
.orElseThrow(() -> new UsernameNotFoundException("User not found with id : " + id));
// MapStruct를 사용하여 Member 엔티티를 MemberDto로 변환
MemberDto memberDto = memberMapper.toMemberDto(member);
return memberDto;
}
@Override
@Transactional
public MemberDto createMember(MemberDto memberDTO) {
// userId 중복 체크
if (memberRepository.existsByUserId(memberDTO.getUserId())) {
throw new ApiException(ApiResponseCode.USER_ID_DUPLICATE);
}
Member member = Member.builder()
.userId(memberDTO.getUserId())
.password(bCryptPasswordEncoder.encode(memberDTO.getPassword()))
.role(MemberRole.getDefault())
.build();
Long oid = generateOid();
member.setOid(oid);
member.setCreatedOid(oid);
Member savedMember = memberRepository.save(member);
return memberMapper.toMemberDto(savedMember);
}
@Override
@Transactional
public void updateRefreshToken(MemberDto memberDTO) {
// JPA를 사용하여 refresh token 업데이트
Member member = memberRepository.findByUserId(memberDTO.getUserId())
.orElseThrow(() -> new RuntimeException("회원을 찾을 수 없습니다. id: " + memberDTO.getUserId()));
member.setRefreshToken(memberDTO.getRefreshToken());
memberRepository.save(member);
}
@Override
public String getRefreshToken(String id) {
Member member = memberRepository.findByUserId(id)
.orElseThrow(() -> new RuntimeException("회원을 찾을 수 없습니다. id: " + id));
return member.getRefreshToken();
}
@Override
@Transactional
public int deleteRefreshToken(String id) {
Member member = memberRepository.findByUserId(id)
.orElseThrow(() -> new RuntimeException("회원을 찾을 수 없습니다. id: " + id));
member.setRefreshToken(null);
memberRepository.save(member);
return 1; // 성공 시 1 반환
}
@Override
public List<MemberDto> selectMemberList(Map<String, String> params) {
// JPA를 사용하여 회원 목록 조회 (간단한 구현)
List<Member> members = memberRepository.findAll();
// MapStruct를 사용하여 Member 엔티티 리스트를 MemberDto 리스트로 변환
return memberMapper.toMemberDtoList(members);
}
@Override
public MemberDto selectMember(long seq) {
// JPA 레파지토리를 사용하여 회원 조회
Member member = memberRepository.findById(seq)
.orElseThrow(() -> new RuntimeException("회원을 찾을 수 없습니다. seq: " + seq));
// MapStruct를 사용하여 Member 엔티티를 MemberDto로 자동 변환
return memberMapper.toMemberDto(member);
}
@Override
@Transactional
public int updateMember(MemberDto memberDto) {
Member member = memberRepository.findByUserId(memberDto.getUserId())
.orElseThrow(() -> new RuntimeException("회원을 찾을 수 없습니다. id: " + memberDto.getUserId()));
// 비밀번호가 변경된 경우 암호화
if (memberDto.getPassword() != null && !memberDto.getPassword().isEmpty()) {
member.setPassword(bCryptPasswordEncoder.encode(memberDto.getPassword()));
}
member.setRole(memberDto.getRole());
member.setUseFlag(memberDto.getUseFlag());
memberRepository.save(member);
return 1; // 성공 시 1 반환
}
@Override
@Transactional
public int deleteMember(MemberDto memberDto) {
Member member = memberRepository.findByUserId(memberDto.getUserId())
.orElseThrow(() -> new RuntimeException("회원을 찾을 수 없습니다. id: " + memberDto.getUserId()));
member.setUseFlag(false);
log.info("회원 삭제 처리: {}", member.toString());
memberRepository.save(member);
return 1; // 성공 시 1 반환
}
}

24
src/main/java/com/bio/bio_backend/global/annotation/IgnoreBaseEntityMapping.java Normal file
View File

@@ -0,0 +1,24 @@
package com.bio.bio_backend.global.annotation;
import org.mapstruct.Mapping;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
/**
* BaseEntity의 감사 필드들을 ignore 처리하는 MapStruct 커스텀 어노테이션
* 여러 매퍼에서 공통으로 사용할 수 있습니다.
*/
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.CLASS)
@Mapping(target = "oid", ignore = true)
@Mapping(target = "createdAt", ignore = true)
@Mapping(target = "updatedAt", ignore = true)
@Mapping(target = "createdOid", ignore = true)
@Mapping(target = "updatedOid", ignore = true)
@Mapping(target = "createdId", ignore = true)
@Mapping(target = "updatedId", ignore = true)
public @interface IgnoreBaseEntityMapping {
}

24
src/main/java/com/bio/bio_backend/global/config/AppConfig.java
View File

@@ -1,9 +1,16 @@
package com.bio.bio_backend.global.config; package com.bio.bio_backend.global.config;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
import com.fasterxml.jackson.datatype.jsr310.ser.LocalDateTimeSerializer;
import com.fasterxml.jackson.datatype.jsr310.deser.LocalDateTimeDeserializer;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import java.time.LocalDateTime;
import java.time.format.DateTimeFormatter;
@Configuration @Configuration
public class AppConfig { public class AppConfig {
@@ -11,4 +18,21 @@ public class AppConfig {
public BCryptPasswordEncoder bCryptPasswordEncoder() { public BCryptPasswordEncoder bCryptPasswordEncoder() {
return new BCryptPasswordEncoder(); return new BCryptPasswordEncoder();
} }
@Bean
public ObjectMapper objectMapper() {
ObjectMapper mapper = new ObjectMapper();
// JavaTimeModule 등록
JavaTimeModule javaTimeModule = new JavaTimeModule();
// LocalDateTime 직렬화/역직렬화 설정
DateTimeFormatter formatter = DateTimeFormatter.ofPattern("yyyy-MM-dd HH:mm:ss");
javaTimeModule.addSerializer(LocalDateTime.class, new LocalDateTimeSerializer(formatter));
javaTimeModule.addDeserializer(LocalDateTime.class, new LocalDateTimeDeserializer(formatter));
mapper.registerModule(javaTimeModule);
return mapper;
}
} }

42
src/main/java/com/bio/bio_backend/global/config/SecurityPathConfig.java Normal file
View File

@@ -0,0 +1,42 @@
package com.bio.bio_backend.global.config;
import lombok.Getter;
import lombok.Setter;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.stereotype.Component;
import java.util.ArrayList;
import java.util.List;
@Getter
@Setter
@Component
@ConfigurationProperties(prefix = "security")
public class SecurityPathConfig {
private List<String> permitAllPaths = new ArrayList<>();
/**
* 주어진 경로가 허용된 경로인지 확인
* @param path 확인할 경로
* @param contextPath 컨텍스트 경로
* @return 허용 여부
*/
public boolean isPermittedPath(String path, String contextPath) {
if (permitAllPaths == null) {
return false;
}
return permitAllPaths.stream()
.anyMatch(permittedPath -> {
String fullPath = contextPath + permittedPath;
if (permittedPath.endsWith("/**")) {
// /** 패턴 처리
String basePath = fullPath.substring(0, fullPath.length() - 2);
return path.startsWith(basePath);
} else {
return path.equals(fullPath);
}
});
}
}

21
src/main/java/com/bio/bio_backend/global/constants/ApiResponseCode.java
View File

@@ -63,7 +63,26 @@ public enum ApiResponseCode {
JWT_SIGNATURE_MISMATCH(HttpStatus.UNAUTHORIZED.value(), "JWT 서명이 일치하지 않습니다. 인증에 실패했습니다"), JWT_SIGNATURE_MISMATCH(HttpStatus.UNAUTHORIZED.value(), "JWT 서명이 일치하지 않습니다. 인증에 실패했습니다"),
JWT_TOKEN_NULL(HttpStatus.UNAUTHORIZED.value(), "JWT 토큰이 null입니다"), JWT_TOKEN_NULL(HttpStatus.UNAUTHORIZED.value(), "JWT 토큰이 null입니다"),
JWT_TOKEN_EXPIRED(HttpStatus.UNAUTHORIZED.value(), "토큰이 만료되었습니다"), JWT_TOKEN_EXPIRED(HttpStatus.UNAUTHORIZED.value(), "토큰이 만료되었습니다"),
ALL_TOKEN_INVALID(HttpStatus.UNAUTHORIZED.value(), "액세스 토큰과 리프레시 토큰이 모두 만료되었거나 유효하지 않습니다"); INVALID_CLIENT_IP(HttpStatus.UNAUTHORIZED.value(), "클라이언트 IP 주소가 일치하지 않습니다"),
ALL_TOKEN_INVALID(HttpStatus.UNAUTHORIZED.value(), "액세스 토큰과 리프레시 토큰이 모두 만료되었거나 유효하지 않습니다"),
/*파일 관련 Code*/
// 200 OK
FILE_UPLOAD_SUCCESS(HttpStatus.OK.value(), "파일이 성공적으로 업로드되었습니다"),
FILE_DOWNLOAD_SUCCESS(HttpStatus.OK.value(), "파일 다운로드가 성공했습니다"),
FILE_DELETE_SUCCESS(HttpStatus.OK.value(), "파일이 성공적으로 삭제되었습니다"),
// 400 Bad Request
FILE_EMPTY(HttpStatus.BAD_REQUEST.value(), "업로드할 파일이 없습니다"),
FILE_INVALID_FORMAT(HttpStatus.BAD_REQUEST.value(), "지원하지 않는 파일 형식입니다"),
// 404 Not Found
FILE_NOT_FOUND(HttpStatus.NOT_FOUND.value(), "파일을 찾을 수 없습니다"),
// 500 Internal Server Error
FILE_UPLOAD_FAILED(HttpStatus.INTERNAL_SERVER_ERROR.value(), "파일 업로드에 실패했습니다"),
FILE_DOWNLOAD_FAILED(HttpStatus.INTERNAL_SERVER_ERROR.value(), "파일 다운로드에 실패했습니다"),
FILE_DELETE_FAILED(HttpStatus.INTERNAL_SERVER_ERROR.value(), "파일 삭제에 실패했습니다");
private final int statusCode; private final int statusCode;
private final String description; private final String description;

10
src/main/java/com/bio/bio_backend/global/constants/AppConstants.java Normal file
View File

@@ -0,0 +1,10 @@
package com.bio.bio_backend.global.constants;
public class AppConstants {
public static final String TABLE_PREFIX = "st_";
// 관리자 관련 상수
public static final Long ADMIN_OID = 1000000000000000L;
public static final String ADMIN_USER_ID = "admin";
public static final String ADMIN_NAME = "시스템관리자";
}

8
src/main/java/com/bio/bio_backend/global/dto/ApiResponseDto.java
View File

@@ -30,9 +30,17 @@ public class ApiResponseDto<T> {
return new ApiResponseDto<T>(SUCCESS, responseCode.name(), responseCode.getDescription(), data); return new ApiResponseDto<T>(SUCCESS, responseCode.name(), responseCode.getDescription(), data);
} }
public static <T> ApiResponseDto<T> success(ApiResponseCode responseCode) {
return new ApiResponseDto<T>(SUCCESS, responseCode.name(), responseCode.getDescription(), null);
}
public static <T> ApiResponseDto<T> fail(ApiResponseCode responseCode, T data) { public static <T> ApiResponseDto<T> fail(ApiResponseCode responseCode, T data) {
return new ApiResponseDto<T>(responseCode.getStatusCode(), responseCode.name(), responseCode.getDescription(), data); return new ApiResponseDto<T>(responseCode.getStatusCode(), responseCode.name(), responseCode.getDescription(), data);
} }
public static <T> ApiResponseDto<T> fail(ApiResponseCode responseCode) {
return new ApiResponseDto<T>(responseCode.getStatusCode(), responseCode.name(), responseCode.getDescription(), null);
}
} }

30
src/main/java/com/bio/bio_backend/global/entity/BaseEntity.java
View File

@@ -9,7 +9,7 @@ import org.springframework.data.jpa.domain.support.AuditingEntityListener;
import java.time.LocalDateTime; import java.time.LocalDateTime;
import static com.bio.bio_backend.global.utils.OidUtil.generateOid; import static com.bio.bio_backend.global.utils.OidUtils.generateOid;
/** /**
* 모든 엔티티가 상속받는 기본 엔티티 클래스 * 모든 엔티티가 상속받는 기본 엔티티 클래스
@@ -38,10 +38,38 @@ public abstract class BaseEntity {
@Column(name = "updated_oid") @Column(name = "updated_oid")
private Long updatedOid; private Long updatedOid;
@Column(name = "created_id", updatable = false)
private String createdId;
@Column(name = "updated_id")
private String updatedId;
@PrePersist @PrePersist
protected void onCreate() { protected void onCreate() {
if(this.oid == null) this.oid = generateOid(); if(this.oid == null) this.oid = generateOid();
if(this.createdOid != null && this.updatedOid == null) this.updatedOid = this.createdOid; if(this.createdOid != null && this.updatedOid == null) this.updatedOid = this.createdOid;
} }
/**
* 생성자 정보를 설정합니다.
* @param createdOid 생성자 OID
* @param createdId 생성자 ID
*/
public void setCreator(Long createdOid, String createdId) {
this.createdOid = createdOid;
this.createdId = createdId;
this.updatedOid = createdOid;
this.updatedId = createdId;
}
/**
* 수정자 정보를 설정합니다.
* @param updatedOid 수정자 OID
* @param updatedId 수정자 ID
*/
public void setUpdater(Long updatedOid, String updatedId) {
this.updatedOid = updatedOid;
this.updatedId = updatedId;
}
} }

10
src/main/java/com/bio/bio_backend/global/exception/CustomAuthenticationFailureHandler.java
View File

@@ -29,25 +29,21 @@ public class CustomAuthenticationFailureHandler implements AuthenticationFailure
@Override @Override
public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException { public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException {
log.info("exception : " + exception.toString());
response.setContentType(MediaType.APPLICATION_JSON_VALUE); response.setContentType(MediaType.APPLICATION_JSON_VALUE);
response.setCharacterEncoding("UTF-8"); response.setCharacterEncoding("UTF-8");
response.setStatus(HttpStatus.UNAUTHORIZED.value()); response.setStatus(HttpStatus.UNAUTHORIZED.value());
ApiResponseDto<String> apiResponse; ApiResponseDto<String> apiResponse;
if (exception instanceof UsernameNotFoundException) { if (exception instanceof UsernameNotFoundException) {
apiResponse = ApiResponseDto.fail(ApiResponseCode.USER_NOT_FOUND, null); apiResponse = ApiResponseDto.fail(ApiResponseCode.USER_NOT_FOUND);
} else if (exception instanceof BadCredentialsException) { } else if (exception instanceof BadCredentialsException) {
apiResponse = ApiResponseDto.fail(ApiResponseCode.COMMON_UNAUTHORIZED, null); apiResponse = ApiResponseDto.fail(ApiResponseCode.COMMON_UNAUTHORIZED);
} else { } else {
response.setStatus(HttpStatus.INTERNAL_SERVER_ERROR.value()); response.setStatus(HttpStatus.INTERNAL_SERVER_ERROR.value());
apiResponse = ApiResponseDto.fail(ApiResponseCode.COMMON_INTERNAL_SERVER_ERROR, null); apiResponse = ApiResponseDto.fail(ApiResponseCode.COMMON_INTERNAL_SERVER_ERROR);
} }
String jsonResponse = objectMapper.writeValueAsString(apiResponse); String jsonResponse = objectMapper.writeValueAsString(apiResponse);
response.getWriter().write(jsonResponse); response.getWriter().write(jsonResponse);
} }
} }

14
src/main/java/com/bio/bio_backend/global/exception/GlobalExceptionHandler.java
View File

@@ -8,13 +8,15 @@ import com.bio.bio_backend.global.dto.ApiResponseDto;
import com.bio.bio_backend.global.constants.ApiResponseCode; import com.bio.bio_backend.global.constants.ApiResponseCode;
import org.springframework.http.HttpStatus; import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity; import org.springframework.http.ResponseEntity;
import lombok.extern.slf4j.Slf4j;
@RestControllerAdvice @RestControllerAdvice
@Slf4j
public class GlobalExceptionHandler { public class GlobalExceptionHandler {
@ExceptionHandler(ApiException.class) @ExceptionHandler(ApiException.class)
public ResponseEntity<ApiResponseDto<Void>> handleApiException(ApiException e) { public ResponseEntity<ApiResponseDto<Void>> handleApiException(ApiException e) {
ApiResponseDto<Void> response = ApiResponseDto.fail(e.getResponseCode(), null); ApiResponseDto<Void> response = ApiResponseDto.fail(e.getResponseCode());
return ResponseEntity.status(e.getResponseCode().getStatusCode()).body(response); return ResponseEntity.status(e.getResponseCode().getStatusCode()).body(response);
} }
@@ -30,5 +32,13 @@ public class GlobalExceptionHandler {
} }
// 검증 오류 상세 정보를 위한 내부 클래스 // 검증 오류 상세 정보를 위한 내부 클래스
private record ValidationError(String field, String message) { } private record ValidationError(String field, String message) {}
@ExceptionHandler(Exception.class)
public ResponseEntity<ApiResponseDto<Void>> handleException(Exception e) {
log.error("Unexpected error occurred", e);
ApiResponseDto<Void> response = ApiResponseDto.fail(ApiResponseCode.COMMON_INTERNAL_SERVER_ERROR);
return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(response);
}
} }

41
src/main/java/com/bio/bio_backend/global/exception/JwtAccessDeniedHandler.java
View File

@@ -1,41 +0,0 @@
package com.bio.bio_backend.global.exception;
import java.io.IOException;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.http.MediaType;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerExceptionResolver;
import com.fasterxml.jackson.databind.ObjectMapper;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import com.bio.bio_backend.global.dto.ApiResponseDto;
import com.bio.bio_backend.global.constants.ApiResponseCode;
@Component
public class JwtAccessDeniedHandler implements AccessDeniedHandler {
private final HandlerExceptionResolver resolver;
public JwtAccessDeniedHandler(@Qualifier("handlerExceptionResolver") HandlerExceptionResolver resolver) {
this.resolver = resolver;
}
@Override
public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException {
Exception exception = (Exception) request.getAttribute("exception");
if (exception != null) {
resolver.resolveException(request, response, null, exception);
} else {
response.setStatus(HttpServletResponse.SC_FORBIDDEN);
response.setContentType(MediaType.APPLICATION_JSON_VALUE);
new ObjectMapper().writeValue(response.getWriter(), ApiResponseDto.fail(ApiResponseCode.COMMON_FORBIDDEN, null));
}
}
}

35
src/main/java/com/bio/bio_backend/global/exception/JwtAuthenticationEntryPoint.java
View File

@@ -1,35 +0,0 @@
package com.bio.bio_backend.global.exception;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerExceptionResolver;
import java.io.IOException;
@Component
@Slf4j
public class JwtAuthenticationEntryPoint implements AuthenticationEntryPoint {
private final HandlerExceptionResolver resolver;
public JwtAuthenticationEntryPoint(@Qualifier("handlerExceptionResolver") HandlerExceptionResolver resolver) {
this.resolver = resolver;
}
@Override
public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException {
Exception exception = (Exception) request.getAttribute("exception");
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
if (exception == null) {
return;
}
resolver.resolveException(request, response, null, exception);
}
}

82
src/main/java/com/bio/bio_backend/global/security/JwtAuthenticationFilter.java → src/main/java/com/bio/bio_backend/global/filter/JwtTokenIssuanceFilter.java
View File

@@ -1,25 +1,24 @@
package com.bio.bio_backend.global.security; package com.bio.bio_backend.global.filter;
import com.fasterxml.jackson.databind.ObjectMapper; import com.fasterxml.jackson.databind.ObjectMapper;
import jakarta.servlet.FilterChain; import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException; import jakarta.servlet.ServletException;
import jakarta.servlet.http.Cookie;
import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse; import jakarta.servlet.http.HttpServletResponse;
import com.bio.bio_backend.global.dto.ApiResponseDto; import com.bio.bio_backend.global.dto.ApiResponseDto;
import com.bio.bio_backend.domain.user.member.dto.LoginRequestDto; import com.bio.bio_backend.domain.base.member.dto.LoginRequestDto;
import com.bio.bio_backend.domain.user.member.dto.LoginResponseDto; import com.bio.bio_backend.domain.base.member.dto.LoginResponseDto;
import com.bio.bio_backend.domain.user.member.dto.MemberDto; import com.bio.bio_backend.domain.base.member.dto.MemberDto;
import com.bio.bio_backend.domain.user.member.service.MemberService; import com.bio.bio_backend.domain.base.member.service.MemberService;
import com.bio.bio_backend.global.constants.ApiResponseCode; import com.bio.bio_backend.global.constants.ApiResponseCode;
import com.bio.bio_backend.global.utils.JwtUtils; import com.bio.bio_backend.global.utils.JwtUtils;
import com.bio.bio_backend.global.utils.HttpUtils;
import lombok.RequiredArgsConstructor; import lombok.RequiredArgsConstructor;
import lombok.SneakyThrows;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
import org.springframework.core.env.Environment;
import org.springframework.http.HttpStatus; import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType; import org.springframework.http.MediaType;
import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication; import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.AuthenticationException;
@@ -31,36 +30,29 @@ import org.springframework.security.web.authentication.UsernamePasswordAuthentic
import java.io.IOException; import java.io.IOException;
import java.time.LocalDateTime; import java.time.LocalDateTime;
import java.util.Objects;
@RequiredArgsConstructor @RequiredArgsConstructor
@Slf4j @Slf4j
public class JwtAuthenticationFilter extends UsernamePasswordAuthenticationFilter { public class JwtTokenIssuanceFilter extends UsernamePasswordAuthenticationFilter {
private final AuthenticationManager authenticationManager; private final AuthenticationManager authenticationManager;
private final MemberService memberService;
private final JwtUtils jwtUtils; private final JwtUtils jwtUtils;
private final Environment env; private final ObjectMapper objectMapper;
private final MemberService memberService;
private final HttpUtils httpUtils;
// 사용자 login 인증 처리 // 사용자 login 인증 처리
@SneakyThrows
@Override @Override
public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException {
throws AuthenticationException { try {
LoginRequestDto requestDto = new ObjectMapper().readValue(request.getInputStream(), LoginRequestDto.class);
UsernamePasswordAuthenticationToken authToken = new UsernamePasswordAuthenticationToken(
requestDto.getUserId(), requestDto.getPassword());
LoginRequestDto requestDto = new ObjectMapper().readValue(request.getInputStream(), LoginRequestDto.class); return authenticationManager.authenticate(authToken);
} catch (IOException e) {
// UsernamePasswordAuthenticationToken authToken; throw new AuthenticationServiceException("로그인 요청 파싱 중 오류가 발생했습니다", e);
UsernamePasswordAuthenticationToken authToken = new UsernamePasswordAuthenticationToken(requestDto.getUserId(), requestDto.getPassword());
/*
if (req.getLoginLogFlag() == 1) {
authToken = new UsernamePasswordAuthenticationToken("admin2", "test123!"); // 비밀번호는 실제 비밀번호로 설정해야
} else {
throw new AuthenticationServiceException("login fail");
} }
*/
return authenticationManager.authenticate(authToken);
} }
// 사용자 인증 성공 token 발급 // 사용자 인증 성공 token 발급
@@ -69,36 +61,22 @@ public class JwtAuthenticationFilter extends UsernamePasswordAuthenticationFilte
FilterChain chain, Authentication authResult) throws IOException, ServletException { FilterChain chain, Authentication authResult) throws IOException, ServletException {
UserDetails userDetails = (UserDetails) authResult.getPrincipal(); UserDetails userDetails = (UserDetails) authResult.getPrincipal();
MemberDto member = (MemberDto) userDetails; MemberDto member = (MemberDto) userDetails;
String accessToken = jwtUtils.generateToken(member.getUserId(), member.getRole().getValue(), // 토큰 생성
Long.parseLong(Objects.requireNonNull(env.getProperty("token.expiration_time_access")))); String accessToken = jwtUtils.createAccessToken(member.getUserId(), member.getRole().getValue());
String refreshToken = jwtUtils.createRefreshToken(member.getUserId(), member.getRole().getValue());
String refreshToken = jwtUtils.generateToken(member.getUserId(), member.getRole().getValue(),
Long.parseLong(Objects.requireNonNull(env.getProperty("token.expiration_time_refresh"))));
member.setRefreshToken(refreshToken); member.setRefreshToken(refreshToken);
member.setLoginIp(httpUtils.getClientIp());
member.setLastLoginAt(LocalDateTime.now()); member.setLastLoginAt(LocalDateTime.now());
memberService.updateMember(member);
memberService.updateRefreshToken(member);
// Refresh 토큰 쿠키 저장 // Refresh 토큰 쿠키 저장
Cookie refreshTokenCookie = new Cookie("RefreshToken", refreshToken); jwtUtils.setRefreshTokenCookie(response, refreshToken);
refreshTokenCookie.setHttpOnly(true);
refreshTokenCookie.setSecure(false);
refreshTokenCookie.setPath("/");
refreshTokenCookie.setMaxAge(Integer.parseInt(env.getProperty("token.expiration_time_refresh")));
// JWT 토큰 전달 // Access 토큰 전달
response.setHeader("Authorization", "Bearer " + accessToken); response.setHeader("Authorization", "Bearer " + accessToken);
// response.addCookie(refreshTokenCookie);
response.addHeader("Set-Cookie",
String.format("%s=%s; HttpOnly; Secure; Path=/; Max-Age=%d; SameSite=None",
refreshTokenCookie.getName(),
refreshTokenCookie.getValue(),
refreshTokenCookie.getMaxAge()));
SecurityContextHolderStrategy contextHolder = SecurityContextHolder.getContextHolderStrategy(); SecurityContextHolderStrategy contextHolder = SecurityContextHolder.getContextHolderStrategy();
SecurityContext context = contextHolder.createEmptyContext(); SecurityContext context = contextHolder.createEmptyContext();
@@ -112,8 +90,10 @@ public class JwtAuthenticationFilter extends UsernamePasswordAuthenticationFilte
// login 성공 메시지 전송 // login 성공 메시지 전송
response.setStatus(HttpStatus.OK.value()); response.setStatus(HttpStatus.OK.value());
response.setContentType(MediaType.APPLICATION_JSON_VALUE); response.setContentType(MediaType.APPLICATION_JSON_VALUE + ";charset=UTF-8");
new ObjectMapper().writeValue(response.getWriter(), objectMapper.writeValue(
ApiResponseDto.success(ApiResponseCode.LOGIN_SUCCESSFUL, memberData)); response.getWriter(),
ApiResponseDto.success(ApiResponseCode.LOGIN_SUCCESSFUL, memberData)
);
} }
} }

131
src/main/java/com/bio/bio_backend/global/filter/JwtTokenValidationFilter.java Normal file
View File

@@ -0,0 +1,131 @@
package com.bio.bio_backend.global.filter;
import java.io.IOException;
import java.util.Objects;
import org.springframework.core.env.Environment;
import org.springframework.http.MediaType;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
import org.springframework.web.filter.OncePerRequestFilter;
import com.fasterxml.jackson.databind.ObjectMapper;
import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import com.bio.bio_backend.global.dto.ApiResponseDto;
import com.bio.bio_backend.domain.base.member.service.MemberService;
import com.bio.bio_backend.global.constants.ApiResponseCode;
import com.bio.bio_backend.global.utils.JwtUtils;
import com.bio.bio_backend.global.config.SecurityPathConfig;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
@RequiredArgsConstructor
@Slf4j
public class JwtTokenValidationFilter extends OncePerRequestFilter {
private final JwtUtils jwtUtils;
private final MemberService memberService;
private final Environment env;
private final SecurityPathConfig securityPathConfig;
@Override
protected boolean shouldNotFilter(HttpServletRequest request) throws ServletException {
String path = request.getRequestURI();
String contextPath = env.getProperty("server.servlet.context-path", "");
return securityPathConfig.isPermittedPath(path, contextPath);
}
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
FilterChain filterChain) throws ServletException, IOException {
log.debug("JWT 토큰 검증 필터 실행 - URI: {}", request.getRequestURI());
String accessToken = jwtUtils.extractAccessJwtFromRequest(request);
String refreshToken = jwtUtils.extractRefreshJwtFromCookie(request);
// Access Token이 있고 유효한 경우
if (accessToken != null && jwtUtils.validateAccessToken(accessToken)) {
String username = jwtUtils.extractUsername(accessToken);
UserDetails userDetails = memberService.loadUserByUsername(username);
if (userDetails != null) {
UsernamePasswordAuthenticationToken authentication =
new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
SecurityContextHolder.getContext().setAuthentication(authentication);
log.debug("Access Token 인증 성공: {}", username);
filterChain.doFilter(request, response);
return;
}
}
// Access Token이 없거나 만료된 경우, Refresh Token으로 갱신 시도
if (refreshToken != null) {
// 1. Refresh Token 유효성 검증
if (!jwtUtils.isValidRefreshToken(refreshToken)) {
log.warn("Refresh Token이 유효하지 않습니다. URI: {}", request.getRequestURI());
sendJsonResponse(response, ApiResponseDto.fail(ApiResponseCode.JWT_TOKEN_EXPIRED));
return;
}
// 2. IP 주소 검증
if (!jwtUtils.isValidClientIp(refreshToken, request.getRemoteAddr())) {
log.warn("클라이언트 IP 주소가 일치하지 않습니다. URI: {}, IP: {}",
request.getRequestURI(), request.getRemoteAddr());
sendJsonResponse(response, ApiResponseDto.fail(ApiResponseCode.INVALID_CLIENT_IP));
return;
}
// 모든 검증을 통과한 경우 토큰 갱신 진행
String username = jwtUtils.extractUsername(refreshToken);
String role = jwtUtils.extractRole(refreshToken);
// 새로운 Access Token 생성
String newAccessToken = jwtUtils.generateToken(username, role,
Long.parseLong(Objects.requireNonNull(env.getProperty("token.expiration_time_access"))));
// 새로운 Access Token을 응답 헤더에 설정
response.setHeader("Authorization", "Bearer " + newAccessToken);
// Refresh Token 갱신
String newRefreshToken = jwtUtils.refreshTokens(username, role);
jwtUtils.setRefreshTokenCookie(response, newRefreshToken);
// 인증 정보 설정
UserDetails userDetails = memberService.loadUserByUsername(username);
if (userDetails != null) {
UsernamePasswordAuthenticationToken authentication =
new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
SecurityContextHolder.getContext().setAuthentication(authentication);
}
log.info("토큰 자동 갱신 성공: {}", username);
filterChain.doFilter(request, response);
return;
}
// 토큰이 없거나 모두 유효하지 않은 경우
log.warn("유효한 JWT 토큰이 없습니다. URI: {}", request.getRequestURI());
sendJsonResponse(response, ApiResponseDto.fail(ApiResponseCode.JWT_TOKEN_NULL));
}
private void sendJsonResponse(HttpServletResponse response, ApiResponseDto<?> apiResponse) throws IOException {
response.setContentType(MediaType.APPLICATION_JSON_VALUE);
response.setCharacterEncoding("UTF-8");
response.setStatus(apiResponse.getCode());
ObjectMapper objectMapper = new ObjectMapper();
String jsonResponse = objectMapper.writeValueAsString(apiResponse);
response.getWriter().write(jsonResponse);
}
}

4
src/main/java/com/bio/bio_backend/global/security/UriAllowFilter.java → src/main/java/com/bio/bio_backend/global/filter/UriAllowFilter.java
View File

@@ -1,11 +1,9 @@
package com.bio.bio_backend.global.security; package com.bio.bio_backend.global.filter;
import java.util.Arrays;
import java.util.regex.Pattern; import java.util.regex.Pattern;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletRequest;

102
src/main/java/com/bio/bio_backend/global/security/JwtTokenFilter.java
View File

@@ -1,102 +0,0 @@
package com.bio.bio_backend.global.security;
import java.io.IOException;
import java.util.Objects;
import org.springframework.core.env.Environment;
import org.springframework.http.MediaType;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
import org.springframework.web.filter.OncePerRequestFilter;
import com.fasterxml.jackson.databind.ObjectMapper;
import io.jsonwebtoken.ExpiredJwtException;
import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import com.bio.bio_backend.global.dto.ApiResponseDto;
import com.bio.bio_backend.domain.user.member.service.MemberService;
import com.bio.bio_backend.global.constants.ApiResponseCode;
import com.bio.bio_backend.global.utils.JwtUtils;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
@RequiredArgsConstructor
@Slf4j
public class JwtTokenFilter extends OncePerRequestFilter {
private final JwtUtils jwtUtils;
private final MemberService memberService;
private final Environment env;
private final UriAllowFilter uriAllowFilter;
@Override
protected boolean shouldNotFilter(HttpServletRequest request) throws ServletException {
return uriAllowFilter.authExceptionAllow(request);
}
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
FilterChain filterChain) throws ServletException, IOException {
String accessToken = jwtUtils.extractAccessJwtFromRequest(request);
String refreshToken = jwtUtils.extractRefreshJwtFromCookie(request);
if(accessToken == null){
sendJsonResponse(response, ApiResponseDto.fail(ApiResponseCode.JWT_TOKEN_NULL, null));
return;
}
try {
// 토큰 유효성 검사
try {
if (jwtUtils.validateAccessToken(accessToken)) {
String username = jwtUtils.extractUsername(accessToken);
UserDetails userDetails = memberService.loadUserByUsername(username);
if (userDetails != null) {
UsernamePasswordAuthenticationToken authentication =
new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
SecurityContextHolder.getContext().setAuthentication(authentication);
filterChain.doFilter(request, response);
return;
}
}
} catch (ExpiredJwtException ignored) {
// Access Token이 만료된 경우에만 ignored >> Refresh Token 검증 수행
}
// Refresh Token 유효성 검사
if (refreshToken != null && jwtUtils.validateRefreshToken(refreshToken)) {
String username = jwtUtils.extractUsername(refreshToken);
String role = (String) jwtUtils.extractAllClaims(refreshToken).get("role");
String newAccessToken = jwtUtils.generateToken(username, role,
Long.parseLong(Objects.requireNonNull(env.getProperty("token.expiration_time_access"))));
// 새로운 Access Token을 응답 헤더에 설정
response.setHeader("Authorization", "Bearer " + newAccessToken);
filterChain.doFilter(request, response);
} else {
sendJsonResponse(response, ApiResponseDto.fail(ApiResponseCode.ALL_TOKEN_INVALID, null));
}
} catch (Exception e) {
request.setAttribute("exception", e);
}
filterChain.doFilter(request, response);
}
private void sendJsonResponse(HttpServletResponse response, ApiResponseDto<?> apiResponse) throws IOException {
response.setContentType(MediaType.APPLICATION_JSON_VALUE);
response.setCharacterEncoding("UTF-8");
response.setStatus(apiResponse.getCode());
ObjectMapper objectMapper = new ObjectMapper();
String jsonResponse = objectMapper.writeValueAsString(apiResponse);
response.getWriter().write(jsonResponse);
}
}

73
src/main/java/com/bio/bio_backend/global/security/WebSecurity.java
View File

@@ -1,5 +1,7 @@
package com.bio.bio_backend.global.security; package com.bio.bio_backend.global.security;
import com.bio.bio_backend.global.filter.JwtTokenIssuanceFilter;
import com.bio.bio_backend.global.filter.JwtTokenValidationFilter;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.core.env.Environment; import org.springframework.core.env.Environment;
@@ -8,22 +10,19 @@ import org.springframework.security.config.annotation.authentication.builders.Au
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.web.filter.CorsFilter;
import com.fasterxml.jackson.databind.ObjectMapper; import com.fasterxml.jackson.databind.ObjectMapper;
import jakarta.servlet.Filter;
//import com.bio.bio_backend.domain.common.service.AccessLogService; import com.bio.bio_backend.domain.base.member.service.MemberService;
import com.bio.bio_backend.domain.user.member.service.MemberService;
import com.bio.bio_backend.global.exception.CustomAuthenticationFailureHandler; import com.bio.bio_backend.global.exception.CustomAuthenticationFailureHandler;
import com.bio.bio_backend.global.exception.JwtAccessDeniedHandler;
import com.bio.bio_backend.global.exception.JwtAuthenticationEntryPoint;
//import com.bio.bio_backend.global.filter.HttpLoggingFilter;
import com.bio.bio_backend.global.utils.HttpUtils;
import com.bio.bio_backend.global.utils.JwtUtils; import com.bio.bio_backend.global.utils.JwtUtils;
import com.bio.bio_backend.global.utils.HttpUtils;
import com.bio.bio_backend.global.config.SecurityPathConfig;
import lombok.RequiredArgsConstructor; import lombok.RequiredArgsConstructor;
@Configuration @Configuration
@@ -34,27 +33,23 @@ public class WebSecurity {
private final MemberService memberService; private final MemberService memberService;
private final BCryptPasswordEncoder bCryptPasswordEncoder; private final BCryptPasswordEncoder bCryptPasswordEncoder;
private final JwtUtils jwtUtils; private final JwtUtils jwtUtils;
// private final AccessLogService accessLogService;
private final CorsFilter corsFilter;
private final ObjectMapper objectMapper; private final ObjectMapper objectMapper;
private final HttpUtils httpUtils;
private final Environment env; private final Environment env;
private final JwtAuthenticationEntryPoint jwtAuthenticationEntryPoint; private final SecurityPathConfig securityPathConfig;
private final JwtAccessDeniedHandler jwtAccessDeniedHandler; private final HttpUtils httpUtils;
private final UriAllowFilter uriAllowFilter;
private JwtAuthenticationFilter getJwtAuthenticationFilter(AuthenticationManager authenticationManager) throws Exception { private JwtTokenIssuanceFilter getJwtTokenIssuanceFilter(AuthenticationManager authenticationManager) throws Exception {
JwtAuthenticationFilter filter = new JwtAuthenticationFilter(authenticationManager, memberService, jwtUtils, env); JwtTokenIssuanceFilter filter = new JwtTokenIssuanceFilter(authenticationManager, jwtUtils, objectMapper, memberService, httpUtils);
filter.setFilterProcessesUrl("/login"); // 로그인 EndPoint filter.setFilterProcessesUrl("/login");
filter.setAuthenticationFailureHandler(new CustomAuthenticationFailureHandler(objectMapper)); filter.setAuthenticationFailureHandler(new CustomAuthenticationFailureHandler(objectMapper));
return filter; return filter;
} }
private Filter getJwtTokenFilter() { private JwtTokenValidationFilter getJwtTokenValidationFilter() {
return new JwtTokenFilter(jwtUtils, memberService, env, uriAllowFilter); return new JwtTokenValidationFilter(jwtUtils, memberService, env, securityPathConfig);
} }
@Bean @Bean
SecurityFilterChain filterChain(HttpSecurity http) throws Exception { SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
@@ -66,35 +61,25 @@ public class WebSecurity {
AuthenticationManager authenticationManager = authenticationManagerBuilder.build(); AuthenticationManager authenticationManager = authenticationManagerBuilder.build();
// 설정 파일에서 허용할 경로 가져오기
String[] permitAllPaths = securityPathConfig.getPermitAllPaths().toArray(new String[0]);
http.csrf(AbstractHttpConfigurer::disable) //csrf 비활성화 http.csrf(AbstractHttpConfigurer::disable) //csrf 비활성화
.authorizeHttpRequests(request -> //request 허용 설정 .authorizeHttpRequests(request -> //request 허용 설정
request request
.anyRequest().permitAll() // 모든 요청 허용 .requestMatchers(permitAllPaths).permitAll() // 설정 파일에서 허용할 경로
// .requestMatchers("/ws/**").permitAll() .anyRequest().authenticated() // 나머지 요청은 인증 필요
// .requestMatchers("/admin/**", "/join").hasAnyAuthority(MemberConstants.ROLE_ADMIN)
// .requestMatchers("/member/**").hasAnyAuthority(MemberConstants.ROLE_MEMBER)
// .anyRequest().authenticated()
) )
.authenticationManager(authenticationManager) .authenticationManager(authenticationManager)
.sessionManagement(session ->
session.sessionCreationPolicy(SessionCreationPolicy.STATELESS) // 세션 사용 안함
)
.logout(AbstractHttpConfigurer::disable); .logout(AbstractHttpConfigurer::disable);
http
// 예외 처리 핸들링 // 1단계: JWT 토큰 발급 필터 (로그인 요청 처리 및 토큰 발급)
http.exceptionHandling((exceptionConfig) -> .addFilterBefore(getJwtTokenIssuanceFilter(authenticationManager), UsernamePasswordAuthenticationFilter.class)
exceptionConfig // 2단계: JWT 토큰 검증 필터 (자동 토큰 갱신 포함)
.authenticationEntryPoint(jwtAuthenticationEntryPoint) .addFilterBefore(getJwtTokenValidationFilter(), UsernamePasswordAuthenticationFilter.class);
.accessDeniedHandler(jwtAccessDeniedHandler)
);
// http
// .addFilterBefore(corsFilter, UsernamePasswordAuthenticationFilter.class)
// .addFilterBefore(new HttpLoggingFilter(accessLogService, httpUtils), UsernamePasswordAuthenticationFilter.class)
// .addFilterBefore(getJwtAuthenticationFilter(authenticationManager), UsernamePasswordAuthenticationFilter.class)
// .addFilterBefore(getJwtTokenFilter(), UsernamePasswordAuthenticationFilter.class);
// .sessionManagement(httpSecuritySessionManagementConfigurer -> //Session 사용 X
// httpSecuritySessionManagementConfigurer.sessionCreationPolicy(SessionCreationPolicy.STATELESS));
return http.build(); return http.build();
} }

4
src/main/java/com/bio/bio_backend/global/utils/CustomIdGenerator.java
View File

@@ -5,14 +5,12 @@ import java.io.Serializable;
import org.hibernate.engine.spi.SharedSessionContractImplementor; import org.hibernate.engine.spi.SharedSessionContractImplementor;
import org.hibernate.id.IdentifierGenerator; import org.hibernate.id.IdentifierGenerator;
import com.bio.bio_backend.global.utils.OidUtil;
public class CustomIdGenerator implements IdentifierGenerator { public class CustomIdGenerator implements IdentifierGenerator {
private static final long serialVersionUID = 1L; private static final long serialVersionUID = 1L;
@Override @Override
public Serializable generate(SharedSessionContractImplementor session, Object object) { public Serializable generate(SharedSessionContractImplementor session, Object object) {
return OidUtil.generateOid(); // 재사용 return OidUtils.generateOid(); // 재사용
} }
} }

137
src/main/java/com/bio/bio_backend/global/utils/FileUtils.java Normal file
View File

@@ -0,0 +1,137 @@
package com.bio.bio_backend.global.utils;
import org.springframework.util.StringUtils;
import org.springframework.web.multipart.MultipartFile;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.time.LocalDate;
import java.time.format.DateTimeFormatter;
import java.util.UUID;
import org.springframework.stereotype.Component;
import lombok.RequiredArgsConstructor;
import com.bio.bio_backend.domain.base.file.dto.FileUploadDto;
import com.bio.bio_backend.domain.base.file.dto.FileUploadResponseDto;
import com.bio.bio_backend.domain.base.file.dto.MultipleFileUploadRequestDto;
import com.bio.bio_backend.domain.base.file.dto.MultipleFileUploadResponseDto;
import com.bio.bio_backend.domain.base.file.service.FileService;
import java.util.List;
import com.bio.bio_backend.domain.base.file.dto.FileUploadRequestDto;
/**
* 파일 관련 유틸리티 클래스
*/
@Component
@RequiredArgsConstructor
public class FileUtils {
private final FileService fileService;
/**
* 파일 유효성 검사
*/
public static void validateFile(MultipartFile multipartFile) {
if (multipartFile == null || multipartFile.isEmpty()) {
throw new IllegalArgumentException("업로드할 파일이 없습니다.");
}
}
/**
* 파일 리스트 유효성 검사
*/
public static void validateFileList(java.util.List<MultipartFile> files) {
if (files == null || files.isEmpty()) {
throw new IllegalArgumentException("업로드할 파일이 없습니다.");
}
}
/**
* 년월 기반 업로드 디렉토리 생성
* 예: uploads/2024/01/
*/
public static Path createYearMonthUploadDirectory(String baseUploadPath) throws IOException {
LocalDate today = LocalDate.now();
String yearMonth = today.format(DateTimeFormatter.ofPattern("yyyy/MM"));
Path yearMonthPath = Paths.get(baseUploadPath, yearMonth);
if (!Files.exists(yearMonthPath)) {
Files.createDirectories(yearMonthPath);
}
return yearMonthPath;
}
/**
* 파일 확장자 추출
*/
public static String extractFileExtension(String originalFileName) {
if (originalFileName == null || !originalFileName.contains(".")) {
return "";
}
return originalFileName.substring(originalFileName.lastIndexOf("."));
}
/**
* 고유한 파일명 생성
*/
public static String generateUniqueFileName(String fileExtension) {
return UUID.randomUUID().toString() + fileExtension;
}
/**
* 파일을 디스크에 저장
*/
public static Path saveFileToDisk(MultipartFile multipartFile, Path uploadDir, String storedFileName) throws IOException {
Path targetLocation = uploadDir.resolve(storedFileName);
Files.copy(multipartFile.getInputStream(), targetLocation, java.nio.file.StandardCopyOption.REPLACE_EXISTING);
return targetLocation;
}
/**
* 원본 파일명 정리 (경로 정보 제거)
*/
public static String cleanFileName(String originalFileName) {
return StringUtils.cleanPath(originalFileName);
}
/**
* 파일 업로드 (단일/다중 파일 모두 지원)
* 사용 예시:
* // 단일 파일 업로드
* FileUploadDto fileResult = fileUtils.uploadFile(
* requestDto.getFile(),
* "프로필 이미지"
* );
* member.setFileGroupId(fileResult.getGroupOid());
* // 다중 파일 업로드
* FileUploadDto filesResult = fileUtils.uploadFiles(
* requestDto.getFiles(),
* "게시판 첨부파일: " + board.getTitle()
* );
* board.setFileGroupId(filesResult.getGroupOid());
*/
public FileUploadDto uploadFile(MultipartFile file, String description) {
// 단일 파일도 List로 감싸서 다중 파일 업로드 방식 사용
List<MultipartFile> files = List.of(file);
return uploadFiles(files, description);
}
public FileUploadDto uploadFiles(List<MultipartFile> files, String description) {
MultipleFileUploadRequestDto requestDto = MultipleFileUploadRequestDto.builder()
.files(files)
.description(description)
.build();
MultipleFileUploadResponseDto response = fileService.uploadMultipleFiles(requestDto);
return FileUploadDto.builder()
.groupOid(response.getGroupOid())
.files(response.getFiles())
.totalCount(response.getTotalCount())
.successCount(response.getSuccessCount())
.failureCount(response.getFailureCount())
.errorMessages(response.getErrorMessages())
.build();
}
}

122
src/main/java/com/bio/bio_backend/global/utils/JwtUtils.java
View File

@@ -6,15 +6,18 @@ import io.jsonwebtoken.io.Decoders;
import io.jsonwebtoken.security.Keys; import io.jsonwebtoken.security.Keys;
import jakarta.servlet.http.Cookie; import jakarta.servlet.http.Cookie;
import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletRequest;
import com.bio.bio_backend.domain.user.member.service.MemberService; import jakarta.servlet.http.HttpServletResponse;
import com.bio.bio_backend.domain.base.member.service.MemberService;
import lombok.RequiredArgsConstructor; import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Value; import org.springframework.beans.factory.annotation.Value;
import org.springframework.core.env.Environment;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils; import org.springframework.util.StringUtils;
import javax.crypto.SecretKey; import javax.crypto.SecretKey;
import java.util.Date; import java.util.Date;
import java.util.Objects;
@Component @Component
@RequiredArgsConstructor @RequiredArgsConstructor
@@ -22,6 +25,7 @@ import java.util.Date;
public class JwtUtils { public class JwtUtils {
private final MemberService memberService; private final MemberService memberService;
private final Environment env;
@Value("${token.secret_key}") @Value("${token.secret_key}")
private String SECRET_KEY; private String SECRET_KEY;
@@ -45,12 +49,82 @@ public class JwtUtils {
// Token 검증 // Token 검증
public Boolean validateAccessToken(String token) { public Boolean validateAccessToken(String token) {
return isTokenExpired(token); try {
return isTokenExpired(token);
} catch (io.jsonwebtoken.ExpiredJwtException e) {
log.debug("Access Token 만료: {}", e.getMessage());
return false;
} catch (Exception e) {
log.debug("Access Token 검증 실패: {}", e.getMessage());
return false;
}
} }
public Boolean validateRefreshToken(String token) { // Refresh Token 생성 시 IP 정보 포함
String saveToken = memberService.getRefreshToken(extractUsername(token)); public String createRefreshToken(String username, String role, String clientIp) {
return (saveToken.equals(token) && isTokenExpired(token)); return generateToken(username, role, clientIp,
Long.parseLong(Objects.requireNonNull(env.getProperty("token.expiration_time_refresh"))));
}
// IP 정보를 포함한 토큰 생성
public String generateToken(String username, String role, String clientIp, long expirationTime) {
return Jwts.builder()
.subject(username)
.claim("role", role)
.claim("ip", clientIp) // IP 정보 추가
.issuedAt(new Date(System.currentTimeMillis()))
.expiration(new Date(System.currentTimeMillis() + expirationTime))
.signWith(getSigningKey())
.compact();
}
// IP 정보 추출
public String extractClientIp(String token) {
Claims claims = extractAllClaims(token);
return claims.get("ip", String.class);
}
// Refresh Token 검증 시 IP도 함께 검증
public Boolean validateRefreshToken(String token, String clientIp) {
// 1. 토큰 유효성 검증
if (!isValidRefreshToken(token)) {
return false;
}
// 2. IP 주소 검증
if (!isValidClientIp(token, clientIp)) {
return false;
}
return true;
}
// Refresh Token 유효성 검증 (토큰 일치, 만료 여부)
public Boolean isValidRefreshToken(String token) {
try {
String savedToken = memberService.getRefreshToken(extractUsername(token));
return savedToken.equals(token) && !isTokenExpired(token);
} catch (Exception e) {
log.debug("Refresh Token 검증 실패: {}", e.getMessage());
return false;
}
}
// 클라이언트 IP 주소 검증
public Boolean isValidClientIp(String token, String clientIp) {
try {
String tokenIp = extractClientIp(token);
boolean isValid = Objects.equals(tokenIp, clientIp);
if (!isValid) {
log.debug("IP 주소 불일치 - 토큰 IP: {}, 클라이언트 IP: {}", tokenIp, clientIp);
}
return isValid;
} catch (Exception e) {
log.debug("IP 주소 검증 실패: {}", e.getMessage());
return false;
}
} }
private boolean isTokenExpired(String token) { private boolean isTokenExpired(String token) {
@@ -60,6 +134,12 @@ public class JwtUtils {
public String extractUsername(String token) { public String extractUsername(String token) {
return extractAllClaims(token).getSubject(); return extractAllClaims(token).getSubject();
} }
// Role 정보 추출
public String extractRole(String token) {
Claims claims = extractAllClaims(token);
return claims.get("role", String.class);
}
public Claims extractAllClaims(String token) { public Claims extractAllClaims(String token) {
@@ -87,4 +167,36 @@ public class JwtUtils {
} }
return null; return null;
} }
// Access Token 생성
public String createAccessToken(String username, String role) {
return generateToken(username, role,
Long.parseLong(Objects.requireNonNull(env.getProperty("token.expiration_time_access"))));
}
// Refresh Token 생성
public String createRefreshToken(String username, String role) {
return generateToken(username, role,
Long.parseLong(Objects.requireNonNull(env.getProperty("token.expiration_time_refresh"))));
}
// Refresh Token 갱신 (Access Token 갱신 시 함께)
public String refreshTokens(String username, String role) {
// 새로운 Refresh Token 생성 및 DB 저장
String newRefreshToken = createRefreshToken(username, role);
log.info("Refresh Token 갱신 완료: {}", username);
return newRefreshToken;
}
// Refresh Token 쿠키 설정
public void setRefreshTokenCookie(HttpServletResponse response, String refreshToken) {
Cookie refreshTokenCookie = new Cookie("RefreshToken", refreshToken);
refreshTokenCookie.setHttpOnly(true);
refreshTokenCookie.setSecure(false);
refreshTokenCookie.setPath("/");
refreshTokenCookie.setMaxAge(Integer.parseInt(env.getProperty("token.expiration_time_refresh")));
response.addCookie(refreshTokenCookie);
}
} }

2
src/main/java/com/bio/bio_backend/global/utils/OidUtil.java → src/main/java/com/bio/bio_backend/global/utils/OidUtils.java
View File

@@ -2,7 +2,7 @@ package com.bio.bio_backend.global.utils;
import java.util.concurrent.atomic.AtomicInteger; import java.util.concurrent.atomic.AtomicInteger;
public class OidUtil { public class OidUtils {
private static final int MAX_SEQUENCE = 999; private static final int MAX_SEQUENCE = 999;
private static volatile Long lastTimestamp = null; private static volatile Long lastTimestamp = null;
private static AtomicInteger sequence = new AtomicInteger(0); private static AtomicInteger sequence = new AtomicInteger(0);

68
src/main/java/com/bio/bio_backend/global/utils/SecurityUtils.java Normal file
View File

@@ -0,0 +1,68 @@
package com.bio.bio_backend.global.utils;
import com.bio.bio_backend.domain.base.member.dto.MemberDto;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;
@Slf4j
@Component
public class SecurityUtils {
/**
* 현재 인증된 사용자의 Authentication 객체를 반환합니다.
* @return Authentication 객체
*/
public static Authentication getCurrentAuthentication() {
return SecurityContextHolder.getContext().getAuthentication();
}
/**
* 현재 인증된 사용자의 MemberDto를 반환합니다.
* @return MemberDto 객체
*/
public static MemberDto getCurrentMember() {
Authentication authentication = getCurrentAuthentication();
if (authentication != null && authentication.getPrincipal() instanceof MemberDto) {
return (MemberDto) authentication.getPrincipal();
}
return null;
}
/**
* 현재 인증된 사용자의 userId를 반환합니다.
* @return userId 문자열
*/
public static String getCurrentUserId() {
MemberDto member = getCurrentMember();
return member != null ? member.getUserId() : null;
}
/**
* 현재 인증된 사용자의 oid를 반환합니다.
* @return oid Long 값
*/
public static Long getCurrentUserOid() {
MemberDto member = getCurrentMember();
return member != null ? member.getOid() : null;
}
/**
* 현재 인증된 사용자가 로그인되어 있는지 확인합니다.
* @return 로그인 여부
*/
public static boolean isAuthenticated() {
Authentication authentication = getCurrentAuthentication();
return authentication != null && authentication.isAuthenticated();
}
/**
* 현재 인증된 사용자의 역할을 반환합니다.
* @return 역할 문자열
*/
public static String getCurrentUserRole() {
MemberDto member = getCurrentMember();
return member != null ? member.getRole().name() : null;
}
}

35
src/main/resources/application.properties
View File

@@ -19,10 +19,15 @@ spring.datasource.url=jdbc:postgresql://stam.kr:15432/imas
spring.datasource.username=imas_user spring.datasource.username=imas_user
spring.datasource.password=stam1201 spring.datasource.password=stam1201
spring.datasource.driver-class-name=org.postgresql.Driver spring.datasource.driver-class-name=org.postgresql.Driver
# 운영 환경 변수 설정 필요
# spring.datasource.url=${DB_URL:}
# spring.datasource.username=${DB_USERNAME:}
# spring.datasource.password=${DB_PASSWORD:}
# ======================================== # ========================================
# JPA/Hibernate 설정 # JPA/Hibernate 설정
# ======================================== # ========================================
# 개발 환경 설정
spring.jpa.hibernate.ddl-auto=none spring.jpa.hibernate.ddl-auto=none
spring.jpa.open-in-view=false spring.jpa.open-in-view=false
spring.jpa.show-sql=false spring.jpa.show-sql=false
@@ -30,6 +35,12 @@ spring.jpa.properties.hibernate.format_sql=true
spring.jpa.properties.hibernate.highlight_sql=true spring.jpa.properties.hibernate.highlight_sql=true
spring.jpa.properties.hibernate.use_sql_comments=false spring.jpa.properties.hibernate.use_sql_comments=false
# 배치 처리 설정
spring.jpa.properties.hibernate.default_batch_fetch_size=100
spring.jpa.properties.hibernate.jdbc.batch_size=100
spring.jpa.properties.hibernate.order_inserts=true
spring.jpa.properties.hibernate.order_updates=true
# 스키마 생성 설정 # 스키마 생성 설정
spring.jpa.properties.javax.persistence.schema-generation.scripts.action=create spring.jpa.properties.javax.persistence.schema-generation.scripts.action=create
spring.jpa.properties.javax.persistence.schema-generation.scripts.create-target=ddl/schema.sql spring.jpa.properties.javax.persistence.schema-generation.scripts.create-target=ddl/schema.sql
@@ -80,9 +91,13 @@ decorator.datasource.p6spy.log-format=%(sqlSingleLine)
# ======================================== # ========================================
# JWT 설정 # JWT 설정
# ======================================== # ========================================
token.expiration_time_access=180000 token.expiration_time_access=900000
token.expiration_time_refresh=604800000 token.expiration_time_refresh=86400000
token.secret_key=c3RhbV9qd3Rfc2VjcmV0X3Rva2Vuc3RhbV9qd3Rfc2VjcmV0X3RhbV9qd3Rfc2VjcmV0X3Rva2Vu token.secret_key=c3RhbV9qd3Rfc2VjcmV0X3Rva2Vuc3RhbV9qd3Rfc2VjcmV0X3RhbV9qd3Rfc2VjcmV0X3RhbV9qd3Rfc2VjcmV0X3Rva2Vu
# 운영 환경 변수 설정 필요
# token.secret_key=${JWT_SECRET_KEY:}
# ======================================== # ========================================
# Swagger 설정 # Swagger 설정
@@ -96,3 +111,17 @@ springdoc.swagger-ui.disable-swagger-default-url=true
springdoc.default-produces-media-type=application/json springdoc.default-produces-media-type=application/json
springdoc.default-consumes-media-type=application/json springdoc.default-consumes-media-type=application/json
# ========================================
# 보안 설정 - 허용할 경로
# ========================================
security.permit-all-paths=/login,/members/register,/swagger-ui/**,/swagger-ui.html,/swagger-ui/index.html,/api-docs,/api-docs/**,/v3/api-docs,/v3/api-docs/**,/ws/**
# 파일 업로드 설정
# ========================================
spring.servlet.multipart.enabled=true
spring.servlet.multipart.max-file-size=10MB
spring.servlet.multipart.max-request-size=10MB
spring.servlet.multipart.file-size-threshold=2KB
# 파일 저장 경로 설정
app.file.upload.path=./uploads/