관리자 인증, 인가 기능 구현 #36
Merged
관리자 인증, 인가 기능 구현 #36
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
suhongkim98
reviewed
Jun 22, 2025
src/main/java/com/aztgg/api/auth/infrastructure/RefreshTokenService.java
Outdated
Show resolved
Hide resolved
src/main/java/com/aztgg/api/global/security/SecurityConfig.java
Outdated
Show resolved
Hide resolved
suhongkim98
requested changes
Jun 29, 2025
src/main/java/com/aztgg/api/auth/infrastructure/CookieUtil.java
Outdated
Show resolved
Hide resolved
suhongkim98
reviewed
Jun 29, 2025
src/main/java/com/aztgg/api/global/security/JwtAuthenticationFilter.java
Outdated
Show resolved
Hide resolved
suhongkim98
reviewed
Jun 29, 2025
src/main/java/com/aztgg/api/auth/infrastructure/config/RestTemplateConfig.java
Outdated
Show resolved
Hide resolved
suhongkim98
reviewed
Jun 29, 2025
src/main/java/com/aztgg/api/auth/application/dto/response/UserResponse.java
Outdated
Show resolved
Hide resolved
suhongkim98
reviewed
Jun 29, 2025
src/main/java/com/aztgg/api/auth/application/RefreshTokenCookieService.java
Outdated
Show resolved
Hide resolved
src/main/java/com/aztgg/api/auth/infrastructure/RefreshTokenService.java
Show resolved
Hide resolved
suhongkim98
approved these changes
Jun 29, 2025
Contributor
suhongkim98
left a comment
suhongkim98
left a comment
There was a problem hiding this comment.
고생하셨습니다~
리베이스 후 머지 부탁드려요~!
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
주요 변경 사항
카카오 소셜 로그인 기반 인증 전략 적용
로컬 로그인과의 확장을 고려하여 전략 패턴으로 구현
추후 LocalAuthStrategy 등 추가 가능하도록 구조화
JWT 리프레시 토큰(RT) 쿠키 관리
refreshToken은 HttpOnly + Secure 옵션이 포함된 쿠키로 전달
프론트엔드 측에서는 액세스토큰만 관리하면 되도록 처리 → 보안성과 편의성 향상
#RTR 방식 적용 (Refresh Token Rotation)
accessToken 재발급 시 refreshToken도 함께 재발급
이전 RT 폐기 → 재사용 공격 방지
#JWT 기반 인증 방식
SecurityFilterChain에서 SessionCreationPolicy.STATELESS 설정으로 세션 미사용
oauth2ResourceServer().jwt()를 통해 JWT 기반 리소스 서버로 동작
JwtDecoder로 토큰 서명을 검증하고 유효성 검사
JwtAuthenticationConverter + JwtRoleConverter로 토큰의 클레임에서 권한(Role)을 추출해 Spring Security의 인증 객체 생성
다중디바이스를 고려한 JWT인증 / 인가 구현
이슈 닫음