Skip to content

[πŸ”€ merge] Spring Security 제거 및 μ»€μŠ€ν…€ 인증 체계 운영 μ„œλ²„ 적용 #290

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
jsoonworld merged 30 commits into from
Jul 15, 2025
Merged

[πŸ”€ merge] Spring Security 제거 및 μ»€μŠ€ν…€ 인증 체계 운영 μ„œλ²„ 적용 #290

jsoonworld merged 30 commits into from
Jul 15, 2025

Conversation

@jsoonworld
Copy link
Member

@jsoonworld jsoonworld commented Jul 15, 2025

πŸ“„ Work Description

  • Spring Security 제거 및 μ»€μŠ€ν…€ 인증 체계 운영 μ„œλ²„ 적용

jsoonworld added 30 commits July 13, 2025 21:19
@jsoonworld
feat : μ»€μŠ€ν…€ jwtProvider κ΅¬ν˜„
f5668e8
@jsoonworld
feat : νƒ€μž… 일치
1b33d0e
@jsoonworld
chore : jwt μ˜ˆμ™Έ 클래슀 νŒ¨ν‚€μ§€ 이동
5622913
@jsoonworld
feat : token dto κ΅¬ν˜„
c8f6f4a
@jsoonworld
feat : @AuthenticationPrincipal을 λŒ€μ²΄ν•  @Login μ–΄λ…Έν…Œμ΄μ…˜ 및 LoginUserArgument…
1da8ed9 
…Resolverλ₯Ό κ΅¬ν˜„
@jsoonworld
feat : λΉ„ν™œμ„±ν™” μƒνƒœλ‘œ μΆ”κ°€
74c4cbb
@jsoonworld
refactor(auth): Optional을 μ‚¬μš©ν•˜μ—¬ LoginCheckInterceptor 인증 둜직 κ°œμ„ 
13c57b6
@jsoonworld
feat(auth): LoginUserArgumentResolverμ—μ„œ μ›μ‹œ νƒ€μž… long 지원
b46596b
@jsoonworld
refactor(auth): JWT SecretKey 생성 둜직 κ°œμ„  및 μ±…μž„ 일원화
b8d8059
@jsoonworld
Merge branch 'feat/#278' into feat/#280
dcbbc0a
@jsoonworld
refactor : AuthService 둜직 톡합 및 λ¦¬νŒ©ν† λ§
55a59c1
@jsoonworld
refactor : AuthService 둜직 톡합 및 λ¦¬νŒ©ν† λ§μ— λ”°λ₯Έ λ³€κ²½
ac8507c
@jsoonworld
refactor : λˆ„λ½λœ authId μΆ”κ°€
321eab7
@jsoonworld
fix(auth): AuthService의 signUp 둜직 μˆœμ„œ 였λ₯˜ μˆ˜μ • 및 κ°œμ„ 
ec99d47
@jsoonworld
feat(user): UserSignedUpEventλ₯Ό record둜 μ „ν™˜ν•˜κ³  fcmToken μΆ”κ°€
8f74931
@jsoonworld
refactor(webhook): UserSignedUpEvent λ ˆμ½”λ“œ 변경에 λ”°λ₯Έ ν•Έλ“€λŸ¬ μˆ˜μ •
2651e5f
@jsoonworld
chore : μŠ€ν”„λ§ μ‹œνλ¦¬ν‹° μ˜μ‘΄μ„± 제거
8695ead
@jsoonworld
del : μŠ€ν”„λ§ μ‹œνλ¦¬ν‹°μ— μ‚¬μš©λœ jwt κ΄€λ ¨ 둜직 제거
2220283
@jsoonworld
refactor : μŠ€ν”„λ§ μ‹œνλ¦¬ν‹° μ–΄λ…Έν…Œμ΄μ…˜ μ μš•μ„ μ»€μŠ€ν…€ μ–΄λ…Έν…Œμ΄μ…˜μœΌλ‘œ μ „ν™˜
d97c7cd
@jsoonworld
refactor(auth): LoginCheckInterceptor 인터셉터 토큰 이쀑 처리 둜직 κ°œμ„ 
8536478
@jsoonworld
del : μ‚¬μš©ν•˜μ§€ μ•ŠλŠ” dto 제거
b702053
@jsoonworld
mrege : μ»€μŠ€ν…€ JWT Provider κ΅¬ν˜„
7fabe93 
Feat : μ»€μŠ€ν…€ JWT Provider κ΅¬ν˜„
@jsoonworld
merge : Interceptor 및 ArgumentResolver 기반 인증 λ§€μ»€λ‹ˆμ¦˜ κ΅¬ν˜„
7b1ace6 
Feat : Interceptor 및 ArgumentResolver 기반 인증 λ§€μ»€λ‹ˆμ¦˜ κ΅¬ν˜„
@jsoonworld
merge : AuthService 둜직 톡합 및 λ¦¬νŒ©ν† λ§
7ecbf15 
Refactor : AuthService 둜직 톡합 및 λ¦¬νŒ©ν† λ§
@jsoonworld
merge : μŠ€ν”„λ§ μ‹œνλ¦¬ν‹° μ˜μ‘΄μ„± 제거 및 μ»€μŠ€ν…€ 인증 μ „λ©΄ 적용
169d31b 
Feat : μŠ€ν”„λ§ μ‹œνλ¦¬ν‹° μ˜μ‘΄μ„± 제거 및 μ»€μŠ€ν…€ 인증 μ „λ©΄ 적용
@jsoonworld
feat: JWT μ‹œν¬λ¦Ώ ν‚€ Base64 인코딩 방식 볡원
97a1c00
@jsoonworld
refactor: JwtProviderλ₯Ό 단일 ν‚€ 처리 λ°©μ‹μœΌλ‘œ λ‹¨μˆœν™”
85a5c5a
@jsoonworld
refactor : μ—λŸ¬ λ©”μ‹œμ§€ μˆ˜μ •
e0889a3
@jsoonworld
merge : JWT ν‚€ 생성 및 검증 λ‘œμ§μ„ 이전 λ°©μ‹μœΌλ‘œ λ‘€λ°±
e05c6b8 
Refactor: JWT ν‚€ 생성 및 검증 λ‘œμ§μ„ 이전 λ°©μ‹μœΌλ‘œ λ‘€λ°±
@jsoonworld
merge : Spring Security 제거 및 μ»€μŠ€ν…€ 인증 체계 λ„μž…
0a22f01 
[πŸ”€ merge] Spring Security 제거 및 μ»€μŠ€ν…€ 인증 체계 λ„μž…
@jsoonworld jsoonworld requested a review from Copilot July 15, 2025 02:37
@jsoonworld jsoonworld self-assigned this Jul 15, 2025
@jsoonworld jsoonworld added πŸ”€ merge λ‹€λ₯Έ λΈŒλžœμΉ˜μ™€ 병합 🦊μž₯순🦊 labels Jul 15, 2025
@jsoonworld jsoonworld merged commit bddb53a into main Jul 15, 2025
4 of 6 checks passed
Copilot AI reviewed Jul 15, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR removes Spring Security and introduces a custom authentication system, refactors the authentication service, and updates related controllers and Swagger definitions to use a new @Login annotation and JWT-based interceptor.

  • Replaces Spring Security filters with LoginCheckInterceptor and LoginUserArgumentResolver, and consolidates CORS and argument resolver into WebConfig
  • Refactors AuthService to handle sign-in, sign-up, token reissue, and user sync operations in one service using JwtProvider
  • Updates controllers and Swagger interfaces to use @Login for injecting the authenticated user ID, replaces old DTOs, and removes deprecated JWT provider classes

Reviewed Changes

Copilot reviewed 76 out of 78 changed files in this pull request and generated 1 comment.

Show a summary per file
File Description
src/test/java/org/terning/terningserver/service/ScrapServiceTest.java Entire test file commented out instead of removal
src/main/java/org/terning/terningserver/common/config/WebConfig.java Adds custom MVC config, argument resolver, and interceptor setup
src/main/java/org/terning/terningserver/auth/application/AuthService.java Consolidates authentication operations and removes filter chains
src/main/java/org/terning/terningserver/scrap/api/ScrapController.java Endpoints updated to use @Login; removes Spring Security imports
src/main/java/org/terning/terningserver/user/domain/User.java Enhances User entity with refresh token validation and builder
Comments suppressed due to low confidence (3)

src/main/java/org/terning/terningserver/scrap/api/ScrapSwagger.java:31

  • The updateScrapColor Swagger interface uses @PathVariable long scrapId, but the controller mapping uses {internshipAnnouncementId}. Synchronize parameter names or path templates to avoid binding errors.
            @Login long userId,

src/main/java/org/terning/terningserver/search/api/SearchSwagger.java:31

  • In the Swagger interface, sortBy is required by default, but the controller parameter is required=false. Consider adding required=false or a default value in the Swagger annotation to match controller behavior.
            @RequestParam("sortBy") String sortBy, Pageable pageable

src/main/java/org/terning/terningserver/auth/common/exception/AuthErrorCode.java:11

  • [nitpick] Unlike JwtErrorCode, AuthErrorCode does not prepend the PREFIX to the message. Consider adding a getMessage() method that prepends PREFIX for consistency in error responses.
    USER_ALREADY_EXIST(HttpStatus.BAD_REQUEST, "μœ μ €κ°€ 이미 μ‘΄μž¬ν•©λ‹ˆλ‹€."),

src/test/java/org/terning/terningserver/service/ScrapServiceTest.java
}
}
}
//package org.terning.terningserver.service;
Copy link

Copilot AI Jul 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The entire test class has been commented out rather than deleted. If these tests are no longer needed, consider removing the file or migrating tests instead of leaving large commented blocks.

Copilot uses AI. Check for mistakes.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

@jsoonworld jsoonworld

Labels

πŸ”€ merge λ‹€λ₯Έ λΈŒλžœμΉ˜μ™€ 병합 size/XXL 🦊μž₯순🦊

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jsoonworld