[FEAT] JWT 인증 필터 및 검증 API 구현#62
Open
nuj1min wants to merge 1 commit into
Open
Conversation
yangjiae12
reviewed
Jul 16, 2026
yangjiae12
left a comment
Member
There was a problem hiding this comment.
개발 환경에서는 매번 소셜 로그인을 통해 Access Token을 발급받는 과정이 번거로울 수 있을 것 같습니다. 로컬 환경에서만 사용할 수 있는 테스트용 Access Token 발급 API를 두는 것도 개발 편의성 측면에서 고려해보면 좋을 것 같습니다!
|
|
||
| @Component | ||
| @RequiredArgsConstructor | ||
| public class JwtTokenProvider { |
Member
There was a problem hiding this comment.
JWT 생성 및 검증을 직접 구현해주셨는데, 추후 검증 로직까지 고려했을 때 jjwt와 같은 표준 라이브러리를 사용하는 방향도 고려해보면 좋을 것 같습니다!
Comment on lines
+35
to
+40
| user.getId(), | ||
| user.getEmail(), | ||
| user.getNickname(), | ||
| user.getRegion().getName(), | ||
| user.getRole(), | ||
| user.getProfileImage() |
Member
There was a problem hiding this comment.
해당 부분 UserConverter로 분리하면 좋을 거 같습니다
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
📌 PR 설명
Authorization: Bearer {accessToken}헤더를 파싱하여 토큰을 검증하도록 처리했습니다.SecurityContext에 저장하도록 구현했습니다.@AuthenticationPrincipal AuthUser로 현재 로그인 사용자를 조회할 수 있도록 구성했습니다.AUTH4011을 반환하도록 처리했습니다.🔗 연관된 이슈
Resolves: #61
📝 리뷰 요구사항
/api/v1/users/me,/api/v1/users/me/**,/api/v1/auth/logout으로 제한했습니다. 다른 API까지 확대할 범위가 적절한지 확인 부탁드립니다.SecurityContext에 저장하는 인증 객체를AuthUser(userId, role)형태로 구성했는데, 추후 확장에 적절한지 확인 부탁드립니다.💻 테스트 결과
./gradlew compileJava성공/api/v1/users/me호출 시AUTH4011응답 확인