{fix} 데이터베이스 변경 및 로그 추가

{fix} 데이터베이스 변경 및 로그 추가

Author: JayongLee

MathCaptain/weakness/build.gradle

@@ -35,6 +35,7 @@ dependencies {
 	implementation 'nz.net.ultraq.thymeleaf:thymeleaf-layout-dialect'
 	implementation 'io.jsonwebtoken:jjwt-api:0.12.3'
 	implementation 'commons-codec:commons-codec:1.5'
+	runtimeOnly 'mysql:mysql-connector-java:8.0.33'
 	implementation 'com.auth0:java-jwt:3.13.0'
 	runtimeOnly 'io.jsonwebtoken:jjwt-impl:0.12.3'
 	runtimeOnly 'io.jsonwebtoken:jjwt-jackson:0.12.3'

MathCaptain/weakness/src/main/java/MathCaptain/weakness/Chat/Chat.java

@@ -53,9 +53,7 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo
         response.setCharacterEncoding("UTF-8");
         response.setStatus(HttpServletResponse.SC_OK);
 
-        log.info( "로그인에 성공합니다. email: {}" , email);
-        log.info( "AccessToken 을 발급합니다. AccessToken: {}" ,accessToken);
-        log.info( "RefreshToken 을 발급합니다. RefreshToken: {}" ,refreshToken);
+        log.info( "✅ 로그인에 성공합니다. 📧email: {}" , email);
     }
 
     private String extractEmail(Authentication authentication) {

MathCaptain/weakness/src/main/java/MathCaptain/weakness/Group/Login/LoginSuccessJWTProvideHandler.java

@@ -18,7 +18,7 @@
 @Entity
 @Getter
 @Builder
-@Table(name = "GROUPS")
+@Table(name = "`GROUPS`")
 @NoArgsConstructor
 @AllArgsConstructor
 public class Group {

MathCaptain/weakness/src/main/java/MathCaptain/weakness/Group/domain/Group.java

@@ -16,13 +16,15 @@
 import jakarta.annotation.PostConstruct;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.context.annotation.DependsOn;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Component;
 import org.springframework.transaction.annotation.Transactional;
 
 @Slf4j
 @Component
 @RequiredArgsConstructor
+@DependsOn("entityManagerFactory")
 public class TestInit {
 
     private final UserRepository userRepository;

MathCaptain/weakness/src/main/java/MathCaptain/weakness/TestInit.java

@@ -4,6 +4,7 @@
 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.security.authentication.AuthenticationServiceException;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
@@ -16,6 +17,7 @@
 import java.nio.charset.StandardCharsets;
 import java.util.Map;
 
+@Slf4j
 public class JsonUsernamePasswordAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
 
     private static final String DEFAULT_LOGIN_REQUEST_URL = "/login";
@@ -37,6 +39,8 @@ public JsonUsernamePasswordAuthenticationFilter(ObjectMapper objectMapper) {
     @Override
     public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException, IOException, ServletException {
 
+        log.info("============= 🔐 로그인 요청에 대한 필터링 시작 =============");
+
         if(request.getContentType() == null || !request.getContentType().startsWith(CONTENT_TYPE)) {
             throw new AuthenticationServiceException("Authentication Content-Type not supported: " + request.getContentType());
         }
@@ -48,8 +52,13 @@ public Authentication attemptAuthentication(HttpServletRequest request, HttpServ
         String username = usernamePasswordMap.get(USERNAME_KEY);
         String password = usernamePasswordMap.get(PASSWORD_KEY);
 
+        log.info("username: {}", username);
+        log.info("password: {}", password);
+
         UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(username, password); //principal 과 credentials 전달
 
+        log.info("============= 🔐 로그인 요청에 대한 필터링 종료 =============");
+
         return this.getAuthenticationManager().authenticate(authRequest);
     }
 }

MathCaptain/weakness/src/main/java/MathCaptain/weakness/global/Security/filter/JsonUsernamePasswordAuthenticationFilter.java

@@ -4,6 +4,7 @@
 import MathCaptain.weakness.User.repository.UserRepository;
 import MathCaptain.weakness.User.domain.Users;
 import MathCaptain.weakness.global.Security.jwt.JwtService;
+import MathCaptain.weakness.global.exception.AuthorizationException;
 import jakarta.servlet.FilterChain;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
@@ -53,14 +54,15 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
                 .filter(jwtService::isTokenValid)
                 .orElse(null); // RefreshToken이 없거나 유효하지 않으면 null을 반환
 
-        log.info("refreshToken: {}", refreshToken != null);
-
         if (refreshToken != null){
-            log.info("AccessToken 재발급 요청");
+            log.info("RefreshToken 존재");
+            log.info("============= ❗️AccessToken 재발급 요청 =============");
             checkRefreshTokenAndReIssueAccessToken(response, refreshToken); // refreshToken으로 유저 정보를 찾아오고, 존재하면 AccessToken을 재발급
             return; // 인증을 처리하지 않게 하기 위해 return
         }
 
+        log.info("RefreshToken 존재하지 않음 OR 유효하지 않음");
+        log.info("============= AccessToken 유효성 검사 =============");
         checkAccessTokenAndAuthentication(request, response, filterChain); // refreshToken이 없다면 AccessToken을 검사하는 로직 수행
     }
 
@@ -78,21 +80,26 @@ private void checkAccessTokenAndAuthentication(HttpServletRequest request, HttpS
     private void saveAuthentication(Users users) {
         UserDetailsImpl userDetails = new UserDetailsImpl(users);
 
+        log.info("============= 인증 처리 절차 시작 =============");
+        log.info("accessToken 유효성 검사 완료");
+
         Authentication authentication = new UsernamePasswordAuthenticationToken(userDetails, null, authoritiesMapper.mapAuthorities(userDetails.getAuthorities()));
         log.info("authentication : {}", authentication);
+        log.info("============= 인증 처리 완료 =============");
         SecurityContext context = SecurityContextHolder.createEmptyContext();
         context.setAuthentication(authentication);
         SecurityContextHolder.setContext(context);
     }
 
     private void checkRefreshTokenAndReIssueAccessToken(HttpServletResponse response, String refreshToken) {
+        log.info("============= RefreshToken 유효성 검사 =============");
         // 해당하는 refreshToken이 DB에 존재하면, user에게 AccessToken 발급
         userRepository.findByRefreshToken(refreshToken).ifPresent(
                 users -> {
                     try {
                         jwtService.sendAccessToken(response, jwtService.createAccessToken(users.getEmail()));
                     } catch (IOException e) {
-                        throw new RuntimeException(e);
+                        throw new AuthorizationException("❌ AccessToken 재발급 실패");
                     }
                 }
         );

MathCaptain/weakness/src/main/java/MathCaptain/weakness/global/Security/filter/JwtAuthenticationProcessingFilter.java

@@ -3,6 +3,7 @@
 import MathCaptain.weakness.Group.repository.RelationRepository;
 import MathCaptain.weakness.User.domain.Users;
 import MathCaptain.weakness.User.repository.UserRepository;
+import MathCaptain.weakness.global.exception.ResourceNotFoundException;
 import com.auth0.jwt.JWT;
 import com.auth0.jwt.algorithms.Algorithm;
 import com.fasterxml.jackson.databind.ObjectMapper;
@@ -49,16 +50,12 @@ public class JwtServiceImpl implements JwtService{
     private static final String BEARER = "Bearer ";
 
     private final UserRepository usersRepository;
-    private final ObjectMapper objectMapper;
-    private final RelationRepository relationRepository;
-
 
     //== 메서드 ==//
 
     // AccessToken 생성 (사용자의 email 기반)
     @Override
     public String createAccessToken(String email) {
-
         return JWT.create()
                 // 빌더를 통해 JWT의 Subject 설정 : AccessToken
                 .withSubject(ACCESS_TOKEN_SUBJECT)
@@ -90,7 +87,7 @@ public void updateRefreshToken(String email, String refreshToken) {
                 .ifPresentOrElse(
                         // 존재하면 refreshToken 업데이트
                         users -> users.updateRefreshToken(refreshToken),
-                        () -> new Exception("회원 조회 실패")
+                        () -> new ResourceNotFoundException("회원 조회 실패")
                 );
     }
 
@@ -109,6 +106,10 @@ public void destroyRefreshToken(String email) {
     // AccessToken과 RefreshToken을 클라이언트에게 전달
     @Override
     public void sendAccessAndRefreshToken(HttpServletResponse response, String accessToken, String refreshToken) {
+        log.info("============= AccessToken과 RefreshToken 전송 =============");
+        log.info("🔑AccessToken: {}", accessToken);
+        log.info("🗝️RefreshToken: {}", refreshToken);
+
         // 응답 메시지의 상태를 200 OK로 설정
         response.setStatus(HttpServletResponse.SC_OK);
 
@@ -126,6 +127,9 @@ public void sendAccessAndRefreshToken(HttpServletResponse response, String acces
     // AccessToken을 클라리언트에게 전달
     @Override
     public void sendAccessToken(HttpServletResponse response, String accessToken) throws IOException {
+        log.info("============= AccessToken 전송 =============");
+        log.info("🔑AccessToken: {}", accessToken);
+
         response.setStatus(HttpServletResponse.SC_OK);
 
         setAccessTokenHeader(response, accessToken);
@@ -143,13 +147,16 @@ public void sendAccessToken(HttpServletResponse response, String accessToken) th
     public Optional<String> extractAccessToken(HttpServletRequest request) {
         String headerValue = request.getHeader(accessHeader);
 
+        log.info("============= 🔑AccessToken 추출 =============");
+
         if (headerValue == null || headerValue.isBlank()) {
             log.warn("Authorization 헤더가 비어있거나 존재하지 않습니다.");
             return Optional.empty();
         }
 
         // "Bearer " 접두사가 있는 경우 제거
         if (headerValue.startsWith(BEARER)) {
+            log.info("Authorization 헤더에 'Bearer ' 접두사가 존재합니다. 원본 값: {}", headerValue);
             return Optional.of(headerValue.replace(BEARER, "").trim());
         }
 
@@ -161,6 +168,7 @@ public Optional<String> extractAccessToken(HttpServletRequest request) {
     // 클라이언트에게서 전달받은 RefreshToken을 HTTP 헤더에서 추출
     @Override
     public Optional<String> extractRefreshToken(HttpServletRequest request) {
+        log.info("============= 🗝️RefreshToken 추출 =============");
         return Optional.ofNullable(request.getHeader(refreshHeader)).filter(
                 // BEARER 접두사로 시작하는 RefreshToken을 확인
                 refreshToken -> refreshToken.startsWith(BEARER)
@@ -177,7 +185,7 @@ public Optional<String> extractEmail(String accessToken) {
                     JWT.require(Algorithm.HMAC512(secret)).build().verify(accessToken).getClaim(USERNAME_CLAIM)
                             .asString());
 
-            log.info("email: {}", email);
+            log.info("✉️ email: {}", email);
             return email;
         } catch (Exception e) {
             log.error(e.getMessage());
@@ -201,11 +209,12 @@ public void setRefreshTokenHeader(HttpServletResponse response, String refreshTo
     @Override
     public boolean isTokenValid(String token) {
         try {
+            log.info("============= 토큰 유효성 검사를 시작합니다. ================");
             log.info("검증 중인 토큰: {}", token);
             JWT.require(Algorithm.HMAC512(secret)).build().verify(token);
             return true;
         } catch (Exception e) {
-            log.error("유효하지 않은 Token입니다", e.getMessage());
+            log.error("🍪유효하지 않은 Token입니다", e.getMessage());
             return false;
         }
     }

MathCaptain/weakness/src/main/java/MathCaptain/weakness/global/Security/jwt/JwtServiceImpl.java

@@ -0,0 +1,7 @@
+package MathCaptain.weakness.global.exception;
+
+public class AuthorizationException extends RuntimeException {
+    public AuthorizationException(String message) {
+        super(message);
+    }
+}

MathCaptain/weakness/src/main/java/MathCaptain/weakness/global/exception/AuthorizationException.java

@@ -54,4 +54,9 @@ public ResponseEntity<ApiResponse<String>> handleException(Exception ex) {
     public ResponseEntity<ApiResponse<String>> handleRuntimeException(RuntimeException ex) {
         return ResponseEntity.status(500).body(ApiResponse.fail(ex.getMessage(), null));
     }
+
+    @ExceptionHandler(AuthorizationException.class)
+    public ResponseEntity<ApiResponse<String>> handleAuthorizationException(AuthorizationException ex) {
+        return ResponseEntity.status(403).body(ApiResponse.fail(ex.getMessage(), null));
+    }
 }