Skip to content

[FIX] #213 : logout 404 에러 수정 #215

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
pwc2002 merged 2 commits into from
Aug 30, 2025
Merged

[FIX] #213 : logout 404 에러 수정 #215

pwc2002 merged 2 commits into from
Aug 30, 2025

Conversation

@pwc2002
Copy link
Contributor

@pwc2002 pwc2002 commented Aug 30, 2025
edited by coderabbitai bot
Loading

📌 연관된 이슈

#213

✨ 작업 내용

logout 시 404 에러 뜨는걸, 토큰 인증 url 에서 logout을 제외함으로서 수정

💬 리뷰 요구사항(선택)

Summary by CodeRabbit

  • 버그 수정
    • 인증 예외 범위를 세분화하여 다음 경로만 공개 접근으로 유지: /api/v1/auth/refresh, /api/v1/auth/login, /api/v1/auth/oauth2/google/callback, /api/v1/auth/password-reset/request, /api/v1/auth/password-reset/verify, /api/v1/auth/password-reset/confirm
    • 위 경로 외의 /api/v1/auth/* 요청은 이제 인증 절차를 거치도록 변경되어 보안이 강화되었습니다.
    • API 문서 관련 경로(/v3/api-docs, /swagger-ui 등)는 기존과 동일하게 접근 가능합니다.

@pwc2002 pwc2002 self-assigned this Aug 30, 2025
@pwc2002 pwc2002 added the bug Something isn't working label Aug 30, 2025
@coderabbitai
Copy link

coderabbitai bot commented Aug 30, 2025
edited
Loading

Caution

Review failed

The pull request is closed.

Walkthrough

인증 필터의 우회 대상 경로가 광범위한 프리픽스(/api/v1/auth/**)에서 구체적 엔드포인트 목록으로 축소되었고, 스웨거/문서 관련 우회는 유지되었습니다. 공개 API 시그니처 변경은 없습니다.

Changes

Cohort / File(s) Summary
보안 필터 우회 범위 정밀화
src/main/java/inha/gdgoc/global/security/TokenAuthenticationFilter.java		 /api/v1/auth/** 우회를 제거하고 다음 엔드포인트만 명시 우회: refresh, login, oauth2/google/callback, password-reset/{request,verify,confirm}. 기존 /v3/api-docs, /swagger-ui, /swagger-ui.html 등은 그대로 우회. 퍼블릭 시그니처 변경 없음.

Sequence Diagram(s)

sequenceDiagram
    autonumber
    participant C as Client
    participant F as TokenAuthenticationFilter
    participant A as AuthService
    participant H as Controller

    Note over F: 우회 목록: <br/>/auth/refresh, /auth/login, <br/>/auth/oauth2/google/callback, <br/>/auth/password-reset/{request,verify,confirm}

    C->>F: HTTP Request
    alt 요청 경로 ∈ 명시 우회 목록
        F-->>H: FilterChain.continue()
        H-->>C: Response
    else 기타 모든 경로 포함 /api/v1/auth/** 중 비우회
        F->>F: 토큰 추출/검증 시도
        alt 유효 토큰
            F->>A: 토큰 검증
            A-->>F: 검증 성공
            F-->>H: FilterChain.continue() (SecurityContext 설정)
            H-->>C: Response
        else 토큰 없음/무효
            F-->>C: 401/접근 거부 처리(구현에 따름)
        end
    end
Loading

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

작은 발로 로그를 톡톡, 우회 목록을 다듬었지
넓던 길 좁혀 딱 필요한 문만 열어두고
토큰은 꼼꼼히, 스웨거는 쓱 지나가고
깡총, 깡총—보안 숲속에 질서가 반짝
오늘도 PR 위에 당근 이모지 하나 🥕

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

💡 Knowledge Base configuration:

  • MCP integration is disabled by default for public repositories
  • Jira integration is disabled by default for public repositories
  • Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between a896b17 and f3450fa.

📒 Files selected for processing (1)
  • src/main/java/inha/gdgoc/global/security/TokenAuthenticationFilter.java (1 hunks)
✨ Finishing Touches
  • 📝 Generate Docstrings
🧪 Generate unit tests
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch fix/issue-213
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbitai help to get the list of available commands.

Other keywords and placeholders

  • Add @coderabbitai ignore or @coderabbit ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Status, Documentation and Community

  • Visit our Status Page to check the current availability of CodeRabbit.
  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

@pwc2002 pwc2002 merged commit 3b5bcf2 into develop Aug 30, 2025
1 of 2 checks passed
@github-actions
Copy link

github-actions bot commented Aug 30, 2025

CI status
✅ Assemble 성공
✅ Test 성공

@coderabbitai coderabbitai bot mentioned this pull request Sep 3, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@pwc2002 pwc2002

Labels

bug Something isn't working

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@pwc2002