Open
Conversation
yuuuyeonho
reviewed
Sep 5, 2025
| .requestMatchers("/signup").permitAll() | ||
|
|
||
| // 로그아웃은 로그인 이후 가능 | ||
| .requestMatchers("members/me/logout").hasAnyAuthority("일반", "관리자") |
Contributor
There was a problem hiding this comment.
로그아웃 url "/auth/logout" 이지 않나요..?!
Contributor
Author
There was a problem hiding this comment.
앗 그렇네요.. 마이페이지에서 로그아웃하는 것만 생각나서.. 이렇게 했나봐요 감사합니다ㅎㅎ
| // 인증 없이 로그인,회원가입은 가능. | ||
| .requestMatchers("/swagger-ui/**", "/v3/api-docs/**").permitAll() | ||
| .requestMatchers("/auth/**", "/email/**").permitAll() | ||
| .requestMatchers("/auth/login", "/email/**").permitAll() |
Contributor
There was a problem hiding this comment.
제가 프론트에서 어떻게 사용하는지 몰라서 물어봅니당
login만 허용해도 비밀번호 변경 관련 메서드("/auth/password/update-link/send", "auth/password") 는 비로그인상태에서도 사용 가능한건가요?? 아시는 분...
Contributor
Author
There was a problem hiding this comment.
이 부분도 이슈만 보면서 고치다가 이슈 후에 추가된 controller는 보지 못하고 추가하다가 이렇게 된 것 같습니다..! 저 링크들을 다 포함해야 될 것 같아서 추가하는게 맞겠네요!
kckc0608
reviewed
Nov 24, 2025
Comment on lines
+128
to
+142
| // Swagger 전용 다시 시도 | ||
| if (!authenticated && bearerAccessToken != null) { | ||
| tokenUtil.validateToken(bearerAccessToken); | ||
|
|
||
| String studentId = tokenUtil.getStudentIdFromToken(bearerAccessToken); | ||
| String status = tokenUtil.getStatusFromToken(bearerAccessToken); | ||
|
|
||
| SecurityContextHolder.getContext().setAuthentication( | ||
| new UsernamePasswordAuthenticationToken( | ||
| studentId, | ||
| null, | ||
| List.of(new SimpleGrantedAuthority(status)) | ||
| ) | ||
| ); | ||
| authenticated = true; |
Member
There was a problem hiding this comment.
혹시 스웨거 검증 로직이 따로 있는 이유가 있을까요?
엑세스 토큰을 검증하는 로직이 동일한 것 같아서, 엑세스 토큰, 리프레시 토큰이 모두 없다면 -> 헤더 체크해서 엑세스 토큰 세팅하고 -> 엑세스 토큰이 있다면 검증 수행 과 같은 플로우로 가도 괜찮지 않을까 생각했어요
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
작업 내용
특이 사항 (리뷰 시 참고할 내용)
관련 이슈
close #21 , #37