Merge branch 'develop' of https://github.com/prgrms-web-devcourse-final-project/WEB3_4_Log4U_BE into feature/media

Author: TTaiJin

README.md

@@ -1,23 +1,23 @@
 ## 개발 환경 설정
 
 [AWS API SERVER](http://ec2-13-209-127-186.ap-northeast-2.compute.amazonaws.com:8080)
+
+[카카오 로그인](http://ec2-13-209-127-186.ap-northeast-2.compute.amazonaws.com:8080/oauth2/authorization/kakao)
+
+[네이버 로그인](http://ec2-13-209-127-186.ap-northeast-2.compute.amazonaws.com:8080/oauth2/authorization/naver)
+
+[구글 로그인](http://ec2-13-209-127-186.ap-northeast-2.compute.amazonaws.com:8080/oauth2/authorization/google)
+
 ---
 
 * 루트 디렉토리(WEB3_4_Log4U_BE)에서 다음 명령 실행
-* 개발용 MYSQL 빌드
+* 개발용 DB 컨테이너 실행
 
 ```
-# 이미지 빌드
-cd docker
-docker build -t log4u-mysql .
-
-# 최초 실행 1(볼륨 존재)
-docker run -d --name log4u-mysql -p 3307:3306 -v {file}:/var/lib/mysql log4u-mysql
-
-# 최초 실행 2(볼륨 없이)
-docker run -d --name log4u-mysql -p 3307:3306  log4u-mysql
+# postgresql mysql 모두 실행
+docker-compose up -d
 
-# 이미 존재할 경우 
-docker start log4u-mysql
+# postgresql 만 실행
+docker-compose up -d postgres
 
 ```

scripts/deploy.sh

@@ -28,7 +28,7 @@ cp $PROJECT_ROOT/build/libs/Log4U-0.0.1-SNAPSHOT.jar $JAR_FILE
 
 # jar 파일 실행
 echo "$TIME_NOW > $JAR_FILE 파일 실행" >> $DEPLOY_LOG
-nohup java -Dspring.profiles.active="prod, prod-secret" -jar $JAR_FILE > $APP_LOG 2> $ERROR_LOG &
+nohup java -Dspring.profiles.active="prod, prod-secret" -jar $JAR_FILE > $APP_LOG 2> $ERROR_LOG
 
 CURRENT_PID=$(pgrep -f $JAR_FILE)
 echo "$TIME_NOW > 실행된 프로세스 아이디 $CURRENT_PID 입니다." >> $DEPLOY_LOG

src/main/java/com/example/log4u/common/config/CorsConfig.java

@@ -15,7 +15,8 @@ public static CorsConfigurationSource corsConfigurationSource() {
 
 		configuration.setAllowedOrigins(List.of(
 			UrlConstants.FRONT_ORIGIN_URL,
-			UrlConstants.FRONT_SUB_DOMAIN_URL
+			UrlConstants.FRONT_SUB_DOMAIN_URL,
+			UrlConstants.FRONT_VERCEL_ORIGIN
 		));
 
 		configuration.setAllowedMethods(Collections.singletonList("*"));

src/main/java/com/example/log4u/common/config/SecurityConfig.java

@@ -72,6 +72,8 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 			.authorizeHttpRequests(auth -> auth
 				// 소셜 로그인 경로
 				.requestMatchers("/oauth2/**").permitAll()
+				// 테스트용 인증/인가 경로
+				.requestMatchers("/users/dev").permitAll()
 				// Swagger UI 관련 경로 (swagger-ui.html 추가)
 				.requestMatchers("/swagger-ui.html", "/swagger-ui/**", "/v3/api-docs/**").permitAll()
 				.anyRequest().authenticated());

src/main/java/com/example/log4u/common/constants/UrlConstants.java

@@ -2,15 +2,19 @@
 
 public class UrlConstants {
 
-	public static final String FRONT_ORIGIN_URL = "http://localhost:3000/me";
-	public static final String FRONT_SUB_DOMAIN_URL = "http://web.ec2-13-209-127-186.ap-northeast-2.compute.amazonaws.com:3000";
-	public static final String PROFILE_CREATE_URL = FRONT_SUB_DOMAIN_URL + "/profile/make";
+	public static final String FRONT_ORIGIN_URL = " https://web.log4u.site:3000";
+	public static final String FRONT_SUB_DOMAIN_URL = "https://web.log4u.site:3000";
+	public static final String FRONT_VERCEL_ORIGIN = "https://web-3-4-log4-u-fe.vercel.app";
+
+	// 임시로 메인
+	public static final String PROFILE_CREATE_URL = FRONT_SUB_DOMAIN_URL + "";
 	public static final String LOGIN_URL = FRONT_SUB_DOMAIN_URL + "/login";
 
 	// 내 프로필 페이지가 메인
-	public static final String MAIN_URL = FRONT_SUB_DOMAIN_URL;
+	public static final String MAIN_URL = FRONT_SUB_DOMAIN_URL + "/me";
 
 	// checkstyle 경고 제거
 	private UrlConstants() {
 	}
 }
+

src/main/java/com/example/log4u/common/oauth2/controller/OAuth2Controller.java

@@ -9,6 +9,7 @@
 import com.example.log4u.common.constants.TokenConstants;
 import com.example.log4u.common.oauth2.jwt.JwtUtil;
 import com.example.log4u.common.oauth2.service.RefreshTokenService;
+import com.example.log4u.common.util.CookieUtil;
 
 import io.jsonwebtoken.ExpiredJwtException;
 import jakarta.servlet.http.Cookie;
@@ -75,8 +76,9 @@ private void createNewTokens(HttpServletResponse response, String access, String
 		String newAccessToken = jwtUtil.createJwt(TokenConstants.ACCESS_TOKEN, userId, name, role, 600000L);
 		String newRefreshToken = jwtUtil.createJwt(TokenConstants.REFRESH_TOKEN, userId, name, role, 600000L);
 
-		response.addCookie(createCookie(TokenConstants.REFRESH_TOKEN, newRefreshToken));
-		response.addCookie(createCookie(TokenConstants.ACCESS_TOKEN, newAccessToken));
+		// SameSite=None 속성이 있는 쿠키 생성 및 추가
+		CookieUtil.createCookieWithSameSite(response, TokenConstants.ACCESS_TOKEN, newAccessToken);
+		CookieUtil.createCookieWithSameSite(response, TokenConstants.REFRESH_TOKEN, newRefreshToken);
 
 		// 새 리프레시 토큰 저장
 		refreshTokenService.saveRefreshToken(
@@ -86,12 +88,4 @@ private void createNewTokens(HttpServletResponse response, String access, String
 
 	}
 
-	private Cookie createCookie(String key, String value) {
-		Cookie cookie = new Cookie(key, value);
-		cookie.setMaxAge(60 * 60 * 60);
-		//cookie.setSecure(true);
-		cookie.setPath("/");
-		cookie.setHttpOnly(true);
-		return cookie;
-	}
 }

src/main/java/com/example/log4u/common/oauth2/handler/OAuth2AuthenticationSuccessHandler.java

@@ -74,15 +74,17 @@ private void setCookieAndSaveRefreshToken(
 		// 리프레시 토큰 DB 저장
 		refreshTokenService.saveRefreshToken(name, refresh);
 
-		response.addCookie(CookieUtil.createCookie(ACCESS_TOKEN, access));
-		response.addCookie(CookieUtil.createCookie(REFRESH_TOKEN, refresh));
+		// SameSite=None 속성이 있는 쿠키 생성 및 추가
+		CookieUtil.createCookieWithSameSite(response, ACCESS_TOKEN, access);
+		CookieUtil.createCookieWithSameSite(response, REFRESH_TOKEN, refresh);
+
 		response.setStatus(HttpStatus.OK.value());
 	}
 
 	private void redirectTo(HttpServletResponse response, CustomOAuth2User customOAuth2User) throws IOException {
 		String redirectUrl = switch (customOAuth2User.getRole()) {
 			case "ROLE_GUEST" -> PROFILE_CREATE_URL;
-			case "ROLE_USER" -> FRONT_SUB_DOMAIN_URL;
+			case "ROLE_USER" -> FRONT_VERCEL_ORIGIN;
 			default -> LOGIN_URL;
 		};
 		response.sendRedirect(redirectUrl);

src/main/java/com/example/log4u/common/oauth2/jwt/JwtAuthenticationFilter.java

@@ -77,8 +77,10 @@ protected void doFilterInternal(
 	private boolean shouldSkipFilter(String requestUri) {
 		return requestUri.matches("^/login(/.*)?$")
 			|| requestUri.matches("^/oauth2(/.*)?$")
+			|| requestUri.matches("^/users/dev")
 			|| requestUri.matches("^/swagger-ui(/.*)?$")
 			|| requestUri.matches("^/v3/api-docs(/.*)?$"); // OpenAPI 문서 예외 처리
+
 	}
 
 	private String extractAccessTokenFromCookie(HttpServletRequest request) {

src/main/java/com/example/log4u/common/util/CookieUtil.java

@@ -11,23 +11,30 @@ private CookieUtil() {
 	public static Cookie createCookie(String key, String value) {
 		Cookie cookie = new Cookie(key, value);
 		cookie.setMaxAge(60 * 60 * 60);
-		//cookie.setSecure(true);
+		cookie.setSecure(true);
 		cookie.setPath("/");
 		cookie.setHttpOnly(true);
 		return cookie;
 	}
 
+	public static void createCookieWithSameSite(HttpServletResponse response, String key, String value) {
+		Cookie cookie = createCookie(key, value);
+		// SameSite=None 설정을 위한 추가 헤더
+		String headerValue = String.format("%s=%s; Max-Age=%d; Path=%s; HttpOnly; Secure; SameSite=None",
+			key, value, cookie.getMaxAge(), cookie.getPath());
+		response.addHeader("Set-Cookie", headerValue);
+	}
+
 	public static void deleteCookie(HttpServletResponse response) {
-		Cookie access = CookieUtil.createCookie("access", null);
-		Cookie refresh = CookieUtil.createCookie("refresh", null);
+		// access 쿠키 삭제 - 헤더만 사용
+		String accessCookieString = "access=; Max-Age=0; Path=/; HttpOnly; Secure; SameSite=None";
+		response.addHeader("Set-Cookie", accessCookieString);
 
-		access.setMaxAge(0);
-		access.setPath("/");
-		refresh.setMaxAge(0);
-		refresh.setPath("/");
+		// refresh 쿠키 삭제 - 헤더만 사용
+		String refreshCookieString = "refresh=; Max-Age=0; Path=/; HttpOnly; Secure; SameSite=None";
+		response.addHeader("Set-Cookie", refreshCookieString);
 
-		response.addCookie(access);
-		response.addCookie(refresh);
 		response.setStatus(HttpServletResponse.SC_OK);
 	}
+
 }

src/main/java/com/example/log4u/domain/comment/dto/response/CommentResponseDto.java

@@ -1,15 +1,27 @@
 package com.example.log4u.domain.comment.dto.response;
 
+import java.time.LocalDateTime;
+
 import com.example.log4u.domain.comment.entity.Comment;
+import com.example.log4u.domain.user.entity.User;
 
 public record CommentResponseDto(
 	Long commentId,
-	String content
+	Long userId,
+	String userName,
+	String userProfileImage,
+	String content,
+	LocalDateTime createdAt
 ) {
-	public static CommentResponseDto of(Comment comment) {
+	public static CommentResponseDto of(Comment comment, User user) {
 		return new CommentResponseDto(
 			comment.getCommentId(),
-			comment.getContent()
+			user.getUserId(),
+			user.getName(),
+			user.getProfileImage(),
+			comment.getContent(),
+			comment.getCreatedAt()
 		);
 	}
 }
+