[Fix]: 배포 관련 환경변수 수정 및 jwt필터 수정

Jiwoo-Seo · Jiwoo-Seo · commit 13045fe8b749 · 2025-10-10T11:12:10.000+09:00
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -235,7 +235,10 @@ jobs:
               --restart unless-stopped \
               --network "${NET}" \
               -e TZ=Asia/Seoul \
-              -v /bid_data:/data \
+              -e SPRING_DATA_REDIS_PASSWORD="${SPRING_DATA_REDIS_PASSWORD}" \
+              -e JWT_SECRET="${JWT_SECRET}" \
+              -e SPRING_DATASOURCE_URL___DB_NAME="${SPRING_DATASOURCE_URL___DB_NAME}" \
+              -v /bid_data:/data \1
               "${IMAGE}"
 
             # ---------------------------------------------------------
diff --git a/src/main/java/com/backend/global/security/JwtAuthenticationFilter.java b/src/main/java/com/backend/global/security/JwtAuthenticationFilter.java
@@ -28,9 +28,11 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
     @Override
     protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
         
-        // 테스트 API는 JWT 검증 건너뛰기
         String path = request.getRequestURI();
-        if (path.startsWith("/api/v1/bids/") || path.startsWith("/notifications/") || path.startsWith("/api/test/")) {
+        String method = request.getMethod();
+        
+        // JWT 검증을 건너뛸 경로들
+        if (shouldSkipFilter(path, method)) {
             filterChain.doFilter(request, response);
             return;
         }
@@ -55,4 +57,79 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
 
         filterChain.doFilter(request, response);
     }
+    
+    private boolean shouldSkipFilter(String path, String method) {
+        // 정적 리소스
+        if (path.startsWith("/static/") || path.startsWith("/public/") || 
+            path.startsWith("/resources/") || path.startsWith("/META-INF/resources/")) {
+            return true;
+        }
+        
+        // 토스 페이먼트 관련
+        if (path.equals("/billing.html") || path.startsWith("/payments/") || path.startsWith("/toss/")) {
+            return true;
+        }
+        
+        // 공개 API
+        if (path.equals("/") || path.equals("/favicon.ico") || 
+            path.startsWith("/h2-console/") || path.equals("/actuator/health")) {
+            return true;
+        }
+        
+        // 인증 API
+        if (path.startsWith("/api/v1/auth/")) {
+            return true;
+        }
+        
+        // Swagger 및 API 문서
+        if (path.startsWith("/swagger-ui/") || path.startsWith("/v3/api-docs/") || 
+            path.equals("/swagger-ui.html") || path.startsWith("/webjars/")) {
+            return true;
+        }
+        
+        // WebSocket 및 알림
+        if (path.startsWith("/notifications/") || path.startsWith("/ws/")) {
+            return true;
+        }
+        
+        // 테스트 API
+        if (path.startsWith("/api/test/") || path.equals("/bid-test.html") || 
+            path.equals("/websocket-test.html")) {
+            return true;
+        }
+        
+        // GET 요청 중 공개 API
+        if ("GET".equals(method)) {
+            // 상품 조회 API
+            if (path.matches("/api/[^/]+/products") || 
+                path.matches("/api/[^/]+/products/\\d+") ||
+                path.matches("/api/[^/]+/products/es") ||
+                path.matches("/api/[^/]+/products/members/\\d+") ||
+                path.matches("/api/[^/]+/products/es/members/\\d+")) {
+                return true;
+            }
+            
+            // 회원 조회 API
+            if (path.matches("/api/v1/members/\\d+")) {
+                return true;
+            }
+        }
+        
+        // 업로드 파일
+        if (path.startsWith("/uploads/")) {
+            return true;
+        }
+        
+        // 테스트 데이터 API
+        if (path.matches("/api/[^/]+/test-data/.*")) {
+            return true;
+        }
+        
+        // 입찰 API (기존 로직 유지)
+        if (path.startsWith("/api/v1/bids/")) {
+            return true;
+        }
+        
+        return false;
+    }
 }
diff --git a/src/main/resources/application-prod.yml b/src/main/resources/application-prod.yml
@@ -1,6 +1,6 @@
 spring:
   datasource:
-    url: "jdbc:mysql://mysql_1:3306/${SPRING__DATASOURCE__URL___DB_NAME}?useSSL=false&allowPublicKeyRetrieval=true&serverTimezone=Asia/Seoul"
+    url: "jdbc:mysql://mysql_1:3306/${SPRING_DATASOURCE_URL___DB_NAME}?useSSL=false&allowPublicKeyRetrieval=true&serverTimezone=Asia/Seoul"
     username: lldjlocal
     password: 1234
     driver-class-name: com.mysql.cj.jdbc.Driver
@@ -15,12 +15,12 @@ spring:
   data:
     redis:
       host: redis_1
-      password: ${SPRING__DATA__REDIS__PASSWORD}
+      password: ${SPRING_DATA_REDIS_PASSWORD}
 
   elasticsearch:
     uris: http://elasticsearch_1:9200
     username: elastic
-    password: ${SPRING__DATA__REDIS__PASSWORD}
+    password: ${SPRING_DATA_REDIS_PASSWORD}
 
 jwt:
   secret: ${JWT_SECRET}
