Merge pull request #43 from prgrms-web-devcourse-final-project/develop

Chore[infra]: 배포

Author: DooHyoJeong

.github/workflows/CI-CD_Pipeline.yml

@@ -126,7 +126,7 @@ jobs:
         run: |
           cat > .env << 'EOF'
           # JWT Configuration Properties 바인딩용 (빌드 시 필요)
-          CUSTOM_JWT_SECRET_KEY=build-dummy-key-for-configuration-properties-binding
+          CUSTOM_JWT_SECRET_KEY=${{ secrets.JWT_SECRET_KEY }}
           CUSTOM_JWT_ACCESS_TOKEN_EXPIRATION_SECONDS=3600
           EOF
 
@@ -178,7 +178,29 @@ jobs:
           file: backend/Dockerfile
           push: true
           tags: |
-            ${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}/backend:${{ github.sha }}
-            ${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}/backend:latest
+            ${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}/balaw:${{ github.sha }}
+            ${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}/balaw:latest
           cache-from: type=gha
           cache-to: type=gha,mode=max
+  deploy:
+    needs: docker-build
+    runs-on: ubuntu-latest
+    env:
+      DOCKER_IMAGE_NAME: balaw
+    steps:
+      - name: AWS SSM Send-Command
+        uses: peterkimzz/aws-ssm-send-command@master
+        id: ssm
+        with:
+          aws-region: ${{ secrets.AWS_REGION }}
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          instance-ids: "i-0b903187bca01a1c4"
+          working-directory: /
+          comment: Deploy
+          command: |
+            docker pull ghcr.io/doohyojeong/${{ env.DOCKER_IMAGE_NAME }}:latest
+            docker stop app1 2>/dev/null
+            docker rm app1 2>/dev/null
+            docker run -d --name app1 -p 8080:8080 ghcr.io/doohyojeong/${{ env.DOCKER_IMAGE_NAME }}:latest
+            docker rmi $(docker images -f "dangling=true" -q)

.github/workflows/deploy.yml

@@ -12,7 +12,6 @@ COPY settings.gradle .
 RUN gradle dependencies --no-daemon
 
 # 소스 코드 복사
-COPY .env .
 COPY src src
 
 # 애플리케이션 빌드

backend/Dockerfile

@@ -37,6 +37,11 @@ dependencies {
     implementation 'org.apache.commons:commons-lang3:3.18.0'
     implementation 'org.springdoc:springdoc-openapi-starter-webmvc-ui:2.8.9'
 
+    // JWT (JSON Web Token)
+    implementation 'io.jsonwebtoken:jjwt-api:0.11.5'
+    runtimeOnly 'io.jsonwebtoken:jjwt-impl:0.11.5'
+    runtimeOnly 'io.jsonwebtoken:jjwt-jackson:0.11.5'
+
     // Database (데이터베이스)
     runtimeOnly 'com.h2database:h2'
     runtimeOnly 'com.mysql:mysql-connector-j'

backend/build.gradle

@@ -35,7 +35,7 @@ public class MemberController {
             @ApiResponse(responseCode = "400", description = "잘못된 요청 (중복 이메일/닉네임, 유효성 검증 실패)")
     })
     public ResponseEntity<MemberResponse> signup(@Valid @RequestBody MemberSignupRequest request) {
-        log.info("회원가입 요청: email={}, nickname={}", request.getLoginId(), request.getNickname());
+        log.info("회원가입 요청: email={}, name={}", request.getLoginId(), request.getName());
 
         try {
             MemberResponse response = memberService.signup(request);
@@ -72,11 +72,19 @@ public ResponseEntity<MemberResponse> login(@Valid @RequestBody MemberLoginReque
     @ApiResponses({
             @ApiResponse(responseCode = "200", description = "로그아웃 성공")
     })
-    public ResponseEntity<Void> logout(HttpServletResponse response) {
+    public ResponseEntity<Void> logout(Authentication authentication, HttpServletResponse response) {
         log.info("로그아웃 요청");
 
-        memberService.logout(response);
-        log.info("로그아웃 완료");
+        if (authentication != null && authentication.getName() != null) {
+            String loginId = authentication.getName();
+            memberService.logout(loginId, response);
+            log.info("로그아웃 완료: email={}", loginId);
+        } else {
+            // 인증 정보가 없어도 쿠키는 클리어
+            memberService.logout("", response);
+            log.info("인증 정보 없이 로그아웃 완료");
+        }
+
         return ResponseEntity.ok().build();
     }
 
@@ -128,7 +136,7 @@ public ResponseEntity<Void> withdraw(Authentication authentication, HttpServletR
             // loginId로 Member를 조회하여 실제 memberId 사용
             Member member = memberService.findByLoginId(loginId);
             memberService.withdraw(member.getMemberId());
-            memberService.logout(response); // 탈퇴 후 로그아웃 처리
+            memberService.logout(loginId, response); // 탈퇴 후 로그아웃 처리
             log.info("회원탈퇴 성공: email={}, memberId={}", loginId, member.getMemberId());
             return ResponseEntity.ok().build();
         } catch (IllegalArgumentException e) {

backend/src/main/java/com/ai/lawyer/domain/member/controller/MemberController.java

@@ -14,7 +14,6 @@ public class MemberResponse {
 
     private Long memberId;
     private String loginId;
-    private String nickname;
     private Integer age;
     private Member.Gender gender;
     private Member.Role role;
@@ -26,7 +25,6 @@ public static MemberResponse from(Member member) {
         return MemberResponse.builder()
                 .memberId(member.getMemberId())
                 .loginId(member.getLoginId())
-                .nickname(member.getNickname())
                 .age(member.getAge())
                 .gender(member.getGender())
                 .role(member.getRole())

backend/src/main/java/com/ai/lawyer/domain/member/dto/MemberResponse.java

@@ -16,13 +16,8 @@ public class MemberSignupRequest {
     private String loginId;
 
     @NotBlank(message = "비밀번호는 필수입니다")
-    @Size(min = 8, message = "비밀번호는 최소 8자 이상이어야 합니다")
     private String password;
 
-    @NotBlank(message = "닉네임은 필수입니다")
-    @Size(max = 50, message = "닉네임은 50자 이하여야 합니다")
-    private String nickname;
-
     @NotNull(message = "나이는 필수입니다")
     @Min(value = 14, message = "최소 14세 이상이어야 합니다")
     private Integer age;

backend/src/main/java/com/ai/lawyer/domain/member/dto/MemberSignupRequest.java

@@ -36,10 +36,6 @@ public class Member {
     @NotBlank(message = "비밀번호는 필수입니다")
     private String password;
 
-    @Column(name = "nickname", nullable = false, length = 50)
-    @NotBlank(message = "닉네임은 필수입니다")
-    private String nickname;
-
     @Column(name = "age", nullable = false)
     @NotNull(message = "나이는 필수입니다")
     @Min(value = 14, message = "최소 14세 이상이어야 합니다")

backend/src/main/java/com/ai/lawyer/domain/member/entity/Member.java

@@ -12,6 +12,4 @@ public interface MemberRepository extends JpaRepository<Member, Long> {
     Optional<Member> findByLoginId(String loginId);
 
     boolean existsByLoginId(String loginId);
-
-    boolean existsByNickname(String nickname);
 }

backend/src/main/java/com/ai/lawyer/domain/member/repositories/MemberRepository.java

@@ -24,12 +24,10 @@ public class MemberService {
     @Transactional
     public MemberResponse signup(MemberSignupRequest request) {
         validateDuplicateLoginId(request.getLoginId());
-        validateDuplicateNickname(request.getNickname());
 
         Member member = Member.builder()
                 .loginId(request.getLoginId())
                 .password(passwordEncoder.encode(request.getPassword()))
-                .nickname(request.getNickname())
                 .age(request.getAge())
                 .gender(request.getGender())
                 .name(request.getName())
@@ -58,34 +56,40 @@ public MemberResponse login(MemberLoginRequest request, HttpServletResponse resp
         return MemberResponse.from(member);
     }
 
-    public void logout(HttpServletResponse response) {
+    public void logout(String loginId, HttpServletResponse response) {
+        // Redis에서 리프레시 토큰 삭제
+        tokenProvider.deleteRefreshToken(loginId);
+
         // 쿠키 삭제
         cookieUtil.clearTokenCookies(response);
-
-        // TODO: 추후 레디스에서 토큰 무효화
     }
 
     public MemberResponse refreshToken(String refreshToken, HttpServletResponse response) {
-        // 리프레시 토큰 유효성 검증
-        if (!tokenProvider.validateToken(refreshToken)) {
+        // Redis에서 리프레시 토큰으로 사용자를 찾기 (Redis 키 패턴: refresh_token:loginId)
+        String username = tokenProvider.findUsernameByRefreshToken(refreshToken);
+        if (username == null) {
+            throw new IllegalArgumentException("유효하지 않은 리프레시 토큰입니다.");
+        }
+
+        // Redis에서 리프레시 토큰 유효성 검증
+        if (!tokenProvider.validateRefreshToken(username, refreshToken)) {
             throw new IllegalArgumentException("유효하지 않은 리프레시 토큰입니다.");
         }
 
-        // TODO: 추후 레디스에서 리프레시 토큰과 매핑된 회원 정보 조회
-        // 현재는 임시로 토큰에서 사용자명 추출 후 DB 조회
-        String username = tokenProvider.getUsernameFromToken(refreshToken);
+        // 회원 정보 조회
         Member member = memberRepository.findByLoginId(username)
                 .orElseThrow(() -> new IllegalArgumentException("존재하지 않는 회원입니다."));
 
+        // 기존 리프레시 토큰 Redis에서 삭제 (RTR 패턴)
+        tokenProvider.deleteRefreshToken(username);
+
         // 새로운 액세스 토큰과 리프레시 토큰 생성
         String newAccessToken = tokenProvider.generateAccessToken(member);
         String newRefreshToken = tokenProvider.generateRefreshToken(member);
 
         // 새로운 토큰들을 쿠키로 설정
         cookieUtil.setTokenCookies(response, newAccessToken, newRefreshToken);
 
-        // TODO: 추후 레디스에서 기존 토큰 무효화 및 새 토큰 저장
-
         return MemberResponse.from(member);
     }
 
@@ -114,10 +118,4 @@ private void validateDuplicateLoginId(String loginId) {
             throw new IllegalArgumentException("이미 존재하는 이메일입니다.");
         }
     }
-
-    private void validateDuplicateNickname(String nickname) {
-        if (memberRepository.existsByNickname(nickname)) {
-            throw new IllegalArgumentException("이미 존재하는 닉네임입니다.");
-        }
-    }
 }