studio-recoding
diff --git a/‎src/main/java/Ness/Backend/domain/auth/AuthController.java
Lines changed: 3 additions & 3 deletions b/‎src/main/java/Ness/Backend/domain/auth/AuthController.java
Lines changed: 3 additions & 3 deletions
diff --git a/‎src/main/java/Ness/Backend/domain/auth/AuthService.java
Lines changed: 7 additions & 7 deletions b/‎src/main/java/Ness/Backend/domain/auth/AuthService.java
Lines changed: 7 additions & 7 deletions
diff --git a/‎src/main/java/Ness/Backend/domain/auth/jwt/JwtAuthorizationFilter.java
Lines changed: 31 additions & 10 deletions b/‎src/main/java/Ness/Backend/domain/auth/jwt/JwtAuthorizationFilter.java
Lines changed: 31 additions & 10 deletions
diff --git a/‎src/main/java/Ness/Backend/domain/auth/jwt/JwtTokenProvider.java
Lines changed: 9 additions & 5 deletions b/‎src/main/java/Ness/Backend/domain/auth/jwt/JwtTokenProvider.java
Lines changed: 9 additions & 5 deletions
diff --git a/‎src/main/java/Ness/Backend/domain/auth/oAuth/OAuth2Service.java
Lines changed: 2 additions & 2 deletions b/‎src/main/java/Ness/Backend/domain/auth/oAuth/OAuth2Service.java
Lines changed: 2 additions & 2 deletions
diff --git a/‎src/main/java/Ness/Backend/domain/auth/security/JwtAuthenticationEntryPoint.java
Lines changed: 35 additions & 0 deletions b/‎src/main/java/Ness/Backend/domain/auth/security/JwtAuthenticationEntryPoint.java
Lines changed: 35 additions & 0 deletions
diff --git a/‎src/main/java/Ness/Backend/domain/auth/security/SecurityConfig.java
Lines changed: 6 additions & 0 deletions b/‎src/main/java/Ness/Backend/domain/auth/security/SecurityConfig.java
Lines changed: 6 additions & 0 deletions
diff --git a/‎src/main/java/Ness/Backend/domain/chat/ChatController.java
Lines changed: 10 additions & 7 deletions b/‎src/main/java/Ness/Backend/domain/chat/ChatController.java
Lines changed: 10 additions & 7 deletions
diff --git a/‎src/main/java/Ness/Backend/domain/chat/ChatRepository.java
Lines changed: 2 additions & 1 deletion b/‎src/main/java/Ness/Backend/domain/chat/ChatRepository.java
Lines changed: 2 additions & 1 deletion
diff --git a/‎src/main/java/Ness/Backend/domain/chat/ChatService.java
Lines changed: 17 additions & 10 deletions b/‎src/main/java/Ness/Backend/domain/chat/ChatService.java
Lines changed: 17 additions & 10 deletions
@@ -4,7 +4,7 @@
 import Ness.Backend.domain.auth.dto.RegisterRequestDto;
 import Ness.Backend.domain.member.entity.Member;
 import Ness.Backend.global.auth.AuthUser;
-import Ness.Backend.global.common.response.CommonResponse;
+import Ness.Backend.global.response.ApiResponse;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.RequiredArgsConstructor;
@@ -20,7 +20,7 @@ public class AuthController {
     /* 스프링 시큐리티는 /login 경로의 요청을 받아 인증 과정을 처리 */
     @PostMapping("/login")
     @Operation(summary = "로그인 API", description = "사용자의 이메일과 비밀번호로 로그인하는 API 입니다.")
-    public CommonResponse<?> userLogin(@RequestBody LoginRequestDto loginRequestDto) {
+    public ApiResponse<?> userLogin(@RequestBody LoginRequestDto loginRequestDto) {
         return authService.login(loginRequestDto);
     }
 
@@ -32,7 +32,7 @@ public void logout(@AuthUser Member member) {
 
     @PostMapping("/signup")
     @Operation(summary = "회원가입 API", description = "사용자의 이메일과 비밀번호로 회원가입하는 API 입니다.")
-    public CommonResponse<?> userRegister(@RequestBody RegisterRequestDto registerRequestDto) {
+    public ApiResponse<?> userRegister(@RequestBody RegisterRequestDto registerRequestDto) {
         return authService.signUp(registerRequestDto);
     }
 
 
@@ -5,7 +5,7 @@
 import Ness.Backend.domain.auth.security.AuthDetails;
 import Ness.Backend.domain.member.MemberRepository;
 import Ness.Backend.domain.member.entity.Member;
-import Ness.Backend.global.common.response.CommonResponse;
+import Ness.Backend.global.response.ApiResponse;
 import lombok.RequiredArgsConstructor;
 import org.springframework.dao.DataIntegrityViolationException;
 import org.springframework.http.HttpStatus;
@@ -25,7 +25,7 @@ public class AuthService {
     private final AuthenticationManagerBuilder authenticationManagerBuilder;
 
     @Transactional
-    public CommonResponse<?> signUp(RegisterRequestDto registerRequestDto) {
+    public ApiResponse<?> signUp(RegisterRequestDto registerRequestDto) {
         try {
             /* 빌더 패턴을 사용해 MemberRole을 넘겨주지 않아도 객체 생성 가능 */
             Member member = Member.builder()
@@ -35,20 +35,20 @@ public CommonResponse<?> signUp(RegisterRequestDto registerRequestDto) {
 
             memberRepository.save(member);
 
-            return CommonResponse.postResponse(
+            return ApiResponse.postResponse(
                     HttpStatus.OK.value(),
                     "회원가입이 완료되었습니다."); //200
 
         } catch (DataIntegrityViolationException e) {
             /* 중복된 이메일 값이 삽입되려고 할 때 발생하는 예외 처리 */
-            return CommonResponse.postResponse(
+            return ApiResponse.postResponse(
                     HttpStatus.CONFLICT.value(),
                     "이미 회원 가입된 유저입니다."); //409
         }
     }
 
     @Transactional
-    public CommonResponse<?> login(LoginRequestDto loginRequestDto) {
+    public ApiResponse<?> login(LoginRequestDto loginRequestDto) {
         String email = loginRequestDto.getEmail();
         String password = loginRequestDto.getPassword();
 
@@ -69,12 +69,12 @@ public CommonResponse<?> login(LoginRequestDto loginRequestDto) {
             String authenticatedEmail = authDetails.getMember().getEmail();
 
             /* JWT 토큰 반환 */
-            return CommonResponse.postResponse(
+            return ApiResponse.postResponse(
                     HttpStatus.OK.value(),
                     "로그인에 성공했습니다."); //200
         }
 
-        return CommonResponse.postResponse(
+        return ApiResponse.postResponse(
                 HttpStatus.UNAUTHORIZED.value(),
                 "로그인에 실패했습니다. 이메일 또는 비밀번호가 일치하는지 확인해주세요."); //401
     }
 
@@ -3,21 +3,27 @@
 import Ness.Backend.domain.auth.security.AuthDetailService;
 import Ness.Backend.domain.auth.security.AuthDetails;
 import Ness.Backend.domain.member.entity.Member;
+import Ness.Backend.global.error.ErrorCode;
+import static Ness.Backend.global.error.FilterExceptionHandler.setResponse;
+
+import com.auth0.jwt.exceptions.SignatureVerificationException;
+import com.auth0.jwt.exceptions.TokenExpiredException;
 import jakarta.servlet.FilterChain;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
-
 import java.io.IOException;
 
 /* 사용자의 권한 부여
  * 요청에 포함된 JWT 토큰을 검증하고, 토큰에서 추출한 권한 정보를 기반으로 사용자에 대한 권한을 확인
  * 모든 사용자가 모든 리소스에 대한 권한을 가지는 것은 아님-특정 리소스에 대한 권한만 가지도록 해야 함*/
+@Slf4j
 public class JwtAuthorizationFilter extends BasicAuthenticationFilter {
     private JwtTokenProvider jwtTokenProvider;
 
@@ -41,19 +47,34 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
 
         /* 헤더 안의 JWT 토큰을 검증해 정상적인 사용자인지 확인 */
         String jwtToken = jwtHeader.substring(7);
-        Member tokenMember = jwtTokenProvider.validJwtToken(jwtToken);
 
-        if(tokenMember != null){ //토큰이 정상일 경우
-            AuthDetails authDetails = new AuthDetails(tokenMember);
+        try {
+            Member tokenMember = jwtTokenProvider.validJwtToken(jwtToken);
+
+            if(tokenMember != null){ //토큰이 정상일 경우
+                AuthDetails authDetails = new AuthDetails(tokenMember);
 
-            /* JWT 토큰 서명이 정상이면 Authentication 객체 생성 */
-            Authentication authentication = new UsernamePasswordAuthenticationToken(authDetails, null, authDetails.getAuthorities());
+                /* JWT 토큰 서명이 정상이면 Authentication 객체 생성 */
+                Authentication authentication = new UsernamePasswordAuthenticationToken(authDetails, null, authDetails.getAuthorities());
 
-            /* 시큐리티 세션에 Authentication 을 저장 */
-            SecurityContextHolder.getContext().setAuthentication(authentication);
+                /* 시큐리티 세션에 Authentication 을 저장 */
+                SecurityContextHolder.getContext().setAuthentication(authentication);
+           }
+
+            chain.doFilter(request, response);
 
-            SecurityContextHolder.getContext().setAuthentication(authentication);
+        } catch (TokenExpiredException e){
+            log.error("EXPIRED_TOKEN");
+            request.setAttribute("exception", ErrorCode.EXPIRED_TOKEN.getCode());
+            setResponse(response, ErrorCode.EXPIRED_TOKEN);
+        } catch (SignatureVerificationException e){
+            log.error("INVALID_TOKEN_SIGNATURE");
+            request.setAttribute("exception", ErrorCode.INVALID_TOKEN_SIGNATURE.getCode());
+            setResponse(response, ErrorCode.INVALID_TOKEN_SIGNATURE);
+        } catch (Exception e){
+            log.error("TOKEN_EXCEPTION");
+            request.setAttribute("exception", ErrorCode.TOKEN_ERROR.getCode());
+            setResponse(response, ErrorCode.TOKEN_ERROR);
         }
-        chain.doFilter(request, response);
     }
 }
@@ -7,6 +7,7 @@
 import com.auth0.jwt.algorithms.Algorithm;
 import jakarta.annotation.PostConstruct;
 import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.web.client.HttpServerErrorException;
 
@@ -19,6 +20,7 @@
 
 /* JSON Web Token (JWT)을 생성하고 검증하는 역할 */
 @RequiredArgsConstructor
+@Slf4j
 public class JwtTokenProvider {
 
     private final MemberRepository memberRepository;
@@ -127,21 +129,23 @@ public Member validJwtToken(String jwtToken){
         /* email 값이 null이 아닌지 확인 */
         String authKey = getAuthKeyClaim(jwtToken);
         if (authKey == null){ //null 값이라면 올바른 jwtToken이 아님
-            //throw new UnauthorizedException(ErrorCode.INVALID_AUTH_TOKEN);
+            //TODO: 명시적 throw new 에러를 하지 않아도 자동 에러 감지되는 이유 파악 필요
             return null;
         }
 
         /* JWT_EXPIRATION_TIME이 지나지 않았는지 확인 */
-        Date expiresAt =getExpireTimeClaim(jwtToken);
+        Date expiresAt = getExpireTimeClaim(jwtToken);
         if (!this.validExpiredTime(expiresAt)) { //만료시간이 지났다면 올바른 jwtToken이 아님
-            //throw new UnauthorizedException(ErrorCode.EXPIRED_TOKEN);
             return null;
         }
 
         /* email 값이 정상적으로 있고, JWT_EXPIRATION_TIME도 지나지 않았다면,
          * 해당 토큰의 email 정보를 가진 맴버가 있는지 DB에서 확인 */
-        //Member tokenUser = memberRepository.findMemberByEmail(email);
+        Member tokenMember = memberRepository.findMemberByEmail(authKey);
+        if (tokenMember == null) { //DB에 해당 맴버가 없다면 올바른 jwtToken이 아님
+            return null;
+        }
 
-        return memberRepository.findMemberByEmail(authKey);
+        return tokenMember;
     }
 }
@@ -17,7 +17,7 @@
 import Ness.Backend.global.auth.oAuth.naver.NaverOAuthApi;
 import Ness.Backend.global.auth.oAuth.naver.NaverResourceApi;
 import Ness.Backend.global.error.ErrorCode;
-import Ness.Backend.global.error.exception.UnauthorizedException;
+import Ness.Backend.global.error.exception.UnauthorizedAccessException;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.core.env.Environment;
@@ -201,7 +201,7 @@ private ResourceDto getUserResource(String accessToken, String registration) {
     public void logout(Member member) {
         /* refreshToken 만료 여부 확인 */
         if (!refreshTokenRepository.existsById(member.getId())) {
-            throw new UnauthorizedException(ErrorCode.INVALID_REFRESH_TOKEN);
+            throw new UnauthorizedAccessException(ErrorCode.INVALID_REFRESH_TOKEN);
         }
 
         refreshTokenRepository.deleteById(member.getId());
 
@@ -0,0 +1,35 @@
+package Ness.Backend.domain.auth.security;
+
+import Ness.Backend.global.error.ErrorCode;
+import Ness.Backend.global.error.exception.ExpiredTokenException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.web.AuthenticationEntryPoint;
+
+import java.io.IOException;
+
+@Slf4j
+public class JwtAuthenticationEntryPoint implements AuthenticationEntryPoint {
+    //BasicAuthenticationEntryPoint
+    //AuthenticationEntryPoint
+    @Override
+    public void commence(HttpServletRequest request,
+                         HttpServletResponse response,
+                         AuthenticationException authenticationException) throws IOException, ServletException {
+        log.error("JwtAuthenticationEntryPoint 호출");
+        String exception = (String)request.getAttribute("exception");
+        if(exception.equals(ErrorCode.EXPIRED_TOKEN.getCode())) {
+            response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+            response.setCharacterEncoding("utf-8");
+            response.setContentType("application/json");
+            ExpiredTokenException expiredTokenException = new ExpiredTokenException();
+            ObjectMapper objectMapper = new ObjectMapper();
+            String result = objectMapper.writeValueAsString(expiredTokenException);
+            response.getWriter().write(result);
+        }
+    }
+}
@@ -81,6 +81,12 @@ public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Excepti
                 .sessionManagement(c -> c.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) //세션을 생성하지 않음->토큰 기반 인증 필요
                 .addFilter(new JwtAuthenticationFilter(authenticationManager(), jwtTokenProvider(), refreshTokenService))  //사용자 인증
                 .addFilter(new JwtAuthorizationFilter(authenticationManager(),  jwtTokenProvider(), authDetailService)) //사용자 권한 부여
+                /*
+                .exceptionHandling((exceptionHandling) ->
+
+                        exceptionHandling.authenticationEntryPoint(new JwtAuthenticationEntryPoint())
+                ) //인가(Authorization)가 실패시 실행, 항상 JwtAuthenticationFilter 뒤에 설정되어 있어야 함.
+                 */
                 .authorizeHttpRequests(requests -> requests
                         .dispatcherTypeMatchers(DispatcherType.FORWARD).permitAll()
                         //.requestMatchers("/signup/**", "/login/**").permitAll() // 회원가입 및 로그인 경로는 인증 생략
 
@@ -27,24 +27,27 @@ public ResponseEntity<GetChatListDto> getUserChat(){
         return new ResponseEntity<>(oneUserChats, HttpStatusCode.valueOf(200));
     }
 
-    @PostMapping("/dev")
-    @Operation(summary = "새로운 채팅으로 AI와 통신", description = "새로운 채팅 내역을 저장하고, AI의 응답을 받는 API 입니다.")
-    public ResponseEntity<GetAiChatDto> postAiChat(@RequestBody PostUserChatDto postUserChatDto){
-        GetAiChatDto answer = chatService.postNewUserChat(1L, postUserChatDto);
-        return new ResponseEntity<>(answer, HttpStatusCode.valueOf(200));
-    }
-
     @GetMapping("")
     @Operation(summary = "한 사용자의 채팅 내역", description = "한 사용자의 일주일치 채팅 내역을 반환하는 API 입니다.")
     public ResponseEntity<GetChatListDto> getUserChat(@AuthUser Member member){
         GetChatListDto oneUserChats = chatService.getOneWeekUserChat(member.getId());
         return new ResponseEntity<>(oneUserChats, HttpStatusCode.valueOf(200));
     }
 
+    /*
     @PostMapping("")
     @Operation(summary = "새로운 채팅으로 AI와 통신", description = "새로운 채팅 내역을 저장하고, AI의 응답을 받는 API 입니다.")
     public ResponseEntity<GetAiChatDto> postAiChat(@AuthUser Member member, @RequestBody PostUserChatDto postUserChatDto){
         GetAiChatDto answer = chatService.postNewUserChat(member.getId(), postUserChatDto);
         return new ResponseEntity<>(answer, HttpStatusCode.valueOf(200));
+    }*/
+
+
+    // 03-29 수정 버전
+    @PostMapping("")
+    @Operation(summary = "새로운 채팅으로 AI와 통신", description = "새로운 채팅 내역을 저장하고, 새로운 내역을 포함해서 AI의 응답을 받는 API 입니다.")
+    public ResponseEntity<GetChatListDto> postAiChat(@AuthUser Member member, @RequestBody PostUserChatDto postUserChatDto) {
+        GetChatListDto oneUserChats = chatService.postNewUserChat(member.getId(), postUserChatDto);
+        return new ResponseEntity<>(oneUserChats, HttpStatusCode.valueOf(200));
     }
 }
@@ -15,7 +15,8 @@ public interface ChatRepository extends JpaRepository<Chat, Long>{
     // 특정 맴버의 일주일치 데이터만 반환
     @Query( value = "SELECT * FROM chat " +
             "WHERE member_id = :memberId " +
-            "AND created_date BETWEEN DATE_ADD(NOW(), INTERVAL -1 WEEK) AND NOW() " +
+            "AND created_date >= DATE_SUB(NOW(), INTERVAL 1 WEEK) " +
+            //"AND created_date BETWEEN DATE_ADD(NOW(), INTERVAL -1 WEEK) AND NOW() " +
             "ORDER BY created_date ASC",
             nativeQuery = true)
     List<Chat> findOneWeekUserChatsByMember_Id(
 
@@ -2,11 +2,11 @@
 
 import Ness.Backend.domain.chat.dto.request.PostUserChatDto;
 import Ness.Backend.domain.chat.dto.request.PostFastApiUserChatDto;
-import Ness.Backend.domain.chat.dto.response.GetAiChatDto;
 import Ness.Backend.domain.chat.dto.response.GetChatDto;
 import Ness.Backend.domain.chat.dto.response.GetChatListDto;
 import Ness.Backend.domain.chat.dto.response.PostFastApiAiChatDto;
 import Ness.Backend.domain.chat.entity.Chat;
+import Ness.Backend.domain.chat.entity.ChatType;
 import Ness.Backend.domain.member.MemberRepository;
 import Ness.Backend.domain.member.entity.Member;
 import Ness.Backend.global.fastApi.FastApiChatApi;
@@ -22,7 +22,7 @@
 @Service
 @RequiredArgsConstructor
 @Slf4j
-@Transactional(readOnly = true)
+@Transactional
 public class ChatService {
     private final ChatRepository chatRepository;
     private final MemberRepository memberRepository;
@@ -43,29 +43,36 @@ public GetChatListDto getOneWeekUserChat(Long id){
         return new GetChatListDto(getChatDtos);
     }
 
-    @Transactional
-    public GetAiChatDto postNewUserChat(Long id, PostUserChatDto postUserChatDto){
+    public GetChatListDto postNewUserChat(Long id, PostUserChatDto postUserChatDto){
         Member memberEntity = memberRepository.findMemberById(id);
-        //새로운 채팅 생성
-        Chat newChat = Chat.builder()
+        //새로운 유저 채팅 저장
+        Chat newUserChat = Chat.builder()
                 .createdDate(LocalDateTime.now(ZoneId.of("Asia/Seoul"))
                         .atZone(ZoneId.of("Asia/Seoul")))
                 .text(postUserChatDto.getText())
                 .chatType(postUserChatDto.getChatType())
                 .member(memberEntity)
                 .build();
-        chatRepository.save(newChat);
+
+        chatRepository.save(newUserChat);
 
         String answer = postNewAiChat(id, postUserChatDto.getText());
         String parsedAnswer = parseAiChat(answer);
 
-        GetAiChatDto getAiChatDto = GetAiChatDto.builder()
-                .answer(parsedAnswer)
+        //AI 챗 답변 저장
+        Chat newAiChat = Chat.builder()
+                .createdDate(LocalDateTime.now(ZoneId.of("Asia/Seoul"))
+                        .atZone(ZoneId.of("Asia/Seoul")))
+                .text(parsedAnswer)
+                .chatType(ChatType.AI)
+                .member(memberEntity)
                 .build();
 
-        return getAiChatDto;
+        chatRepository.save(newAiChat);
+        return getOneWeekUserChat(id);
     }
 
+    /* ChatGPT가 답변의 앞뒤에 \를 포함시키므로, 제거 필요 */
     public String parseAiChat(String text){
         return text.replace("\"", "");
     }