[Feature] 리프레시 토큰 적용

build.gradle

@@ -31,6 +31,7 @@ dependencies {
     // 데이터베이스
     implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
     implementation 'mysql:mysql-connector-java:8.0.33' // MySQL 의존성 추가 (MySQL JDBC 드라이버)
+    runtimeOnly 'com.h2database:h2'
 
     // 보안
     implementation 'org.springframework.boot:spring-boot-starter-oauth2-client'
@@ -60,6 +61,9 @@ dependencies {
     //POI
     implementation 'org.apache.poi:poi-ooxml:5.3.0'
     implementation 'org.apache.commons:commons-compress:1.27.1'
+
+    // Redis
+    implementation 'org.springframework.boot:spring-boot-starter-data-redis'
 }
 
 tasks.named('test') {

src/main/java/dbdr/domain/careworker/controller/CareworkerController.java

@@ -4,20 +4,24 @@
 import dbdr.domain.careworker.dto.response.CareworkerResponseDTO;
 import dbdr.domain.careworker.service.CareworkerService;
 import jakarta.validation.Valid;
+import java.net.URI;
+import java.util.List;
 import lombok.RequiredArgsConstructor;
-
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.http.ResponseEntity;
-import org.springframework.security.access.prepost.PreAuthorize;
-import org.springframework.web.bind.annotation.*;
-
-import java.net.URI;
-import java.util.List;
+import org.springframework.web.bind.annotation.DeleteMapping;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.PutMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.RestController;
 
 @RestController
 @RequestMapping("/${spring.app.version}/careworker")
 @RequiredArgsConstructor
-@PreAuthorize("hasAnyAuthority('ADMIN')")
 public class CareworkerController {
 
     private final CareworkerService careworkerService;
@@ -27,7 +31,7 @@ public class CareworkerController {
 
     @GetMapping
     public ResponseEntity<List<CareworkerResponseDTO>> getAllCareworkers(
-        @RequestParam(value = "institutionId", required = false) Long institutionId) {
+            @RequestParam(value = "institutionId", required = false) Long institutionId) {
         List<CareworkerResponseDTO> careworkerList;
         if (institutionId != null) {
             careworkerList = careworkerService.getCareworkersByInstitution(institutionId);
@@ -39,25 +43,25 @@ public ResponseEntity<List<CareworkerResponseDTO>> getAllCareworkers(
 
     @GetMapping("/{id}")
     public ResponseEntity<CareworkerResponseDTO> getCareworkerById(
-        @PathVariable Long id) {
+            @PathVariable Long id) {
         CareworkerResponseDTO careworker = careworkerService.getCareworkerById(id);
         return ResponseEntity.ok(careworker);
     }
 
     @PostMapping
     public ResponseEntity<CareworkerResponseDTO> createCareworker(
-        @Valid @RequestBody CareworkerRequestDTO careworkerDTO) {
+            @Valid @RequestBody CareworkerRequestDTO careworkerDTO) {
         CareworkerResponseDTO newCareworker = careworkerService.createCareworker(careworkerDTO);
         return ResponseEntity.created(
-                URI.create("/" + appVersion + "/careworker/" + newCareworker.getId()))
-            .body(newCareworker);
+                        URI.create("/" + appVersion + "/careworker/" + newCareworker.getId()))
+                .body(newCareworker);
     }
 
     @PutMapping("/{id}")
     public ResponseEntity<CareworkerResponseDTO> updateCareworker(@PathVariable Long id,
-        @Valid @RequestBody CareworkerRequestDTO careworkerDTO) {
+                                                                  @Valid @RequestBody CareworkerRequestDTO careworkerDTO) {
         CareworkerResponseDTO updatedCareworker = careworkerService.updateCareworker(id,
-            careworkerDTO);
+                careworkerDTO);
         return ResponseEntity.ok(updatedCareworker);
     }
 

src/main/java/dbdr/domain/careworker/repository/CareworkerRepository.java

@@ -11,12 +11,14 @@ public interface CareworkerRepository extends JpaRepository<Careworker, Long> {
 
     List<Careworker> findByInstitutionId(Long institutionId);
 
-    boolean existsByEmail(String email);
-
     Optional<Careworker> findByLineUserId(String userId);
 
     List<Careworker> findByAlertTime(LocalTime currentTime);
 
 	Optional<Careworker> findByPhone(String phoneNumber);
+
+    boolean existsByEmail(String email);
+
     boolean existsByPhone(String phone);
 }
+

src/main/java/dbdr/domain/chart/dto/response/ChartDetailResponse.java

@@ -2,6 +2,7 @@
 
 public record ChartDetailResponse(
         Long chartId,
+        String conditionDisease,
         BodyManagementResponse bodyManagement,
         NursingManagementResponse nursingManagement,
         CognitiveManagementResponse cognitiveManagement,

src/main/java/dbdr/domain/chart/entity/Chart.java

@@ -3,6 +3,7 @@
 
 import dbdr.domain.core.base.entity.BaseEntity;
 import dbdr.domain.recipient.entity.Recipient;
+import jakarta.persistence.CascadeType;
 import jakarta.persistence.Column;
 import jakarta.persistence.Entity;
 import jakarta.persistence.FetchType;
@@ -33,19 +34,19 @@ public class Chart extends BaseEntity {
     @Column(nullable = false, length = 500)
     private String conditionDisease;
 
-    @OneToOne
+    @OneToOne(cascade = CascadeType.ALL)
     @JoinColumn(name = "body_management_id")
     private BodyManagement bodyManagement;
 
-    @OneToOne
+    @OneToOne(cascade = CascadeType.ALL)
     @JoinColumn(name = "nursing_management_id")
     private NursingManagement nursingManagement;
 
-    @OneToOne
+    @OneToOne(cascade = CascadeType.ALL)
     @JoinColumn(name = "recovery_training_id")
     private RecoveryTraining recoveryTraining;
 
-    @OneToOne
+    @OneToOne(cascade = CascadeType.ALL)
     @JoinColumn(name = "cognitive_management_id")
     private CognitiveManagement cognitiveManagement;
 

src/main/java/dbdr/global/configuration/RedisConfig.java

@@ -0,0 +1,59 @@
+package dbdr.global.configuration;
+
+
+import io.lettuce.core.ClientOptions;
+import io.lettuce.core.SocketOptions;
+import java.time.Duration;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.data.redis.connection.RedisConnectionFactory;
+import org.springframework.data.redis.connection.RedisStandaloneConfiguration;
+import org.springframework.data.redis.connection.lettuce.LettuceClientConfiguration;
+import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
+import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.data.redis.serializer.StringRedisSerializer;
+
+@Configuration
+public class RedisConfig {
+
+    @Value("${spring.data.redis.host}")
+    private String host;
+
+    @Value("${spring.data.redis.port}")
+    private int port;
+
+    @Bean
+    public RedisConnectionFactory redisConnectionFactory() {
+        RedisStandaloneConfiguration redisConfig = new RedisStandaloneConfiguration();
+        redisConfig.setHostName(host);
+        redisConfig.setPort(port);
+        return new LettuceConnectionFactory(redisConfig, clientConfig());
+    }
+
+    @Bean
+    public LettuceClientConfiguration clientConfig() {
+        return LettuceClientConfiguration.builder()
+                // 서버 배포시 ssl 사용으로 돌려야함
+                //.useSsl()
+                //.and()
+                .clientOptions(
+                        ClientOptions.builder()
+                                .socketOptions(SocketOptions.builder()
+                                        .connectTimeout(Duration.ofSeconds(10))  // 연결 타임아웃 설정
+                                        .build()
+                                )
+                                .build()
+                )
+                .build();
+    }
+
+    @Bean
+    public RedisTemplate<String, Object> redisTemplate(RedisConnectionFactory connectionFactory) {
+        RedisTemplate<String, Object> template = new RedisTemplate<>();
+        template.setConnectionFactory(connectionFactory);
+        template.setKeySerializer(new StringRedisSerializer());
+        template.setValueSerializer(new StringRedisSerializer());
+        return template;
+    }
+}

src/main/java/dbdr/global/exception/ApplicationError.java

@@ -13,6 +13,7 @@ public enum ApplicationError {
     ACCESS_NOT_ALLOWED(HttpStatus.FORBIDDEN, "접근 권한이 없습니다."),
     TOKEN_EXPIRED(HttpStatus.UNAUTHORIZED, "만료된 토큰입니다."),
     PASSWORD_NOT_MATCH(HttpStatus.UNAUTHORIZED, "비밀번호가 일치하지 않습니다."),
+    REFRESH_TOKEN_EXPIRED(HttpStatus.UNAUTHORIZED, "유효하지 않은 리프레시 토큰입니다. 재로그인 해주세요."),
 
     // Guardian (보호자)
     GUARDIAN_NOT_FOUND(HttpStatus.NOT_FOUND, "해당 보호자를 찾을 수가 없습니다."),

src/main/java/dbdr/global/util/api/JwtUtils.java

@@ -0,0 +1,11 @@
+package dbdr.global.util.api;
+
+public class JwtUtils {
+    public static final String ISSUER = "CareBridge";
+    public static final String TOKEN_PREFIX = "Bearer ";
+    public static final long REFRESH_TOKEN_EXPIRATION_TIME = 60 * 60 * 24 * 30L; // 30일
+    public static final long ACCESS_TOKEN_EXPIRATION_TIME = 60 * 60; // 1시간
+
+    private JwtUtils() {
+    }
+}

src/main/java/dbdr/security/config/ExceptionHandlingFilter.java

@@ -0,0 +1,70 @@
+package dbdr.security.config;
+
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+import dbdr.global.util.api.ApiUtils;
+import io.jsonwebtoken.ExpiredJwtException;
+import io.jsonwebtoken.JwtException;
+import io.jsonwebtoken.MalformedJwtException;
+import io.jsonwebtoken.UnsupportedJwtException;
+import io.jsonwebtoken.security.SignatureException;
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import lombok.NonNull;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.http.HttpStatus;
+import org.springframework.stereotype.Component;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+@Component
+@Slf4j
+public class ExceptionHandlingFilter extends OncePerRequestFilter {
+
+    private final ObjectMapper objectMapper = new ObjectMapper();
+
+    @Override
+    protected void doFilterInternal(@NonNull HttpServletRequest request,
+                                    @NonNull HttpServletResponse response,
+                                    @NonNull FilterChain filterChain) throws ServletException, IOException {
+        try {
+            filterChain.doFilter(request, response);
+        } catch (Exception ex) {
+            handleException(request, response, ex);
+        }
+    }
+
+    private void handleException(HttpServletRequest request, HttpServletResponse response, Exception ex)
+            throws IOException {
+        ApiUtils.ApiResult<?> apiResult;
+        HttpStatus status = HttpStatus.UNAUTHORIZED;
+
+        if (ex instanceof ExpiredJwtException) {
+            apiResult = ApiUtils.error(status, "토큰이 만료되었습니다.");
+        } else if (ex instanceof UnsupportedJwtException) {
+            apiResult = ApiUtils.error(status, "지원하지 않는 토큰 형식입니다.");
+        } else if (ex instanceof MalformedJwtException) {
+            apiResult = ApiUtils.error(status, "토큰의 형식이 올바르지 않습니다.");
+        } else if (ex instanceof SignatureException || ex instanceof SecurityException) {
+            apiResult = ApiUtils.error(status, "토큰의 서명이 유효하지 않습니다.");
+        } else if (ex instanceof IllegalArgumentException) {
+            apiResult = ApiUtils.error(status, "토큰이 제공되지 않았습니다.");
+        } else if (ex instanceof JwtException) {
+            apiResult = ApiUtils.error(status, "유효하지 않은 토큰입니다.");
+        } else {
+            status = HttpStatus.INTERNAL_SERVER_ERROR;
+            apiResult = ApiUtils.error(status, "서버 오류가 발생했습니다.");
+        }
+
+        log.error("Security Exception 발생: [{}] {}", request.getRequestURI(), ex.getMessage());
+
+        response.setStatus(status.value());
+        response.setContentType("application/json");
+        response.setCharacterEncoding("UTF-8");
+
+        String jsonResponse = objectMapper.writeValueAsString(apiResult);
+        response.getWriter().write(jsonResponse);
+    }
+}

src/main/java/dbdr/security/config/JwtFilter.java

@@ -1,6 +1,11 @@
 package dbdr.security.config;
 
 import dbdr.security.service.JwtProvider;
+import io.jsonwebtoken.ExpiredJwtException;
+import io.jsonwebtoken.JwtException;
+import io.jsonwebtoken.MalformedJwtException;
+import io.jsonwebtoken.UnsupportedJwtException;
+import io.jsonwebtoken.security.SignatureException;
 import jakarta.servlet.FilterChain;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
@@ -20,17 +25,21 @@ public class JwtFilter extends OncePerRequestFilter {
 
     @Override
     protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
-        FilterChain filterChain) throws ServletException, IOException {
+                                    FilterChain filterChain) throws ServletException, IOException {
 
-        String token = request.getHeader("Authorization");
+        String token = jwtProvider.extractToken(request);
 
         if (token != null) {
             try {
                 //jwtProvider.validateToken(token);
                 Authentication authentication = jwtProvider.getAuthentication(token);
                 SecurityContextHolder.getContext().setAuthentication(authentication);
+            } catch (ExpiredJwtException | UnsupportedJwtException | MalformedJwtException |
+                     SignatureException | SecurityException | IllegalArgumentException ex) {
+                throw ex;
             } catch (Exception e) {
                 log.debug("토큰 유저 정보 추출 실패 : {}", e.getMessage());
+                throw new JwtException("유효하지 않은 토큰입니다.");
             }
         }