Code Monkey home page Code Monkey logo

login-server's Introduction

๐Ÿ“Œ Login Server

  • ํšŒ์›๊ฐ€์ž… ๋ฐ ๋กœ๊ทธ์ธ ๊ธฐ๋Šฅ ๊ตฌํ˜„ ์ €์žฅ์†Œ์ž…๋‹ˆ๋‹ค.

๊ฐœ๋ฐœ ํ™˜๊ฒฝ

  • Language : Java 17
  • Framework : Springboot 3.2.2
  • ORM : JPA
  • Build Tool : Gradle
  • Dev Tool : IntelliJ
  • Test : JUnit 5
  • DB : H2

๐ŸŒˆ ์‹คํ–‰ ๋ฐฉ๋ฒ• ๋ฐ ๊ตฌํ˜„ ์„ค๋ช…

Database : H2

Springdoc OpenApi (Swagger)

  • Springdoc OpenApi(Swagger) URL : http://localhost:8080/swagger-ui/index.html
  • Springdoc OpenApi(Swagger)๋กœ APIs Spec์„ ๋ฌธ์„œํ™” ํ–ˆ์Šต๋‹ˆ๋‹ค.
  • Swagger ๊ธฐ๋Šฅ ์ค‘ ํ•˜๋‚˜์ธ, ์ „์—ญ์ธ์ฆ์„ ๋„์ž…ํ•˜์—ฌ API ํ…Œ์ŠคํŠธ๋ฅผ ์›ํ™œํ•˜๊ฒŒ ํ–ˆ์Šต๋‹ˆ๋‹ค.

์ธ์ฆ ๋ฐ ์ธ๊ฐ€

  1. ์ธ์ฆ ๋ฐ ์ธ๊ฐ€ ๊ธฐ๋Šฅ์€ ์ˆ˜์›”ํ•œ URL ๋ถ„๋ฆฌ์™€ ํ…Œ์ŠคํŠธ ํ™˜๊ฒฝ, ๊ถŒํ•œ ์ œ์–ด ๋“ฑ์„ ์œ„ํ•ด Spring Security ํ™˜๊ฒฝ์—์„œ JWT๋ฅผ ์ด์šฉํ•ด ๊ตฌํ˜„ํ–ˆ์Šต๋‹ˆ๋‹ค.
  2. ๋ณด์•ˆ์„ ์œ„ํ•ด ์ธ๊ฐ€ ์‹คํŒจ ์‹œ, 403 ์—๋Ÿฌ ๋Œ€์‹ ์— 404 ์—๋Ÿฌ๋ฅผ ๋ฐ˜ํ™˜ํ•˜๋„๋ก ๊ตฌํ˜„ํ–ˆ์Šต๋‹ˆ๋‹ค.
  3. ์ธ์ฆ/์ธ๊ฐ€ ํ•„ํ„ฐ ์ฒ˜๋ฆฌ
    • ์š”์ฒญ์„ ๋ณด๋‚ผ ๋•Œ, SecurityConfig์— ์„ค์ •๋œ ์ฃผ์†Œ๋Š” OncePerRequestFilter๋ฅผ ์ปค์Šคํ„ฐ๋งˆ์ด์ง•ํ•œ ์ธ์ฆ/์ธ๊ฐ€ ํ•„ํ„ฐ๋ฅผ ๊ฑฐ์ณ ์ฒ˜๋ฆฌ๊ฐ€ ๋˜๋„๋ก ๊ตฌํ˜„ํ–ˆ์Šต๋‹ˆ๋‹ค.
    • ํ•„ํ„ฐ์—์„œ๋Š” accessToken๊ณผ refreshToken์„ ๊ฒ€์ฆํ•˜์—ฌ ์œ ํšจํ•˜๋‹ค๋ฉด, SecurityContext์—์„œ ๊ด€๋ฆฌ๋˜๋„๋ก ๊ตฌํ˜„ํ–ˆ์Šต๋‹ˆ๋‹ค.
  4. @AuthenticationPrincipal
    • ํ•ด๋‹น ์–ด๋…ธํ…Œ์ด์…˜์„ ์ปค์Šคํ…€ํ•˜์—ฌ SecurityContext์— ์ €์žฅ๋œ ์‚ฌ์šฉ์ž๋Š” ์š”์ฒญ๊ณผ ๋™์‹œ์— ํ•„์š”ํ•œ ์ •๋ณด๋ฅผ ํ•จ๊ป˜ ์ค„ ์ˆ˜ ์žˆ๋„๋ก ๊ตฌํ˜„ํ–ˆ์Šต๋‹ˆ๋‹ค.

ํ…Œ์ŠคํŠธ ์ฝ”๋“œ

  1. ํ…Œ์ŠคํŠธ ์ฝ”๋“œ๋Š” JUnit5๋ฅผ ํ™œ์šฉํ•ด ์ด 37๊ฐœ๋ฅผ ์ž‘์„ฑํ–ˆ๊ณ  ํ…Œ์ŠคํŠธ ์ปค๋ฒ„๋ฆฌ์ง€๋Š” Class 95%, Method 93%, Line 93%์ž…๋‹ˆ๋‹ค.
  2. ์ปจํŠธ๋กค๋Ÿฌ๋Š” ํ†ตํ•ฉ ํ…Œ์ŠคํŠธ๋ฅผ ์ง„ํ–‰ํ–ˆ๊ณ , ๊ทธ ์™ธ๋Š” ๋‹จ์œ„ ํ…Œ์ŠคํŠธ๋ฅผ ์ง„ํ–‰ํ–ˆ์Šต๋‹ˆ๋‹ค.

ํšŒ์›๊ฐ€์ž… ๊ธฐ๋Šฅ ์„ค๋ช…

  1. ๊ฐœ์ธ ์ •๋ณด ์•”ํ˜ธํ™”
    • ๋น„๋ฐ€๋ฒˆํ˜ธ : Spring Security PasswordEncoder ์ธํ„ฐํŽ˜์ด์Šค ๊ตฌํ˜„์ฒด์ธ Bcrypt ์•”ํ˜ธํ™” ๋ฐฉ์‹์„ ์‚ฌ์šฉํ–ˆ์Šต๋‹ˆ๋‹ค.
    • ์ฃผ๋ฏผ๋“ฑ๋ก๋ฒˆํ˜ธ : ์ค‘๋ณต ๊ฒ€์‚ฌ๋ฅผ ์œ„ํ•ด AES-128 ์•”/๋ณตํ˜ธํ™” ๋ฐฉ์‹์„ ํ™œ์šฉํ–ˆ์Šต๋‹ˆ๋‹ค.

๋กœ๊ทธ์ธ ๊ธฐ๋Šฅ ์„ค๋ช…

  1. ๋กœ๊ทธ์ธ์„ ์„ฑ๊ณต์ ์œผ๋กœ ํ•˜๋ฉด ์—‘์„ธ์Šค ํ† ํฐ ๋ฐ ๋ฆฌํ”„๋ ˆ์‰ฌ ํ† ํฐ์„ ๋ฐœ๊ธ‰ ์‘๋‹ตํ•ด์ค๋‹ˆ๋‹ค.
  2. ์ดˆ๋ฐ˜์— ๋ฐœ๊ธ‰๋œ ํ† ํฐ์€ Authorization Header์—์„œ ๊ด€๋ฆฌ๋ฉ๋‹ˆ๋‹ค.
  3. ์—‘์„ธ์Šค ํ† ํฐ
    • ์‚ฌ์šฉ์ž ์•„์ด๋””์™€, ์‚ฌ์šฉ์ž ์ด๋ฆ„, ์‚ฌ์šฉ์ž ๊ถŒํ•œ์„ ํด๋ ˆ์ž„ ์ •๋ณด๋กœ ๊ฐ–๊ฒŒ ํ–ˆ์Šต๋‹ˆ๋‹ค.
    • ๋ณด์•ˆ(ํ† ํฐ ํƒˆ์ทจ)์„ ์œ„ํ•ด ๋งŒ๋ฃŒ๊ธฐ๊ฐ„์€ ์งง๊ฒŒ ๊ฐ€์ ธ๊ฐ”์Šต๋‹ˆ๋‹ค. (5๋ถ„)
  4. ๋ฆฌํ”„๋ ˆ์‰ฌ ํ† ํฐ
    • ์—‘์„ธ์Šค ํ† ํฐ ์žฌ๋ฐœ๊ธ‰์„ ์œ„ํ•ด ๋งŒ๋“ค์—ˆ๊ธฐ ๋•Œ๋ฌธ์—, ์‚ฌ์šฉ์ž ์•„์ด๋””๋งŒ ํด๋ ˆ์ž„ ์ •๋ณด๋กœ ๊ฐ–๊ฒŒ ํ–ˆ์Šต๋‹ˆ๋‹ค.
    • ์žฌ๋ฐœ๊ธ‰ ์šฉ๋„๋กœ๋งŒ ์‚ฌ์šฉ๋˜๊ธฐ ๋•Œ๋ฌธ์—, ๋งŒ๋ฃŒ๊ธฐ๊ฐ„์€ ๊ธธ๊ฒŒ ๊ฐ€์ ธ๊ฐ”์Šต๋‹ˆ๋‹ค. (7์ผ)
    • ๋ณด์•ˆ์„ ์œ„ํ•ด ์—‘์„ธ์Šค ํ† ํฐ ์žฌ๋ฐœ๊ธ‰ ์‹œ, ๋ฆฌํ”„๋ ˆ์‰ฌ ํ† ํฐ๋„ ํ•จ๊ป˜ ์žฌ๋ฐœ๊ธ‰ ํ•˜๋„๋ก ๊ตฌํ˜„ํ–ˆ์Šต๋‹ˆ๋‹ค.
    • ๋ฆฌํ”„๋ ˆ์‰ฌ ํ† ํฐ์€ ํ˜„์žฌ ๋ฐ์ดํ„ฐ๋ฒ ์ด์Šค์—์„œ ๊ด€๋ฆฌ๋˜๊ณ  ํ† ํฐ ์žฌ๋ฐœ๊ธ‰ํ•  ๋•Œ๋งˆ๋‹ค ์—…๋ฐ์ดํŠธ๋ฉ๋‹ˆ๋‹ค.
      • ํด๋ก  ํ›„ ๋ฐ”๋กœ ๋ณ„๋„ ์„ค์ •์—†์ด ๋ฐ”๋กœ ์‹คํ–‰ํ•ด๋ณผ ์ˆ˜ ์žˆ๋„๋ก Redis๋กœ ๊ด€๋ฆฌํ•˜์ง€ ์•Š์Šต๋‹ˆ๋‹ค.

๐Ÿ‘ฉโ€๐Ÿ’ป ์š”๊ตฌ ์ƒ์„ธ

  • Java17 , Spring Boot 3.x , JPA , H2 , Gradle๋ฅผ ํ™œ์šฉํ•ฉ๋‹ˆ๋‹ค.
    • H2 Embedded DB๋ฅผ ์‚ฌ์šฉํ•˜๋˜, ๋ฉ”๋ชจ๋ฆฌ ๋ชจ๋“œ๋กœ ์‹คํ–‰ํ•  ์ˆ˜ ์žˆ๊ฒŒ ์„ค์ •ํ–ˆ์Šต๋‹ˆ๋‹ค.
  • API ๊ตฌํ˜„
    • ํšŒ์›๊ฐ€์ž…
    • ๋กœ๊ทธ์ธ
  • ๋ชจ๋“  ์š”์ฒญ/์‘๋‹ต application/json ํƒ€์ž…์œผ๋กœ ๊ตฌํ˜„ํ–ˆ์Šต๋‹ˆ๋‹ค.
  • ๊ฐ ๊ธฐ๋Šฅ ๋ฐ ์ œ์•ฝ์‚ฌํ•ญ์— ๋Œ€ํ•œ ํ…Œ์ŠคํŠธ๋ฅผ ์ž‘์„ฑํ–ˆ์Šต๋‹ˆ๋‹ค.
  • swagger๋ฅผ ํ™œ์šฉํ•ด API ํ™•์ธ/์‹คํ–‰์ด ๊ฐ€๋Šฅํ•˜๋„๋ก ๊ตฌํ˜„ํ–ˆ์Šต๋‹ˆ๋‹ค.
  • ๋ฏผ๊ฐ ์ •๋ณด๋Š” ์•”ํ˜ธํ™”ํ•˜์—ฌ ์ €์žฅํ–ˆ์Šต๋‹ˆ๋‹ค.
    • Ex : ์ฃผ๋ฏผ๋“ฑ๋ก๋ฒˆํ˜ธ, ๋น„๋ฐ€๋ฒˆํ˜ธ

login-server's People

Contributors

hongdosan avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.