[기믕] Chapter 9. Spring Security - JWT, OAuth#142
Merged
Conversation
There was a problem hiding this comment.
Pull request overview
This PR adds JWT-based login and OAuth2 Kakao authentication to the member/security flow, replacing the hard-coded my-page member lookup with the authenticated principal.
Changes:
- Adds JWT creation/validation, JWT authentication filter, and
/api/v1/auth/login. - Adds OAuth2 Kakao user loading and success handling that issues JWTs.
- Updates member auth lookup to use
socialType + socialUid.
Reviewed changes
Copilot reviewed 18 out of 19 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
build.gradle |
Adds JWT and OAuth2 client dependencies. |
SecurityConfig.java |
Wires JWT filter and OAuth2 login flow. |
JwtUtil.java |
Creates and validates access tokens. |
JwtAuthFilter.java |
Authenticates requests from bearer tokens. |
CustomUserDetailsService.java |
Loads authenticated members by social identity. |
CustomOAuthService.java |
Maps OAuth provider data and creates/loads members. |
OAuthSuccessHandler.java |
Returns JWT after OAuth login success. |
AuthMember.java / OAuthMember.java |
Defines security principals. |
| Member DTO/controller/service/converter/repository/error/success files | Adds login DTO/API/service support and social lookup support. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
+65
to
+66
| filterChain.doFilter(request, response); | ||
| } catch (Exception e) { |
| OAuthDTO dto; | ||
| switch (providerId) { | ||
| case KAKAO -> { | ||
| String email = attributes.get("email") != null ? attributes.get("email").toString() : ""; |
Comment on lines
+45
to
+46
| Map<String, Object> attributes = oAuthMember.getAttribute("kakao_account"); | ||
| Map<String, Object> profile = (Map<String, Object>) attributes.get("profile"); |
CokaNuri
approved these changes
Jun 1, 2026
CokaNuri
left a comment
CokaNuri
left a comment
There was a problem hiding this comment.
JWT 인증 필터를 생성해 SecurityConfig에 JWT 필터를 잘 삽입하셨습니다!
마이페이지도 @AuthenticationPrincipal로 인증객체를 받아 처리하는걸로 잘 수정하셨어요!
로그인 관련해서 자주 등장하는 개념인 CORS에 대해서도 공부해보시면 좋을 것 같아요.
고생하셨습니다!
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
✏️ 작업 내용
(Swagger에서 테스트하는 사진 & DB에 저장되는 사진 필수!)
1-1) JWT 기반 회원가입 API 호출 및 사용자 정보 저장 성공
1-2) 로그인 API 호출 후 JWT Access Token 발급 성공
1-3) JWT 인증을 통한 마이페이지 API 호출 성공
1-4) 회원가입 정보의 데이터베이스 저장 결과 확인
(Spring OAuth-Client를 이용해도 되고 직접 호출하는 방식도 가능)
2-1) 카카오 OAuth 로그인 연동 및 사용자 인증 화면
2-2) 카카오 로그인 후 발급된 JWT를 이용한 마이페이지 조회 성공
#️⃣ 연관된 이슈
closes #135
💡 함께 공유하고 싶은 부분
🤔 질문
✅ 워크북 체크리스트
✅ 컨벤션 체크리스트
📌 주안점