application.yml & config 파일 수정

.github/workflows/deploy.yml

@@ -5,43 +5,9 @@ on:
     branches: [deploy]
 
 jobs:
-  frontend:
-    name: Deploy Frontend to S3
-    runs-on: ubuntu-22.04
-
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v3
-
-      - name: Set up Node.js
-        uses: actions/setup-node@v3
-        with:
-          node-version: '22'
-
-      - name: Install dependencies
-        run: |
-          cd frontend
-          npm ci
-
-      - name: Build frontend
-        run: |
-          cd frontend
-          npm run build
-
-      - name: Deploy to S3
-        uses: jakejarvis/s3-sync-action@master
-        with:
-          args: --delete
-        env:
-          AWS_S3_BUCKET: www.pirocheck.org
-          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-          SOURCE_DIR: frontend/dist
-
   backend:
     name: Deploy Backend to EC2
-    needs: frontend
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
 
     steps:
       - name: Checkout repository
@@ -53,10 +19,18 @@ jobs:
           distribution: 'temurin'
           java-version: '17'
 
-      - name: Build backend
+      - name: Create .env file& Build backend
         run: |
-          cd backend
-          ./gradlew build --no-daemon
+          cd backend/pirocheck
+          echo DB_HOST=${{ secrets.DB_HOST }} >> .env
+          echo DB_PORT=${{ secrets.DB_PORT }} >> .env
+          echo DB_NAME=${{ secrets.DB_NAME }} >> .env
+          echo DB_USER=${{ secrets.DB_USER }} >> .env
+          echo DB_PASSWORD=${{ secrets.DB_PASSWORD }} >> .env
+
+          chmod +x gradlew
+          ./gradlew build -x test --no-daemon
+
 
       - name: Restore PEM file
         run: |
@@ -65,7 +39,7 @@ jobs:
 
       - name: Copy JAR to EC2
         run: |
-          scp -o StrictHostKeyChecking=no -i pirocheck.pem backend/build/libs/*.jar ubuntu@${{ secrets.EC2_HOST }}:/home/ubuntu/app.jar
+          scp -o StrictHostKeyChecking=no -i pirocheck.pem backend/pirocheck/build/libs/*.jar ubuntu@${{ secrets.EC2_HOST }}:/home/ubuntu/
 
       - name: Restart Spring Boot on EC2
         run: |
@@ -97,3 +71,39 @@ jobs:
                    "color": 16711680
                  }]
                }' ${{ secrets.DISCORD_WEBHOOK }}
+
+  frontend:
+    name: Deploy Frontend to S3
+    needs: backend
+    runs-on: ubuntu-22.04
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Set up Node.js
+        uses: actions/setup-node@v3
+        with:
+          node-version: '22'
+
+      - name: Install dependencies
+        run: |
+          cd frontend
+          rm -rf node_modules package-lock.json
+          npm install
+          npm install --save-dev vite rollup
+
+      - name: Build frontend
+        run: |
+          cd frontend
+          npm run build
+
+      - name: Deploy to S3
+        uses: jakejarvis/s3-sync-action@master
+        with:
+          args: --delete
+        env:
+          AWS_S3_BUCKET: www.pirocheck.org
+          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          SOURCE_DIR: frontend/dist

.gitignore

@@ -16,4 +16,3 @@
 .env
 *.pem
 .idea/
-

backend/pirocheck/gradlew

@@ -81,7 +81,7 @@ do
       *)    app_path=$APP_HOME$link ;;
     esac
 done
-
+ 
 # This is normally unused
 # shellcheck disable=SC2034
 APP_BASE_NAME=${0##*/}

backend/pirocheck/src/main/java/backend/pirocheck/Deposit/service/DepositService.java

@@ -20,7 +20,7 @@ public class DepositService {
     private final DepositRepository depositRepository;
     private final UserRepository userRepository;
     private final AttendanceRepository attendanceRepository;
-    private final AssignmentRepository assignmentRepository;  // 확인
+    private final AssignmentRepository assignmentRepository;
 
     @Transactional
     public DepositResDto getDeposit(Long userId) {
@@ -31,12 +31,12 @@ public DepositResDto getDeposit(Long userId) {
 
         // 출석 실패
         int failAttendanceCount = attendanceRepository.countByUserAndStatusFalse(user);
-        int descentAttendance = failAttendanceCount * 10000;
+        int descentAttendance = failAttendanceCount * 10_000;
 
         // 과제 실패
-        int failAssignmentCount = assignmentRepository.countByUserAndSubmitted(user, AssignmentStatus.FAILURE); // 확인
-        int weakAssignmentCount = assignmentRepository.countByUserAndSubmitted(user, AssignmentStatus.INSUFFICIENT); // 확인
-        int descentAssignment = failAssignmentCount * 10_000 + weakAssignmentCount * 5_000;
+        int failAssignmentCount = assignmentRepository.countByUserAndSubmitted(user, AssignmentStatus.FAILURE);
+        int weakAssignmentCount = assignmentRepository.countByUserAndSubmitted(user, AssignmentStatus.INSUFFICIENT);
+        int descentAssignment = failAssignmentCount * 20_000 + weakAssignmentCount * 10_000;
 
         // 방어권
         int ascentDefence = deposit.getAscentDefence();

backend/pirocheck/src/main/java/backend/pirocheck/User/exception/GlobalExceptionHandler.java

@@ -0,0 +1,19 @@
+package backend.pirocheck.User.exception;
+
+import backend.pirocheck.Attendance.dto.response.ApiResponse;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.ExceptionHandler;
+import org.springframework.web.bind.annotation.RestControllerAdvice;
+
+@RestControllerAdvice
+public class GlobalExceptionHandler {
+
+    // InvalidLoginException (로그인 실패)
+    @ExceptionHandler(InvalidLoginException.class)
+    public ResponseEntity<ApiResponse<?>> handleInvalidLoginException(InvalidLoginException e) {
+        return ResponseEntity
+                .status(HttpStatus.UNAUTHORIZED) // 401 상태 코드
+                .body(ApiResponse.error(e.getMessage())); // 에러 메시지 전달
+    }
+}

backend/pirocheck/src/main/java/backend/pirocheck/User/exception/InvalidLoginException.java

@@ -0,0 +1,7 @@
+package backend.pirocheck.User.exception;
+
+public class InvalidLoginException extends RuntimeException{
+    public InvalidLoginException(String message) {
+        super(message);
+    }
+}

backend/pirocheck/src/main/java/backend/pirocheck/User/filter/SessionCheckFilter.java

@@ -0,0 +1,40 @@
+package backend.pirocheck.User.filter;
+
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import jakarta.servlet.http.HttpSession;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+import java.io.IOException;
+
+public class SessionCheckFilter extends OncePerRequestFilter {
+
+    @Override
+    protected void doFilterInternal(HttpServletRequest request,
+                                    HttpServletResponse response,
+                                    FilterChain filterChain)
+            throws ServletException, IOException {
+
+        String path = request.getRequestURI();
+
+        // 로그인/로그아웃 요청은 세션 체크 제외
+        if (path.startsWith("/api/login") || path.startsWith("/api/logout")) {
+            filterChain.doFilter(request, response); // 다음 필터나 컨트롤러로 넘기는 명령어
+            return; // 세션 검사 안함
+        }
+
+        HttpSession session = request.getSession(false);  // 세션이 없으면 새로 만들지 않고 null을 리턴 (true : 새로 생성)
+
+        if (session == null || session.getAttribute("loginUser") == null) {
+            response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); // 401 설정
+            response.setContentType("application/json;charset=UTF-8");
+            response.getWriter().write("{\"success\":false,\"message\":\"세션이 만료되었습니다.\",\"data\":null}");
+            return;
+        }
+
+        filterChain.doFilter(request, response);
+
+    }
+}

backend/pirocheck/src/main/java/backend/pirocheck/User/service/UserService.java

@@ -1,6 +1,7 @@
 package backend.pirocheck.User.service;
 
 import backend.pirocheck.User.entity.User;
+import backend.pirocheck.User.exception.InvalidLoginException;
 import backend.pirocheck.User.repository.UserRepository;
 import lombok.RequiredArgsConstructor;
 import org.springframework.stereotype.Service;
@@ -12,8 +13,14 @@ public class UserService {
     private final UserRepository userRepository;
 
     public User login(String name, String password) {
-        return userRepository.findByName(name)
-                .filter(user -> user.getPassword().equals(password))
-                .orElseThrow(() -> new IllegalArgumentException("이름 또는 비밀번호가 일치하지 않습니다."));
+        User user = userRepository.findByName(name)
+                .orElseThrow(() -> new InvalidLoginException("해당 사용자가 존재하지 않습니다.")); //401
+
+        if (!user.getPassword().equals(password)) {
+            throw new InvalidLoginException("비밀번호가 일치하지 않습니다."); //401
+        }
+
+        return user;
     }
 }
+

backend/pirocheck/src/main/java/backend/pirocheck/config/SessionCheckFilterConfig.java

@@ -0,0 +1,19 @@
+package backend.pirocheck.config;
+
+import backend.pirocheck.User.filter.SessionCheckFilter;
+import org.springframework.boot.web.servlet.FilterRegistrationBean;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+@Configuration
+public class SessionCheckFilterConfig {
+
+    @Bean
+    public FilterRegistrationBean<SessionCheckFilter> sessionCheckFilter() {
+        FilterRegistrationBean<SessionCheckFilter> registrationBean = new FilterRegistrationBean<>();
+        registrationBean.setFilter(new SessionCheckFilter());
+        registrationBean.addUrlPatterns("/api/*");
+        registrationBean.setOrder(1);
+        return registrationBean;
+    }
+}

backend/pirocheck/src/main/java/backend/pirocheck/config/WebConfig.java

@@ -0,0 +1,17 @@
+package backend.pirocheck.config;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.servlet.config.annotation.CorsRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+@Configuration
+public class WebConfig implements WebMvcConfigurer {
+
+    @Override
+    public void addCorsMappings(CorsRegistry registry) {
+        registry.addMapping("/api/**") // 백엔드 API 요청에만 CORS 허용
+                .allowedOrigins("http://pirocheck.org:3000") // 프론트 배포 URL
+                .allowedMethods("GET", "POST", "PUT", "DELETE") // 허용할 HTTP 메서드
+                .allowCredentials(true); // 세션 쿠키 주고받기 허용
+    }
+}

backend/pirocheck/src/main/resources/application.yml

@@ -11,4 +11,13 @@ spring:
     properties:
       hibernate:
         format_sql: true
-    open-in-view: false
+    open-in-view: false
+server:
+  servlet:
+    session:
+      cookie:
+        http-only: true     # 세션 쿠키를 HttpOnly로 설정 (JS에서 접근 불가)
+        secure: false       # HTTPS 전용 전송 (Https -> true로 바꿔야 함)
+        same-site: Lax      # CSRF 방지
+      timeout: 30m          # 세션 타임아웃 30분 (30 minutes)
+  address: 0.0.0.0

frontend/index.html

@@ -1,4 +1,4 @@
-<!doctype html>
+<!DOCTYPE html>
 <html lang="en">
   <head>
     <meta charset="UTF-8" />