Gamegoo-repo · Eunjin3395 · Jan 20, 2025 · Jan 20, 2025 · Jan 20, 2025 · Jan 20, 2025
@@ -4,6 +4,7 @@
 import com.gamegoo.gamegoo_v2.account.auth.security.SecurityUtil;
 import com.gamegoo.gamegoo_v2.account.member.domain.Member;
 import com.gamegoo.gamegoo_v2.account.member.repository.MemberRepository;
+import com.gamegoo.gamegoo_v2.core.exception.AuthException;
 import com.gamegoo.gamegoo_v2.core.exception.MemberException;
 import com.gamegoo.gamegoo_v2.core.exception.common.ErrorCode;
 import lombok.NonNull;
@@ -37,8 +38,13 @@ public Object resolveArgument(@NonNull MethodParameter parameter, ModelAndViewCo
                                   @NonNull NativeWebRequest webRequest,
                                   WebDataBinderFactory binderFactory) {
         Long currentMemberId = SecurityUtil.getCurrentMemberId();
-        return memberRepository.findById(currentMemberId)
-                .orElseThrow(() -> new MemberException(ErrorCode.MEMBER_NOT_FOUND));
+        if (currentMemberId != null) {
+            return memberRepository.findById(currentMemberId)
+                    .orElseThrow(() -> new MemberException(ErrorCode.MEMBER_NOT_FOUND));
+        } else {
+            throw new AuthException(ErrorCode.UNAUTHORIZED_EXCEPTION);
+        }
+
     }
 
 }
@@ -3,26 +3,37 @@
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.gamegoo.gamegoo_v2.core.common.ApiResponse;
 import com.gamegoo.gamegoo_v2.core.exception.JwtAuthException;
+import com.gamegoo.gamegoo_v2.core.log.LogUtil;
 import jakarta.servlet.FilterChain;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.NonNull;
+import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
+import org.slf4j.MDC;
 import org.springframework.http.HttpStatus;
 import org.springframework.stereotype.Component;
 import org.springframework.web.filter.OncePerRequestFilter;
 
 import java.io.IOException;
 import java.io.PrintWriter;
+import java.util.UUID;
 
 @Slf4j
 @Component
+@RequiredArgsConstructor
 public class JwtAuthenticationExceptionHandler extends OncePerRequestFilter {
 
+    private final ObjectMapper objectMapper;
+    private final LogUtil logUtil;
+
     @Override
     protected void doFilterInternal(@NonNull HttpServletRequest request, @NonNull HttpServletResponse response,
                                     @NonNull FilterChain filterChain) throws ServletException, IOException {
+        String requestId = UUID.randomUUID().toString();  // 고유한 requestId 생성
+        MDC.put("requestId", requestId);
+
         try {
             filterChain.doFilter(request, response);
         } catch (JwtAuthException authException) {
@@ -37,11 +48,15 @@ protected void doFilterInternal(@NonNull HttpServletRequest request, @NonNull Ht
                     .status(authException.getStatus())
                     .build();
 
-            ObjectMapper objectMapper = new ObjectMapper();
+            // jwt 검증 로그 출력
+            logUtil.apiJwtException(request, authException);
+
             String jsonResponse = objectMapper.writeValueAsString(apiResponse);
             writer.write(jsonResponse);
             writer.flush();
             writer.close();
+        } finally {
+            MDC.remove("requestId");
         }
     }
 

@@ -1,7 +1,5 @@
 package com.gamegoo.gamegoo_v2.account.auth.security;
 
-import com.gamegoo.gamegoo_v2.core.exception.AuthException;
-import com.gamegoo.gamegoo_v2.core.exception.common.ErrorCode;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
 
@@ -13,7 +11,7 @@ public static Long getCurrentMemberId() {
         if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails customUserDetails) {
             return customUserDetails.getMemberId();
         } else {
-            throw new AuthException(ErrorCode.UNAUTHORIZED_EXCEPTION);
+            return null;
         }
 
     }

@@ -6,6 +6,7 @@
 import com.gamegoo.gamegoo_v2.account.auth.security.EntryPointUnauthorizedHandler;
 import com.gamegoo.gamegoo_v2.account.auth.security.JwtAuthFilter;
 import com.gamegoo.gamegoo_v2.account.auth.security.JwtAuthenticationExceptionHandler;
+import com.gamegoo.gamegoo_v2.core.log.LoggingFilter;
 import lombok.RequiredArgsConstructor;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -39,6 +40,7 @@ public class SecurityConfig {
     private final CustomAccessDeniedHandler accessDeniedHandler;
     private final EntryPointUnauthorizedHandler unauthorizedHandler;
     private final JwtAuthenticationExceptionHandler jwtAuthenticationExceptionHandler;
+    private final LoggingFilter loggingFilter;
     private final SecurityJwtProperties securityJwtProperties;
 
     @Bean
@@ -96,6 +98,7 @@ public SecurityFilterChain filterChain(HttpSecurity http, JwtAuthFilter jwtAuthF
         // 커스텀 필터 추가
         http
                 .addFilterBefore(jwtAuthFilter(), UsernamePasswordAuthenticationFilter.class)
+                .addFilterAfter(loggingFilter, JwtAuthFilter.class)
                 .addFilterBefore(jwtAuthenticationExceptionHandler, jwtAuthFilter.getClass());
 
         // 예외처리

@@ -0,0 +1,111 @@
+package com.gamegoo.gamegoo_v2.core.log;
+
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.gamegoo.gamegoo_v2.account.auth.security.SecurityUtil;
+import com.gamegoo.gamegoo_v2.core.exception.JwtAuthException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.slf4j.MDC;
+import org.springframework.stereotype.Component;
+
+@Slf4j
+@Component
+@RequiredArgsConstructor
+public class LogUtil {
+
+    private final ObjectMapper objectMapper;
+
+    /**
+     * api request 로그 출력
+     *
+     * @param request request 객체
+     */
+    public void apiRequest(HttpServletRequest request) {
+        String requestId = MDC.get("requestId");
+        String requestUrl = request.getRequestURI();
+        String httpMethod = request.getMethod();
+        String clientIp = getClientIp(request);
+        Long memberId = SecurityUtil.getCurrentMemberId();
+        String params = getParamsAsString(request);
+        String memberIdString = "Unauthenticated";
+
+        if (memberId != null) {
+            memberIdString = String.valueOf(memberId);
+        }
+
+        if (request.getParameterMap().isEmpty()) {
+            log.info("[{}] [{}] {} | IP: {} | Member: {}", requestId, httpMethod, requestUrl, clientIp, memberIdString);
+        } else {
+            log.info("[{}] [{}] {} | IP: {} | Member: {} | Params: {}", requestId, httpMethod, requestUrl, clientIp,
+                    memberIdString, params);
+        }
+    }
+
+    /**
+     * api response 로그 출력
+     *
+     * @param request       request 객체
+     * @param response      response 객체
+     * @param executionTime 실행 시간
+     */
+    public void apiResponse(HttpServletRequest request, HttpServletResponse response, long executionTime) {
+        String requestId = MDC.get("requestId");
+        String requestUrl = request.getRequestURI();
+        String httpMethod = request.getMethod();
+        String clientIp = getClientIp(request);
+        int statusCode = response.getStatus();
+
+        log.info("[{}] [{}] {} | IP: {} | Status: {} | Execution Time: {}ms", requestId, httpMethod, requestUrl,
+                clientIp, statusCode, executionTime);
+    }
+
+    /**
+     * jwt 검증 에러 응답 로그 출력
+     *
+     * @param request request 객체
+     * @param e       exception
+     */
+    public void apiJwtException(HttpServletRequest request, JwtAuthException e) {
+        String requestId = MDC.get("requestId");
+        String requestUrl = request.getRequestURI();
+        String httpMethod = request.getMethod();
+        String clientIp = getClientIp(request);
+        int statusCode = e.getStatus().value();
+        String errorCode = e.getCode();
+
+        log.info("[{}] [{}] {} | IP: {} | Status: {} {}", requestId, httpMethod, requestUrl, clientIp, statusCode,
+                errorCode);
+    }
+
+    /**
+     * 클라이언트 ip 추출 메소드
+     *
+     * @param request request 객체
+     * @return ip
+     */
+    private String getClientIp(HttpServletRequest request) {
+        String ip = request.getHeader("X-Forwarded-For");
+        if (ip != null && !ip.isEmpty() && !"unknown".equalsIgnoreCase(ip)) {
+            return ip.split(",")[0].trim();
+        }
+        return request.getRemoteAddr();
+    }
+
+    /**
+     * request param을 JSON 형태 String으로 변환
+     *
+     * @param request request 객체
+     * @return string
+     */
+    private String getParamsAsString(HttpServletRequest request) {
+        try {
+            return objectMapper.writeValueAsString(request.getParameterMap());
+        } catch (JsonProcessingException e) {
+            return "Unable to parse parameters";
+        }
+    }
+
+}
@@ -0,0 +1,35 @@
+package com.gamegoo.gamegoo_v2.core.log;
+
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import lombok.RequiredArgsConstructor;
+import org.springframework.stereotype.Component;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+import java.io.IOException;
+
+@Component
+@RequiredArgsConstructor
+public class LoggingFilter extends OncePerRequestFilter {
+
+    private final LogUtil logUtil;
+
+    @Override
+    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
+                                    FilterChain filterChain) throws ServletException, IOException {
+        // 요청 로그 출력
+        logUtil.apiRequest(request);
+        long startTime = System.currentTimeMillis();
+
+        // 다음 로직 실행
+        filterChain.doFilter(request, response);
+
+        long executionTime = System.currentTimeMillis() - startTime;
+
+        // 응답 로그 출력
+        logUtil.apiResponse(request, response, executionTime);
+    }
+
+}
@@ -7,6 +7,8 @@
 import com.gamegoo.gamegoo_v2.account.member.domain.LoginType;
 import com.gamegoo.gamegoo_v2.account.member.domain.Member;
 import com.gamegoo.gamegoo_v2.account.member.domain.Tier;
+import com.gamegoo.gamegoo_v2.core.log.LogUtil;
+import com.gamegoo.gamegoo_v2.core.log.LoggingFilter;
 import org.junit.jupiter.api.BeforeEach;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
@@ -45,6 +47,12 @@ public abstract class ControllerTestSupport {
     @MockitoBean
     protected CustomUserDetailsService customUserDetailsService;
 
+    @MockitoBean
+    protected LoggingFilter loggingFilter;
+
+    @MockitoBean
+    protected LogUtil logUtil;
+
     @Autowired
     protected ObjectMapper objectMapper;