From f10b028e04ec623b3578921ecf8c364d965def7d Mon Sep 17 00:00:00 2001
From: sohot8653 <kmbin92@stam.kr>
Date: Fri, 29 Aug 2025 16:07:30 +0900
Subject: [PATCH] =?UTF-8?q?[JWT=20=EA=B0=9C=EC=84=A0]=20JwtTokenValidation?=
 =?UTF-8?q?Filter=EC=97=90=EC=84=9C=20=ED=81=B4=EB=9D=BC=EC=9D=B4=EC=96=B8?=
 =?UTF-8?q?=ED=8A=B8=20IP=20=EA=B2=80=EC=A6=9D=20=EB=A1=9C=EC=A7=81?=
 =?UTF-8?q?=EC=9D=84=20HttpUtils=EB=A5=BC=20=EC=82=AC=EC=9A=A9=ED=95=98?=
 =?UTF-8?q?=EB=8F=84=EB=A1=9D=20=EB=B3=80=EA=B2=BD=ED=95=98=EA=B3=A0,=20Ac?=
 =?UTF-8?q?cess/Refresh=20Token=20=EC=83=9D=EC=84=B1=20=EB=A9=94=EC=84=9C?=
 =?UTF-8?q?=EB=93=9C=EB=A5=BC=20=EA=B0=9C=EC=84=A0=ED=95=98=EC=97=AC=20?=
 =?UTF-8?q?=EC=BD=94=EB=93=9C=20=EA=B0=80=EB=8F=85=EC=84=B1=EC=9D=84=20?=
 =?UTF-8?q?=ED=96=A5=EC=83=81=EC=8B=9C=ED=82=B4.=20MemberDto=EC=97=90=20Re?=
 =?UTF-8?q?fresh=20Token=20=EB=B0=8F=20=EB=A1=9C=EA=B7=B8=EC=9D=B8=20IP=20?=
 =?UTF-8?q?=EC=84=A4=EC=A0=95=20=EC=B6=94=EA=B0=80.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../filter/JwtTokenValidationFilter.java      | 24 ++++++++++++-------
 src/main/resources/application.properties     |  2 +-
 2 files changed, 16 insertions(+), 10 deletions(-)

diff --git a/src/main/java/com/bio/bio_backend/global/filter/JwtTokenValidationFilter.java b/src/main/java/com/bio/bio_backend/global/filter/JwtTokenValidationFilter.java
index b3dca92..4149517 100644
--- a/src/main/java/com/bio/bio_backend/global/filter/JwtTokenValidationFilter.java
+++ b/src/main/java/com/bio/bio_backend/global/filter/JwtTokenValidationFilter.java
@@ -1,8 +1,10 @@
 package com.bio.bio_backend.global.filter;
 
 import java.io.IOException;
+import java.time.LocalDateTime;
 import java.util.Objects;
 
+import com.bio.bio_backend.domain.base.member.dto.MemberDto;
 import com.bio.bio_backend.global.utils.HttpUtils;
 import org.springframework.core.env.Environment;
 import org.springframework.http.MediaType;
@@ -79,7 +81,7 @@ public class JwtTokenValidationFilter extends OncePerRequestFilter {
                 }
 
                 // 2. IP 주소 검증
-                if (!jwtUtils.isValidClientIp(refreshToken, request.getRemoteAddr())) {
+                if (!jwtUtils.isValidClientIp(refreshToken, httpUtils.getClientIp())) {
                     log.warn("클라이언트 IP 주소가 일치하지 않습니다. URI: {}, IP: {}",
                             request.getRequestURI(), request.getRemoteAddr());
                     sendJsonResponse(response, ApiResponseDto.fail(ApiResponseCode.INVALID_CLIENT_IP));
@@ -89,8 +91,10 @@ public class JwtTokenValidationFilter extends OncePerRequestFilter {
                 // 모든 검증을 통과한 경우 토큰 갱신 진행
                 String username = jwtUtils.extractUsername(refreshToken);
 
+                UserDetails userDetails = memberService.loadUserByUsername(username);
+
                 // 새로운 Access Token 생성
-                String newAccessToken = jwtUtils.generateToken(username, Long.parseLong(Objects.requireNonNull(env.getProperty("token.expiration_time_access"))));
+                String newAccessToken = jwtUtils.createAccessToken(username);
 
                 // 새로운 Access Token을 쿠키에 설정
                 jwtUtils.setAccessTokenCookie(response, newAccessToken);
@@ -99,14 +103,16 @@ public class JwtTokenValidationFilter extends OncePerRequestFilter {
                 String newRefreshToken = jwtUtils.createRefreshToken(username, httpUtils.getClientIp());
                 jwtUtils.setRefreshTokenCookie(response, newRefreshToken);
 
+                MemberDto member = (MemberDto) userDetails;
+                member.setRefreshToken(newRefreshToken);
+                member.setLoginIp(httpUtils.getClientIp());
+                memberService.updateMember(member);
+
                 // 인증 정보 설정
-                UserDetails userDetails = memberService.loadUserByUsername(username);
-                if (userDetails != null) {
-                    UsernamePasswordAuthenticationToken authentication =
-                            new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
-                    authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
-                    SecurityContextHolder.getContext().setAuthentication(authentication);
-                }
+                UsernamePasswordAuthenticationToken authentication =
+                        new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
+                authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
+                SecurityContextHolder.getContext().setAuthentication(authentication);
 
                 log.info("토큰 자동 갱신 성공: {}", username);
                 filterChain.doFilter(request, response);
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index b86536b..31078e2 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -113,7 +113,7 @@ springdoc.default-consumes-media-type=application/json
 
 # ========================================
 # 보안 설정 - 허용할 경로
-security.permit-all-paths=/login,/members/register,/swagger-ui/**,/swagger-ui.html,/swagger-ui/index.html,/api-docs,/api-docs/**,/v3/api-docs,/v3/api-docs/**,/ws/**,/actuator/**,/actuator/health/**,/actuator/info
+security.permit-all-paths=/login,/logout,/members/register,/swagger-ui/**,/swagger-ui.html,/swagger-ui/index.html,/api-docs,/api-docs/**,/v3/api-docs,/v3/api-docs/**,/ws/**,/actuator/**,/actuator/health/**,/actuator/info
 
 # 파일 업로드 설정
 # ========================================