[회원 정보 개선] MemberRepository에서 불필요한 import 문 제거하여 코드 정리.

Reviewed-on: #3

.erd

@@ -4,8 +4,8 @@
   "settings": {
     "width": 2800,
     "height": 2800,
-    "scrollTop": -1200,
+    "scrollTop": -202,
-    "scrollLeft": -1098.5144,
+    "scrollLeft": -1026.5803,
     "zoomLevel": 0.82,
     "show": 431,
     "database": 16,

.gitignore

@@ -44,3 +44,6 @@ bin/
 .DS_Store
 Thumbs.db
 /nginx-1.28.0/logs/nginx.pid
+
+# Upload files
+uploads/

README.md

@@ -17,21 +17,28 @@
 ```
 src/main/java/com/bio/bio_backend/
 ├── domain/                    # 도메인별 패키지
-│   └── user/
+│   └── base/                 # 기본 도메인
 │       └── member/           # 회원 도메인
 │           ├── controller/    # API 엔드포인트
 │           ├── service/       # 비즈니스 로직
 │           ├── repository/    # 데이터 접근
 │           ├── entity/        # JPA 엔티티
-│           └── dto/          # 데이터 전송 객체
+│           ├── dto/          # 데이터 전송 객체
+│           ├── mapper/       # MapStruct 매퍼
+│           └── enums/        # 도메인 열거형
 ├── global/                    # 공통 설정
 │   ├── config/               # 설정 클래스
 │   ├── security/             # 보안 설정
 │   ├── exception/            # 예외 처리
 │   ├── aop/                  # AOP 로깅
 │   ├── filter/               # HTTP 로깅 필터
-│   └── utils/                # 유틸리티
+│   ├── utils/                # 유틸리티
-└── BioBackendApplication.java
+│   ├── constants/            # 상수 정의
+│   ├── dto/                  # 공통 DTO
+│   ├── entity/               # 공통 엔티티
+│   └── annotation/           # 커스텀 어노테이션
+├── BioBackendApplication.java
+└── ServletInitializer.java
 ```
 
 ### 2. API 응답 표준화 (ApiResponseDto)
@@ -72,8 +79,7 @@ public class ApiResponseDto<T> {
 {
   "code": 409,
   "message": "USER_ID_DUPLICATE",
-  "description": "User ID already exists",
+  "description": "User ID already exists"
-  "data": null
 }
 ```
 
@@ -100,17 +106,24 @@ public ResponseEntity<ApiResponseDto<CreateMemberResponseDto>> createMember(@Req
 // ApiResponseCode.java
 public enum ApiResponseCode {
     // 공용 성공 코드
-    COMMON_SUCCESS_CREATED(HttpStatus.CREATED.value(), "Created successfully"),
+    COMMON_SUCCESS(HttpStatus.OK.value(), "요청 성공"),
-    COMMON_SUCCESS_UPDATED(HttpStatus.OK.value(), "Updated successfully"),
+    COMMON_SUCCESS_CREATED(HttpStatus.CREATED.value(), "성공적으로 생성되었습니다"),
-    COMMON_SUCCESS_DELETED(HttpStatus.OK.value(), "Deleted successfully"),
+    COMMON_SUCCESS_UPDATED(HttpStatus.OK.value(), "성공적으로 수정되었습니다"),
-    COMMON_SUCCESS_RETRIEVED(HttpStatus.OK.value(), "Retrieved successfully"),
+    COMMON_SUCCESS_DELETED(HttpStatus.OK.value(), "성공적으로 삭제되었습니다"),
+    COMMON_SUCCESS_RETRIEVED(HttpStatus.OK.value(), "성공적으로 조회되었습니다"),
 
     // 공용 오류 코드
-    COMMON_BAD_REQUEST(HttpStatus.BAD_REQUEST.value(), "Required request body is missing or Error"),
+    COMMON_BAD_REQUEST(HttpStatus.BAD_REQUEST.value(), "필수 요청 본문이 누락되었거나 오류가 발생했습니다"),
-    COMMON_UNAUTHORIZED(HttpStatus.UNAUTHORIZED.value(), "Unauthorized"),
+    COMMON_UNAUTHORIZED(HttpStatus.UNAUTHORIZED.value(), "인증에 실패했습니다"),
-    COMMON_FORBIDDEN(HttpStatus.FORBIDDEN.value(), "Access is denied"),
+    COMMON_FORBIDDEN(HttpStatus.FORBIDDEN.value(), "접근이 거부되었습니다"),
-    COMMON_NOT_FOUND(HttpStatus.NOT_FOUND.value(), "Resource is not found"),
+    COMMON_NOT_FOUND(HttpStatus.NOT_FOUND.value(), "리소스를 찾을 수 없습니다"),
-    COMMON_INTERNAL_SERVER_ERROR(HttpStatus.INTERNAL_SERVER_ERROR.value(), "An error occurred on the server")
+    COMMON_CONFLICT(HttpStatus.CONFLICT.value(), "충돌이 발생했습니다"),
+    COMMON_INTERNAL_SERVER_ERROR(HttpStatus.INTERNAL_SERVER_ERROR.value(), "서버에서 오류가 발생했습니다"),
+
+    // 사용자 관련 코드
+    USER_ID_DUPLICATE(HttpStatus.CONFLICT.value(), "이미 존재하는 사용자 ID입니다"),
+    USER_NOT_FOUND(HttpStatus.UNAUTHORIZED.value(), "사용자를 찾을 수 없습니다. 인증에 실패했습니다"),
+    USER_PASSWORD_INVALID(HttpStatus.UNAUTHORIZED.value(), "비밀번호가 올바르지 않습니다")
 }
 ```
 
@@ -121,7 +134,29 @@ public enum ApiResponseCode {
 - **일관된 구조**: `code`, `message`, `description`, `data` 필드로 표준화
 - **제네릭 활용**: `<T>`를 통해 다양한 데이터 타입 지원
 
-### 3. API 문서화 (Swagger)
+### 3. JWT 인증 시스템
+
+#### 토큰 구성
+
+- **Access Token**: 15분 (900,000ms) - API 요청 시 사용
+- **Refresh Token**: 7일 (604,800,000ms) - 쿠키에 저장, 자동 갱신
+
+#### 자동 토큰 갱신
+
+**모든 API 요청마다 자동으로 처리됩니다:**
+
+1. **Access Token 유효**: 정상 요청 처리
+2. **Access Token 만료**: Refresh Token으로 자동 갱신
+3. **새 Access Token 발급**: 응답 헤더에 자동 설정
+4. **Refresh Token 갱신**: 보안을 위해 매번 새로운 토큰 발급
+
+#### 주요 컴포넌트
+
+- **`JwtTokenIssuanceFilter`**: 로그인 시 토큰 발급
+- **`JwtTokenValidationFilter`**: 요청마다 토큰 검증 및 갱신
+- **`JwtUtils`**: 토큰 생성, 검증, 갱신 유틸리티
+
+### 4. API 문서화 (Swagger)
 
 #### Swagger UI 접속
 
@@ -147,7 +182,7 @@ public enum ApiResponseCode {
 - **SwaggerConfig.java**: OpenAPI 기본 정보 설정
 - **application.properties**: Swagger UI 커스터마이징
 
-### 4. 트랜잭션 관리
+### 5. 트랜잭션 관리
 
 #### 기본 설정
 
@@ -171,7 +206,7 @@ public class MemberServiceImpl {
 - **메서드별**: 데이터 수정 시에만 `@Transactional` 개별 적용
 - **설정**: `spring.jpa.open-in-view=false` (성능 최적화)
 
-### 5. 오류 등록 및 사용
+### 6. 오류 등록 및 사용
 
 #### 오류 코드 등록
 
@@ -198,7 +233,7 @@ throw new ApiException(ApiResponseCode.USER_ID_DUPLICATE);
 - **예외 클래스**: `ApiException`으로 비즈니스 로직 예외 처리
 - **자동 처리**: `GlobalExceptionHandler`가 일관된 응답 형태로 변환
 
-### 6. 로깅 시스템
+### 7. 로깅 시스템
 
 #### @LogExecution 어노테이션 사용법
 
@@ -217,16 +252,19 @@ public ResponseEntity<ApiResponseDto<CreateMemberResponseDto>> createMember(@Req
 ##### 로그 출력 예시
 
 **메서드 시작 시:**
+
 ```
 [START] 회원 등록 | 호출경로: MemberController.createMember | 사용자: 고명빈(kmbin92)
 ```
 
 **메서드 성공 시:**
+
 ```
 [SUCCESS] 회원 등록 | 호출경로: MemberController.createMember | 사용자: 고명빈(kmbin92) | 시간: 200ms
 ```
 
 **메서드 실패 시:**
+
 ```
 [FAILED] 회원 등록 | 호출경로: MemberController.createMember | 사용자: 고명빈(kmbin92) | 시간: 23ms | 오류: 이미 존재하는 사용자 ID입니다
 ```
@@ -248,3 +286,50 @@ public OrderDto processOrder() { }
 3. **logback-spring.xml**: 로그 파일 관리 및 설정
 
 **중요**: `@LogExecution` 어노테이션이 없으면 메서드 실행 로그가 출력되지 않습니다
+
+### 8. MapStruct
+
+**매퍼 인터페이스**
+
+```java
+@Mapper(componentModel = "spring")
+public interface MemberMapper {
+    MemberDto toDto(Member member);
+    Member toEntity(MemberDto dto);
+}
+```
+
+**사용 예시**
+
+```java
+// Entity → DTO
+MemberDto dto = memberMapper.toDto(member);
+
+// DTO → Entity
+Member entity = memberMapper.toEntity(dto);
+```
+
+**자동 생성**: 컴파일 시 `MemberMapperImpl` 구현체 생성
+
+### 9. BaseEntity 상속
+
+**모든 엔티티는 `BaseEntity` 상속을 원칙으로 합니다.**
+
+#### 자동 생성 필드
+
+- **OID**: `@PrePersist`에서 자동 생성 (고유 식별자)
+- **생성일시**: `@CreatedDate`로 자동 설정
+- **수정일시**: `@LastModifiedDate`로 자동 갱신
+- **생성자/수정자 OID**: 사용자 추적용
+
+#### 사용 예시
+
+```java
+@Entity
+@Table(name = "st_members")
+public class Member extends BaseEntity {
+    // OID, 생성일시, 수정일시 등이 자동으로 관리됨
+    private String userId;
+    private String name;
+}
+```

build.gradle

@@ -26,6 +26,7 @@ repositories {
 dependencies {
     developmentOnly 'org.springframework.boot:spring-boot-devtools'
 	implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
+
 	// PostgreSQL JDBC
     runtimeOnly 'org.postgresql:postgresql'
 	implementation 'org.springframework.boot:spring-boot-starter-web'
@@ -45,6 +46,8 @@ dependencies {
 
 	// jwt
 	implementation 'io.jsonwebtoken:jjwt-api:0.12.5'
+	runtimeOnly 'io.jsonwebtoken:jjwt-impl:0.12.5'
+	runtimeOnly 'io.jsonwebtoken:jjwt-jackson:0.12.5'
 
 	// lombok
 	compileOnly 'org.projectlombok:lombok'

ddl/schema.sql

@@ -1,4 +1,23 @@
 
+    create table st_file (
+        use_flag boolean not null,
+        created_at timestamp(6) not null,
+        created_oid bigint,
+        file_size bigint not null,
+        group_oid bigint,
+        oid bigint not null,
+        updated_at timestamp(6) not null,
+        updated_oid bigint,
+        content_type varchar(255) not null,
+        created_id varchar(255),
+        description varchar(255),
+        file_path varchar(255) not null,
+        original_file_name varchar(255) not null,
+        stored_file_name varchar(255) not null,
+        updated_id varchar(255),
+        primary key (oid)
+    );
+
     create table st_member (
         use_flag boolean not null,
         created_at timestamp(6) not null,
@@ -7,10 +26,15 @@
         oid bigint not null,
         updated_at timestamp(6) not null,
         updated_oid bigint,
-        role varchar(40) not null check (role in ('MEMBER','ADMIN','USER','SYSTEM_ADMIN')),
+        role varchar(40) not null check (role in ('MEMBER','ADMIN','SYSTEM_ADMIN')),
+        login_ip varchar(45),
+        name varchar(100) not null,
         password varchar(100) not null,
         user_id varchar(100) not null,
-        refresh_token varchar(200),
+        refresh_token varchar(1024),
+        created_id varchar(255),
+        email varchar(255) not null,
+        updated_id varchar(255),
         primary key (oid)
     );
 

nginx-1.28.0/conf/nginx.conf

@@ -4,6 +4,7 @@ events {
 }
 
 http {
+
     include mime.types;
     default_type application/octet-stream;
     sendfile on;

src/main/java/com/bio/bio_backend/BioBackendApplication.java

@@ -2,10 +2,12 @@ package com.bio.bio_backend;
 
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.data.jpa.repository.config.EnableJpaAuditing;
 
 @SpringBootApplication
 @EnableJpaAuditing
+@EnableConfigurationProperties
 public class BioBackendApplication {
 
 	public static void main(String[] args) {

src/main/java/com/bio/bio_backend/domain/base/file/controller/FileController.java

@@ -0,0 +1,101 @@
+package com.bio.bio_backend.domain.base.file.controller;
+
+import com.bio.bio_backend.domain.base.file.dto.FileUploadRequestDto;
+import com.bio.bio_backend.domain.base.file.dto.FileUploadResponseDto;
+import com.bio.bio_backend.domain.base.file.dto.MultipleFileUploadRequestDto;
+import com.bio.bio_backend.domain.base.file.dto.MultipleFileUploadResponseDto;
+import com.bio.bio_backend.domain.base.file.service.FileService;
+import com.bio.bio_backend.global.dto.ApiResponseDto;
+import com.bio.bio_backend.global.constants.ApiResponseCode;
+import com.bio.bio_backend.global.annotation.LogExecution;
+import com.bio.bio_backend.global.utils.FileUtils;
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.tags.Tag;
+import io.swagger.v3.oas.annotations.responses.ApiResponse;
+import io.swagger.v3.oas.annotations.responses.ApiResponses;
+import io.swagger.v3.oas.annotations.media.Content;
+import io.swagger.v3.oas.annotations.media.Schema;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.core.io.ByteArrayResource;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.*;
+import com.bio.bio_backend.domain.base.file.entity.File;
+
+
+@Tag(name = "File", description = "파일 업로드/다운로드 API")
+@RestController
+@RequestMapping("/files")
+@RequiredArgsConstructor
+@Slf4j
+public class FileController {
+
+    private final FileService fileService;
+    
+    @LogExecution("파일 업로드")
+    @Operation(summary = "파일 업로드", description = "단일 파일을 업로드합니다.")
+    @ApiResponses({
+        @ApiResponse(responseCode = "200", description = "파일 업로드 성공"),
+        @ApiResponse(responseCode = "400", description = "잘못된 요청 데이터", content = @Content(schema = @Schema(implementation = ApiResponseDto.class))),
+        @ApiResponse(responseCode = "500", description = "파일 업로드 실패", content = @Content(schema = @Schema(implementation = ApiResponseDto.class)))
+    })
+    @PostMapping("/upload")
+    public ResponseEntity<ApiResponseDto<FileUploadResponseDto>> uploadFile(
+            @ModelAttribute FileUploadRequestDto requestDto) {
+        
+        FileUploadResponseDto responseDto = fileService.uploadFile(requestDto);
+        
+        return ResponseEntity.ok(ApiResponseDto.success(ApiResponseCode.FILE_UPLOAD_SUCCESS, responseDto));
+    }
+
+    @LogExecution("다중 파일 업로드")
+    @Operation(summary = "다중 파일 업로드", description = "여러 파일을 동시에 업로드합니다.")
+    @ApiResponses({
+        @ApiResponse(responseCode = "200", description = "다중 파일 업로드 성공"),
+        @ApiResponse(responseCode = "400", description = "잘못된 요청 데이터", content = @Content(schema = @Schema(implementation = ApiResponseDto.class))),
+        @ApiResponse(responseCode = "500", description = "다중 파일 업로드 실패", content = @Content(schema = @Schema(implementation = ApiResponseDto.class)))
+    })
+    @PostMapping("/upload-multiple")
+    public ResponseEntity<ApiResponseDto<MultipleFileUploadResponseDto>> uploadMultipleFiles(
+            @ModelAttribute MultipleFileUploadRequestDto requestDto) {
+        
+        MultipleFileUploadResponseDto responseDto = fileService.uploadMultipleFiles(requestDto);
+        
+        return ResponseEntity.ok(ApiResponseDto.success(ApiResponseCode.FILE_UPLOAD_SUCCESS, responseDto));
+    }
+    
+    @LogExecution("파일 다운로드")
+    @Operation(summary = "파일 다운로드", description = "파일 ID로 파일을 다운로드합니다.")
+    @ApiResponses({
+        @ApiResponse(responseCode = "200", description = "파일 다운로드 성공"),
+        @ApiResponse(responseCode = "404", description = "파일을 찾을 수 없음", content = @Content(schema = @Schema(implementation = ApiResponseDto.class))),
+        @ApiResponse(responseCode = "500", description = "파일 다운로드 실패", content = @Content(schema = @Schema(implementation = ApiResponseDto.class)))
+    })
+    @GetMapping("/download/{oid}")
+    public ResponseEntity<ByteArrayResource> downloadFile(@PathVariable Long oid) {
+        // 파일 정보 먼저 조회
+        File file = fileService.getFileByOid(oid);
+        byte[] fileData = fileService.downloadFile(oid);
+        ByteArrayResource resource = new ByteArrayResource(fileData);
+        
+        return ResponseEntity.ok()
+                .header(HttpHeaders.CONTENT_DISPOSITION, 
+                    "attachment; filename=\"" + file.getOriginalFileName() + "\"")
+                .header(HttpHeaders.CONTENT_TYPE, file.getContentType())
+                .body(resource);
+    }
+    
+    @LogExecution("파일 논리적 삭제")
+    @Operation(summary = "파일 논리적 삭제", description = "파일 ID로 파일을 논리적으로 삭제합니다. (use_flag를 false로 변경)")
+    @ApiResponses({
+        @ApiResponse(responseCode = "200", description = "파일 논리적 삭제 성공"),
+        @ApiResponse(responseCode = "404", description = "파일을 찾을 수 없음", content = @Content(schema = @Schema(implementation = ApiResponseDto.class))),
+        @ApiResponse(responseCode = "500", description = "파일 논리적 삭제 실패", content = @Content(schema = @Schema(implementation = ApiResponseDto.class)))
+    })
+    @DeleteMapping("/{oid}")
+    public ResponseEntity<ApiResponseDto<Void>> deleteFile(@PathVariable Long oid) {
+        fileService.deleteFile(oid);
+        return ResponseEntity.ok(ApiResponseDto.success(ApiResponseCode.FILE_DELETE_SUCCESS));
+    }
+}

src/main/java/com/bio/bio_backend/domain/base/file/dto/FileUploadRequestDto.java

@@ -0,0 +1,11 @@
+package com.bio.bio_backend.domain.base.file.dto;
+
+import lombok.Data;
+import org.springframework.web.multipart.MultipartFile;
+
+@Data
+public class FileUploadRequestDto {
+    private MultipartFile file;
+    private String description;
+    private Long groupOid;
+}

src/main/java/com/bio/bio_backend/domain/base/file/dto/FileUploadResponseDto.java

@@ -0,0 +1,12 @@
+package com.bio.bio_backend.domain.base.file.dto;
+
+import lombok.Builder;
+import lombok.Data;
+
+@Data
+@Builder
+public class FileUploadResponseDto {
+    private Long oid;
+    private String originalFileName;
+    private String downloadUrl;
+}

src/main/java/com/bio/bio_backend/domain/base/file/dto/MultipleFileUploadRequestDto.java

@@ -0,0 +1,11 @@
+package com.bio.bio_backend.domain.base.file.dto;
+
+import lombok.Data;
+import org.springframework.web.multipart.MultipartFile;
+import java.util.List;
+
+@Data
+public class MultipleFileUploadRequestDto {
+    private List<MultipartFile> files;
+    private String description;
+}

src/main/java/com/bio/bio_backend/domain/base/file/dto/MultipleFileUploadResponseDto.java

@@ -0,0 +1,15 @@
+package com.bio.bio_backend.domain.base.file.dto;
+
+import lombok.Builder;
+import lombok.Data;
+import java.util.List;
+
+@Data
+@Builder
+public class MultipleFileUploadResponseDto {
+    private List<FileUploadResponseDto> files;
+    private int totalCount;
+    private int successCount;
+    private int failureCount;
+    private List<String> errorMessages;
+}

src/main/java/com/bio/bio_backend/domain/base/file/entity/File.java

@@ -0,0 +1,41 @@
+package com.bio.bio_backend.domain.base.file.entity;
+
+import com.bio.bio_backend.global.constants.AppConstants;
+import com.bio.bio_backend.global.entity.BaseEntity;
+import jakarta.persistence.*;
+import lombok.*;
+
+@Entity
+@Table(name = AppConstants.TABLE_PREFIX + "file")
+@Getter
+@Setter
+@NoArgsConstructor
+@AllArgsConstructor
+@Builder
+public class File extends BaseEntity {
+    
+    @Column(nullable = false)
+    private String originalFileName;
+    
+    @Column(nullable = false)
+    private String storedFileName;
+    
+    @Column(nullable = false)
+    private String filePath;
+    
+    @Column(nullable = false)
+    private Long fileSize;
+    
+    @Column(nullable = false)
+    private String contentType;
+    
+    @Column
+    private String description;
+    
+    @Column
+    private Long groupOid;
+    
+    @Column(nullable = false)
+    @Builder.Default
+    private Boolean useFlag = true;
+}

src/main/java/com/bio/bio_backend/domain/base/file/repository/FileRepository.java

@@ -0,0 +1,20 @@
+package com.bio.bio_backend.domain.base.file.repository;
+
+import com.bio.bio_backend.domain.base.file.entity.File;
+import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.data.jpa.repository.Query;
+import org.springframework.stereotype.Repository;
+
+import java.util.List;
+import java.util.Optional;
+
+@Repository
+public interface FileRepository extends JpaRepository<File, Long> {
+    
+    // use_flag가 true인 파일만 조회
+    Optional<File> findByOidAndUseFlagTrue(Long id);
+    
+    // use_flag가 true인 파일만 조회 (List 형태로 필요시 사용)
+    @Query("SELECT f FROM File f WHERE f.useFlag = true")
+    List<File> findAllActiveFiles();
+}

src/main/java/com/bio/bio_backend/domain/base/file/service/FileService.java

@@ -0,0 +1,15 @@
+package com.bio.bio_backend.domain.base.file.service;
+
+import com.bio.bio_backend.domain.base.file.dto.FileUploadRequestDto;
+import com.bio.bio_backend.domain.base.file.dto.FileUploadResponseDto;
+import com.bio.bio_backend.domain.base.file.dto.MultipleFileUploadRequestDto;
+import com.bio.bio_backend.domain.base.file.dto.MultipleFileUploadResponseDto;
+import com.bio.bio_backend.domain.base.file.entity.File;
+
+public interface FileService {
+    FileUploadResponseDto uploadFile(FileUploadRequestDto requestDto);
+    MultipleFileUploadResponseDto uploadMultipleFiles(MultipleFileUploadRequestDto requestDto);
+    File getFileByOid(Long oid);
+    byte[] downloadFile(Long oid);
+    void deleteFile(Long oid); // 논리적 삭제 (use_flag를 false로 변경)
+}

src/main/java/com/bio/bio_backend/domain/base/file/service/FileServiceImpl.java

@@ -0,0 +1,211 @@
+package com.bio.bio_backend.domain.base.file.service;
+
+import com.bio.bio_backend.domain.base.file.dto.FileUploadRequestDto;
+import com.bio.bio_backend.domain.base.file.dto.FileUploadResponseDto;
+import com.bio.bio_backend.domain.base.file.dto.MultipleFileUploadRequestDto;
+import com.bio.bio_backend.domain.base.file.dto.MultipleFileUploadResponseDto;
+import com.bio.bio_backend.domain.base.file.entity.File;
+import com.bio.bio_backend.domain.base.file.repository.FileRepository;
+import com.bio.bio_backend.global.exception.ApiException;
+import com.bio.bio_backend.global.constants.ApiResponseCode;
+import com.bio.bio_backend.global.utils.FileUtils;
+import com.bio.bio_backend.global.utils.OidUtils;
+import com.bio.bio_backend.global.utils.SecurityUtils;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+import org.springframework.web.multipart.MultipartFile;
+
+import java.io.IOException;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.nio.file.Paths;
+import java.util.ArrayList;
+import java.util.List;
+
+import static com.bio.bio_backend.global.utils.OidUtils.generateOid;
+
+@Service
+@RequiredArgsConstructor
+@Slf4j
+@Transactional(readOnly = true)
+public class FileServiceImpl implements FileService {
+
+    private final FileRepository fileRepository;
+    
+    @Value("${app.file.upload.path}")
+    private String uploadPath;
+    
+    @Value("${server.servlet.context-path}")
+    private String contextPath;
+    
+    @Override
+    @Transactional
+    public FileUploadResponseDto uploadFile(FileUploadRequestDto requestDto) {
+        MultipartFile multipartFile = requestDto.getFile();
+        
+        try {
+            // 파일 유효성 검사
+            FileUtils.validateFile(multipartFile);
+        } catch (IllegalArgumentException e) {
+            throw new ApiException(ApiResponseCode.FILE_EMPTY);
+        }
+        
+        // 파일 업로드 처리
+        File savedFile = processFileUpload(multipartFile, requestDto.getDescription(), generateOid());
+        
+        // 응답 DTO 생성 및 반환
+        return createUploadResponse(savedFile);
+    }
+    
+    @Override
+    @Transactional
+    public MultipleFileUploadResponseDto uploadMultipleFiles(MultipleFileUploadRequestDto requestDto) {
+        List<MultipartFile> files = requestDto.getFiles();
+        
+        try {
+            // 파일 리스트 유효성 검사
+            FileUtils.validateFileList(files);
+        } catch (IllegalArgumentException e) {
+            throw new ApiException(ApiResponseCode.FILE_EMPTY);
+        }
+        
+        List<FileUploadResponseDto> uploadedFiles = new ArrayList<>();
+        List<String> errorMessages = new ArrayList<>();
+        int successCount = 0;
+        int failureCount = 0;
+
+        Long groupOid = generateOid();
+        for (MultipartFile multipartFile : files) {
+            try {
+                // 개별 파일 유효성 검사
+                if (multipartFile.isEmpty()) {
+                    String errorMsg = "파일 '" + multipartFile.getOriginalFilename() + "'이 비어있습니다.";
+                    errorMessages.add(errorMsg);
+                    failureCount++;
+                    continue;
+                }
+                
+                // 단일 파일 업로드 처리
+                File savedFile = processFileUpload(multipartFile, requestDto.getDescription(), groupOid);
+                FileUploadResponseDto uploadedFile = createUploadResponse(savedFile);
+                
+                uploadedFiles.add(uploadedFile);
+                successCount++;
+                
+                log.info("파일 업로드 성공: {}", multipartFile.getOriginalFilename());
+                
+            } catch (Exception ex) {
+                String fileName = multipartFile.getOriginalFilename() != null ? multipartFile.getOriginalFilename() : "알 수 없는 파일";
+                log.error("파일 업로드 실패: {}", fileName, ex);
+                errorMessages.add("파일 '" + fileName + "' 업로드 실패: " + ex.getMessage());
+                failureCount++;
+            }
+        }
+        
+        // 다중 파일 업로드 결과 반환
+        return MultipleFileUploadResponseDto.builder()
+                .files(uploadedFiles)
+                .totalCount(files.size())
+                .successCount(successCount)
+                .failureCount(failureCount)
+                .errorMessages(errorMessages)
+                .build();
+    }
+    
+    /**
+     * 파일 업로드 처리
+     */
+    private File processFileUpload(MultipartFile multipartFile, String description, Long groupOid) {
+        String originalFileName = FileUtils.cleanFileName(multipartFile.getOriginalFilename());
+        
+        try {
+            // 항상 년월일 기반으로 폴더 생성 (예: uploads/2024/01/15/)
+            Path uploadDir = FileUtils.createYearMonthUploadDirectory(uploadPath);
+            log.debug("년월 기반 폴더 사용: {}", uploadDir);
+            
+            // 파일명 및 확장자 처리
+            String fileExtension = FileUtils.extractFileExtension(originalFileName);
+            String storedFileName = FileUtils.generateUniqueFileName(fileExtension);
+            
+            // 파일 저장
+            Path targetLocation = FileUtils.saveFileToDisk(multipartFile, uploadDir, storedFileName);
+            
+            // DB에 파일 정보 저장
+            File file = createFileEntity(originalFileName, storedFileName, targetLocation, multipartFile, description, groupOid);
+            file.setCreator(SecurityUtils.getCurrentUserOid(), SecurityUtils.getCurrentUserId());
+            
+            return fileRepository.save(file);
+            
+        } catch (IOException ex) {
+            log.error("파일 업로드 실패: {}", originalFileName, ex);
+            throw new ApiException(ApiResponseCode.FILE_UPLOAD_FAILED, ex);
+        }
+    }
+
+    private File createFileEntity(String originalFileName, String storedFileName, Path targetLocation, 
+                                MultipartFile multipartFile, String description, Long groupOid) {
+        return File.builder()
+                .originalFileName(originalFileName)
+                .storedFileName(storedFileName)
+                .filePath(targetLocation.toString())
+                .fileSize(multipartFile.getSize())
+                .contentType(multipartFile.getContentType())
+                .description(description)
+                .groupOid(groupOid)
+                .build();
+    }
+
+    private FileUploadResponseDto createUploadResponse(File savedFile) {
+        return FileUploadResponseDto.builder()
+                .oid(savedFile.getOid())
+                .originalFileName(savedFile.getOriginalFileName())
+                .downloadUrl(contextPath + "/files/download/" + savedFile.getOid())
+                .build();
+    }
+    
+    @Override
+    public File getFileByOid(Long oid) {
+        return fileRepository.findByOidAndUseFlagTrue(oid)
+                .orElseThrow(() -> new ApiException(ApiResponseCode.FILE_NOT_FOUND));
+    }
+    
+    @Override
+    public byte[] downloadFile(Long oid) {
+        File file = fileRepository.findByOidAndUseFlagTrue(oid)
+                .orElseThrow(() -> new ApiException(ApiResponseCode.FILE_NOT_FOUND));
+        
+        try {
+            Path filePath = Paths.get(file.getFilePath());
+            return Files.readAllBytes(filePath);
+        } catch (IOException ex) {
+            log.error("파일 다운로드 실패: {}", file.getOriginalFileName(), ex);
+            throw new ApiException(ApiResponseCode.FILE_DOWNLOAD_FAILED, ex);
+        }
+    }
+    
+    @Override
+    @Transactional
+    public void deleteFile(Long oid) {
+        File file = fileRepository.findByOidAndUseFlagTrue(oid)
+                .orElseThrow(() -> new ApiException(ApiResponseCode.FILE_NOT_FOUND));
+        
+        Long currentUserOid = SecurityUtils.getCurrentUserOid();
+        String currentUserId = SecurityUtils.getCurrentUserId();
+        // 현재 사용자가 파일 소유자인지 확인
+        if (currentUserId == null || !currentUserId.equals(file.getCreatedId())) {
+            throw new ApiException(ApiResponseCode.COMMON_FORBIDDEN);
+        }
+        
+        // 수정자 정보 업데이트
+        file.setUpdater(currentUserOid, currentUserId);
+        
+        // 논리적 삭제: use_flag를 false로 변경
+        file.setUseFlag(false);
+        fileRepository.save(file);
+        
+        log.info("파일 논리적 삭제 완료: oid={}, fileName={}", oid, file.getOriginalFileName());
+    }
+}

src/main/java/com/bio/bio_backend/domain/base/member/controller/MemberController.java

@@ -0,0 +1,73 @@
+package com.bio.bio_backend.domain.base.member.controller;
+
+import com.bio.bio_backend.global.dto.ApiResponseDto;
+import io.swagger.v3.oas.annotations.tags.Tag;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.*;
+
+import jakarta.validation.Valid;
+import com.bio.bio_backend.domain.base.member.dto.MemberDto;
+import com.bio.bio_backend.domain.base.member.dto.CreateMemberRequestDto;
+import com.bio.bio_backend.domain.base.member.dto.CreateMemberResponseDto;
+import com.bio.bio_backend.domain.base.member.service.MemberService;
+import com.bio.bio_backend.domain.base.member.mapper.MemberMapper;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.responses.ApiResponse;
+import io.swagger.v3.oas.annotations.responses.ApiResponses;
+import io.swagger.v3.oas.annotations.media.Content;
+import io.swagger.v3.oas.annotations.media.Schema;
+import com.bio.bio_backend.global.constants.ApiResponseCode;
+import com.bio.bio_backend.global.annotation.LogExecution;
+import com.bio.bio_backend.global.utils.SecurityUtils;
+
+
+@Tag(name = "Member", description = "회원 관련 API")
+@RestController
+@RequestMapping("/members")
+@RequiredArgsConstructor
+@Slf4j
+public class MemberController {
+
+    private final MemberService memberService;
+    private final MemberMapper memberMapper;
+
+    @LogExecution("회원 등록")
+    @Operation(summary = "회원 등록", description = "새로운 회원을 등록합니다.")
+    @ApiResponses({
+        @ApiResponse(responseCode = "201", description = "회원 가입 성공"),
+        @ApiResponse(responseCode = "400", description = "잘못된 요청 데이터", content = @Content(schema = @Schema(implementation = ApiResponseDto.class))),
+        @ApiResponse(responseCode = "409", description = "중복된 사용자 정보", content = @Content(schema = @Schema(implementation = ApiResponseDto.class)))
+    })
+    @PostMapping("/register")
+    public ResponseEntity<ApiResponseDto<CreateMemberResponseDto>> createMember(@RequestBody @Valid CreateMemberRequestDto requestDto) {
+        MemberDto createdMember = memberService.createMember(memberMapper.toMemberDto(requestDto));
+        CreateMemberResponseDto responseDto = memberMapper.toCreateMemberResponseDto(createdMember);
+        ApiResponseDto<CreateMemberResponseDto> apiResponse = ApiResponseDto.success(ApiResponseCode.COMMON_SUCCESS_CREATED, responseDto);
+        
+        return ResponseEntity.status(HttpStatus.CREATED).body(apiResponse);
+    }
+
+    @LogExecution("로그아웃")
+    @Operation(summary = "로그아웃", description = "사용자 로그아웃을 처리합니다.")
+    @ApiResponses({
+        @ApiResponse(responseCode = "200", description = "로그아웃 성공"),
+        @ApiResponse(responseCode = "401", description = "인증 실패", content = @Content(schema = @Schema(implementation = ApiResponseDto.class)))
+    })
+    @PostMapping("/logout")
+    public ResponseEntity<ApiResponseDto<Void>> logout() {
+        try {
+            String userId = SecurityUtils.getCurrentUserId();
+            memberService.deleteRefreshToken(userId);
+            log.info("사용자 로그아웃 완료: {}", userId);
+            
+            return ResponseEntity.ok(ApiResponseDto.success(ApiResponseCode.COMMON_SUCCESS));
+        } catch (Exception e) {
+            log.error("로그아웃 처리 중 오류 발생: {}", e.getMessage());
+            return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR)
+                    .body(ApiResponseDto.fail(ApiResponseCode.COMMON_INTERNAL_SERVER_ERROR));
+        }
+    }
+}

src/main/java/com/bio/bio_backend/domain/base/member/dto/CreateMemberRequestDto.java

@@ -1,4 +1,4 @@
-package com.bio.bio_backend.domain.user.member.dto;
+package com.bio.bio_backend.domain.base.member.dto;
 
 import lombok.AllArgsConstructor;
 import lombok.Builder;
@@ -6,6 +6,7 @@ import lombok.Data;
 import lombok.NoArgsConstructor;
 
 import jakarta.validation.constraints.NotBlank;
+import jakarta.validation.constraints.Email;
 
 @Data
 @Builder
@@ -18,4 +19,11 @@ public class CreateMemberRequestDto {
     
     @NotBlank(message = "비밀번호는 필수입니다.")
     private String password;
+    
+    @NotBlank(message = "사용자명은 필수입니다.")
+    private String name;
+    
+    @NotBlank(message = "이메일은 필수입니다.")
+    @Email(message = "올바른 이메일 형식이 아닙니다.")
+    private String email;
 }

src/main/java/com/bio/bio_backend/domain/base/member/dto/CreateMemberResponseDto.java

@@ -1,6 +1,6 @@
-package com.bio.bio_backend.domain.user.member.dto;
+package com.bio.bio_backend.domain.base.member.dto;
 
-import com.bio.bio_backend.domain.user.member.enums.MemberRole;
+import com.bio.bio_backend.domain.base.member.enums.MemberRole;
 import lombok.AllArgsConstructor;
 import lombok.Builder;
 import lombok.Data;

src/main/java/com/bio/bio_backend/domain/base/member/dto/LoginRequestDto.java

@@ -1,4 +1,4 @@
-package com.bio.bio_backend.domain.user.member.dto;
+package com.bio.bio_backend.domain.base.member.dto;
 
 import lombok.AllArgsConstructor;
 import lombok.Builder;

src/main/java/com/bio/bio_backend/domain/base/member/dto/LoginResponseDto.java

@@ -1,4 +1,4 @@
-package com.bio.bio_backend.domain.user.member.dto;
+package com.bio.bio_backend.domain.base.member.dto;
 
 import lombok.AllArgsConstructor;
 import lombok.Builder;

src/main/java/com/bio/bio_backend/domain/base/member/dto/MemberDto.java

@@ -1,6 +1,6 @@
-package com.bio.bio_backend.domain.user.member.dto;
+package com.bio.bio_backend.domain.base.member.dto;
 
-import com.bio.bio_backend.domain.user.member.enums.MemberRole;
+import com.bio.bio_backend.domain.base.member.enums.MemberRole;
 import lombok.AllArgsConstructor;
 import lombok.Builder;
 import lombok.Data;
@@ -22,9 +22,12 @@ public class MemberDto implements UserDetails {
     private Long oid;
     private String userId;
     private String password;
+    private String name;
+    private String email;
     private MemberRole role;
     private Boolean useFlag;
     private String refreshToken;
+    private String loginIp;
     private LocalDateTime lastLoginAt;
     private LocalDateTime createdAt;
     private LocalDateTime updatedAt;
@@ -39,21 +42,11 @@ public class MemberDto implements UserDetails {
         return this.userId;
     }
     
-    @Override
-    public boolean isAccountNonExpired() {
-        return true;
-    }
-    
     @Override
     public boolean isAccountNonLocked() {
         return this.useFlag != null && this.useFlag;
     }
     
-    @Override
-    public boolean isCredentialsNonExpired() {
-        return true;
-    }
-    
     @Override
     public boolean isEnabled() {
         return this.useFlag != null && this.useFlag;

src/main/java/com/bio/bio_backend/domain/base/member/entity/Member.java

@@ -1,6 +1,7 @@
-package com.bio.bio_backend.domain.user.member.entity;
+package com.bio.bio_backend.domain.base.member.entity;
 
-import com.bio.bio_backend.domain.user.member.enums.MemberRole;
+import com.bio.bio_backend.domain.base.member.enums.MemberRole;
+import com.bio.bio_backend.global.constants.AppConstants;
 import com.bio.bio_backend.global.entity.BaseEntity;
 import jakarta.persistence.*;
 import lombok.AllArgsConstructor;
@@ -17,7 +18,7 @@ import java.time.LocalDateTime;
 @AllArgsConstructor
 @Builder
 @Table(
-    name = "st_member",
+    name = AppConstants.TABLE_PREFIX + "member",
     indexes = {
         @Index(name = "idx_member_user_id", columnList = "user_id")
     }
@@ -30,6 +31,12 @@ public class Member extends BaseEntity {
     @Column(name = "password", nullable = false, length = 100)
     private String password;
 
+    @Column(name = "name", nullable = false, length = 100)
+    private String name;
+
+    @Column(name = "email", nullable = false, length = 255)
+    private String email;
+
     @Enumerated(EnumType.STRING)
     @Column(name = "role", nullable = false, length = 40)
     private MemberRole role;
@@ -38,9 +45,12 @@ public class Member extends BaseEntity {
     @Builder.Default
     private Boolean useFlag = true;
 
-    @Column(name = "refresh_token", length = 200)
+    @Column(name = "refresh_token", length = 1024)
     private String refreshToken;
 
+    @Column(name = "login_ip", length = 45)  // IPv6 지원을 위해 45자
+    private String loginIp;
+
     @Column(name = "last_login_at")
     private LocalDateTime lastLoginAt;
     

src/main/java/com/bio/bio_backend/domain/base/member/enums/MemberRole.java

@@ -1,4 +1,4 @@
-package com.bio.bio_backend.domain.user.member.enums;
+package com.bio.bio_backend.domain.base.member.enums;
 
 import lombok.Getter;
 import lombok.RequiredArgsConstructor;
@@ -12,7 +12,6 @@ public enum MemberRole {
     
     MEMBER("MEMBER", "일반 회원"),
     ADMIN("ADMIN", "관리자"),
-    USER("USER", "사용자"),
     SYSTEM_ADMIN("SYSTEM_ADMIN", "시스템 관리자");
     
     private final String value;

src/main/java/com/bio/bio_backend/domain/base/member/mapper/MemberMapper.java

@@ -1,10 +1,10 @@
-package com.bio.bio_backend.domain.user.member.mapper;
+package com.bio.bio_backend.domain.base.member.mapper;
 
-import com.bio.bio_backend.domain.user.member.dto.CreateMemberRequestDto;
+import com.bio.bio_backend.domain.base.member.dto.CreateMemberRequestDto;
-import com.bio.bio_backend.domain.user.member.dto.CreateMemberResponseDto;
+import com.bio.bio_backend.domain.base.member.dto.CreateMemberResponseDto;
-import com.bio.bio_backend.domain.user.member.dto.MemberDto;
+import com.bio.bio_backend.domain.base.member.dto.MemberDto;
-import com.bio.bio_backend.domain.user.member.entity.Member;
+import com.bio.bio_backend.domain.base.member.entity.Member;
-import com.bio.bio_backend.domain.user.member.enums.MemberRole;
+import com.bio.bio_backend.global.annotation.IgnoreBaseEntityMapping;
 import org.mapstruct.Mapper;
 import org.mapstruct.Mapping;
 import org.mapstruct.factory.Mappers;
@@ -20,9 +20,10 @@ public interface MemberMapper {
      * 기본값 설정: role = MemberRole.MEMBER, useFlag = true
      */
     @Mapping(target = "oid", ignore = true)
-    @Mapping(target = "role", expression = "java(com.bio.bio_backend.domain.user.member.enums.MemberRole.getDefault())")
+    @Mapping(target = "role", expression = "java(com.bio.bio_backend.domain.base.member.enums.MemberRole.getDefault())")
     @Mapping(target = "useFlag", constant = "true")
     @Mapping(target = "refreshToken", ignore = true)
+    @Mapping(target = "loginIp", ignore = true)
     @Mapping(target = "lastLoginAt", ignore = true)
     @Mapping(target = "createdAt", ignore = true)
     @Mapping(target = "updatedAt", ignore = true)
@@ -47,4 +48,10 @@ public interface MemberMapper {
      * MemberDto를 CreateMemberResponseDto로 변환
      */
     CreateMemberResponseDto toCreateMemberResponseDto(MemberDto memberDto);
+    
+    /**
+     * MemberDto의 값으로 기존 Member 엔티티 업데이트 (null이 아닌 필드만)
+     */
+    @IgnoreBaseEntityMapping
+    void updateMemberFromDto(MemberDto memberDto, @org.mapstruct.MappingTarget Member member);
 }

src/main/java/com/bio/bio_backend/domain/base/member/repository/MemberRepository.java

@@ -1,17 +1,17 @@
-package com.bio.bio_backend.domain.user.member.repository;
+package com.bio.bio_backend.domain.base.member.repository;
 
 import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.stereotype.Repository;
 
-import com.bio.bio_backend.domain.user.member.entity.Member;
+import com.bio.bio_backend.domain.base.member.entity.Member;
-import java.util.Optional;
+import java.util.List;
 
 @Repository
-public interface MemberRepository extends JpaRepository<Member, Long> {
+public interface MemberRepository extends JpaRepository<Member, Long>, MemberRepositoryCustom {
-    
+
-    // 사용자 ID로 회원 조회 (Optional 반환)
-    Optional<Member> findByUserId(String userId);
-    
     // 사용자 ID 존재 여부 확인
     boolean existsByUserId(String userId);
-} 
+    
+    // 활성화된 회원 목록 조회
+    List<Member> findByUseFlagTrue();
+}

src/main/java/com/bio/bio_backend/domain/base/member/repository/MemberRepositoryCustom.java

@@ -0,0 +1,19 @@
+package com.bio.bio_backend.domain.base.member.repository;
+
+import com.bio.bio_backend.domain.base.member.entity.Member;
+import java.util.Optional;
+
+/**
+ * QueryDSL을 활용한 커스텀 쿼리 메서드들을 정의하는 인터페이스
+ * 복잡한 쿼리나 동적 쿼리가 필요한 경우 이 인터페이스를 구현하여 사용합니다.
+ */
+public interface MemberRepositoryCustom {
+
+    /**
+     * 활성화된 사용자 중에서 사용자 ID로 검색하여 조회합니다.
+     *
+     * @param userId 사용자 ID
+     * @return Optional<Member> 회원 정보 (없으면 empty)
+     */
+    Optional<Member> findActiveMemberByUserId(String userId);
+}

src/main/java/com/bio/bio_backend/domain/base/member/repository/MemberRepositoryImpl.java

@@ -0,0 +1,38 @@
+package com.bio.bio_backend.domain.base.member.repository;
+
+import com.bio.bio_backend.domain.base.member.entity.Member;
+import com.bio.bio_backend.domain.base.member.entity.QMember;
+import com.querydsl.jpa.impl.JPAQueryFactory;
+import lombok.RequiredArgsConstructor;
+import org.springframework.stereotype.Repository;
+
+import java.util.Optional;
+
+/**
+ * QueryDSL을 활용하여 MemberRepositoryCustom 인터페이스를 구현하는 클래스
+ * 복잡한 쿼리나 동적 쿼리를 QueryDSL로 작성하여 성능과 가독성을 향상시킵니다.
+ */
+@Repository
+@RequiredArgsConstructor
+public class MemberRepositoryImpl implements MemberRepositoryCustom {
+
+    private final JPAQueryFactory queryFactory;
+
+    /**
+     * QMember 인스턴스를 생성하여 쿼리에서 사용합니다.
+     * QueryDSL의 Q클래스를 통해 타입 안전한 쿼리 작성이 가능합니다.
+     */
+    private final QMember member = QMember.member;
+
+    @Override
+    public Optional<Member> findActiveMemberByUserId(String userId) {
+        // 활성화된 사용자 중에서 사용자 ID로 검색
+        Member foundMember = queryFactory
+                .selectFrom(member)
+                .where(member.userId.eq(userId)
+                        .and(member.useFlag.eq(true)))
+                .fetchOne();
+
+        return Optional.ofNullable(foundMember);
+    }
+}

src/main/java/com/bio/bio_backend/domain/base/member/service/MemberService.java

@@ -1,4 +1,4 @@
-package com.bio.bio_backend.domain.user.member.service;
+package com.bio.bio_backend.domain.base.member.service;
 
 import java.util.List;
 import java.util.Map;
@@ -6,7 +6,7 @@ import java.util.Map;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UserDetailsService;
 
-import com.bio.bio_backend.domain.user.member.dto.MemberDto;
+import com.bio.bio_backend.domain.base.member.dto.MemberDto;
 
 public interface MemberService extends UserDetailsService {
 
@@ -14,17 +14,11 @@ public interface MemberService extends UserDetailsService {
 
     MemberDto createMember(MemberDto memberDTO);
 
-    void updateRefreshToken(MemberDto memberDTO);
-
     String getRefreshToken(String id);
 
     int deleteRefreshToken(String id);
 
     List<MemberDto> selectMemberList(Map<String, String> params);
 
-    MemberDto selectMember(long seq);
-
     int updateMember(MemberDto member);
-
-    int deleteMember(MemberDto member);
 }

src/main/java/com/bio/bio_backend/domain/base/member/service/MemberServiceImpl.java

@@ -0,0 +1,102 @@
+package com.bio.bio_backend.domain.base.member.service;
+
+import com.bio.bio_backend.domain.base.member.dto.MemberDto;
+import com.bio.bio_backend.domain.base.member.entity.Member;
+import com.bio.bio_backend.domain.base.member.enums.MemberRole;
+import com.bio.bio_backend.domain.base.member.mapper.MemberMapper;
+import com.bio.bio_backend.domain.base.member.repository.MemberRepository;
+import com.bio.bio_backend.global.exception.ApiException;
+import com.bio.bio_backend.global.constants.ApiResponseCode;
+import com.bio.bio_backend.global.constants.AppConstants;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
+import java.util.List;
+import java.util.Map;
+
+import static com.bio.bio_backend.global.utils.OidUtils.generateOid;
+
+@Service
+@RequiredArgsConstructor
+@Slf4j
+@Transactional(readOnly = true)
+public class MemberServiceImpl implements MemberService {
+
+    private final MemberMapper memberMapper;  // MapStruct Mapper 사용
+    private final MemberRepository memberRepository;
+    private final BCryptPasswordEncoder bCryptPasswordEncoder;
+
+    @Override
+    public UserDetails loadUserByUsername(String id) throws UsernameNotFoundException {
+        Member member = memberRepository.findActiveMemberByUserId(id)
+                .orElseThrow(() -> new UsernameNotFoundException("사용자를 찾을 수 없습니다: " + id));
+        return memberMapper.toMemberDto(member);
+    }
+
+    @Override
+    @Transactional
+    public MemberDto createMember(MemberDto memberDto) {
+        // userId 중복 체크
+        if (memberRepository.existsByUserId(memberDto.getUserId())) {
+            throw new ApiException(ApiResponseCode.USER_ID_DUPLICATE);
+        }
+        
+        Member member = Member.builder()
+                .userId(memberDto.getUserId())
+                .password(bCryptPasswordEncoder.encode(memberDto.getPassword()))
+                .name(memberDto.getName())
+                .email(memberDto.getEmail())
+                .role(MemberRole.getDefault())
+                .build();
+
+        Long oid = generateOid();
+        member.setOid(oid);
+        member.setCreator(AppConstants.ADMIN_OID, AppConstants.ADMIN_USER_ID);
+        
+        Member savedMember = memberRepository.save(member);
+        
+        return memberMapper.toMemberDto(savedMember);
+    }
+
+    @Override
+    @Transactional
+    public int updateMember(MemberDto memberDto) {
+        Member member = memberRepository.findActiveMemberByUserId(memberDto.getUserId())
+                .orElseThrow(() -> new ApiException(ApiResponseCode.USER_NOT_FOUND));
+        
+        memberMapper.updateMemberFromDto(memberDto, member);
+        memberRepository.save(member);
+        return 1;
+    }
+
+    @Override
+    public String getRefreshToken(String id) {
+        Member member = memberRepository.findActiveMemberByUserId(id)
+                .orElseThrow(() -> new ApiException(ApiResponseCode.USER_NOT_FOUND));
+        
+        return member.getRefreshToken();
+    }
+
+    @Override
+    @Transactional
+    public int deleteRefreshToken(String id) {
+        Member member = memberRepository.findActiveMemberByUserId(id)
+                .orElseThrow(() -> new ApiException(ApiResponseCode.USER_NOT_FOUND));
+        
+        member.setRefreshToken(null);
+        memberRepository.save(member);
+        return 1;
+    }
+
+    @Override
+    public List<MemberDto> selectMemberList(Map<String, String> params) {
+        List<Member> members = memberRepository.findByUseFlagTrue();
+        
+        return memberMapper.toMemberDtoList(members);
+    }
+}

src/main/java/com/bio/bio_backend/domain/user/member/controller/MemberController.java

@@ -1,122 +0,0 @@
-package com.bio.bio_backend.domain.user.member.controller;
-
-import com.bio.bio_backend.global.dto.ApiResponseDto;
-import io.swagger.v3.oas.annotations.tags.Tag;
-import org.springframework.http.HttpStatus;
-import org.springframework.http.ResponseEntity;
-import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
-import org.springframework.web.bind.annotation.*;
-
-import jakarta.validation.Valid;
-import com.bio.bio_backend.domain.user.member.dto.MemberDto;
-import com.bio.bio_backend.domain.user.member.dto.CreateMemberRequestDto;
-import com.bio.bio_backend.domain.user.member.dto.CreateMemberResponseDto;
-import com.bio.bio_backend.domain.user.member.service.MemberService;
-import com.bio.bio_backend.domain.user.member.mapper.MemberMapper;
-import lombok.RequiredArgsConstructor;
-import lombok.extern.slf4j.Slf4j;
-import io.swagger.v3.oas.annotations.Operation;
-import io.swagger.v3.oas.annotations.responses.ApiResponse;
-import io.swagger.v3.oas.annotations.responses.ApiResponses;
-import io.swagger.v3.oas.annotations.media.Content;
-import io.swagger.v3.oas.annotations.media.Schema;
-import com.bio.bio_backend.global.constants.ApiResponseCode;
-import com.bio.bio_backend.global.annotation.LogExecution;
-
-@Tag(name = "Member", description = "회원 관련 API")
-@RestController
-@RequestMapping("/members")
-@RequiredArgsConstructor
-@Slf4j
-public class MemberController {
-
-    private final MemberService memberService;
-    private final MemberMapper memberMapper;
-    private final BCryptPasswordEncoder bCryptPasswordEncoder;
-
-    @LogExecution("회원 등록")
-    @Operation(summary = "회원 등록", description = "새로운 회원을 등록합니다.")
-    @ApiResponses({
-        @ApiResponse(responseCode = "201", description = "회원 가입 성공"),
-        @ApiResponse(responseCode = "400", description = "잘못된 요청 데이터", content = @Content(schema = @Schema(implementation = ApiResponseDto.class))),
-        @ApiResponse(responseCode = "409", description = "중복된 사용자 정보", content = @Content(schema = @Schema(implementation = ApiResponseDto.class)))
-    })
-    @PostMapping("/register")
-    public ResponseEntity<ApiResponseDto<CreateMemberResponseDto>> createMember(@RequestBody @Valid CreateMemberRequestDto requestDto) {
-        MemberDto member = memberMapper.toMemberDto(requestDto);
-        MemberDto createdMember = memberService.createMember(member);
-        CreateMemberResponseDto responseDto = memberMapper.toCreateMemberResponseDto(createdMember);
-        ApiResponseDto<CreateMemberResponseDto> apiResponse = ApiResponseDto.success(ApiResponseCode.COMMON_SUCCESS_CREATED, responseDto);
-        
-        return ResponseEntity.status(HttpStatus.CREATED).body(apiResponse);
-    }
-
-    // @PostMapping("/member/list")
-    // public ResponseEntity<List<ResponseMember>> getMemberList(@RequestBody(required = false) Map<String, String> params) {
-
-    //     if(params == null){
-    //         params = new HashMap<>();
-    //     }
-
-    //     Iterable<MemberDTO> memberList = memberService.selectMemberList(params);
-
-    //     List<ResponseMember> result = new ArrayList<>();
-
-    //     memberList.forEach(m -> {
-    //         result.add(new ModelMapper().map(m, ResponseMember.class));
-    //     });
-
-    //     return ResponseEntity.status(HttpStatus.OK).body(result);
-    // }
-
-    // @GetMapping("/member/{seq}")
-    // public ResponseEntity<ResponseMember> selectMember(@PathVariable("seq") int seq) {
-
-    //     MemberDTO member = memberService.selectMember(seq);
-
-    //     ResponseMember responseMember = mapper.map(member, ResponseMember.class);
-
-    //     return ResponseEntity.status(HttpStatus.OK).body(responseMember);
-    // }
-
-    // @PutMapping("/member")
-    // public ApiResponseDto<Void> updateMember(@RequestBody @Valid CreateMemberRequestDTO requestMember, @AuthenticationPrincipal MemberDTO registrant) {
-    //     // 현재 JWT는 사용자 id 값을 통하여 생성, 회원정보 변경 시 JWT 재발급 여부 검토
-
-    //     MemberDTO member = mapper.map(requestMember, MemberDTO.class);
-
-    //     if (requestMember.getPassword() != null) {
-    //         member.setPw(bCryptPasswordEncoder.encode(requestMember.getPassword()));
-    //     }
-
-    //     member.setRegSeq(registrant.getSeq());
-    //     memberService.updateMember(member);
-
-    //     return ApiResponseDto.success(ApiResponseCode.USER_INFO_CHANGE, null);
-    // }
-
-    // @DeleteMapping("/member")
-    // public ApiResponseDto<Void> deleteMember(@RequestBody @Valid CreateMemberRequestDTO requestMember){
-
-    //     MemberDTO member = mapper.map(requestMember, MemberDTO.class);
-
-    //     memberService.deleteMember(member);
-
-    //     return ApiResponseDto.success(ApiResponseCode.USER_DELETE_SUCCESSFUL, null);
-    // }
-
-    // @PostMapping("/logout")
-    // public ApiResponseDto<Void> logout(@AuthenticationPrincipal MemberDTO member) {
-
-    //     String id = member.getId();
-
-    //     try {
-    //         memberService.deleteRefreshToken(id);
-    //     } catch (Exception e) {
-    //         return ApiResponseDto.fail(ApiResponseCode.INTERNAL_SERVER_ERROR, null);
-    //     }
-
-    //     return ApiResponseDto.success(ApiResponseCode.LOGOUT_SUCCESSFUL, null);
-    // }
-
-}

src/main/java/com/bio/bio_backend/domain/user/member/repository/MemberRepositoryCustom.java

@@ -1,68 +0,0 @@
-package com.bio.bio_backend.domain.user.member.repository;
-
-import com.bio.bio_backend.domain.user.member.entity.Member;
-import org.springframework.data.domain.Page;
-import org.springframework.data.domain.Pageable;
-
-import java.util.List;
-import java.util.Optional;
-
-/**
- * QueryDSL을 활용한 커스텀 쿼리 메서드들을 정의하는 인터페이스
- * 복잡한 쿼리나 동적 쿼리가 필요한 경우 이 인터페이스를 구현하여 사용합니다.
- */
-public interface MemberRepositoryCustom {
-
-    /**
-     * 사용자 ID로 회원을 조회합니다.
-     * QueryDSL을 사용하여 더 유연한 쿼리 작성이 가능합니다.
-     *
-     * @param userId 사용자 ID
-     * @return Optional<Member> 회원 정보 (없으면 empty)
-     */
-    Optional<Member> findByUserIdCustom(String userId);
-
-    /**
-     * 역할(Role)별로 회원 목록을 조회합니다.
-     *
-     * @param role 회원 역할
-     * @return List<Member> 해당 역할을 가진 회원 목록
-     */
-    List<Member> findByRole(String role);
-
-    /**
-     * 사용 여부별로 회원 목록을 조회합니다.
-     *
-     * @param useFlag 사용 여부
-     * @return List<Member> 해당 사용 여부를 가진 회원 목록
-     */
-    List<Member> findByUseFlag(Boolean useFlag);
-
-    /**
-     * 사용자 ID와 사용 여부로 회원을 조회합니다.
-     *
-     * @param userId 사용자 ID
-     * @param useFlag 사용 여부
-     * @return Optional<Member> 회원 정보
-     */
-    Optional<Member> findByUserIdAndUseFlag(String userId, Boolean useFlag);
-
-    /**
-     * 검색 조건에 따른 회원 목록을 페이징하여 조회합니다.
-     *
-     * @param userId 사용자 ID (부분 검색)
-     * @param role 회원 역할
-     * @param useFlag 사용 여부
-     * @param pageable 페이징 정보
-     * @return Page<Member> 페이징된 회원 목록
-     */
-    Page<Member> findMembersByCondition(String userId, String role, Boolean useFlag, Pageable pageable);
-
-    /**
-     * 마지막 로그인 시간이 특정 시간 이후인 회원들을 조회합니다.
-     *
-     * @param lastLoginAfter 마지막 로그인 기준 시간
-     * @return List<Member> 해당 조건을 만족하는 회원 목록
-     */
-    List<Member> findActiveMembersByLastLogin(java.time.LocalDateTime lastLoginAfter);
-}

src/main/java/com/bio/bio_backend/domain/user/member/repository/MemberRepositoryImpl.java

@@ -1,131 +0,0 @@
-package com.bio.bio_backend.domain.user.member.repository;
-
-import com.bio.bio_backend.domain.user.member.entity.Member;
-import com.bio.bio_backend.domain.user.member.entity.QMember;
-import com.bio.bio_backend.domain.user.member.enums.MemberRole;
-import com.querydsl.core.BooleanBuilder;
-import com.querydsl.core.types.dsl.BooleanExpression;
-import com.querydsl.jpa.impl.JPAQueryFactory;
-import lombok.RequiredArgsConstructor;
-import org.springframework.data.domain.Page;
-import org.springframework.data.domain.PageImpl;
-import org.springframework.data.domain.Pageable;
-import org.springframework.stereotype.Repository;
-
-import java.time.LocalDateTime;
-import java.util.List;
-import java.util.Optional;
-
-/**
- * QueryDSL을 활용하여 MemberRepositoryCustom 인터페이스를 구현하는 클래스
- * 복잡한 쿼리나 동적 쿼리를 QueryDSL로 작성하여 성능과 가독성을 향상시킵니다.
- */
-@Repository
-@RequiredArgsConstructor
-public class MemberRepositoryImpl implements MemberRepositoryCustom {
-
-    private final JPAQueryFactory queryFactory;
-
-    /**
-     * QMember 인스턴스를 생성하여 쿼리에서 사용합니다.
-     * QueryDSL의 Q클래스를 통해 타입 안전한 쿼리 작성이 가능합니다.
-     */
-    private final QMember member = QMember.member;
-
-    @Override
-    public Optional<Member> findByUserIdCustom(String userId) {
-        // QueryDSL을 사용하여 사용자 ID로 회원을 조회합니다.
-        // eq() 메서드를 사용하여 정확한 일치 조건을 설정합니다.
-        Member foundMember = queryFactory
-                .selectFrom(member)
-                .where(member.userId.eq(userId))
-                .fetchOne();
-
-        return Optional.ofNullable(foundMember);
-    }
-
-    @Override
-    public List<Member> findByRole(String role) {
-        // 역할별로 회원을 조회합니다.
-        // String을 MemberRole enum으로 변환하여 비교합니다.
-        return queryFactory
-                .selectFrom(member)
-                .where(member.role.eq(MemberRole.fromValue(role)))
-                .fetch();
-    }
-
-    @Override
-    public List<Member> findByUseFlag(Boolean useFlag) {
-        // 사용 여부별로 회원을 조회합니다.
-        return queryFactory
-                .selectFrom(member)
-                .where(member.useFlag.eq(useFlag))
-                .fetch();
-    }
-
-    @Override
-    public Optional<Member> findByUserIdAndUseFlag(String userId, Boolean useFlag) {
-        // 사용자 ID와 사용 여부를 모두 만족하는 회원을 조회합니다.
-        // and() 메서드를 사용하여 여러 조건을 결합합니다.
-        Member foundMember = queryFactory
-                .selectFrom(member)
-                .where(member.userId.eq(userId)
-                        .and(member.useFlag.eq(useFlag)))
-                .fetchOne();
-
-        return Optional.ofNullable(foundMember);
-    }
-
-    @Override
-    public Page<Member> findMembersByCondition(String userId, String role, Boolean useFlag, Pageable pageable) {
-        // BooleanBuilder를 사용하여 동적 쿼리를 구성합니다.
-        // null이 아닌 조건만 쿼리에 포함시킵니다.
-        BooleanBuilder builder = new BooleanBuilder();
-
-        // 사용자 ID가 제공된 경우 부분 검색 조건을 추가합니다.
-        if (userId != null && !userId.trim().isEmpty()) {
-            builder.and(member.userId.containsIgnoreCase(userId));
-        }
-
-        // 역할이 제공된 경우 정확한 일치 조건을 추가합니다.
-        if (role != null && !role.trim().isEmpty()) {
-            builder.and(member.role.eq(MemberRole.fromValue(role)));
-        }
-
-        // 사용 여부가 제공된 경우 정확한 일치 조건을 추가합니다.
-        if (useFlag != null) {
-            builder.and(member.useFlag.eq(useFlag));
-        }
-
-        // 전체 개수를 조회합니다.
-        long total = queryFactory
-                .selectFrom(member)
-                .where(builder)
-                .fetchCount();
-
-        // 페이징 조건을 적용하여 결과를 조회합니다.
-        List<Member> content = queryFactory
-                .selectFrom(member)
-                .where(builder)
-                .orderBy(member.createdAt.desc()) // 생성일 기준 내림차순 정렬
-                .offset(pageable.getOffset())
-                .limit(pageable.getPageSize())
-                .fetch();
-
-        // Page 객체를 생성하여 반환합니다.
-        return new PageImpl<>(content, pageable, total);
-    }
-
-    @Override
-    public List<Member> findActiveMembersByLastLogin(LocalDateTime lastLoginAfter) {
-        // 마지막 로그인 시간이 특정 시간 이후인 활성 회원들을 조회합니다.
-        // 여러 조건을 조합하여 복잡한 쿼리를 작성합니다.
-        return queryFactory
-                .selectFrom(member)
-                .where(member.useFlag.eq(true) // 사용 중인 상태
-                        .and(member.lastLoginAt.isNotNull()) // 마지막 로그인 시간이 존재
-                        .and(member.lastLoginAt.after(lastLoginAfter))) // 특정 시간 이후
-                .orderBy(member.lastLoginAt.desc()) // 마지막 로그인 시간 기준 내림차순 정렬
-                .fetch();
-    }
-}

src/main/java/com/bio/bio_backend/domain/user/member/service/MemberServiceImpl.java

@@ -1,148 +0,0 @@
-package com.bio.bio_backend.domain.user.member.service;
-
-import com.bio.bio_backend.domain.user.member.dto.MemberDto;
-import com.bio.bio_backend.domain.user.member.entity.Member;
-import com.bio.bio_backend.domain.user.member.enums.MemberRole;
-import com.bio.bio_backend.domain.user.member.mapper.MemberMapper;
-import com.bio.bio_backend.domain.user.member.repository.MemberRepository;
-import com.bio.bio_backend.global.exception.ApiException;
-import com.bio.bio_backend.global.constants.ApiResponseCode;
-import lombok.RequiredArgsConstructor;
-import lombok.extern.slf4j.Slf4j;
-import org.springframework.security.core.userdetails.UserDetails;
-import org.springframework.security.core.userdetails.UsernameNotFoundException;
-import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
-import org.springframework.stereotype.Service;
-import org.springframework.transaction.annotation.Transactional;
-
-import java.util.List;
-import java.util.Map;
-
-import static com.bio.bio_backend.global.utils.OidUtil.generateOid;
-
-@Service
-@RequiredArgsConstructor
-@Slf4j
-@Transactional(readOnly = true)
-public class MemberServiceImpl implements MemberService {
-
-    private final MemberMapper memberMapper;  // MapStruct Mapper 사용
-    private final MemberRepository memberRepository;
-    private final BCryptPasswordEncoder bCryptPasswordEncoder;
-
-    @Override
-    public UserDetails loadUserByUsername(String id) throws UsernameNotFoundException {
-        // JPA 레파지토리를 사용하여 회원 조회
-        Member member = memberRepository.findByUserId(id)
-                .orElseThrow(() -> new UsernameNotFoundException("User not found with id : " + id));
-        
-        // MapStruct를 사용하여 Member 엔티티를 MemberDto로 변환
-        MemberDto memberDto = memberMapper.toMemberDto(member);
-        
-        return memberDto;
-    }
-
-    @Override
-    @Transactional
-    public MemberDto createMember(MemberDto memberDTO) {
-        // userId 중복 체크
-        if (memberRepository.existsByUserId(memberDTO.getUserId())) {
-            throw new ApiException(ApiResponseCode.USER_ID_DUPLICATE);
-        }
-        
-        Member member = Member.builder()
-                .userId(memberDTO.getUserId())
-                .password(bCryptPasswordEncoder.encode(memberDTO.getPassword()))
-                .role(MemberRole.getDefault())
-                .build();
-
-        Long oid = generateOid();
-        member.setOid(oid);
-        member.setCreatedOid(oid);
-        
-        Member savedMember = memberRepository.save(member);
-        
-        return memberMapper.toMemberDto(savedMember);
-    }
-
-    @Override
-    @Transactional
-    public void updateRefreshToken(MemberDto memberDTO) {
-        // JPA를 사용하여 refresh token 업데이트
-        Member member = memberRepository.findByUserId(memberDTO.getUserId())
-                .orElseThrow(() -> new RuntimeException("회원을 찾을 수 없습니다. id: " + memberDTO.getUserId()));
-        
-        member.setRefreshToken(memberDTO.getRefreshToken());
-        memberRepository.save(member);
-    }
-
-    @Override
-    public String getRefreshToken(String id) {
-        Member member = memberRepository.findByUserId(id)
-                .orElseThrow(() -> new RuntimeException("회원을 찾을 수 없습니다. id: " + id));
-        
-        return member.getRefreshToken();
-    }
-
-    @Override
-    @Transactional
-    public int deleteRefreshToken(String id) {
-        Member member = memberRepository.findByUserId(id)
-                .orElseThrow(() -> new RuntimeException("회원을 찾을 수 없습니다. id: " + id));
-        
-        member.setRefreshToken(null);
-        memberRepository.save(member);
-        return 1; // 성공 시 1 반환
-    }
-
-    @Override
-    public List<MemberDto> selectMemberList(Map<String, String> params) {
-        // JPA를 사용하여 회원 목록 조회 (간단한 구현)
-        List<Member> members = memberRepository.findAll();
-        
-        // MapStruct를 사용하여 Member 엔티티 리스트를 MemberDto 리스트로 변환
-        return memberMapper.toMemberDtoList(members);
-    }
-
-    @Override
-    public MemberDto selectMember(long seq) {
-        // JPA 레파지토리를 사용하여 회원 조회
-        Member member = memberRepository.findById(seq)
-                .orElseThrow(() -> new RuntimeException("회원을 찾을 수 없습니다. seq: " + seq));
-        
-        // MapStruct를 사용하여 Member 엔티티를 MemberDto로 자동 변환
-        return memberMapper.toMemberDto(member);
-    }
-
-    @Override
-    @Transactional
-    public int updateMember(MemberDto memberDto) {
-        Member member = memberRepository.findByUserId(memberDto.getUserId())
-                .orElseThrow(() -> new RuntimeException("회원을 찾을 수 없습니다. id: " + memberDto.getUserId()));
-        
-        // 비밀번호가 변경된 경우 암호화
-        if (memberDto.getPassword() != null && !memberDto.getPassword().isEmpty()) {
-            member.setPassword(bCryptPasswordEncoder.encode(memberDto.getPassword()));
-        }
-        
-        member.setRole(memberDto.getRole());
-        member.setUseFlag(memberDto.getUseFlag());
-        
-        memberRepository.save(member);
-        return 1; // 성공 시 1 반환
-    }
-
-    @Override
-    @Transactional
-    public int deleteMember(MemberDto memberDto) {
-        Member member = memberRepository.findByUserId(memberDto.getUserId())
-                .orElseThrow(() -> new RuntimeException("회원을 찾을 수 없습니다. id: " + memberDto.getUserId()));
-
-        member.setUseFlag(false);
-        
-        log.info("회원 삭제 처리: {}", member.toString());
-        
-        memberRepository.save(member);
-        return 1; // 성공 시 1 반환
-    }
-}

src/main/java/com/bio/bio_backend/global/annotation/IgnoreBaseEntityMapping.java

@@ -0,0 +1,24 @@
+package com.bio.bio_backend.global.annotation;
+
+import org.mapstruct.Mapping;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * BaseEntity의 감사 필드들을 ignore 처리하는 MapStruct 커스텀 어노테이션
+ * 여러 매퍼에서 공통으로 사용할 수 있습니다.
+ */
+@Target(ElementType.METHOD)
+@Retention(RetentionPolicy.CLASS)
+@Mapping(target = "oid", ignore = true)
+@Mapping(target = "createdAt", ignore = true)
+@Mapping(target = "updatedAt", ignore = true)
+@Mapping(target = "createdOid", ignore = true)
+@Mapping(target = "updatedOid", ignore = true)
+@Mapping(target = "createdId", ignore = true)
+@Mapping(target = "updatedId", ignore = true)
+public @interface IgnoreBaseEntityMapping {
+}

src/main/java/com/bio/bio_backend/global/config/AppConfig.java

@@ -1,9 +1,16 @@
 package com.bio.bio_backend.global.config;
 
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
+import com.fasterxml.jackson.datatype.jsr310.ser.LocalDateTimeSerializer;
+import com.fasterxml.jackson.datatype.jsr310.deser.LocalDateTimeDeserializer;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 
+import java.time.LocalDateTime;
+import java.time.format.DateTimeFormatter;
+
 @Configuration
 public class AppConfig {
     
@@ -11,4 +18,21 @@ public class AppConfig {
     public BCryptPasswordEncoder bCryptPasswordEncoder() {
         return new BCryptPasswordEncoder();
     }
+    
+    @Bean
+    public ObjectMapper objectMapper() {
+        ObjectMapper mapper = new ObjectMapper();
+        
+        // JavaTimeModule 등록
+        JavaTimeModule javaTimeModule = new JavaTimeModule();
+        
+        // LocalDateTime 직렬화/역직렬화 설정
+        DateTimeFormatter formatter = DateTimeFormatter.ofPattern("yyyy-MM-dd HH:mm:ss");
+        javaTimeModule.addSerializer(LocalDateTime.class, new LocalDateTimeSerializer(formatter));
+        javaTimeModule.addDeserializer(LocalDateTime.class, new LocalDateTimeDeserializer(formatter));
+        
+        mapper.registerModule(javaTimeModule);
+        
+        return mapper;
+    }
 }

src/main/java/com/bio/bio_backend/global/config/SecurityPathConfig.java

@@ -0,0 +1,42 @@
+package com.bio.bio_backend.global.config;
+
+import lombok.Getter;
+import lombok.Setter;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.stereotype.Component;
+
+import java.util.ArrayList;
+import java.util.List;
+
+@Getter
+@Setter
+@Component
+@ConfigurationProperties(prefix = "security")
+public class SecurityPathConfig {
+    
+    private List<String> permitAllPaths = new ArrayList<>();
+    
+    /**
+     * 주어진 경로가 허용된 경로인지 확인
+     * @param path 확인할 경로
+     * @param contextPath 컨텍스트 경로
+     * @return 허용 여부
+     */
+    public boolean isPermittedPath(String path, String contextPath) {
+        if (permitAllPaths == null) {
+            return false;
+        }
+        
+        return permitAllPaths.stream()
+                .anyMatch(permittedPath -> {
+                    String fullPath = contextPath + permittedPath;
+                    if (permittedPath.endsWith("/**")) {
+                        // /** 패턴 처리
+                        String basePath = fullPath.substring(0, fullPath.length() - 2);
+                        return path.startsWith(basePath);
+                    } else {
+                        return path.equals(fullPath);
+                    }
+                });
+    }
+}

src/main/java/com/bio/bio_backend/global/constants/ApiResponseCode.java

@@ -63,7 +63,26 @@ public enum ApiResponseCode {
     JWT_SIGNATURE_MISMATCH(HttpStatus.UNAUTHORIZED.value(), "JWT 서명이 일치하지 않습니다. 인증에 실패했습니다"),
     JWT_TOKEN_NULL(HttpStatus.UNAUTHORIZED.value(), "JWT 토큰이 null입니다"),
     JWT_TOKEN_EXPIRED(HttpStatus.UNAUTHORIZED.value(), "토큰이 만료되었습니다"),
-    ALL_TOKEN_INVALID(HttpStatus.UNAUTHORIZED.value(), "액세스 토큰과 리프레시 토큰이 모두 만료되었거나 유효하지 않습니다");
+    INVALID_CLIENT_IP(HttpStatus.UNAUTHORIZED.value(), "클라이언트 IP 주소가 일치하지 않습니다"),
+    ALL_TOKEN_INVALID(HttpStatus.UNAUTHORIZED.value(), "액세스 토큰과 리프레시 토큰이 모두 만료되었거나 유효하지 않습니다"),
+
+    /*파일 관련 Code*/
+    // 200 OK
+    FILE_UPLOAD_SUCCESS(HttpStatus.OK.value(), "파일이 성공적으로 업로드되었습니다"),
+    FILE_DOWNLOAD_SUCCESS(HttpStatus.OK.value(), "파일 다운로드가 성공했습니다"),
+    FILE_DELETE_SUCCESS(HttpStatus.OK.value(), "파일이 성공적으로 삭제되었습니다"),
+
+    // 400 Bad Request
+    FILE_EMPTY(HttpStatus.BAD_REQUEST.value(), "업로드할 파일이 없습니다"),
+    FILE_INVALID_FORMAT(HttpStatus.BAD_REQUEST.value(), "지원하지 않는 파일 형식입니다"),
+
+    // 404 Not Found
+    FILE_NOT_FOUND(HttpStatus.NOT_FOUND.value(), "파일을 찾을 수 없습니다"),
+
+    // 500 Internal Server Error
+    FILE_UPLOAD_FAILED(HttpStatus.INTERNAL_SERVER_ERROR.value(), "파일 업로드에 실패했습니다"),
+    FILE_DOWNLOAD_FAILED(HttpStatus.INTERNAL_SERVER_ERROR.value(), "파일 다운로드에 실패했습니다"),
+    FILE_DELETE_FAILED(HttpStatus.INTERNAL_SERVER_ERROR.value(), "파일 삭제에 실패했습니다");
 
     private final int statusCode;
     private final String description;

src/main/java/com/bio/bio_backend/global/constants/AppConstants.java

@@ -0,0 +1,10 @@
+package com.bio.bio_backend.global.constants;
+
+public class AppConstants {
+    public static final String TABLE_PREFIX = "st_";
+    
+    // 관리자 관련 상수
+    public static final Long ADMIN_OID = 1000000000000000L;
+    public static final String ADMIN_USER_ID = "admin";
+    public static final String ADMIN_NAME = "시스템관리자";
+}

src/main/java/com/bio/bio_backend/global/dto/ApiResponseDto.java

@@ -30,9 +30,17 @@ public class ApiResponseDto<T> {
         return new ApiResponseDto<T>(SUCCESS, responseCode.name(), responseCode.getDescription(), data);
     }
 
+    public static <T> ApiResponseDto<T> success(ApiResponseCode responseCode) {
+        return new ApiResponseDto<T>(SUCCESS, responseCode.name(), responseCode.getDescription(), null);
+    }
+
     public static <T> ApiResponseDto<T> fail(ApiResponseCode responseCode, T data) {
         return new ApiResponseDto<T>(responseCode.getStatusCode(), responseCode.name(), responseCode.getDescription(), data);
     }
 
+    public static <T> ApiResponseDto<T> fail(ApiResponseCode responseCode) {
+        return new ApiResponseDto<T>(responseCode.getStatusCode(), responseCode.name(), responseCode.getDescription(), null);
+    }
+
 }
 

src/main/java/com/bio/bio_backend/global/entity/BaseEntity.java

@@ -9,7 +9,7 @@ import org.springframework.data.jpa.domain.support.AuditingEntityListener;
 
 import java.time.LocalDateTime;
 
-import static com.bio.bio_backend.global.utils.OidUtil.generateOid;
+import static com.bio.bio_backend.global.utils.OidUtils.generateOid;
 
 /**
  * 모든 엔티티가 상속받는 기본 엔티티 클래스
@@ -38,10 +38,38 @@ public abstract class BaseEntity {
 
     @Column(name = "updated_oid")
     private Long updatedOid;
+
+    @Column(name = "created_id", updatable = false)
+    private String createdId;
+
+    @Column(name = "updated_id")
+    private String updatedId;
     
     @PrePersist
     protected void onCreate() {
         if(this.oid == null) this.oid = generateOid();
         if(this.createdOid != null && this.updatedOid == null) this.updatedOid = this.createdOid;
     }
+    
+    /**
+     * 생성자 정보를 설정합니다.
+     * @param createdOid 생성자 OID
+     * @param createdId 생성자 ID
+     */
+    public void setCreator(Long createdOid, String createdId) {
+        this.createdOid = createdOid;
+        this.createdId = createdId;
+        this.updatedOid = createdOid;
+        this.updatedId = createdId;
+    }
+    
+    /**
+     * 수정자 정보를 설정합니다.
+     * @param updatedOid 수정자 OID
+     * @param updatedId 수정자 ID
+     */
+    public void setUpdater(Long updatedOid, String updatedId) {
+        this.updatedOid = updatedOid;
+        this.updatedId = updatedId;
+    }
 }

src/main/java/com/bio/bio_backend/global/exception/CustomAuthenticationFailureHandler.java

@@ -29,25 +29,21 @@ public class CustomAuthenticationFailureHandler implements AuthenticationFailure
 
     @Override
     public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException {
-
-        log.info("exception : " + exception.toString());
-
         response.setContentType(MediaType.APPLICATION_JSON_VALUE);
         response.setCharacterEncoding("UTF-8");
         response.setStatus(HttpStatus.UNAUTHORIZED.value());
 
         ApiResponseDto<String> apiResponse;
         if (exception instanceof UsernameNotFoundException) {
-            apiResponse = ApiResponseDto.fail(ApiResponseCode.USER_NOT_FOUND, null);
+            apiResponse = ApiResponseDto.fail(ApiResponseCode.USER_NOT_FOUND);
         } else if (exception instanceof BadCredentialsException) {
-            apiResponse = ApiResponseDto.fail(ApiResponseCode.COMMON_UNAUTHORIZED, null);
+            apiResponse = ApiResponseDto.fail(ApiResponseCode.COMMON_UNAUTHORIZED);
         } else {
             response.setStatus(HttpStatus.INTERNAL_SERVER_ERROR.value());
-            apiResponse = ApiResponseDto.fail(ApiResponseCode.COMMON_INTERNAL_SERVER_ERROR, null);
+            apiResponse = ApiResponseDto.fail(ApiResponseCode.COMMON_INTERNAL_SERVER_ERROR);
         }
 
         String jsonResponse = objectMapper.writeValueAsString(apiResponse);
         response.getWriter().write(jsonResponse);
-
     }
 }

src/main/java/com/bio/bio_backend/global/exception/GlobalExceptionHandler.java

@@ -8,13 +8,15 @@ import com.bio.bio_backend.global.dto.ApiResponseDto;
 import com.bio.bio_backend.global.constants.ApiResponseCode;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
+import lombok.extern.slf4j.Slf4j;
 
 @RestControllerAdvice
+@Slf4j
 public class GlobalExceptionHandler {
 
     @ExceptionHandler(ApiException.class)
     public ResponseEntity<ApiResponseDto<Void>> handleApiException(ApiException e) {
-        ApiResponseDto<Void> response = ApiResponseDto.fail(e.getResponseCode(), null);
+        ApiResponseDto<Void> response = ApiResponseDto.fail(e.getResponseCode());
         return ResponseEntity.status(e.getResponseCode().getStatusCode()).body(response);
     }
     
@@ -30,5 +32,13 @@ public class GlobalExceptionHandler {
     }
 
     // 검증 오류 상세 정보를 위한 내부 클래스
-    private record ValidationError(String field, String message) { }
+    private record ValidationError(String field, String message) {}
+
+    @ExceptionHandler(Exception.class)
+    public ResponseEntity<ApiResponseDto<Void>> handleException(Exception e) {
+        log.error("Unexpected error occurred", e);
+        
+        ApiResponseDto<Void> response = ApiResponseDto.fail(ApiResponseCode.COMMON_INTERNAL_SERVER_ERROR);
+        return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(response);
+    }
 }

src/main/java/com/bio/bio_backend/global/exception/JwtAccessDeniedHandler.java

@@ -1,41 +0,0 @@
-package com.bio.bio_backend.global.exception;
-
-import java.io.IOException;
-
-import org.springframework.beans.factory.annotation.Qualifier;
-import org.springframework.http.MediaType;
-import org.springframework.security.access.AccessDeniedException;
-import org.springframework.security.web.access.AccessDeniedHandler;
-import org.springframework.stereotype.Component;
-import org.springframework.web.servlet.HandlerExceptionResolver;
-
-import com.fasterxml.jackson.databind.ObjectMapper;
-
-import jakarta.servlet.ServletException;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-import com.bio.bio_backend.global.dto.ApiResponseDto;
-import com.bio.bio_backend.global.constants.ApiResponseCode;
-
-@Component
-public class JwtAccessDeniedHandler implements AccessDeniedHandler {
-    private final HandlerExceptionResolver resolver;
-
-    public JwtAccessDeniedHandler(@Qualifier("handlerExceptionResolver") HandlerExceptionResolver resolver) {
-        this.resolver = resolver;
-    }
-
-    @Override
-    public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException {
-
-        Exception exception = (Exception) request.getAttribute("exception");
-
-        if (exception != null) {
-            resolver.resolveException(request, response, null, exception);
-        } else {
-            response.setStatus(HttpServletResponse.SC_FORBIDDEN);
-            response.setContentType(MediaType.APPLICATION_JSON_VALUE);
-            new ObjectMapper().writeValue(response.getWriter(), ApiResponseDto.fail(ApiResponseCode.COMMON_FORBIDDEN, null));
-        }
-    }
-}

src/main/java/com/bio/bio_backend/global/exception/JwtAuthenticationEntryPoint.java

@@ -1,35 +0,0 @@
-package com.bio.bio_backend.global.exception;
-
-import jakarta.servlet.ServletException;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-import lombok.extern.slf4j.Slf4j;
-import org.springframework.beans.factory.annotation.Qualifier;
-import org.springframework.security.core.AuthenticationException;
-import org.springframework.security.web.AuthenticationEntryPoint;
-import org.springframework.stereotype.Component;
-import org.springframework.web.servlet.HandlerExceptionResolver;
-
-import java.io.IOException;
-
-@Component
-@Slf4j
-public class JwtAuthenticationEntryPoint implements AuthenticationEntryPoint {
-    private final HandlerExceptionResolver resolver;
-
-    public JwtAuthenticationEntryPoint(@Qualifier("handlerExceptionResolver") HandlerExceptionResolver resolver) {
-        this.resolver = resolver;
-    }
-
-    @Override
-    public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException {
-
-        Exception exception = (Exception) request.getAttribute("exception");
-        response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
-
-        if (exception == null) {
-            return;
-        }
-        resolver.resolveException(request, response, null, exception);
-    }
-}

src/main/java/com/bio/bio_backend/global/filter/JwtTokenIssuanceFilter.java

@@ -1,25 +1,24 @@
-package com.bio.bio_backend.global.security;
+package com.bio.bio_backend.global.filter;
 
 import com.fasterxml.jackson.databind.ObjectMapper;
 import jakarta.servlet.FilterChain;
 import jakarta.servlet.ServletException;
-import jakarta.servlet.http.Cookie;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import com.bio.bio_backend.global.dto.ApiResponseDto;
-import com.bio.bio_backend.domain.user.member.dto.LoginRequestDto;
+import com.bio.bio_backend.domain.base.member.dto.LoginRequestDto;
-import com.bio.bio_backend.domain.user.member.dto.LoginResponseDto;
+import com.bio.bio_backend.domain.base.member.dto.LoginResponseDto;
-import com.bio.bio_backend.domain.user.member.dto.MemberDto;
+import com.bio.bio_backend.domain.base.member.dto.MemberDto;
-import com.bio.bio_backend.domain.user.member.service.MemberService;
+import com.bio.bio_backend.domain.base.member.service.MemberService;
 import com.bio.bio_backend.global.constants.ApiResponseCode;
 import com.bio.bio_backend.global.utils.JwtUtils;
+import com.bio.bio_backend.global.utils.HttpUtils;
 import lombok.RequiredArgsConstructor;
-import lombok.SneakyThrows;
 import lombok.extern.slf4j.Slf4j;
-import org.springframework.core.env.Environment;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
 import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.authentication.AuthenticationServiceException;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
@@ -31,36 +30,29 @@ import org.springframework.security.web.authentication.UsernamePasswordAuthentic
 
 import java.io.IOException;
 import java.time.LocalDateTime;
-import java.util.Objects;
 
 @RequiredArgsConstructor
 @Slf4j
-public class JwtAuthenticationFilter extends UsernamePasswordAuthenticationFilter {
+public class JwtTokenIssuanceFilter extends UsernamePasswordAuthenticationFilter {
 
     private final AuthenticationManager authenticationManager;
-    private final MemberService memberService;
     private final JwtUtils jwtUtils;
-    private final Environment env;
+    private final ObjectMapper objectMapper;
+    private final MemberService memberService;
+    private final HttpUtils httpUtils;
 
     // 사용자 login 인증 처리
-    @SneakyThrows
     @Override
-    public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response)
+    public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException {
-            throws AuthenticationException {
+        try {
+            LoginRequestDto requestDto = new ObjectMapper().readValue(request.getInputStream(), LoginRequestDto.class);
+            UsernamePasswordAuthenticationToken authToken = new UsernamePasswordAuthenticationToken(
+                requestDto.getUserId(), requestDto.getPassword());
 
-        LoginRequestDto requestDto = new ObjectMapper().readValue(request.getInputStream(), LoginRequestDto.class);
+            return authenticationManager.authenticate(authToken);
-
+        } catch (IOException e) {
-//        UsernamePasswordAuthenticationToken authToken;
+            throw new AuthenticationServiceException("로그인 요청 파싱 중 오류가 발생했습니다", e);
-        UsernamePasswordAuthenticationToken authToken = new UsernamePasswordAuthenticationToken(requestDto.getUserId(), requestDto.getPassword());
-
-        /*
-        if (req.getLoginLogFlag() == 1) {
-            authToken = new UsernamePasswordAuthenticationToken("admin2", "test123!"); // 비밀번호는 실제 비밀번호로 설정해야 함
-        } else {
-            throw new AuthenticationServiceException("login fail");
         }
-         */
-        return authenticationManager.authenticate(authToken);
     }
 
     // 사용자 인증 성공 후 token 발급
@@ -69,36 +61,22 @@ public class JwtAuthenticationFilter extends UsernamePasswordAuthenticationFilte
                                             FilterChain chain, Authentication authResult) throws IOException, ServletException {
 
         UserDetails userDetails = (UserDetails) authResult.getPrincipal();
-
         MemberDto member = (MemberDto) userDetails;
         
-        String accessToken = jwtUtils.generateToken(member.getUserId(), member.getRole().getValue(),
+        // 토큰 생성
-                Long.parseLong(Objects.requireNonNull(env.getProperty("token.expiration_time_access"))));
+        String accessToken = jwtUtils.createAccessToken(member.getUserId(), member.getRole().getValue());
-
+        String refreshToken = jwtUtils.createRefreshToken(member.getUserId(), member.getRole().getValue());
-        String refreshToken = jwtUtils.generateToken(member.getUserId(), member.getRole().getValue(),
-                Long.parseLong(Objects.requireNonNull(env.getProperty("token.expiration_time_refresh"))));
         
-
         member.setRefreshToken(refreshToken);
+        member.setLoginIp(httpUtils.getClientIp());
         member.setLastLoginAt(LocalDateTime.now());
-
+        memberService.updateMember(member);
-        memberService.updateRefreshToken(member);
 
         // Refresh 토큰 쿠키 저장
-        Cookie refreshTokenCookie = new Cookie("RefreshToken", refreshToken);
+        jwtUtils.setRefreshTokenCookie(response, refreshToken);
-        refreshTokenCookie.setHttpOnly(true);
-        refreshTokenCookie.setSecure(false);
-        refreshTokenCookie.setPath("/");
-        refreshTokenCookie.setMaxAge(Integer.parseInt(env.getProperty("token.expiration_time_refresh")));
 
-        // JWT 토큰 전달
+        // Access 토큰 전달
         response.setHeader("Authorization", "Bearer " + accessToken);
-//        response.addCookie(refreshTokenCookie);
-        response.addHeader("Set-Cookie", 
-        	    String.format("%s=%s; HttpOnly; Secure; Path=/; Max-Age=%d; SameSite=None", 
-        	    refreshTokenCookie.getName(), 
-        	    refreshTokenCookie.getValue(), 
-        	    refreshTokenCookie.getMaxAge()));
 
         SecurityContextHolderStrategy contextHolder = SecurityContextHolder.getContextHolderStrategy();
         SecurityContext context = contextHolder.createEmptyContext();
@@ -112,8 +90,10 @@ public class JwtAuthenticationFilter extends UsernamePasswordAuthenticationFilte
 
         // login 성공 메시지 전송
         response.setStatus(HttpStatus.OK.value());
-        response.setContentType(MediaType.APPLICATION_JSON_VALUE);
+        response.setContentType(MediaType.APPLICATION_JSON_VALUE + ";charset=UTF-8");
-        new ObjectMapper().writeValue(response.getWriter(),
+        objectMapper.writeValue(
-                ApiResponseDto.success(ApiResponseCode.LOGIN_SUCCESSFUL, memberData));
+            response.getWriter(),
+            ApiResponseDto.success(ApiResponseCode.LOGIN_SUCCESSFUL, memberData)
+        );
     }
 }

src/main/java/com/bio/bio_backend/global/filter/JwtTokenValidationFilter.java

@@ -0,0 +1,131 @@
+package com.bio.bio_backend.global.filter;
+
+import java.io.IOException;
+import java.util.Objects;
+
+import org.springframework.core.env.Environment;
+import org.springframework.http.MediaType;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import com.bio.bio_backend.global.dto.ApiResponseDto;
+import com.bio.bio_backend.domain.base.member.service.MemberService;
+import com.bio.bio_backend.global.constants.ApiResponseCode;
+import com.bio.bio_backend.global.utils.JwtUtils;
+import com.bio.bio_backend.global.config.SecurityPathConfig;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+
+@RequiredArgsConstructor
+@Slf4j
+public class JwtTokenValidationFilter extends OncePerRequestFilter {
+
+    private final JwtUtils jwtUtils;
+    private final MemberService memberService;
+    private final Environment env;
+    private final SecurityPathConfig securityPathConfig;
+
+    @Override
+    protected boolean shouldNotFilter(HttpServletRequest request) throws ServletException {
+        String path = request.getRequestURI();
+        String contextPath = env.getProperty("server.servlet.context-path", "");
+        
+        return securityPathConfig.isPermittedPath(path, contextPath);
+    }
+
+    @Override
+    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
+                                    FilterChain filterChain) throws ServletException, IOException {
+
+        log.debug("JWT 토큰 검증 필터 실행 - URI: {}", request.getRequestURI());
+
+        String accessToken = jwtUtils.extractAccessJwtFromRequest(request);
+        String refreshToken = jwtUtils.extractRefreshJwtFromCookie(request);
+
+        // Access Token이 있고 유효한 경우
+        if (accessToken != null && jwtUtils.validateAccessToken(accessToken)) {
+            String username = jwtUtils.extractUsername(accessToken);
+            UserDetails userDetails = memberService.loadUserByUsername(username);
+
+            if (userDetails != null) {
+                UsernamePasswordAuthenticationToken authentication =
+                        new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
+                authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
+                SecurityContextHolder.getContext().setAuthentication(authentication);
+                
+                log.debug("Access Token 인증 성공: {}", username);
+                filterChain.doFilter(request, response);
+                return;
+            }
+        }
+
+        // Access Token이 없거나 만료된 경우, Refresh Token으로 갱신 시도
+        if (refreshToken != null) {
+            // 1. Refresh Token 유효성 검증
+            if (!jwtUtils.isValidRefreshToken(refreshToken)) {
+                log.warn("Refresh Token이 유효하지 않습니다. URI: {}", request.getRequestURI());
+                sendJsonResponse(response, ApiResponseDto.fail(ApiResponseCode.JWT_TOKEN_EXPIRED));
+                return;
+            }
+            
+            // 2. IP 주소 검증
+            if (!jwtUtils.isValidClientIp(refreshToken, request.getRemoteAddr())) {
+                log.warn("클라이언트 IP 주소가 일치하지 않습니다. URI: {}, IP: {}", 
+                        request.getRequestURI(), request.getRemoteAddr());
+                sendJsonResponse(response, ApiResponseDto.fail(ApiResponseCode.INVALID_CLIENT_IP));
+                return;
+            }
+            
+            // 모든 검증을 통과한 경우 토큰 갱신 진행
+            String username = jwtUtils.extractUsername(refreshToken);
+            String role = jwtUtils.extractRole(refreshToken);
+            
+            // 새로운 Access Token 생성
+            String newAccessToken = jwtUtils.generateToken(username, role,
+                    Long.parseLong(Objects.requireNonNull(env.getProperty("token.expiration_time_access"))));
+            
+            // 새로운 Access Token을 응답 헤더에 설정
+            response.setHeader("Authorization", "Bearer " + newAccessToken);
+            
+            // Refresh Token 갱신
+            String newRefreshToken = jwtUtils.refreshTokens(username, role);
+            jwtUtils.setRefreshTokenCookie(response, newRefreshToken);
+            
+            // 인증 정보 설정
+            UserDetails userDetails = memberService.loadUserByUsername(username);
+            if (userDetails != null) {
+                UsernamePasswordAuthenticationToken authentication =
+                        new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
+                authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
+                SecurityContextHolder.getContext().setAuthentication(authentication);
+            }
+            
+            log.info("토큰 자동 갱신 성공: {}", username);
+            filterChain.doFilter(request, response);
+            return;
+        }
+
+        // 토큰이 없거나 모두 유효하지 않은 경우
+        log.warn("유효한 JWT 토큰이 없습니다. URI: {}", request.getRequestURI());
+        sendJsonResponse(response, ApiResponseDto.fail(ApiResponseCode.JWT_TOKEN_NULL));
+    }
+
+    private void sendJsonResponse(HttpServletResponse response, ApiResponseDto<?> apiResponse) throws IOException {
+        response.setContentType(MediaType.APPLICATION_JSON_VALUE);
+        response.setCharacterEncoding("UTF-8");
+        response.setStatus(apiResponse.getCode());
+
+        ObjectMapper objectMapper = new ObjectMapper();
+        String jsonResponse = objectMapper.writeValueAsString(apiResponse);
+        response.getWriter().write(jsonResponse);
+    }
+}

src/main/java/com/bio/bio_backend/global/filter/UriAllowFilter.java

@@ -1,11 +1,9 @@
-package com.bio.bio_backend.global.security;
+package com.bio.bio_backend.global.filter;
 
 
-import java.util.Arrays;
 import java.util.regex.Pattern;
 
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.annotation.Bean;
 import org.springframework.stereotype.Component;
 
 import jakarta.servlet.http.HttpServletRequest;

src/main/java/com/bio/bio_backend/global/security/JwtTokenFilter.java

@@ -1,102 +0,0 @@
-package com.bio.bio_backend.global.security;
-
-import java.io.IOException;
-import java.util.Objects;
-
-import org.springframework.core.env.Environment;
-import org.springframework.http.MediaType;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.security.core.userdetails.UserDetails;
-import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
-import org.springframework.web.filter.OncePerRequestFilter;
-
-import com.fasterxml.jackson.databind.ObjectMapper;
-
-import io.jsonwebtoken.ExpiredJwtException;
-import jakarta.servlet.FilterChain;
-import jakarta.servlet.ServletException;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-import com.bio.bio_backend.global.dto.ApiResponseDto;
-import com.bio.bio_backend.domain.user.member.service.MemberService;
-import com.bio.bio_backend.global.constants.ApiResponseCode;
-import com.bio.bio_backend.global.utils.JwtUtils;
-import lombok.RequiredArgsConstructor;
-import lombok.extern.slf4j.Slf4j;
-
-@RequiredArgsConstructor
-@Slf4j
-public class JwtTokenFilter extends OncePerRequestFilter {
-
-    private final JwtUtils jwtUtils;
-    private final MemberService memberService;
-    private final Environment env;
-
-    private final UriAllowFilter uriAllowFilter;
-    
-    @Override
-    protected boolean shouldNotFilter(HttpServletRequest request) throws ServletException {
-    	return uriAllowFilter.authExceptionAllow(request);
-    }
-
-    @Override
-    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
-                                    FilterChain filterChain) throws ServletException, IOException {
-
-        String accessToken = jwtUtils.extractAccessJwtFromRequest(request);
-        String refreshToken = jwtUtils.extractRefreshJwtFromCookie(request);
-
-        if(accessToken == null){
-            sendJsonResponse(response, ApiResponseDto.fail(ApiResponseCode.JWT_TOKEN_NULL, null));
-            return;
-        }
-
-        try {
-            // 토큰 유효성 검사
-            try {
-                if (jwtUtils.validateAccessToken(accessToken)) {
-                    String username = jwtUtils.extractUsername(accessToken);
-                    UserDetails userDetails = memberService.loadUserByUsername(username);
-
-                    if (userDetails != null) {
-                        UsernamePasswordAuthenticationToken authentication =
-                                new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
-                        authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
-                        SecurityContextHolder.getContext().setAuthentication(authentication);
-                        filterChain.doFilter(request, response);
-                        return;
-                    }
-                }
-            } catch (ExpiredJwtException ignored) {
-                // Access Token이 만료된 경우에만 ignored >> Refresh Token 검증 수행
-            }
-            // Refresh Token 유효성 검사
-            if (refreshToken != null && jwtUtils.validateRefreshToken(refreshToken)) {
-                String username = jwtUtils.extractUsername(refreshToken);
-                String role = (String) jwtUtils.extractAllClaims(refreshToken).get("role");
-                String newAccessToken = jwtUtils.generateToken(username, role,
-                        Long.parseLong(Objects.requireNonNull(env.getProperty("token.expiration_time_access"))));
-                // 새로운 Access Token을 응답 헤더에 설정
-                response.setHeader("Authorization", "Bearer " + newAccessToken);
-                filterChain.doFilter(request, response);
-            } else {
-                sendJsonResponse(response, ApiResponseDto.fail(ApiResponseCode.ALL_TOKEN_INVALID, null));
-            }
-        } catch (Exception e) {
-            request.setAttribute("exception", e);
-        }
-
-        filterChain.doFilter(request, response);
-    }
-
-    private void sendJsonResponse(HttpServletResponse response, ApiResponseDto<?> apiResponse) throws IOException {
-        response.setContentType(MediaType.APPLICATION_JSON_VALUE);
-        response.setCharacterEncoding("UTF-8");
-        response.setStatus(apiResponse.getCode());
-
-        ObjectMapper objectMapper = new ObjectMapper();
-        String jsonResponse = objectMapper.writeValueAsString(apiResponse);
-        response.getWriter().write(jsonResponse);
-    }
-}

src/main/java/com/bio/bio_backend/global/security/WebSecurity.java

@@ -1,5 +1,7 @@
 package com.bio.bio_backend.global.security;
 
+import com.bio.bio_backend.global.filter.JwtTokenIssuanceFilter;
+import com.bio.bio_backend.global.filter.JwtTokenValidationFilter;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.core.env.Environment;
@@ -8,22 +10,19 @@ import org.springframework.security.config.annotation.authentication.builders.Au
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
+import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
-import org.springframework.web.filter.CorsFilter;
 
 import com.fasterxml.jackson.databind.ObjectMapper;
 
-import jakarta.servlet.Filter;
+
-//import com.bio.bio_backend.domain.common.service.AccessLogService;
+import com.bio.bio_backend.domain.base.member.service.MemberService;
-import com.bio.bio_backend.domain.user.member.service.MemberService;
 import com.bio.bio_backend.global.exception.CustomAuthenticationFailureHandler;
-import com.bio.bio_backend.global.exception.JwtAccessDeniedHandler;
-import com.bio.bio_backend.global.exception.JwtAuthenticationEntryPoint;
-//import com.bio.bio_backend.global.filter.HttpLoggingFilter;
-import com.bio.bio_backend.global.utils.HttpUtils;
 import com.bio.bio_backend.global.utils.JwtUtils;
+import com.bio.bio_backend.global.utils.HttpUtils;
+import com.bio.bio_backend.global.config.SecurityPathConfig;
 import lombok.RequiredArgsConstructor;
 
 @Configuration
@@ -34,27 +33,23 @@ public class WebSecurity {
     private final MemberService memberService;
     private final BCryptPasswordEncoder bCryptPasswordEncoder;
     private final JwtUtils jwtUtils;
-//    private final AccessLogService accessLogService;
-    private final CorsFilter corsFilter;
     private final ObjectMapper objectMapper;
-    private final HttpUtils httpUtils;
     private final Environment env;
-    private final JwtAuthenticationEntryPoint jwtAuthenticationEntryPoint;
+    private final SecurityPathConfig securityPathConfig;
-    private final JwtAccessDeniedHandler jwtAccessDeniedHandler;
+    private final HttpUtils httpUtils;
-    
-    private final UriAllowFilter uriAllowFilter;
-    
 
-    private JwtAuthenticationFilter getJwtAuthenticationFilter(AuthenticationManager authenticationManager) throws Exception {
+    private JwtTokenIssuanceFilter getJwtTokenIssuanceFilter(AuthenticationManager authenticationManager) throws Exception {
-        JwtAuthenticationFilter filter = new JwtAuthenticationFilter(authenticationManager, memberService, jwtUtils, env);
+        JwtTokenIssuanceFilter filter = new JwtTokenIssuanceFilter(authenticationManager, jwtUtils, objectMapper, memberService, httpUtils);
-        filter.setFilterProcessesUrl("/login"); // 로그인 EndPoint
+        filter.setFilterProcessesUrl("/login");
         filter.setAuthenticationFailureHandler(new CustomAuthenticationFailureHandler(objectMapper));
         return filter;
     }
 
-    private Filter getJwtTokenFilter() {
+    private JwtTokenValidationFilter getJwtTokenValidationFilter() {
-        return new JwtTokenFilter(jwtUtils, memberService, env, uriAllowFilter);
+        return new JwtTokenValidationFilter(jwtUtils, memberService, env, securityPathConfig);
     }
+
+
     
     @Bean
     SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
@@ -66,35 +61,25 @@ public class WebSecurity {
 
         AuthenticationManager authenticationManager = authenticationManagerBuilder.build();
 
+        // 설정 파일에서 허용할 경로 가져오기
+        String[] permitAllPaths = securityPathConfig.getPermitAllPaths().toArray(new String[0]);
+
         http.csrf(AbstractHttpConfigurer::disable)          //csrf 비활성화
                 .authorizeHttpRequests(request ->               //request 허용 설정
                         request
-                        	.anyRequest().permitAll()  // 모든 요청 허용
+                            .requestMatchers(permitAllPaths).permitAll()  // 설정 파일에서 허용할 경로
-//                    		.requestMatchers("/ws/**").permitAll()
+                            .anyRequest().authenticated()  // 나머지 요청은 인증 필요
-//                            .requestMatchers("/admin/**", "/join").hasAnyAuthority(MemberConstants.ROLE_ADMIN)
-//                            .requestMatchers("/member/**").hasAnyAuthority(MemberConstants.ROLE_MEMBER)
-//                            .anyRequest().authenticated()
                 )
                 .authenticationManager(authenticationManager)
+                .sessionManagement(session -> 
+                    session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)  // 세션 사용 안함
+                )
                 .logout(AbstractHttpConfigurer::disable);
-
+        http
-        // 예외 처리 핸들링
+            // 1단계: JWT 토큰 발급 필터 (로그인 요청 처리 및 토큰 발급)
-        http.exceptionHandling((exceptionConfig) ->
+            .addFilterBefore(getJwtTokenIssuanceFilter(authenticationManager), UsernamePasswordAuthenticationFilter.class)
-                exceptionConfig
+            // 2단계: JWT 토큰 검증 필터 (자동 토큰 갱신 포함)
-                        .authenticationEntryPoint(jwtAuthenticationEntryPoint)
+            .addFilterBefore(getJwtTokenValidationFilter(), UsernamePasswordAuthenticationFilter.class);
-                        .accessDeniedHandler(jwtAccessDeniedHandler)
-        );
-
-//        http
-//        		.addFilterBefore(corsFilter, UsernamePasswordAuthenticationFilter.class)
-//                .addFilterBefore(new HttpLoggingFilter(accessLogService, httpUtils), UsernamePasswordAuthenticationFilter.class)
-//                .addFilterBefore(getJwtAuthenticationFilter(authenticationManager), UsernamePasswordAuthenticationFilter.class)
-//                .addFilterBefore(getJwtTokenFilter(), UsernamePasswordAuthenticationFilter.class);
-
-
-//                .sessionManagement(httpSecuritySessionManagementConfigurer ->       //Session 사용 X
-//                        httpSecuritySessionManagementConfigurer.sessionCreationPolicy(SessionCreationPolicy.STATELESS));
-
 
         return http.build();
     }

src/main/java/com/bio/bio_backend/global/utils/CustomIdGenerator.java

@@ -5,14 +5,12 @@ import java.io.Serializable;
 import org.hibernate.engine.spi.SharedSessionContractImplementor;
 import org.hibernate.id.IdentifierGenerator;
 
-import com.bio.bio_backend.global.utils.OidUtil;
-
 public class CustomIdGenerator implements IdentifierGenerator {
 	
 	private static final long serialVersionUID = 1L;
 	
     @Override
     public Serializable generate(SharedSessionContractImplementor session, Object object) {
-        return OidUtil.generateOid(); // 재사용
+        return OidUtils.generateOid(); // 재사용
     }
 }

src/main/java/com/bio/bio_backend/global/utils/FileUtils.java

@@ -0,0 +1,310 @@
+package com.bio.bio_backend.global.utils;
+
+import org.springframework.util.StringUtils;
+import org.springframework.web.multipart.MultipartFile;
+
+import java.io.IOException;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.nio.file.Paths;
+import java.nio.file.StandardCopyOption;
+import java.time.LocalDate;
+import java.time.format.DateTimeFormatter;
+import java.util.UUID;
+
+/**
+ * 파일 관련 유틸리티 클래스
+ */
+public class FileUtils {
+    
+    /**
+     * 파일 유효성 검사
+     */
+    public static void validateFile(MultipartFile multipartFile) {
+        if (multipartFile == null || multipartFile.isEmpty()) {
+            throw new IllegalArgumentException("업로드할 파일이 없습니다.");
+        }
+    }
+    
+    /**
+     * 파일 리스트 유효성 검사
+     */
+    public static void validateFileList(java.util.List<MultipartFile> files) {
+        if (files == null || files.isEmpty()) {
+            throw new IllegalArgumentException("업로드할 파일이 없습니다.");
+        }
+    }
+    
+    /**
+     * 업로드 디렉토리 생성
+     */
+    public static Path createUploadDirectory(String uploadPath) throws IOException {
+        Path uploadDir = Paths.get(uploadPath);
+        if (!Files.exists(uploadDir)) {
+            Files.createDirectories(uploadDir);
+        }
+        return uploadDir;
+    }
+    
+    /**
+     * 년월일 기반 업로드 디렉토리 생성
+     * 예: uploads/2024/01/15/
+     */
+    public static Path createDateBasedUploadDirectory(String baseUploadPath) throws IOException {
+        LocalDate today = LocalDate.now();
+        String yearMonthDay = today.format(DateTimeFormatter.ofPattern("yyyy/MM/dd"));
+        
+        Path dateBasedPath = Paths.get(baseUploadPath, yearMonthDay);
+        if (!Files.exists(dateBasedPath)) {
+            Files.createDirectories(dateBasedPath);
+        }
+        return dateBasedPath;
+    }
+    
+    /**
+     * 년월 기반 업로드 디렉토리 생성
+     * 예: uploads/2024/01/
+     */
+    public static Path createYearMonthUploadDirectory(String baseUploadPath) throws IOException {
+        LocalDate today = LocalDate.now();
+        String yearMonth = today.format(DateTimeFormatter.ofPattern("yyyy/MM"));
+        
+        Path yearMonthPath = Paths.get(baseUploadPath, yearMonth);
+        if (!Files.exists(yearMonthPath)) {
+            Files.createDirectories(yearMonthPath);
+        }
+        return yearMonthPath;
+    }
+    
+    /**
+     * 년 기반 업로드 디렉토리 생성
+     * 예: uploads/2024/
+     */
+    public static Path createYearUploadDirectory(String baseUploadPath) throws IOException {
+        LocalDate today = LocalDate.now();
+        String year = today.format(DateTimeFormatter.ofPattern("yyyy"));
+        
+        Path yearPath = Paths.get(baseUploadPath, year);
+        if (!Files.exists(yearPath)) {
+            Files.createDirectories(yearPath);
+        }
+        return yearPath;
+    }
+    
+    /**
+     * 지정된 날짜로 업로드 디렉토리 생성
+     * 예: uploads/2024/01/15/
+     */
+    public static Path createDateBasedUploadDirectory(String baseUploadPath, LocalDate date) throws IOException {
+        String yearMonthDay = date.format(DateTimeFormatter.ofPattern("yyyy/MM/dd"));
+        
+        Path dateBasedPath = Paths.get(baseUploadPath, yearMonthDay);
+        if (!Files.exists(dateBasedPath)) {
+            Files.createDirectories(dateBasedPath);
+        }
+        return dateBasedPath;
+    }
+    
+    /**
+     * 파일 확장자 추출
+     */
+    public static String extractFileExtension(String originalFileName) {
+        if (originalFileName == null || !originalFileName.contains(".")) {
+            return "";
+        }
+        return originalFileName.substring(originalFileName.lastIndexOf("."));
+    }
+    
+    /**
+     * 고유한 파일명 생성
+     */
+    public static String generateUniqueFileName(String fileExtension) {
+        return UUID.randomUUID().toString() + fileExtension;
+    }
+    
+    /**
+     * 파일을 디스크에 저장
+     */
+    public static Path saveFileToDisk(MultipartFile multipartFile, Path uploadDir, String storedFileName) throws IOException {
+        Path targetLocation = uploadDir.resolve(storedFileName);
+        Files.copy(multipartFile.getInputStream(), targetLocation, StandardCopyOption.REPLACE_EXISTING);
+        return targetLocation;
+    }
+    
+    /**
+     * 원본 파일명 정리 (경로 정보 제거)
+     */
+    public static String cleanFileName(String originalFileName) {
+        return StringUtils.cleanPath(originalFileName);
+    }
+    
+    /**
+     * 파일 크기를 사람이 읽기 쉬운 형태로 변환
+     */
+    public static String formatFileSize(long bytes) {
+        if (bytes < 1024) return bytes + " B";
+        if (bytes < 1024 * 1024) return String.format("%.1f KB", bytes / 1024.0);
+        if (bytes < 1024 * 1024 * 1024) return String.format("%.1f MB", bytes / (1024.0 * 1024.0));
+        return String.format("%.1f GB", bytes / (1024.0 * 1024.0 * 1024.0));
+    }
+    
+    /**
+     * 파일 확장자로부터 MIME 타입 추정
+     */
+    public static String getMimeTypeFromExtension(String fileName) {
+        if (fileName == null) return "application/octet-stream";
+        
+        String extension = extractFileExtension(fileName).toLowerCase();
+        switch (extension) {
+            case ".txt": return "text/plain";
+            case ".html": case ".htm": return "text/html";
+            case ".css": return "text/css";
+            case ".js": return "application/javascript";
+            case ".json": return "application/json";
+            case ".xml": return "application/xml";
+            case ".pdf": return "application/pdf";
+            case ".zip": return "application/zip";
+            case ".jpg": case ".jpeg": return "image/jpeg";
+            case ".png": return "image/png";
+            case ".gif": return "image/gif";
+            case ".bmp": return "image/bmp";
+            case ".svg": return "image/svg+xml";
+            case ".mp4": return "video/mp4";
+            case ".avi": return "video/x-msvideo";
+            case ".mp3": return "audio/mpeg";
+            case ".wav": return "audio/wav";
+            default: return "application/octet-stream";
+        }
+    }
+    
+    /**
+     * 안전한 파일명 생성 (특수문자 제거)
+     */
+    public static String createSafeFileName(String originalFileName) {
+        if (originalFileName == null) return "";
+        
+        // 특수문자 제거 및 공백을 언더스코어로 변경
+        String safeName = originalFileName
+                .replaceAll("[^a-zA-Z0-9가-힣._-]", "_")
+                .replaceAll("_+", "_")
+                .trim();
+        
+        // 파일명이 너무 길면 자르기
+        if (safeName.length() > 100) {
+            String extension = extractFileExtension(safeName);
+            safeName = safeName.substring(0, 100 - extension.length()) + extension;
+        }
+        
+        return safeName;
+    }
+    
+    /**
+     * 파일이 이미지인지 확인
+     */
+    public static boolean isImageFile(String fileName) {
+        if (fileName == null) return false;
+        
+        String extension = extractFileExtension(fileName).toLowerCase();
+        return extension.matches("\\.(jpg|jpeg|png|gif|bmp|svg|webp)$");
+    }
+    
+    /**
+     * 파일이 문서인지 확인
+     */
+    public static boolean isDocumentFile(String fileName) {
+        if (fileName == null) return false;
+        
+        String extension = extractFileExtension(fileName).toLowerCase();
+        return extension.matches("\\.(pdf|doc|docx|xls|xlsx|ppt|pptx|txt|rtf)$");
+    }
+    
+    /**
+     * 파일이 압축파일인지 확인
+     */
+    public static boolean isArchiveFile(String fileName) {
+        if (fileName == null) return false;
+        
+        String extension = extractFileExtension(fileName).toLowerCase();
+        return extension.matches("\\.(zip|rar|7z|tar|gz|bz2)$");
+    }
+    
+    /**
+     * 현재 날짜의 년월일 문자열 반환
+     * 예: "2024/01/15"
+     */
+    public static String getCurrentDatePath() {
+        LocalDate today = LocalDate.now();
+        return today.format(DateTimeFormatter.ofPattern("yyyy/MM/dd"));
+    }
+    
+    /**
+     * 지정된 날짜의 년월일 문자열 반환
+     * 예: "2024/01/15"
+     */
+    public static String getDatePath(LocalDate date) {
+        return date.format(DateTimeFormatter.ofPattern("yyyy/MM/dd"));
+    }
+    
+    /**
+     * 파일 경로에서 년월일 정보 추출
+     * 예: "uploads/2024/01/15/file.txt" -> "2024/01/15"
+     */
+    public static String extractDateFromPath(String filePath) {
+        if (filePath == null || filePath.isEmpty()) {
+            return "";
+        }
+        
+        // 정규식으로 년/월/일 패턴 찾기
+        java.util.regex.Pattern pattern = java.util.regex.Pattern.compile("(\\d{4}/\\d{2}/\\d{2})");
+        java.util.regex.Matcher matcher = pattern.matcher(filePath);
+        
+        if (matcher.find()) {
+            return matcher.group(1);
+        }
+        
+        return "";
+    }
+    
+    /**
+     * 년월일 폴더 구조가 유효한지 확인
+     * 예: "2024/01/15" -> true, "2024/13/45" -> false
+     */
+    public static boolean isValidDatePath(String datePath) {
+        if (datePath == null || datePath.isEmpty()) {
+            return false;
+        }
+        
+        try {
+            String[] parts = datePath.split("/");
+            if (parts.length != 3) {
+                return false;
+            }
+            
+            int year = Integer.parseInt(parts[0]);
+            int month = Integer.parseInt(parts[1]);
+            int day = Integer.parseInt(parts[2]);
+            
+            // 년도 범위 체크 (1900 ~ 2100)
+            if (year < 1900 || year > 2100) {
+                return false;
+            }
+            
+            // 월 범위 체크 (1 ~ 12)
+            if (month < 1 || month > 12) {
+                return false;
+            }
+            
+            // 일 범위 체크 (1 ~ 31)
+            if (day < 1 || day > 31) {
+                return false;
+            }
+            
+            // 실제 존재하는 날짜인지 확인
+            LocalDate.of(year, month, day);
+            return true;
+            
+        } catch (Exception e) {
+            return false;
+        }
+    }
+}

src/main/java/com/bio/bio_backend/global/utils/JwtUtils.java

@@ -6,15 +6,18 @@ import io.jsonwebtoken.io.Decoders;
 import io.jsonwebtoken.security.Keys;
 import jakarta.servlet.http.Cookie;
 import jakarta.servlet.http.HttpServletRequest;
-import com.bio.bio_backend.domain.user.member.service.MemberService;
+import jakarta.servlet.http.HttpServletResponse;
+import com.bio.bio_backend.domain.base.member.service.MemberService;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Value;
+import org.springframework.core.env.Environment;
 import org.springframework.stereotype.Component;
 import org.springframework.util.StringUtils;
 
 import javax.crypto.SecretKey;
 import java.util.Date;
+import java.util.Objects;
 
 @Component
 @RequiredArgsConstructor
@@ -22,6 +25,7 @@ import java.util.Date;
 public class JwtUtils {
 
     private final MemberService memberService;
+    private final Environment env;
 
     @Value("${token.secret_key}")
     private String SECRET_KEY;
@@ -45,12 +49,82 @@ public class JwtUtils {
 
     // Token 검증
     public Boolean validateAccessToken(String token) {
-        return isTokenExpired(token);
+        try {
+            return isTokenExpired(token);
+        } catch (io.jsonwebtoken.ExpiredJwtException e) {
+            log.debug("Access Token 만료: {}", e.getMessage());
+            return false;
+        } catch (Exception e) {
+            log.debug("Access Token 검증 실패: {}", e.getMessage());
+            return false;
+        }
     }
 
-    public Boolean validateRefreshToken(String token) {
+    // Refresh Token 생성 시 IP 정보 포함
-        String saveToken = memberService.getRefreshToken(extractUsername(token));
+    public String createRefreshToken(String username, String role, String clientIp) {
-        return (saveToken.equals(token) && isTokenExpired(token));
+        return generateToken(username, role, clientIp,
+                Long.parseLong(Objects.requireNonNull(env.getProperty("token.expiration_time_refresh"))));
+    }
+
+    // IP 정보를 포함한 토큰 생성
+    public String generateToken(String username, String role, String clientIp, long expirationTime) {
+        return Jwts.builder()
+                .subject(username)
+                .claim("role", role)
+                .claim("ip", clientIp)  // IP 정보 추가
+                .issuedAt(new Date(System.currentTimeMillis()))
+                .expiration(new Date(System.currentTimeMillis() + expirationTime))
+                .signWith(getSigningKey())
+                .compact();
+    }
+
+    // IP 정보 추출
+    public String extractClientIp(String token) {
+        Claims claims = extractAllClaims(token);
+        return claims.get("ip", String.class);
+    }
+
+    // Refresh Token 검증 시 IP도 함께 검증
+    public Boolean validateRefreshToken(String token, String clientIp) {
+        // 1. 토큰 유효성 검증
+        if (!isValidRefreshToken(token)) {
+            return false;
+        }
+        
+        // 2. IP 주소 검증
+        if (!isValidClientIp(token, clientIp)) {
+            return false;
+        }
+        
+        return true;
+    }
+    
+    // Refresh Token 유효성 검증 (토큰 일치, 만료 여부)
+    public Boolean isValidRefreshToken(String token) {
+        try {
+            String savedToken = memberService.getRefreshToken(extractUsername(token));
+            return savedToken.equals(token) && !isTokenExpired(token);
+        } catch (Exception e) {
+            log.debug("Refresh Token 검증 실패: {}", e.getMessage());
+            return false;
+        }
+    }
+    
+    // 클라이언트 IP 주소 검증
+    public Boolean isValidClientIp(String token, String clientIp) {
+        try {
+            String tokenIp = extractClientIp(token);
+            boolean isValid = Objects.equals(tokenIp, clientIp);
+            
+            if (!isValid) {
+                log.debug("IP 주소 불일치 - 토큰 IP: {}, 클라이언트 IP: {}", tokenIp, clientIp);
+            }
+            
+            return isValid;
+        } catch (Exception e) {
+            log.debug("IP 주소 검증 실패: {}", e.getMessage());
+            return false;
+        }
     }
 
     private boolean isTokenExpired(String token) {
@@ -60,6 +134,12 @@ public class JwtUtils {
     public String extractUsername(String token) {
         return extractAllClaims(token).getSubject();
     }
+    
+    // Role 정보 추출
+    public String extractRole(String token) {
+        Claims claims = extractAllClaims(token);
+        return claims.get("role", String.class);
+    }
 
     public Claims extractAllClaims(String token) {
 
@@ -87,4 +167,36 @@ public class JwtUtils {
         }
         return null;
     }
+
+    // Access Token 생성
+    public String createAccessToken(String username, String role) {
+        return generateToken(username, role,
+                Long.parseLong(Objects.requireNonNull(env.getProperty("token.expiration_time_access"))));
+    }
+    
+    // Refresh Token 생성
+    public String createRefreshToken(String username, String role) {
+        return generateToken(username, role,
+                Long.parseLong(Objects.requireNonNull(env.getProperty("token.expiration_time_refresh"))));
+    }
+    
+    // Refresh Token 갱신 (Access Token 갱신 시 함께)
+    public String refreshTokens(String username, String role) {
+        // 새로운 Refresh Token 생성 및 DB 저장
+        String newRefreshToken = createRefreshToken(username, role);
+        
+        log.info("Refresh Token 갱신 완료: {}", username);
+        return newRefreshToken;
+    }
+    
+    // Refresh Token 쿠키 설정
+    public void setRefreshTokenCookie(HttpServletResponse response, String refreshToken) {
+        Cookie refreshTokenCookie = new Cookie("RefreshToken", refreshToken);
+        refreshTokenCookie.setHttpOnly(true);
+        refreshTokenCookie.setSecure(false);
+        refreshTokenCookie.setPath("/");
+        refreshTokenCookie.setMaxAge(Integer.parseInt(env.getProperty("token.expiration_time_refresh")));
+        
+        response.addCookie(refreshTokenCookie);
+    }
 }

src/main/java/com/bio/bio_backend/global/utils/OidUtils.java

@@ -2,7 +2,7 @@ package com.bio.bio_backend.global.utils;
 
 import java.util.concurrent.atomic.AtomicInteger;
 
-public class OidUtil {
+public class OidUtils {
     private static final int MAX_SEQUENCE = 999;
     private static volatile Long lastTimestamp = null;
     private static AtomicInteger sequence = new AtomicInteger(0);

src/main/java/com/bio/bio_backend/global/utils/SecurityUtils.java

@@ -0,0 +1,68 @@
+package com.bio.bio_backend.global.utils;
+
+import com.bio.bio_backend.domain.base.member.dto.MemberDto;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.stereotype.Component;
+
+@Slf4j
+@Component
+public class SecurityUtils {
+
+    /**
+     * 현재 인증된 사용자의 Authentication 객체를 반환합니다.
+     * @return Authentication 객체
+     */
+    public static Authentication getCurrentAuthentication() {
+        return SecurityContextHolder.getContext().getAuthentication();
+    }
+
+    /**
+     * 현재 인증된 사용자의 MemberDto를 반환합니다.
+     * @return MemberDto 객체
+     */
+    public static MemberDto getCurrentMember() {
+        Authentication authentication = getCurrentAuthentication();
+        if (authentication != null && authentication.getPrincipal() instanceof MemberDto) {
+            return (MemberDto) authentication.getPrincipal();
+        }
+        return null;
+    }
+
+    /**
+     * 현재 인증된 사용자의 userId를 반환합니다.
+     * @return userId 문자열
+     */
+    public static String getCurrentUserId() {
+        MemberDto member = getCurrentMember();
+        return member != null ? member.getUserId() : null;
+    }
+
+    /**
+     * 현재 인증된 사용자의 oid를 반환합니다.
+     * @return oid Long 값
+     */
+    public static Long getCurrentUserOid() {
+        MemberDto member = getCurrentMember();
+        return member != null ? member.getOid() : null;
+    }
+
+    /**
+     * 현재 인증된 사용자가 로그인되어 있는지 확인합니다.
+     * @return 로그인 여부
+     */
+    public static boolean isAuthenticated() {
+        Authentication authentication = getCurrentAuthentication();
+        return authentication != null && authentication.isAuthenticated();
+    }
+
+    /**
+     * 현재 인증된 사용자의 역할을 반환합니다.
+     * @return 역할 문자열
+     */
+    public static String getCurrentUserRole() {
+        MemberDto member = getCurrentMember();
+        return member != null ? member.getRole().name() : null;
+    }
+}

src/main/resources/application.properties

@@ -19,10 +19,15 @@ spring.datasource.url=jdbc:postgresql://stam.kr:15432/imas
 spring.datasource.username=imas_user
 spring.datasource.password=stam1201
 spring.datasource.driver-class-name=org.postgresql.Driver
+# 운영 환경 변수 설정 필요
+# spring.datasource.url=${DB_URL:}
+# spring.datasource.username=${DB_USERNAME:}
+# spring.datasource.password=${DB_PASSWORD:}
 
 # ========================================
 # JPA/Hibernate 설정
 # ========================================
+# 개발 환경 설정
 spring.jpa.hibernate.ddl-auto=none
 spring.jpa.open-in-view=false
 spring.jpa.show-sql=false
@@ -30,6 +35,12 @@ spring.jpa.properties.hibernate.format_sql=true
 spring.jpa.properties.hibernate.highlight_sql=true
 spring.jpa.properties.hibernate.use_sql_comments=false
 
+# 배치 처리 설정
+spring.jpa.properties.hibernate.default_batch_fetch_size=100
+spring.jpa.properties.hibernate.jdbc.batch_size=100
+spring.jpa.properties.hibernate.order_inserts=true
+spring.jpa.properties.hibernate.order_updates=true
+
 # 스키마 생성 설정
 spring.jpa.properties.javax.persistence.schema-generation.scripts.action=create
 spring.jpa.properties.javax.persistence.schema-generation.scripts.create-target=ddl/schema.sql
@@ -80,9 +91,13 @@ decorator.datasource.p6spy.log-format=%(sqlSingleLine)
 # ========================================
 # JWT 설정
 # ========================================
-token.expiration_time_access=180000
+token.expiration_time_access=900000
-token.expiration_time_refresh=604800000
+token.expiration_time_refresh=86400000
-token.secret_key=c3RhbV9qd3Rfc2VjcmV0X3Rva2Vuc3RhbV9qd3Rfc2VjcmV0X3RhbV9qd3Rfc2VjcmV0X3Rva2Vu
+token.secret_key=c3RhbV9qd3Rfc2VjcmV0X3Rva2Vuc3RhbV9qd3Rfc2VjcmV0X3RhbV9qd3Rfc2VjcmV0X3RhbV9qd3Rfc2VjcmV0X3Rva2Vu
+# 운영 환경 변수 설정 필요
+# token.secret_key=${JWT_SECRET_KEY:}
+
+
 
 # ========================================
 # Swagger 설정
@@ -96,3 +111,17 @@ springdoc.swagger-ui.disable-swagger-default-url=true
 springdoc.default-produces-media-type=application/json
 springdoc.default-consumes-media-type=application/json
 
+# ========================================
+# 보안 설정 - 허용할 경로
+# ========================================
+security.permit-all-paths=/login,/members/register,/swagger-ui/**,/swagger-ui.html,/swagger-ui/index.html,/api-docs,/api-docs/**,/v3/api-docs,/v3/api-docs/**,/ws/**
+
+# 파일 업로드 설정
+# ========================================
+spring.servlet.multipart.enabled=true
+spring.servlet.multipart.max-file-size=10MB
+spring.servlet.multipart.max-request-size=10MB
+spring.servlet.multipart.file-size-threshold=2KB
+
+# 파일 저장 경로 설정
+app.file.upload.path=./uploads/