📝 resolved conflict merge at sercurity constants

.github/workflows/ci-cd.yml

@@ -44,6 +44,16 @@ jobs:
       - name: Build and run application
         env:
           JWT_SECRET_KEY: ${{ secrets.JWT_SECRET_KEY }}
+          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY }}
+          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          AWS_S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }}
+          AWS_REGION: ${{ secrets.AWS_REGION }}
+          GOOGLE_CLI_ID: ${{ secrets.GOOGLE_CLI_ID }}
+          GOOGLE_CLI_SECRET: ${{ secrets.GOOGLE_CLI_SECRET }}
+          NAVER_CLI_ID: ${{ secrets.NAVER_CLI_ID }}
+          NAVER_CLI_SECRET: ${{ secrets.NAVER_CLI_SECRET }}
+          KAKAO_CLI_ID: ${{ secrets.KAKAO_CLI_ID }}
+          KAKAO_CLI_SECRET: ${{ secrets.KAKAO_CLI_SECRET }}
         run: |
           ./gradlew build
           ./gradlew test
@@ -86,5 +96,15 @@ jobs:
             sudo docker pull ${{ secrets.DOCKER_USERNAME }}/karrot
             sudo docker run -d -p 8080:8080 \
               -e JWT_SECRET_KEY=${{ secrets.JWT_SECRET_KEY }} \
+              -e AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID }} \
+              -e AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY }} \
+              -e AWS_S3_BUCKET=${{ secrets.AWS_S3_BUCKET }} \
+              -e AWS_REGION=${{ secrets.AWS_REGION }} \
+              -e GOOGLE_CLI_ID=${{ secrets.GOOGLE_CLI_ID }} \
+              -e GOOGLE_CLI_SECRET=${{ secrets.GOOGLE_CLI_SECRET }} \
+              -e NAVER_CLI_ID=${{ secrets.NAVER_CLI_ID }} \
+              -e NAVER_CLI_SECRET=${{ secrets.NAVER_CLI_SECRET }} \
+              -e KAKAO_CLI_ID=${{ secrets.KAKAO_CLI_ID }} \
+              -e KAKAO_CLI_SECRET=${{ secrets.KAKAO_CLI_SECRET }} \
               ${{ secrets.DOCKER_USERNAME }}/karrot
             sudo docker image prune -f

.gitignore

@@ -5,6 +5,9 @@ build/
 !**/src/main/**/build/
 !**/src/test/**/build/
 
+### ./env ###
+.env
+
 ### STS ###
 .apt_generated
 .classpath

build.gradle.kts

@@ -34,6 +34,12 @@ dependencies {
     implementation("com.github.ben-manes.caffeine:caffeine:3.1.8")
     implementation("org.mindrot:jbcrypt:0.4")
     implementation("com.mysql:mysql-connector-j:8.2.0")
+    implementation(platform("software.amazon.awssdk:bom:2.20.15"))
+    implementation("software.amazon.awssdk:s3")
+    implementation("software.amazon.awssdk:auth")
+    implementation("org.springframework.boot:spring-boot-starter-websocket")
+    implementation("org.webjars:stomp-websocket:2.3.4")
+    implementation("org.webjars:sockjs-client:1.5.1")
     testImplementation("org.springframework.boot:spring-boot-starter-test")
     testImplementation("org.springframework.security:spring-security-test")
     testImplementation("org.jetbrains.kotlin:kotlin-test-junit5")

src/main/kotlin/com/toyProject7/karrot/AwsS3Config.kt

@@ -0,0 +1,41 @@
+package com.toyProject7.karrot
+
+import org.springframework.context.annotation.Bean
+import org.springframework.context.annotation.Configuration
+import software.amazon.awssdk.auth.credentials.EnvironmentVariableCredentialsProvider
+import software.amazon.awssdk.regions.Region
+import software.amazon.awssdk.services.s3.S3Client
+import software.amazon.awssdk.services.s3.presigner.S3Presigner
+
+@Configuration
+class AwsS3Config {
+    @Bean
+    fun s3Client(): S3Client {
+        val regionName = System.getenv("AWS_REGION") ?: "Something went wrong"
+        if (regionName == "Something went wrong") {
+            throw IllegalStateException(
+                "AWS_S3_BUCKET environment variable is missing. Please configure it.",
+            )
+        }
+
+        return S3Client.builder()
+            .region(Region.of(regionName))
+            .credentialsProvider(EnvironmentVariableCredentialsProvider.create())
+            .build()
+    }
+
+    @Bean
+    fun s3Presigner(): S3Presigner {
+        val regionName = System.getenv("AWS_REGION") ?: "Something went wrong"
+        if (regionName == "Something went wrong") {
+            throw IllegalStateException(
+                "AWS_S3_BUCKET environment variable is missing. Please configure it.",
+            )
+        }
+
+        return S3Presigner.builder()
+            .region(Region.of(regionName))
+            .credentialsProvider(EnvironmentVariableCredentialsProvider.create())
+            .build()
+    }
+}

src/main/kotlin/com/toyProject7/karrot/SecurityConfig.kt

@@ -9,9 +9,13 @@ import org.springframework.context.annotation.Configuration
 import org.springframework.http.HttpStatus
 import org.springframework.security.config.annotation.web.builders.HttpSecurity
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
+import org.springframework.security.config.http.SessionCreationPolicy
+import org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter
 import org.springframework.security.web.SecurityFilterChain
 import org.springframework.security.web.authentication.HttpStatusEntryPoint
-import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
+import org.springframework.web.cors.CorsConfiguration
+import org.springframework.web.cors.CorsConfigurationSource
+import org.springframework.web.cors.UrlBasedCorsConfigurationSource
 
 @Configuration
 @EnableWebSecurity
@@ -23,11 +27,15 @@ class SecurityConfig(
     @Bean
     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
         return http
+            .cors { cors ->
+                cors.configurationSource(corsConfigurationSource())
+            }
             .csrf { csrf -> csrf.disable() }
             .authorizeHttpRequests { registry ->
                 registry
                     .requestMatchers(
                         *SecurityConstants.PUBLIC_PATHS,
+                        "/ws/**",
                     ).permitAll()
                     .anyRequest().authenticated()
             }
@@ -37,14 +45,33 @@ class SecurityConfig(
             .exceptionHandling { exceptionHandling ->
                 exceptionHandling.authenticationEntryPoint(HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED))
             }
+            .sessionManagement { sessionManagement ->
+                sessionManagement.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
+            }
             .oauth2Login { oauth2login ->
                 oauth2login
                     .userInfoEndpoint { userInfo ->
                         userInfo.userService(socialLoginUserService)
                     }
                     .successHandler(customAuthenticationSuccessHandler)
             }
-            .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter::class.java)
+            .addFilterBefore(jwtAuthenticationFilter, OAuth2LoginAuthenticationFilter::class.java)
             .build()
     }
+
+    @Bean
+    fun corsConfigurationSource(): CorsConfigurationSource {
+        val configuration = CorsConfiguration()
+        configuration.allowedOrigins =
+            listOf(
+                "https://toykarrot.shop",
+                "http://localhost:5173",
+            )
+        configuration.allowedMethods = listOf("GET", "POST", "PUT", "DELETE", "OPTIONS")
+        configuration.allowedHeaders = listOf("*")
+        configuration.allowCredentials = true
+        val source = UrlBasedCorsConfigurationSource()
+        source.registerCorsConfiguration("/**", configuration)
+        return source
+    }
 }

src/main/kotlin/com/toyProject7/karrot/WebSocketConfig.kt

@@ -0,0 +1,20 @@
+package com.toyProject7.karrot
+
+import org.springframework.context.annotation.Configuration
+import org.springframework.messaging.simp.config.MessageBrokerRegistry
+import org.springframework.web.socket.config.annotation.EnableWebSocketMessageBroker
+import org.springframework.web.socket.config.annotation.StompEndpointRegistry
+import org.springframework.web.socket.config.annotation.WebSocketMessageBrokerConfigurer
+
+@Configuration
+@EnableWebSocketMessageBroker
+class WebSocketConfig : WebSocketMessageBrokerConfigurer {
+    override fun registerStompEndpoints(registry: StompEndpointRegistry) {
+        registry.addEndpoint("/ws").setAllowedOriginPatterns("*").withSockJS()
+    }
+
+    override fun configureMessageBroker(config: MessageBrokerRegistry) {
+        config.enableSimpleBroker("/topic") // 구독 경로
+        config.setApplicationDestinationPrefixes("/app") // 전송 경로
+    }
+}

src/main/kotlin/com/toyProject7/karrot/article/controller/Article.kt

@@ -9,11 +9,15 @@ data class Article(
     val seller: User,
     val title: String,
     val content: String,
+    val tag: String,
     val price: Int,
-    val status: String,
+    val status: Int,
     val location: String,
+    var imagePresignedUrl: List<String>,
     val createdAt: Instant,
     val likeCount: Int,
+    val viewCount: Int,
+    var isLiked: Boolean,
 ) {
     companion object {
         fun fromEntity(entity: ArticleEntity): Article {
@@ -22,11 +26,15 @@ data class Article(
                 seller = User.fromEntity(entity.seller),
                 title = entity.title,
                 content = entity.content,
+                tag = entity.tag,
                 price = entity.price,
                 status = entity.status,
                 location = entity.location,
+                imagePresignedUrl = entity.imageUrls.map { imageUrlEntity -> imageUrlEntity.presigned }.ifEmpty { emptyList() },
                 createdAt = entity.createdAt,
                 likeCount = entity.articleLikes.size,
+                viewCount = entity.viewCount,
+                isLiked = false,
             )
         }
     }