From 88a9ec98efd07b65b73bc6202bda954a6ef5b3d9 Mon Sep 17 00:00:00 2001 From: Wonjun You <59856002+wonjunYou@users.noreply.github.com> Date: Sun, 22 Sep 2024 21:49:41 +0900 Subject: [PATCH] [release] v1.1.1 (#122) --- build.gradle | 4 +- .../common/config/SecurityConfig.java | 102 +++++++++--------- .../domain/club/entity/PhoneNumber.java | 4 +- src/main/resources/application-prod.yml | 17 +++ src/main/resources/application.yml | 5 + 5 files changed, 81 insertions(+), 51 deletions(-) diff --git a/build.gradle b/build.gradle index a92c05c2..25b7e9f6 100644 --- a/build.gradle +++ b/build.gradle @@ -58,9 +58,11 @@ dependencies { implementation 'org.springframework.boot:spring-boot-starter-security' implementation 'com.auth0:java-jwt:4.2.1' - // Sentry + // Monitoring implementation 'io.sentry:sentry-spring-boot-starter-jakarta:7.14.0' implementation 'io.sentry:sentry-logback:7.14.0' + implementation 'org.springframework.boot:spring-boot-starter-actuator' + implementation 'io.micrometer:micrometer-registry-prometheus' //test testImplementation 'org.springframework.boot:spring-boot-starter-test' diff --git a/src/main/java/ddingdong/ddingdongBE/common/config/SecurityConfig.java b/src/main/java/ddingdong/ddingdongBE/common/config/SecurityConfig.java index 991e4cbb..f8b0ad1a 100644 --- a/src/main/java/ddingdong/ddingdongBE/common/config/SecurityConfig.java +++ b/src/main/java/ddingdong/ddingdongBE/common/config/SecurityConfig.java @@ -6,6 +6,7 @@ import ddingdong.ddingdongBE.common.filter.JwtAuthenticationFilter; import ddingdong.ddingdongBE.common.handler.CustomAccessDeniedHandler; import ddingdong.ddingdongBE.common.handler.RestAuthenticationEntryPoint; +import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; @@ -25,58 +26,63 @@ public class SecurityConfig { private static final String API_PREFIX = "/server"; + @Value("security.actuator.base-path") + private String actuatorPath; + @Bean public SecurityFilterChain filterChain(HttpSecurity http, JwtAuthService authService, JwtConfig config) throws Exception { http - .authorizeHttpRequests(auth -> auth - .requestMatchers(API_PREFIX + "/auth/**", - API_PREFIX + "/events/**") - .permitAll() - .requestMatchers(API_PREFIX + "/admin/**").hasRole("ADMIN") - .requestMatchers(API_PREFIX + "/club/**").hasRole("CLUB") - .requestMatchers(GET, - API_PREFIX + "/clubs/**", - API_PREFIX + "/notices/**", - API_PREFIX + "/banners/**", - API_PREFIX + "/documents/**", - API_PREFIX + "/questions/**", - API_PREFIX + "/feeds/**") - .permitAll() - .requestMatchers("/v3/api-docs/**", "/swagger-ui/**", "/swagger-resources/**") - .permitAll() - .anyRequest() - .authenticated() - ) - .cors(cors -> cors - .configurationSource(corsConfigurationSource()) - ) - /* - csrf, headers, http-basic, rememberMe, formLogin 비활성화 - */ - .csrf(AbstractHttpConfigurer::disable) - .headers(AbstractHttpConfigurer::disable) - .httpBasic(AbstractHttpConfigurer::disable) - .rememberMe(AbstractHttpConfigurer::disable) - .formLogin(AbstractHttpConfigurer::disable) - .logout(AbstractHttpConfigurer::disable) - /* - Session 설정 - */ - .sessionManagement(session -> session - .sessionCreationPolicy(SessionCreationPolicy.STATELESS) - ) - /* - Jwt 필터 - */ - .addFilterBefore(authenticationFilter(authService, config), UsernamePasswordAuthenticationFilter.class) - /* - exceptionHandling - */ - .exceptionHandling(exceptions -> exceptions - .authenticationEntryPoint(restAuthenticationEntryPoint()) - .accessDeniedHandler(accessDeniedHandler()) - ); + .authorizeHttpRequests(auth -> auth + .requestMatchers(API_PREFIX + "/auth/**", + API_PREFIX + "/events/**") + .permitAll() + .requestMatchers(API_PREFIX + "/admin/**").hasRole("ADMIN") + .requestMatchers(API_PREFIX + "/club/**").hasRole("CLUB") + .requestMatchers(actuatorPath).hasRole("ADMIN") + .requestMatchers(GET, + API_PREFIX + "/clubs/**", + API_PREFIX + "/notices/**", + API_PREFIX + "/banners/**", + API_PREFIX + "/documents/**", + API_PREFIX + "/questions/**", + API_PREFIX + "/feeds/**") + .permitAll() + .requestMatchers("/v3/api-docs/**", "/swagger-ui/**", "/swagger-resources/**") + .permitAll() + .anyRequest() + .authenticated() + ) + .cors(cors -> cors + .configurationSource(corsConfigurationSource()) + ) + /* + csrf, headers, http-basic, rememberMe, formLogin 비활성화 + */ + .csrf(AbstractHttpConfigurer::disable) + .headers(AbstractHttpConfigurer::disable) + .httpBasic(AbstractHttpConfigurer::disable) + .rememberMe(AbstractHttpConfigurer::disable) + .formLogin(AbstractHttpConfigurer::disable) + .logout(AbstractHttpConfigurer::disable) + /* + Session 설정 + */ + .sessionManagement(session -> session + .sessionCreationPolicy(SessionCreationPolicy.STATELESS) + ) + /* + Jwt 필터 + */ + .addFilterBefore(authenticationFilter(authService, config), + UsernamePasswordAuthenticationFilter.class) + /* + exceptionHandling + */ + .exceptionHandling(exceptions -> exceptions + .authenticationEntryPoint(restAuthenticationEntryPoint()) + .accessDeniedHandler(accessDeniedHandler()) + ); return http.build(); } diff --git a/src/main/java/ddingdong/ddingdongBE/domain/club/entity/PhoneNumber.java b/src/main/java/ddingdong/ddingdongBE/domain/club/entity/PhoneNumber.java index 28b08707..3546616c 100644 --- a/src/main/java/ddingdong/ddingdongBE/domain/club/entity/PhoneNumber.java +++ b/src/main/java/ddingdong/ddingdongBE/domain/club/entity/PhoneNumber.java @@ -2,11 +2,11 @@ import static ddingdong.ddingdongBE.common.exception.ErrorMessage.ILLEGAL_CLUB_PHONE_NUMBER_PATTERN; -import java.util.Objects; import jakarta.persistence.Access; import jakarta.persistence.AccessType; import jakarta.persistence.Column; import jakarta.persistence.Embeddable; +import java.util.Objects; import lombok.AccessLevel; import lombok.Builder; import lombok.Getter; @@ -19,7 +19,7 @@ @Builder public class PhoneNumber { - private static final String PHONE_NUMBER_REGEX = "010-\\d{3,4}-\\d{4}"; + private static final String PHONE_NUMBER_REGEX = "\\d{2,3}-\\d{3,4}-\\d{4}"; @Column(name = "phone_number") private String number; diff --git a/src/main/resources/application-prod.yml b/src/main/resources/application-prod.yml index e4cddf3d..3184fcae 100644 --- a/src/main/resources/application-prod.yml +++ b/src/main/resources/application-prod.yml @@ -31,3 +31,20 @@ jwt: sentry: dsn: ${SENTRY_DSN} environment: prod + +server: + tomcat: + mbeanregistry: + enabled: true + +management: + endpoints: + web: + exposure: + include: info, health + base-path: ${ACTUATOR_BASE_PATH} + jmx: + exposure: + exclude: "*" + server: + port: 9090 diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml index 862df70b..e05dc71d 100644 --- a/src/main/resources/application.yml +++ b/src/main/resources/application.yml @@ -39,3 +39,8 @@ cloud: swagger: server: url: ${SERVER_URL:http://localhost:8080} + + +security: + actuator: + base-path: ${ACTUATOR_ALLOWANCE_SECURITY_PATH:/default}