refactor: testImplementation 와 다른 게 없어서 통합

* feat: 로그아웃 시 refreshToken 제거

* refactor: deleteRefreshToken 메서드 람다활용 문법으로 변경

.idea/Ticketing.iml

@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<module type="JAVA_MODULE" version="4">
+  <component name="NewModuleRootManager" inherit-compiler-output="true">
+    <exclude-output />
+    <content url="file://$MODULE_DIR$" />
+    <orderEntry type="inheritedJdk" />
+    <orderEntry type="sourceFolder" forTests="false" />
+  </component>
+</module>

.idea/modules.xml

@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="ProjectModuleManager">
+    <modules>
+      <module fileurl="file://$PROJECT_DIR$/.idea/Ticketing.iml" filepath="$PROJECT_DIR$/.idea/Ticketing.iml" />
+    </modules>
+  </component>
+</project>

.idea/runConfigurations.xml

@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="RunConfigurationProducerService">
+    <option name="ignoredProducers">
+      <set>
+        <option value="com.android.tools.idea.compose.preview.runconfiguration.ComposePreviewRunConfigurationProducer" />
+      </set>
+    </option>
+  </component>
+</project>

.idea/vcs.xml

@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="VcsDirectoryMappings">
+    <mapping directory="" vcs="Git" />
+  </component>
+</project>

.idea/workspace.xml

@@ -0,0 +1,33 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="ChangeListManager">
+    <list default="true" id="2a93e153-a90c-44db-b1da-6c4424693422" name="Changes" comment="" />
+    <option name="SHOW_DIALOG" value="false" />
+    <option name="HIGHLIGHT_CONFLICTS" value="true" />
+    <option name="HIGHLIGHT_NON_ACTIVE_CHANGELIST" value="false" />
+    <option name="LAST_RESOLUTION" value="IGNORE" />
+  </component>
+  <component name="Git.Settings">
+    <option name="RECENT_GIT_ROOT_PATH" value="$PROJECT_DIR$" />
+  </component>
+  <component name="ProjectId" id="29uM8tIDp7UqdPYE3auX216NPaN" />
+  <component name="ProjectViewState">
+    <option name="hideEmptyMiddlePackages" value="true" />
+    <option name="showLibraryContents" value="true" />
+  </component>
+  <component name="PropertiesComponent">
+    <property name="RunOnceActivity.OpenProjectViewOnStart" value="true" />
+    <property name="RunOnceActivity.ShowReadmeOnStart" value="true" />
+  </component>
+  <component name="SpellCheckerSettings" RuntimeDictionaries="0" Folders="0" CustomDictionaries="0" DefaultDictionary="application-level" UseSingleDictionary="true" transferred="true" />
+  <component name="TaskManager">
+    <task active="true" id="Default" summary="Default task">
+      <changelist id="2a93e153-a90c-44db-b1da-6c4424693422" name="Changes" comment="" />
+      <created>1653958362269</created>
+      <option name="number" value="Default" />
+      <option name="presentableId" value="Default" />
+      <updated>1653958362269</updated>
+    </task>
+    <servers />
+  </component>
+</project>

pull_request_template.md

@@ -1,4 +1,4 @@
-## 작업 내용
+## 작업 분류
 - [ ] 기능 추가
 - [ ] 코드 수정
 - [ ] 환경 설정
@@ -30,4 +30,3 @@
 - [ ] 구현 사항에 대한 테스트를 완료했습니다.
 - [ ] 의도한 내용 이외에 다른 코드에는 변경 사항이 없는지 확인했습니다.
 - [ ] 코드 스타일을 적용하여 팀 코딩 컨벤션에 맞게 작성했습니다.
-- [ ] 팀원 모두 구현 내용 및 코드에 대해 이해하고 있습니다.

server/.gitignore

@@ -200,4 +200,7 @@ gradle-app.setting
 # JDT-specific (Eclipse Java Development Tools)
 .classpath
 
+# log
+/logs
+
 # End of https://www.toptal.com/developers/gitignore/api/macos,windows,intellij+all,gradle,visualstudiocode

server/build.gradle.kts

@@ -1,7 +1,7 @@
 plugins {
 	java
-	id ("org.springframework.boot") version "2.6.7"
-	id ("io.spring.dependency-management") version "1.0.11.RELEASE"
+	id("org.springframework.boot") version "2.6.7"
+	id("io.spring.dependency-management") version "1.0.11.RELEASE"
 }
 
 group = "com.ticketing"
@@ -23,17 +23,22 @@ repositories {
 	mavenCentral()
 }
 
-
-
 dependencies {
-	implementation ("org.springframework.boot:spring-boot-starter-data-jpa")
-//	implementation ("org.springframework.boot:spring-boot-starter-security")
-	implementation ("org.springframework.boot:spring-boot-starter-validation")
-	implementation ("org.springframework.boot:spring-boot-starter-web")
+	implementation("org.springframework.boot:spring-boot-starter-data-jpa")
+	implementation("org.springframework.boot:spring-boot-starter-security")
+	implementation("org.springframework.boot:spring-boot-starter-validation")
+	implementation("org.springframework.boot:spring-boot-starter-web")
 	implementation("org.springframework.boot:spring-boot-starter-actuator")
-	implementation ("com.github.ulisesbocchio:jasypt-spring-boot-starter:3.0.4")
-	implementation ("org.springframework.boot:spring-boot-starter-log4j2")
-	implementation ("com.lmax:disruptor:3.4.2")
+	implementation("org.springframework.boot:spring-boot-starter-log4j2")
+	implementation("org.projectlombok:lombok:1.18.24")
+	implementation("io.springfox:springfox-boot-starter:3.0.0")
+	implementation("io.springfox:springfox-swagger-ui:3.0.0")
+	implementation("com.github.ulisesbocchio:jasypt-spring-boot-starter:3.0.4")
+	implementation("com.lmax:disruptor:3.4.4")
+	implementation("io.jsonwebtoken:jjwt-api:0.11.5")
+	implementation("com.googlecode.json-simple:json-simple:1.1.1")
+	implementation("org.springframework.boot:spring-boot-starter-data-redis")
+	implementation("com.google.code.findbugs:jsr305:3.0.2")
 
 	modules {
 		module("org.springframework.boot:spring-boot-starter-logging") {
@@ -41,14 +46,43 @@ dependencies {
 		}
 	}
 
-	compileOnly ("org.projectlombok:lombok")
-	runtimeOnly ("mysql:mysql-connector-java")
-	annotationProcessor ("org.projectlombok:lombok")
+	compileOnly("org.projectlombok:lombok")
+	runtimeOnly("mysql:mysql-connector-java")
+	runtimeOnly("io.jsonwebtoken:jjwt-impl:0.11.5")
+	runtimeOnly("io.jsonwebtoken:jjwt-jackson:0.11.5")
+	annotationProcessor("org.projectlombok:lombok")
+	annotationProcessor("org.springframework.boot:spring-boot-configuration-processor")
 
-	testImplementation ("org.springframework.boot:spring-boot-starter-test")
-	testImplementation ("org.springframework.security:spring-security-test")
+	testImplementation("org.junit.jupiter:junit-jupiter-api:5.8.1")
+	testImplementation("org.springframework.boot:spring-boot-starter-test")
+	testImplementation("org.springframework.security:spring-security-test")
 }
 
 tasks.withType<Test> {
 	useJUnitPlatform()
 }
+
+sourceSets {
+	create("intTest") {
+		compileClasspath += sourceSets.main.get().output
+		runtimeClasspath += sourceSets.main.get().output
+	}
+}
+
+val intTestImplementation by configurations.getting {
+	extendsFrom(configurations.implementation.get())
+}
+
+configurations["intTestRuntimeOnly"].extendsFrom(configurations.runtimeOnly.get())
+configurations["intTestImplementation"].extendsFrom(configurations.testImplementation.get())
+
+val integrationTest = task<Test>("integrationTest") {
+	description = "Runs integration tests."
+	group = "verification"
+
+	testClassesDirs = sourceSets["intTest"].output.classesDirs
+	classpath = sourceSets["intTest"].runtimeClasspath
+	shouldRunAfter("test")
+}
+
+tasks.check { dependsOn(integrationTest) }

server/src/intTest/java/com/ticketing/server/global/redis/RefreshRedisRepositoryTest.java

@@ -0,0 +1,75 @@
+package com.ticketing.server.global.redis;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.junit.jupiter.api.Assertions.assertAll;
+
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Test;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.context.SpringBootTest;
+
+@SpringBootTest
+class RefreshRedisRepositoryTest {
+
+	@Autowired
+	RefreshRedisRepository refreshRedisRepository;
+
+	@AfterEach
+	void tearDown() {
+		refreshRedisRepository.deleteAll();
+	}
+
+	@Test
+	@DisplayName("기본 등록 및 조회기능")
+	void saveAndFind() {
+		// given
+		RefreshToken refreshToken = new RefreshToken("ticketing@gmail.com", "refreshToken");
+
+		// when
+		refreshRedisRepository.save(refreshToken);
+
+		// then
+		RefreshToken findRefreshToken = refreshRedisRepository.findById(refreshToken.getId()).get();
+		assertAll(
+			() -> assertThat(findRefreshToken.getEmail()).isEqualTo("ticketing@gmail.com")
+			, () -> assertThat(findRefreshToken.getToken()).isEqualTo("refreshToken")
+		);
+	}
+
+	@Test
+	@DisplayName("기본 등록 및 이메일 조회")
+	void saveAndFindByEmail() {
+		// given
+		RefreshToken refreshToken = new RefreshToken("ticketing@gmail.com", "refreshToken");
+
+		// when
+		refreshRedisRepository.save(refreshToken);
+
+		// then
+		RefreshToken findRefreshToken = refreshRedisRepository.findByEmail(refreshToken.getEmail()).get();
+		assertAll(
+			() -> assertThat(findRefreshToken.getEmail()).isEqualTo("ticketing@gmail.com")
+			, () -> assertThat(findRefreshToken.getToken()).isEqualTo("refreshToken")
+		);
+	}
+
+	@Test
+	@DisplayName("기본 등록 및 수정기능")
+	void saveAndSave() {
+		// given
+		RefreshToken refreshToken = new RefreshToken("ticketing@gmail.com", "refreshToken");
+		refreshRedisRepository.save(refreshToken);
+		Long id = refreshToken.getId();
+
+		// when
+		RefreshToken savedRefreshToken = refreshRedisRepository.findById(id).get();
+		savedRefreshToken.changeToken("refreshToken2");
+		refreshRedisRepository.save(savedRefreshToken);
+
+		// then
+		RefreshToken lastSavedRefreshToken = refreshRedisRepository.findById(id).get();
+		assertThat(lastSavedRefreshToken.getToken()).isEqualTo("refreshToken2");
+	}
+
+}

server/src/intTest/java/com/ticketing/server/movie/domain/MovieTest.java

@@ -0,0 +1,5 @@
+package com.ticketing.server.movie.domain;
+
+public class MovieTest {
+
+}

server/src/intTest/java/com/ticketing/server/movie/domain/repository/MovieRepositoryTest.java

@@ -0,0 +1,63 @@
+package com.ticketing.server.movie.domain.repository;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
+import com.ticketing.server.movie.domain.Movie;
+import java.util.Optional;
+import javax.transaction.Transactional;
+import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.MethodOrderer;
+import org.junit.jupiter.api.Order;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.TestMethodOrder;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.test.annotation.Rollback;
+
+@SpringBootTest
+@Transactional
+@TestMethodOrder(MethodOrderer.OrderAnnotation.class)
+public class MovieRepositoryTest {
+
+    @Autowired
+    MovieRepository movieRepository;
+
+    @Order(1)
+    @Test
+    @Rollback(value = false)
+    @DisplayName("Movie Repository Test - saving movie")
+    void shouldAbleToSaveMovie() {
+        // given
+        Movie movie = new Movie("범죄도시 2", 106);
+
+        // when
+        Movie savedMovie = movieRepository.save(movie);
+
+        // then
+        assertEquals(movie.getTitle(), savedMovie.getTitle());
+    }
+
+    @Order(2)
+    @Test
+    @DisplayName("Movie Repository Test - finding movie with title")
+    void ShouldAbleToFindMovieWithTitle() {
+        // given, when
+        Optional<Movie> optionalMovie = movieRepository.findByTitle("범죄도시 2");
+
+        // then
+        assertTrue(optionalMovie.isPresent());
+    }
+
+    @Order(3)
+    @Test
+    @DisplayName("Movie Repository Test - finding movie that doesn't exist")
+    void ShouldNotAbleToFindMovie() {
+        // given, when
+        Optional<Movie> optionalMovie = movieRepository.findByTitle("존재하지 않는 영화");
+
+        // then
+        assertFalse(optionalMovie.isPresent());
+    }
+}

server/src/intTest/java/com/ticketing/server/movie/domain/repository/MovieTimesRepositoryTest.java

@@ -0,0 +1,5 @@
+package com.ticketing.server.movie.domain.repository;
+
+public class MovieTimesRepositoryTest {
+
+}

server/src/intTest/java/com/ticketing/server/movie/domain/repository/SeatRepositoryTest.java

@@ -0,0 +1,5 @@
+package com.ticketing.server.movie.domain.repository;
+
+public class SeatRepositoryTest {
+
+}

server/src/intTest/java/com/ticketing/server/movie/domain/repository/TheaterRepositoryTest.java

@@ -0,0 +1,32 @@
+package com.ticketing.server.movie.domain.repository;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+
+import com.ticketing.server.movie.domain.Theater;
+import javax.transaction.Transactional;
+import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Test;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.context.SpringBootTest;
+
+@SpringBootTest
+@Transactional
+public class TheaterRepositoryTest {
+
+    @Autowired
+    TheaterRepository theaterRepository;
+
+    @Test
+    @DisplayName("Theater Repository Test - saving theater")
+    void ShouldAbleToSaveTheater() {
+        // given
+        Theater theater = new Theater(1, 100);
+
+        // when
+        Theater savedTheater = theaterRepository.save(theater);
+
+        // then
+        assertEquals(theater.getTheaterNumber(), savedTheater.getTheaterNumber());
+    }
+
+}

server/src/intTest/java/com/ticketing/server/movie/domain/repository/TicketRepositoryTest.java

@@ -0,0 +1,5 @@
+package com.ticketing.server.movie.domain.repository;
+
+public class TicketRepositoryTest {
+
+}

server/src/intTest/java/com/ticketing/server/movie/service/TMDBServiceImplTest.java

@@ -0,0 +1,94 @@
+package com.ticketing.server.movie.service;
+
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
+import java.nio.charset.Charset;
+import java.nio.charset.StandardCharsets;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.Map;
+import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Test;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.http.HttpEntity;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpMethod;
+import org.springframework.http.MediaType;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.client.RestTemplate;
+
+@SpringBootTest
+public class TMDBServiceImplTest {
+
+    @Value("${tmdb.api-key}")
+    private String apiKey;
+
+    @Value("${tmdb.read-access-token}")
+    private String readAccessToken;
+
+    @Autowired
+    RestTemplate restTemplate;
+
+    @Test
+    @DisplayName("TMDB Service Test - Get [Now Playing] movies")
+    void shouldAbleToGetMovieList() throws Exception {
+        // given
+        assertNotNull(apiKey);
+        assertNotNull(readAccessToken);
+
+        ArrayList<Charset> acceptCharset = new ArrayList<>();
+        acceptCharset.add(StandardCharsets.UTF_8);
+
+        HttpHeaders headers = new HttpHeaders();
+        headers.setAcceptCharset(acceptCharset);
+        headers.setContentType(MediaType.APPLICATION_JSON);
+        headers.setBearerAuth(readAccessToken);
+
+        Map<String, String> params = new HashMap<>();
+        params.put("api_key", apiKey);
+        params.put("language", "ko");
+
+        HttpEntity<?> request = new HttpEntity<>(headers);
+
+        // when
+        ResponseEntity<?> response = restTemplate.exchange(
+            "https://api.themoviedb.org/3/movie/now_playing?" + mapToUrlParam(params),
+            HttpMethod.GET,
+            request,
+            String.class
+        );
+
+//        JSONParser parser  = new JSONParser();
+//        Object obj = parser.parse(String.valueOf(response));
+//        Object results = ((JSONObject) obj).get("results");
+//
+//        ArrayList<String> movieList = new ArrayList<>();
+//
+//        ArrayList<JSONObject> jsonMovieList = new ArrayList<>();
+
+        // then
+        assertTrue(response.getStatusCode().is2xxSuccessful());
+    }
+
+    private static String mapToUrlParam(Map<String, String> params) {
+        StringBuffer paramData = new StringBuffer();
+
+        for (Map.Entry<String, String> param : params.entrySet()) {
+            if (paramData.length() != 0) {
+                paramData.append('&');
+            }
+
+            paramData.append(param.getKey());
+            paramData.append('=');
+            paramData.append(param.getValue());
+        }
+
+        return paramData.toString();
+    }
+
+}
+
+

server/src/intTest/java/com/ticketing/server/user/application/AuthControllerTest.java

@@ -0,0 +1,108 @@
+package com.ticketing.server.user.application;
+
+import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity;
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
+import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
+
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.ticketing.server.global.redis.RefreshRedisRepository;
+import com.ticketing.server.user.application.request.LoginRequest;
+import com.ticketing.server.user.application.request.SignUpRequest;
+import com.ticketing.server.user.service.interfaces.UserService;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Test;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.http.MediaType;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.test.web.servlet.MockMvc;
+import org.springframework.test.web.servlet.ResultActions;
+import org.springframework.test.web.servlet.setup.MockMvcBuilders;
+import org.springframework.transaction.annotation.Transactional;
+import org.springframework.web.context.WebApplicationContext;
+
+@SpringBootTest
+@Transactional
+class AuthControllerTest {
+
+	private static final String LOGIN_URL = "/api/auth/token";
+	private static final String REGISTER_URL = "/api/users";
+	private static final String USER_EMAIL = "ticketing@gmail.com";
+
+	@Autowired
+	WebApplicationContext context;
+
+	@Autowired
+	UserService userService;
+
+	@Autowired
+	PasswordEncoder passwordEncoder;
+
+	@Autowired
+	ObjectMapper objectMapper;
+
+	@Autowired
+	RefreshRedisRepository refreshRedisRepository;
+
+	MockMvc mvc;
+
+	@Test
+	@DisplayName("로그인 인증 성공")
+	void loginSuccess() throws Exception {
+		// given
+		LoginRequest request = new LoginRequest(USER_EMAIL, "qwe123");
+
+		// when
+		ResultActions actions = mvc.perform(post(LOGIN_URL)
+			.content(asJsonString(request))
+			.contentType(MediaType.APPLICATION_JSON));
+
+		// then
+		actions.andDo(print())
+			.andExpect(status().isOk());
+	}
+
+	@Test
+	@DisplayName("로그인 패스워드 인증 실패")
+	void loginPasswordFail() throws Exception {
+		// given
+		LoginRequest request = new LoginRequest(USER_EMAIL, "qwe1234");
+
+		// when
+		ResultActions actions = mvc.perform(post(LOGIN_URL)
+			.content(asJsonString(request))
+			.contentType(MediaType.APPLICATION_JSON));
+
+		// then
+		actions.andDo(print())
+			.andExpect(status().isUnauthorized());
+	}
+
+	@BeforeEach
+	void init() throws Exception {
+		mvc = MockMvcBuilders
+			.webAppContextSetup(context)
+			.apply(springSecurity())
+			.build();
+
+		SignUpRequest signUpRequest = new SignUpRequest("ticketing", USER_EMAIL, "qwe123", "010-1234-5678");
+
+		mvc.perform(post(REGISTER_URL)
+			.content(asJsonString(signUpRequest))
+			.contentType(MediaType.APPLICATION_JSON));
+	}
+
+	@AfterEach
+	void tearDown() {
+		refreshRedisRepository.deleteAll();
+	}
+
+	private String asJsonString(Object object) throws JsonProcessingException {
+		return objectMapper.writeValueAsString(object);
+	}
+
+}

server/src/intTest/java/com/ticketing/server/user/application/UserControllerTest.java

@@ -0,0 +1,7 @@
+package com.ticketing.server.user.application;
+
+import static org.junit.jupiter.api.Assertions.*;
+
+class UserControllerTest {
+
+}

server/src/intTest/resources/application.yml

@@ -0,0 +1,37 @@
+spring:
+  datasource:
+    url: jdbc:mysql://localhost:3306/ticketing_test?serverTimezone=Asia/Seoul&characterEncoding=UTF-8
+    username: ENC(LowN1n4w0Ep/DqLD8+q5Bq6AXM4b8e3V)
+    password: ENC(OMvGcpZLpggFTiGNkqNe66Zq/SmJXF6o)
+    driver-class-name: com.mysql.cj.jdbc.Driver
+  redis:
+    host: localhost
+    port: 6379
+
+  jpa:
+    properties:
+      hibernate:
+        show_sql: true
+        format_sql: true
+    hibernate:
+      ddl-auto: create
+
+  mvc:
+    pathmatch:
+      matching-strategy: ant_path_matcher
+
+jasypt:
+  encryptor:
+    bean: jasyptStringEncryptor
+
+jwt:
+  access-header: Authorization
+  refresh-header: REFRESH_TOKEN
+  prefix: Bearer
+  secret-key: Zi1sYWItdGlja2V0aW5nLXByb2plY3Qtc3ByaW5nLWJvb3Qtc2VjdXJpdHktand0LXNlY3JldC1rZXktZi1sYWItdGlja2V0aW5nLXByb2plY3Qtc3ByaW5nLWJvb3Qtc2VjdXJpdHktand0LXNlY3JldC1rZXkK
+  access-token-validity-in-seconds: 60
+  refresh-token-validity-in-seconds: 259200
+
+tmdb:
+  api-key: 0d1503b6dcbfe1c514299b5564c649b8
+  read-access-token: eyJhbGciOiJIUzI1NiJ9.eyJhdWQiOiIwZDE1MDNiNmRjYmZlMWM1MTQyOTliNTU2NGM2NDliOCIsInN1YiI6IjYyOWYwODRlNzI2ZmIxMTA2NDA4MjI2NCIsInNjb3BlcyI6WyJhcGlfcmVhZCJdLCJ2ZXJzaW9uIjoxfQ.rs8KZea8QLyashILiggWFx2s46lgUtzo-xSWoDgE58A

server/src/main/java/com/ticketing/server/ServerApplication.java

@@ -1,11 +1,14 @@
 package com.ticketing.server;
 
+import com.ticketing.server.global.security.jwt.JwtProperties;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.data.jpa.repository.config.EnableJpaAuditing;
 
 @EnableJpaAuditing
 @SpringBootApplication
+@EnableConfigurationProperties(JwtProperties.class)
 public class ServerApplication {
 
 	public static void main(String[] args) {

server/src/main/java/com/ticketing/server/global/config/MessagesConfig.java

@@ -0,0 +1,28 @@
+package com.ticketing.server.global.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.support.ResourceBundleMessageSource;
+import org.springframework.validation.beanvalidation.LocalValidatorFactoryBean;
+
+@Configuration
+public class MessagesConfig {
+
+	@Bean
+	public ResourceBundleMessageSource messageSource() {
+		ResourceBundleMessageSource messageSource = new ResourceBundleMessageSource();
+		messageSource.setBasename("i18n/messages");
+		messageSource.setDefaultEncoding("UTF-8");
+
+		return messageSource;
+	}
+
+	@Bean
+	public LocalValidatorFactoryBean getValidator() {
+		LocalValidatorFactoryBean factoryBean = new LocalValidatorFactoryBean();
+		factoryBean.setValidationMessageSource(messageSource());
+
+		return factoryBean;
+	}
+
+}

server/src/main/java/com/ticketing/server/global/config/RestTemplateConfig.java

@@ -0,0 +1,25 @@
+package com.ticketing.server.global.config;
+
+import java.nio.charset.Charset;
+import java.time.Duration;
+import org.springframework.boot.web.client.RestTemplateBuilder;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.http.client.BufferingClientHttpRequestFactory;
+import org.springframework.http.client.SimpleClientHttpRequestFactory;
+import org.springframework.http.converter.StringHttpMessageConverter;
+import org.springframework.web.client.RestTemplate;
+
+@Configuration
+public class RestTemplateConfig {
+
+    @Bean
+    public RestTemplate restTemplate(RestTemplateBuilder restTemplateBuilder) {
+        return restTemplateBuilder
+            .requestFactory(() -> new BufferingClientHttpRequestFactory(new SimpleClientHttpRequestFactory()))
+            .setConnectTimeout(Duration.ofMillis(5000)) // connection-timeout
+            .setReadTimeout(Duration.ofMillis(5000)) // read-timeout
+            .additionalMessageConverters(new StringHttpMessageConverter(Charset.forName("UTF-8")))
+            .build();
+    }
+}

server/src/main/java/com/ticketing/server/global/config/SwaggerConfig.java

@@ -0,0 +1,89 @@
+package com.ticketing.server.global.config;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.List;
+import lombok.RequiredArgsConstructor;
+import org.springframework.boot.actuate.autoconfigure.endpoint.web.CorsEndpointProperties;
+import org.springframework.boot.actuate.autoconfigure.endpoint.web.WebEndpointProperties;
+import org.springframework.boot.actuate.autoconfigure.web.server.ManagementPortType;
+import org.springframework.boot.actuate.endpoint.ExposableEndpoint;
+import org.springframework.boot.actuate.endpoint.web.EndpointLinksResolver;
+import org.springframework.boot.actuate.endpoint.web.EndpointMapping;
+import org.springframework.boot.actuate.endpoint.web.EndpointMediaTypes;
+import org.springframework.boot.actuate.endpoint.web.ExposableWebEndpoint;
+import org.springframework.boot.actuate.endpoint.web.WebEndpointsSupplier;
+import org.springframework.boot.actuate.endpoint.web.annotation.ControllerEndpointsSupplier;
+import org.springframework.boot.actuate.endpoint.web.annotation.ServletEndpointsSupplier;
+import org.springframework.boot.actuate.endpoint.web.servlet.WebMvcEndpointHandlerMapping;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.core.env.Environment;
+import org.springframework.util.StringUtils;
+import springfox.documentation.builders.PathSelectors;
+import springfox.documentation.builders.RequestHandlerSelectors;
+import springfox.documentation.service.ApiKey;
+import springfox.documentation.service.AuthorizationScope;
+import springfox.documentation.service.SecurityReference;
+import springfox.documentation.spi.DocumentationType;
+import springfox.documentation.spi.service.contexts.SecurityContext;
+import springfox.documentation.spring.web.plugins.Docket;
+import springfox.documentation.swagger.web.UiConfiguration;
+import springfox.documentation.swagger.web.UiConfigurationBuilder;
+
+@Configuration
+@RequiredArgsConstructor
+public class SwaggerConfig {
+
+    @Bean
+    public Docket api() {
+        return new Docket(DocumentationType.OAS_30).useDefaultResponseMessages(false).select()
+            .apis(RequestHandlerSelectors.any()).paths(PathSelectors.ant("/api/**")).build()
+            .securityContexts(Arrays.asList(securityContext()))
+            .securitySchemes(Arrays.asList(apiKey()));
+    }
+
+    @Bean
+    public WebMvcEndpointHandlerMapping webEndpointServletHandlerMapping(WebEndpointsSupplier webEndpointsSupplier, ServletEndpointsSupplier servletEndpointsSupplier, ControllerEndpointsSupplier controllerEndpointsSupplier, EndpointMediaTypes endpointMediaTypes, CorsEndpointProperties corsProperties, WebEndpointProperties webEndpointProperties, Environment environment) {
+        List<ExposableEndpoint<?>> allEndpoints = new ArrayList<>();
+        Collection<ExposableWebEndpoint> webEndpoints = webEndpointsSupplier.getEndpoints();
+        allEndpoints.addAll(webEndpoints);
+        allEndpoints.addAll(servletEndpointsSupplier.getEndpoints());
+        allEndpoints.addAll(controllerEndpointsSupplier.getEndpoints());
+        String basePath = webEndpointProperties.getBasePath();
+        EndpointMapping endpointMapping = new EndpointMapping(basePath);
+        boolean shouldRegisterLinksMapping = this.shouldRegisterLinksMapping(webEndpointProperties, environment, basePath);
+        return new WebMvcEndpointHandlerMapping(endpointMapping, webEndpoints, endpointMediaTypes, corsProperties.toCorsConfiguration(), new EndpointLinksResolver(allEndpoints, basePath), shouldRegisterLinksMapping, null);
+    }
+
+    private boolean shouldRegisterLinksMapping(WebEndpointProperties webEndpointProperties, Environment environment, String basePath) {
+        return webEndpointProperties.getDiscovery().isEnabled() && (StringUtils.hasText(basePath) || ManagementPortType.get(environment).equals(ManagementPortType.DIFFERENT));
+    }
+
+    private ApiKey apiKey() {
+        return new ApiKey(SECURITY_SCHEMA_NAME, "Authorization", "header");
+    }
+
+    private SecurityContext securityContext() {
+        return SecurityContext.builder().securityReferences(defaultAuth()).build();
+    }
+
+    public static final String SECURITY_SCHEMA_NAME = "Authorization";
+    public static final String AUTHORIZATION_SCOPE_GLOBAL = "global";
+    public static final String AUTHORIZATION_SCOPE_GLOBAL_DESC = "accessEverything";
+
+    private List<SecurityReference> defaultAuth() {
+        AuthorizationScope authorizationScope = new AuthorizationScope(AUTHORIZATION_SCOPE_GLOBAL,
+            AUTHORIZATION_SCOPE_GLOBAL_DESC);
+        AuthorizationScope[] authorizationScopes = new AuthorizationScope[1];
+        authorizationScopes[0] = authorizationScope;
+        return Arrays.asList(new SecurityReference(SECURITY_SCHEMA_NAME, authorizationScopes));
+    }
+
+    @Bean
+    UiConfiguration uiConfig() {
+        return UiConfigurationBuilder.builder()
+            .build();
+    }
+}

server/src/main/java/com/ticketing/server/global/dto/repository/AbstractEntity.java

@@ -28,4 +28,6 @@ public abstract class AbstractEntity {
 	@LastModifiedDate
 	private LocalDateTime updatedAt;
 
+	private LocalDateTime deletedAt;
+
 }

server/src/main/java/com/ticketing/server/global/exception/ErrorCode.java

@@ -0,0 +1,31 @@
+package com.ticketing.server.global.exception;
+
+import static org.springframework.http.HttpStatus.BAD_REQUEST;
+import static org.springframework.http.HttpStatus.CONFLICT;
+import static org.springframework.http.HttpStatus.NOT_FOUND;
+
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import org.springframework.http.HttpStatus;
+
+@Getter
+@AllArgsConstructor
+public enum ErrorCode {
+
+	/* 400 BAD_REQUEST : 잘못된 요청 */
+	MISMATCH_PASSWORD(BAD_REQUEST, "비밀번호가 일치하지 않습니다."),
+	TOKEN_TYPE(BAD_REQUEST, "토큰 타입이 올바르지 않습니다."),
+	UNAVAILABLE_REFRESH_TOKEN(BAD_REQUEST, "사용할 수 없는 토큰 입니다."),
+
+	/* 404 NOT_FOUND : Resource 를 찾을 수 없음 */
+	EMAIL_NOT_FOUND(NOT_FOUND, "해당 이메일을 찾을 수 없습니다."),
+	REFRESH_TOKEN_NOT_FOUND(NOT_FOUND, "리프레쉬 토큰을 찾을 수 없습니다."),
+
+	/* 409 CONFLICT : Resource 의 현재 상태와 충돌. 보통 중복된 데이터 존재 */
+	DUPLICATE_EMAIL(CONFLICT, "이메일이 이미 존재합니다."),
+	DELETED_EMAIL(CONFLICT, "이미 삭제된 이메일 입니다.");
+
+	private final HttpStatus httpStatus;
+	private final String detail;
+
+}

server/src/main/java/com/ticketing/server/global/exception/ErrorResponse.java

@@ -0,0 +1,35 @@
+package com.ticketing.server.global.exception;
+
+import java.util.List;
+import lombok.EqualsAndHashCode;
+import lombok.Getter;
+import org.springframework.http.HttpStatus;
+
+@Getter
+@EqualsAndHashCode
+public class ErrorResponse {
+
+	private final HttpStatus status;
+	private final String message;
+	private final List<String> errors;
+
+	public ErrorResponse(HttpStatus status, String message, List<String> errors) {
+		this.status = status;
+		this.message = message;
+		this.errors = errors;
+	}
+
+	public ErrorResponse(HttpStatus status, String message, String error) {
+		this.status = status;
+		this.message = message;
+		this.errors = List.of(error);
+	}
+
+	public static ErrorResponse toErrorResponse(ErrorCode errorCode) {
+		return new ErrorResponse(
+			errorCode.getHttpStatus(),
+			errorCode.name(),
+			errorCode.getDetail());
+	}
+
+}

server/src/main/java/com/ticketing/server/global/exception/GlobalExceptionHandler.java

@@ -0,0 +1,246 @@
+package com.ticketing.server.global.exception;
+
+import static org.springframework.http.HttpStatus.BAD_REQUEST;
+import static org.springframework.http.HttpStatus.FORBIDDEN;
+import static org.springframework.http.HttpStatus.INTERNAL_SERVER_ERROR;
+import static org.springframework.http.HttpStatus.METHOD_NOT_ALLOWED;
+import static org.springframework.http.HttpStatus.NOT_FOUND;
+import static org.springframework.http.HttpStatus.UNAUTHORIZED;
+import static org.springframework.http.HttpStatus.UNSUPPORTED_MEDIA_TYPE;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Objects;
+import java.util.Set;
+import javax.validation.ConstraintViolation;
+import javax.validation.ConstraintViolationException;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.TypeMismatchException;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpMethod;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.security.access.AccessDeniedException;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.validation.BindException;
+import org.springframework.validation.FieldError;
+import org.springframework.validation.ObjectError;
+import org.springframework.web.HttpMediaTypeNotSupportedException;
+import org.springframework.web.HttpRequestMethodNotSupportedException;
+import org.springframework.web.bind.MethodArgumentNotValidException;
+import org.springframework.web.bind.MissingServletRequestParameterException;
+import org.springframework.web.bind.annotation.ExceptionHandler;
+import org.springframework.web.bind.annotation.RestControllerAdvice;
+import org.springframework.web.context.request.WebRequest;
+import org.springframework.web.method.annotation.MethodArgumentTypeMismatchException;
+import org.springframework.web.multipart.support.MissingServletRequestPartException;
+import org.springframework.web.servlet.NoHandlerFoundException;
+import org.springframework.web.servlet.mvc.method.annotation.ResponseEntityExceptionHandler;
+
+@Slf4j
+@RestControllerAdvice
+public class GlobalExceptionHandler extends ResponseEntityExceptionHandler {
+
+	/* 400 START */
+
+	/**
+	 * Valid 유효성 검사 실패
+	 */
+	@Override
+	protected ResponseEntity<Object> handleMethodArgumentNotValid(
+		MethodArgumentNotValidException ex, HttpHeaders headers, HttpStatus status, WebRequest request) {
+		log.error("MethodArgumentNotValidException :: ", ex);
+
+		List<String> errors = generateErrors(ex);
+		ErrorResponse response = new ErrorResponse(BAD_REQUEST, ex.getLocalizedMessage(), errors);
+		return handleExceptionInternal(ex, response, headers, response.getStatus(), request);
+	}
+
+	/***
+	 * ModelAttribute 으로 binding error 발생
+	 */
+	@Override
+	protected ResponseEntity<Object> handleBindException(
+		BindException ex, HttpHeaders headers, HttpStatus status, WebRequest request) {
+		log.error("BindException :: ", ex);
+
+		List<String> errors = generateErrors(ex);
+		ErrorResponse response = new ErrorResponse(BAD_REQUEST, ex.getLocalizedMessage(), errors);
+		return handleExceptionInternal(ex, response, headers, response.getStatus(), request);
+	}
+
+	/**
+	 * 잘못된 유형으로 Bean 속성 설정
+	 */
+	@Override
+	protected ResponseEntity<Object> handleTypeMismatch(
+		TypeMismatchException ex, HttpHeaders headers, HttpStatus status, WebRequest request) {
+		log.error("TypeMismatchException :: ", ex);
+
+		String error = ex.getValue() + " value for " + ex.getPropertyName() + " should be of type " + ex.getRequiredType();
+		ErrorResponse response = new ErrorResponse(BAD_REQUEST, ex.getLocalizedMessage(), error);
+		return ResponseEntity.status(response.getStatus()).headers(headers).body(response);
+	}
+
+	/**
+	 * multipart/form-data 요청 실패
+	 */
+	@Override
+	protected ResponseEntity<Object> handleMissingServletRequestPart(
+		MissingServletRequestPartException ex, HttpHeaders headers, HttpStatus status, WebRequest request) {
+		log.error("MissingServletRequestPartException :: ", ex);
+
+		String error = ex.getRequestPartName() + " part is missing";
+		ErrorResponse response = new ErrorResponse(BAD_REQUEST, ex.getLocalizedMessage(), error);
+		return ResponseEntity.status(response.getStatus()).headers(headers).body(response);
+	}
+
+	/**
+	 * 필수 인수 누락
+	 */
+	@Override
+	protected ResponseEntity<Object> handleMissingServletRequestParameter(
+		MissingServletRequestParameterException ex, HttpHeaders headers, HttpStatus status, WebRequest request) {
+		log.error("MissingServletRequestParameterException :: ", ex);
+
+		String error = ex.getParameterName() + " parameter is missing";
+		ErrorResponse response = new ErrorResponse(BAD_REQUEST, ex.getLocalizedMessage(), error);
+		return ResponseEntity.status(response.getStatus()).headers(headers).body(response);
+	}
+
+	/**
+	 * 인수가 예상한 형식이 아닐 시
+	 */
+	@ExceptionHandler(value = MethodArgumentTypeMismatchException.class)
+	protected ResponseEntity<Object> handleMethodArgumentTypeMismatch(MethodArgumentTypeMismatchException ex) {
+		log.error("MethodArgumentTypeMismatchException :: ", ex);
+
+		String error = ex.getName() + " should be of type " + Objects.requireNonNull(ex.getRequiredType()).getName();
+		ErrorResponse response = new ErrorResponse(BAD_REQUEST, ex.getLocalizedMessage(), error);
+		return ResponseEntity.status(response.getStatus()).headers(new HttpHeaders()).body(response);
+	}
+
+	/**
+	 * 제약 조건 위반
+	 */
+	@ExceptionHandler(value = ConstraintViolationException.class)
+	protected ResponseEntity<Object> handleConstraintViolation(ConstraintViolationException ex) {
+		log.error("ConstraintViolationException :: ", ex);
+
+		List<String> errors = new ArrayList<>();
+		for (ConstraintViolation<?> violation : ex.getConstraintViolations()) {
+			errors.add(violation.getRootBeanClass().getName() + " " + violation.getPropertyPath() + ": " + violation.getMessage());
+		}
+
+		ErrorResponse response = new ErrorResponse(BAD_REQUEST, ex.getLocalizedMessage(), errors);
+		return ResponseEntity.status(response.getStatus()).headers(new HttpHeaders()).body(response);
+	}
+
+	/* 400 END */
+
+	/**
+	 * 404 발생
+	 */
+	@Override
+	protected ResponseEntity<Object> handleNoHandlerFoundException(
+		NoHandlerFoundException ex, HttpHeaders headers, HttpStatus status, WebRequest request) {
+		log.error("NoHandlerFoundException :: ", ex);
+
+		String error = "No handler found for " + ex.getHttpMethod() + " " + ex.getRequestURL();
+		ErrorResponse response = new ErrorResponse(NOT_FOUND, ex.getLocalizedMessage(), error);
+		return ResponseEntity.status(response.getStatus()).headers(headers).body(response);
+	}
+
+	/**
+	 * 지원하지 않는 HTTP 메서드로 요청 405
+	 */
+	@Override
+	protected ResponseEntity<Object> handleHttpRequestMethodNotSupported(
+		HttpRequestMethodNotSupportedException ex, HttpHeaders headers, HttpStatus status, WebRequest request) {
+		log.error("HttpRequestMethodNotSupportedException :: ", ex);
+
+		StringBuilder builder = new StringBuilder();
+		builder.append(ex.getMethod());
+		builder.append(" method is not supported for this request. Supported methods are ");
+
+		Set<HttpMethod> supportedHttpMethods = ex.getSupportedHttpMethods();
+		if (supportedHttpMethods != null) {
+			supportedHttpMethods.forEach(t -> builder.append(t).append(" "));
+		}
+
+		ErrorResponse response = new ErrorResponse(METHOD_NOT_ALLOWED, ex.getLocalizedMessage(), builder.toString());
+		return ResponseEntity.status(response.getStatus()).headers(new HttpHeaders()).body(response);
+	}
+
+	/**
+	 * 지원되지 않는 미디어 유형으로 요청 415
+	 */
+	@Override
+	protected ResponseEntity<Object> handleHttpMediaTypeNotSupported(
+		HttpMediaTypeNotSupportedException ex, HttpHeaders headers, HttpStatus status, WebRequest request) {
+		log.error("HttpMediaTypeNotSupportedException :: ", ex);
+
+		StringBuilder builder = new StringBuilder();
+		builder.append(ex.getContentType());
+		builder.append(" media type is not supported. Supported media types are ");
+		ex.getSupportedMediaTypes().forEach(t -> builder.append(t).append(" "));
+
+		ErrorResponse response = new ErrorResponse(UNSUPPORTED_MEDIA_TYPE, ex.getLocalizedMessage(), builder.substring(0, builder.length() - 2));
+		return ResponseEntity.status(response.getStatus()).headers(new HttpHeaders()).body(response);
+	}
+
+	/**
+	 * 특정 핸들러 없는 모든 예외 500
+	 */
+	@ExceptionHandler(value = Exception.class)
+	protected ResponseEntity<Object> handleAll(Exception ex) {
+		log.error("Exception :: ", ex);
+
+		ErrorResponse response = new ErrorResponse(INTERNAL_SERVER_ERROR, ex.getLocalizedMessage(), "오류가 발생했습니다.");
+		return ResponseEntity.status(response.getStatus()).headers(new HttpHeaders()).body(response);
+	}
+
+	/**
+	 * 접근 권한이 없을 때
+	 */
+	@ExceptionHandler(value = AccessDeniedException.class)
+	protected ResponseEntity<ErrorResponse> handleAccessDeniedException(Exception ex) {
+		log.error("AccessDeniedException :: ", ex);
+
+		ErrorResponse response = new ErrorResponse(FORBIDDEN, ex.getLocalizedMessage(), "접근 권한이 없습니다.");
+		return ResponseEntity.status(response.getStatus()).headers(new HttpHeaders()).body(response);
+	}
+
+	/**
+	 * 인증 정보가 없을 때
+	 */
+	@ExceptionHandler(value = AuthenticationException.class)
+	protected ResponseEntity<ErrorResponse> handleAuthenticationException(Exception ex) {
+		log.error("AuthenticationException :: ", ex);
+
+		ErrorResponse response = new ErrorResponse(UNAUTHORIZED, ex.getLocalizedMessage(), "로그인 후 이용하실 수 있습니다.");
+		return ResponseEntity.status(response.getStatus()).headers(new HttpHeaders()).body(response);
+	}
+
+	/**
+	 * 커스텀 예외 발생 시
+	 */
+	@ExceptionHandler(value = TicketingException.class)
+	protected ResponseEntity<ErrorResponse> ticketingException(TicketingException ex) {
+		log.error("TicketingException :: ", ex);
+
+		ErrorCode errorCode = ex.getErrorCode();
+		return ResponseEntity.status(errorCode.getHttpStatus()).body(ErrorResponse.toErrorResponse(errorCode));
+	}
+
+	private List<String> generateErrors(BindException ex) {
+		List<String> errors = new ArrayList<>();
+		List<ObjectError> allErrors = ex.getBindingResult().getAllErrors();
+
+		for (ObjectError error : allErrors) {
+			errors.add(((FieldError) error).getField() + ": " + error.getDefaultMessage());
+		}
+		return errors;
+	}
+
+}

server/src/main/java/com/ticketing/server/global/exception/TicketingException.java

@@ -0,0 +1,12 @@
+package com.ticketing.server.global.exception;
+
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+
+@Getter
+@AllArgsConstructor
+public class TicketingException extends RuntimeException {
+
+	private final ErrorCode errorCode;
+
+}

server/src/main/java/com/ticketing/server/global/factory/YamlPropertySourceFactory.java

@@ -0,0 +1,27 @@
+package com.ticketing.server.global.factory;
+
+import java.util.Objects;
+import java.util.Properties;
+import org.springframework.beans.factory.config.YamlPropertiesFactoryBean;
+import org.springframework.core.env.PropertiesPropertySource;
+import org.springframework.core.env.PropertySource;
+import org.springframework.core.io.support.EncodedResource;
+import org.springframework.core.io.support.PropertySourceFactory;
+import org.springframework.lang.Nullable;
+import org.springframework.util.StringUtils;
+
+public class YamlPropertySourceFactory implements PropertySourceFactory {
+
+	@Override
+	public PropertySource<?> createPropertySource(@Nullable String name, EncodedResource resource) {
+		Properties yamlProperties = loadYamlProperties(resource);
+		String sourceName = StringUtils.hasText(name) ? name : resource.getResource().getFilename();
+		return new PropertiesPropertySource(Objects.requireNonNull(sourceName), Objects.requireNonNull(yamlProperties));
+	}
+
+	private Properties loadYamlProperties(EncodedResource resource) {
+		YamlPropertiesFactoryBean factory = new YamlPropertiesFactoryBean();
+		factory.setResources(resource.getResource());
+		return factory.getObject();
+	}
+}

server/src/main/java/com/ticketing/server/global/redis/RedisConfig.java

@@ -0,0 +1,44 @@
+package com.ticketing.server.global.redis;
+
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.data.redis.connection.RedisConnectionFactory;
+import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
+import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.data.redis.repository.configuration.EnableRedisRepositories;
+import org.springframework.data.redis.serializer.StringRedisSerializer;
+import org.springframework.orm.jpa.JpaTransactionManager;
+import org.springframework.transaction.PlatformTransactionManager;
+
+@Configuration
+@EnableRedisRepositories
+public class RedisConfig {
+
+	@Value("${spring.redis.host}")
+	private String host;
+
+	@Value("${spring.redis.port}")
+	private int port;
+
+	@Bean
+	public RedisConnectionFactory redisConnectionFactory() {
+		return new LettuceConnectionFactory(host, port);
+	}
+
+	@Bean
+	public RedisTemplate<String, Object> redisTemplate() {
+		RedisTemplate<String, Object> redisTemplate = new RedisTemplate<>();
+		redisTemplate.setConnectionFactory(redisConnectionFactory());
+		redisTemplate.setKeySerializer(new StringRedisSerializer());
+		redisTemplate.setValueSerializer(new StringRedisSerializer());
+
+		return redisTemplate;
+	}
+
+	@Bean
+	public PlatformTransactionManager transactionManager() {
+		return new JpaTransactionManager();
+	}
+
+}

server/src/main/java/com/ticketing/server/global/redis/RefreshRedisRepository.java

@@ -0,0 +1,10 @@
+package com.ticketing.server.global.redis;
+
+import java.util.Optional;
+import org.springframework.data.repository.CrudRepository;
+
+public interface RefreshRedisRepository extends CrudRepository<RefreshToken, Long> {
+
+	Optional<RefreshToken> findByEmail(String email);
+
+}

server/src/main/java/com/ticketing/server/global/redis/RefreshToken.java

@@ -0,0 +1,35 @@
+package com.ticketing.server.global.redis;
+
+import javax.persistence.Column;
+import javax.persistence.GeneratedValue;
+import javax.persistence.Id;
+import lombok.AccessLevel;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import org.springframework.data.redis.core.RedisHash;
+import org.springframework.data.redis.core.index.Indexed;
+
+@Getter
+@RedisHash("RefreshToken")
+@NoArgsConstructor(access = AccessLevel.PROTECTED)
+public class RefreshToken {
+
+	@Id
+	@GeneratedValue
+	@Column(name = "refresh_token_id")
+	private Long id;
+
+	@Indexed
+	private String email;
+	private String token;
+
+	public RefreshToken(String email, String token) {
+		this.email = email;
+		this.token = token;
+	}
+
+	public void changeToken(String token) {
+		this.token = token;
+	}
+
+}

server/src/main/java/com/ticketing/server/global/security/RoleConfig.java

@@ -0,0 +1,56 @@
+package com.ticketing.server.global.security;
+
+import com.ticketing.server.user.domain.UserGrade;
+import java.util.ArrayList;
+import java.util.List;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.access.AccessDecisionManager;
+import org.springframework.security.access.AccessDecisionVoter;
+import org.springframework.security.access.annotation.Jsr250Voter;
+import org.springframework.security.access.expression.method.ExpressionBasedPreInvocationAdvice;
+import org.springframework.security.access.hierarchicalroles.RoleHierarchy;
+import org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl;
+import org.springframework.security.access.prepost.PreInvocationAuthorizationAdviceVoter;
+import org.springframework.security.access.vote.AffirmativeBased;
+import org.springframework.security.access.vote.AuthenticatedVoter;
+import org.springframework.security.access.vote.RoleHierarchyVoter;
+import org.springframework.security.access.vote.RoleVoter;
+import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
+import org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration;
+
+@EnableGlobalMethodSecurity(
+	securedEnabled = true,
+	jsr250Enabled = true,
+	prePostEnabled = true
+)
+@Configuration
+public class RoleConfig extends GlobalMethodSecurityConfiguration {
+
+	@Override
+	protected AccessDecisionManager accessDecisionManager() {
+		List<AccessDecisionVoter<?>> decisionVoters = new ArrayList<>();
+		ExpressionBasedPreInvocationAdvice expressionAdvice = new ExpressionBasedPreInvocationAdvice();
+		expressionAdvice.setExpressionHandler(getExpressionHandler());
+		decisionVoters.add(new PreInvocationAuthorizationAdviceVoter(expressionAdvice));
+		decisionVoters.add(new Jsr250Voter());
+
+		decisionVoters.add(new RoleVoter());
+		decisionVoters.add(roleHierarchyVoter());
+		decisionVoters.add(new AuthenticatedVoter());
+		return new AffirmativeBased(decisionVoters);
+	}
+
+	@Bean
+	public RoleHierarchyVoter roleHierarchyVoter() {
+		return new RoleHierarchyVoter(roleHierarchy());
+	}
+
+	@Bean
+	public RoleHierarchy roleHierarchy() {
+		RoleHierarchyImpl roleHierarchy = new RoleHierarchyImpl();
+		roleHierarchy.setHierarchy(UserGrade.getRoleHierarchy());
+		return roleHierarchy;
+	}
+
+}

server/src/main/java/com/ticketing/server/global/security/SecurityUtil.java

@@ -0,0 +1,21 @@
+package com.ticketing.server.global.security;
+
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+
+public class SecurityUtil {
+
+	private SecurityUtil() {
+	}
+
+	public static String getCurrentUserEmail() {
+		final Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+
+		if (authentication == null || authentication.getName() == null) {
+			throw new IllegalStateException("Security Context 에 인증 정보가 없습니다.");
+		}
+
+		return authentication.getName();
+	}
+
+}

server/src/main/java/com/ticketing/server/global/security/WebSecurityConfig.java

@@ -0,0 +1,65 @@
+package com.ticketing.server.global.security;
+
+import com.ticketing.server.global.security.jwt.JwtFilter;
+import com.ticketing.server.global.security.jwt.JwtSecurityConfig;
+import com.ticketing.server.global.security.jwt.handle.JwtAccessDeniedHandler;
+import com.ticketing.server.global.security.jwt.handle.JwtAuthenticationEntryPoint;
+import lombok.RequiredArgsConstructor;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpMethod;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.crypto.factory.PasswordEncoderFactories;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+@Configuration
+@EnableWebSecurity
+@RequiredArgsConstructor
+public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
+
+	private final JwtFilter jwtFilter;
+	private final JwtAuthenticationEntryPoint jwtAuthenticationEntryPoint;
+	private final JwtAccessDeniedHandler jwtAccessDeniedHandler;
+
+	@Bean
+	public PasswordEncoder passwordEncoder() {
+		return PasswordEncoderFactories.createDelegatingPasswordEncoder();
+	}
+
+	@Override
+	protected void configure(HttpSecurity http) throws Exception {
+
+		http
+			.csrf().disable()
+			.exceptionHandling()
+			.authenticationEntryPoint(jwtAuthenticationEntryPoint)
+			.accessDeniedHandler(jwtAccessDeniedHandler)
+
+			.and()
+			.headers()
+			.frameOptions()
+			.sameOrigin()
+
+			// 시큐리티는 기본적으로 세션을 사용하지만, jwt 을 위해 세션을 Stateless 로 설정
+			.and()
+			.sessionManagement()
+			.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
+
+			.and()
+			.authorizeRequests()
+			.antMatchers(HttpMethod.POST, "/api/auth/token").permitAll()
+			.antMatchers(HttpMethod.POST, "/api/auth/refresh").permitAll()
+			.antMatchers(HttpMethod.POST, "/api/users").permitAll()
+			.antMatchers("/api/movies/**").permitAll()
+			.antMatchers("/l7check").permitAll()
+			.antMatchers("/actuator/**").permitAll()
+			.antMatchers("/api/v3/", "/swagger-ui/**", "/swagger/", "/swagger-resources/**", "/v3/api-docs").permitAll()
+			.anyRequest().authenticated()
+			.and()
+			.apply(new JwtSecurityConfig(jwtFilter));
+	}
+
+}

server/src/main/java/com/ticketing/server/global/security/jwt/JwtFilter.java

@@ -0,0 +1,48 @@
+package com.ticketing.server.global.security.jwt;
+
+import java.io.IOException;
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.util.StringUtils;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+@Slf4j
+@Configuration
+public class JwtFilter extends OncePerRequestFilter {
+
+	private final JwtProvider tokenProvider;
+	private final JwtProperties jwtProperties;
+
+	public JwtFilter(JwtProperties jwtProperties, JwtProvider tokenProvider) {
+		this.jwtProperties = jwtProperties;
+		this.tokenProvider = tokenProvider;
+	}
+
+	@Override
+	public void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException {
+		String jwt = resolveToken(request);
+
+		// 토큰이 정상이면 Authentication 을 가져와서 SecurityContext 에 저장
+		if (StringUtils.hasText(jwt) && tokenProvider.validateToken(jwt)) {
+			Authentication authentication = tokenProvider.getAuthentication(jwt);
+			SecurityContextHolder.getContext().setAuthentication(authentication);
+		}
+
+		chain.doFilter(request, response);
+	}
+
+	private String resolveToken(HttpServletRequest request) {
+		String bearerToken = request.getHeader(jwtProperties.getAccessHeader());
+		if (StringUtils.hasText(bearerToken) && jwtProperties.hasTokenStartsWith(bearerToken)) {
+			return bearerToken.substring(7);
+		}
+		return null;
+	}
+
+}

server/src/main/java/com/ticketing/server/global/security/jwt/JwtProperties.java

@@ -0,0 +1,27 @@
+package com.ticketing.server.global.security.jwt;
+
+import com.ticketing.server.global.factory.YamlPropertySourceFactory;
+import lombok.Getter;
+import lombok.RequiredArgsConstructor;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.boot.context.properties.ConstructorBinding;
+import org.springframework.context.annotation.PropertySource;
+
+@Getter
+@RequiredArgsConstructor
+@ConstructorBinding
+@ConfigurationProperties(value = "jwt")
+@PropertySource(value = "classpath:application.yml", factory = YamlPropertySourceFactory.class)
+public class JwtProperties {
+
+	private final String accessHeader;
+	private final String refreshHeader;
+	private final String prefix;
+	private final String secretKey;
+	private final Integer accessTokenValidityInSeconds;
+	private final Integer refreshTokenValidityInSeconds;
+
+	public boolean hasTokenStartsWith(String token) {
+		return token.startsWith(prefix);
+	}
+}

server/src/main/java/com/ticketing/server/global/security/jwt/JwtProvider.java

@@ -0,0 +1,123 @@
+package com.ticketing.server.global.security.jwt;
+
+import com.ticketing.server.user.application.response.TokenDto;
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.SignatureAlgorithm;
+import io.jsonwebtoken.io.Decoders;
+import io.jsonwebtoken.security.Keys;
+import java.security.Key;
+import java.util.Arrays;
+import java.util.Date;
+import java.util.List;
+import java.util.StringJoiner;
+import java.util.stream.Collectors;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.stereotype.Component;
+
+@Component
+@Slf4j
+public class JwtProvider {
+
+	private static final String AUTHORITIES_KEY = "auth";
+	private static final String AUTHORITIES_DELIMITER = ",";
+
+	private final Key key;
+	private final String prefix;
+	private final long accessTokenValidityInMilliseconds;
+	private final long refreshTokenValidityInMilliseconds;
+
+	public JwtProvider(JwtProperties jwtProperties) {
+		byte[] keyBytes = Decoders.BASE64.decode(jwtProperties.getSecretKey());
+		this.key = Keys.hmacShaKeyFor(keyBytes);
+
+		this.prefix = jwtProperties.getPrefix();
+		this.accessTokenValidityInMilliseconds = jwtProperties.getAccessTokenValidityInSeconds() * 1000L;
+		this.refreshTokenValidityInMilliseconds = jwtProperties.getRefreshTokenValidityInSeconds() * 1000L;
+	}
+
+	public TokenDto generateTokenDto(Authentication authentication) {
+		String accessToken = createAccessToken(authentication);
+		String refreshToken = createRefreshToken(authentication);
+		long expiresIn = accessTokenValidityInMilliseconds / 1000L;
+
+		return TokenDto.of(accessToken, refreshToken, prefix, expiresIn);
+	}
+
+	private String createAccessToken(Authentication authentication) {
+		// 만료시간 계산
+		long now = (new Date()).getTime();
+		Date accessTokenExpiresIn = new Date(now + this.accessTokenValidityInMilliseconds);
+
+		return createToken(authentication, accessTokenExpiresIn);
+	}
+
+	private String createRefreshToken(Authentication authentication) {
+		// 만료시간 계산
+		long now = (new Date()).getTime();
+		Date refreshTokenExpiresIn = new Date(now + this.refreshTokenValidityInMilliseconds);
+
+		return createToken(authentication, refreshTokenExpiresIn);
+	}
+
+	private String createToken(Authentication authentication, Date expiration) {
+		// 권한 정보 가져오기
+		String authorities = generateStringToAuthorities(authentication);
+
+		// JWT 생성
+		return Jwts.builder()
+			.setSubject(authentication.getName()) // email
+			.claim(AUTHORITIES_KEY, authorities) // payload
+			.setExpiration(expiration) // 만료일
+			.signWith(key, SignatureAlgorithm.HS512) // 서명 키 값
+			.compact();
+	}
+
+	private String generateStringToAuthorities(Authentication authentication) {
+		StringJoiner authorities = new StringJoiner(AUTHORITIES_DELIMITER);
+		for (GrantedAuthority grantedAuthority : authentication.getAuthorities()) {
+			String roleName = makeRoleName(grantedAuthority.getAuthority());
+			authorities.add(roleName);
+		}
+		return authorities.toString();
+	}
+
+	private String makeRoleName(String role) {
+		return "ROLE_" + role.toUpperCase();
+	}
+
+	public Authentication getAuthentication(String token) {
+		// 토큰 복호화
+		Claims claims = parseClaims(token);
+
+		// 권한조회
+		List<SimpleGrantedAuthority> authorities =
+			Arrays.stream(claims.get(AUTHORITIES_KEY).toString().split(AUTHORITIES_DELIMITER))
+				.map(SimpleGrantedAuthority::new)
+				.collect(Collectors.toList());
+
+		UserDetails principal = new User(claims.getSubject(), "", authorities);
+		return new UsernamePasswordAuthenticationToken(principal, token, authorities);
+	}
+
+	public boolean validateToken(String token) {
+		parseClaims(token);
+		return true;
+	}
+
+	private Claims parseClaims(String token) {
+		return Jwts.parserBuilder()
+			.setSigningKey(key)
+			.build()
+			.parseClaimsJws(token)
+			.getBody();
+	}
+
+}
+

server/src/main/java/com/ticketing/server/global/security/jwt/JwtSecurityConfig.java

@@ -0,0 +1,18 @@
+package com.ticketing.server.global.security.jwt;
+
+import lombok.RequiredArgsConstructor;
+import org.springframework.security.config.annotation.SecurityConfigurerAdapter;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.web.DefaultSecurityFilterChain;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+
+@RequiredArgsConstructor
+public class JwtSecurityConfig extends SecurityConfigurerAdapter<DefaultSecurityFilterChain, HttpSecurity> {
+
+	private final JwtFilter jwtFilter;
+
+	@Override
+	public void configure(HttpSecurity builder) {
+		builder.addFilterBefore(jwtFilter, UsernamePasswordAuthenticationFilter.class);
+	}
+}

server/src/main/java/com/ticketing/server/global/security/jwt/handle/JwtAccessDeniedHandler.java

@@ -0,0 +1,26 @@
+package com.ticketing.server.global.security.jwt.handle;
+
+import java.io.IOException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.security.access.AccessDeniedException;
+import org.springframework.security.web.access.AccessDeniedHandler;
+import org.springframework.stereotype.Component;
+import org.springframework.web.servlet.HandlerExceptionResolver;
+
+@Component("JwtAccessDeniedHandler")
+public class JwtAccessDeniedHandler implements AccessDeniedHandler {
+
+	private final HandlerExceptionResolver resolver;
+
+	public JwtAccessDeniedHandler(@Qualifier("handlerExceptionResolver") HandlerExceptionResolver resolver) {
+		this.resolver = resolver;
+	}
+
+	@Override
+	public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException {
+		response.sendError(HttpServletResponse.SC_FORBIDDEN);
+		resolver.resolveException(request, response, null, accessDeniedException);
+	}
+}

server/src/main/java/com/ticketing/server/global/security/jwt/handle/JwtAuthenticationEntryPoint.java

@@ -0,0 +1,26 @@
+package com.ticketing.server.global.security.jwt.handle;
+
+import java.io.IOException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.web.AuthenticationEntryPoint;
+import org.springframework.stereotype.Component;
+import org.springframework.web.servlet.HandlerExceptionResolver;
+
+@Component("JwtAuthenticationEntryPoint")
+public class JwtAuthenticationEntryPoint implements AuthenticationEntryPoint {
+
+	private final HandlerExceptionResolver resolver;
+
+	public JwtAuthenticationEntryPoint(@Qualifier("handlerExceptionResolver") HandlerExceptionResolver resolver) {
+		this.resolver = resolver;
+	}
+
+	@Override
+	public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException {
+		resolver.resolveException(request, response, null, authException);
+	}
+}

server/src/main/java/com/ticketing/server/global/validator/constraints/FieldsValueNotMatch.java

@@ -0,0 +1,28 @@
+package com.ticketing.server.global.validator.constraints;
+
+import com.ticketing.server.global.validator.constraintvalidators.FieldsValueNotMatchValidator;
+import java.lang.annotation.Documented;
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+import javax.validation.Constraint;
+import javax.validation.Payload;
+
+@Constraint(validatedBy = FieldsValueNotMatchValidator.class)
+@Target(ElementType.TYPE)
+@Retention(RetentionPolicy.RUNTIME)
+@Documented
+public @interface FieldsValueNotMatch {
+
+	String message();
+
+	String field();
+
+	String fieldMatch();
+
+	Class<?>[] groups() default {};
+
+	Class<? extends Payload>[] payload() default {};
+
+}

server/src/main/java/com/ticketing/server/global/validator/constraints/Phone.java

@@ -0,0 +1,24 @@
+package com.ticketing.server.global.validator.constraints;
+
+import com.ticketing.server.global.validator.constraintvalidators.PhoneValidator;
+import java.lang.annotation.Documented;
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+import javax.validation.Constraint;
+import javax.validation.Payload;
+
+@Target(ElementType.FIELD)
+@Retention(RetentionPolicy.RUNTIME)
+@Constraint(validatedBy = {PhoneValidator.class})
+@Documented
+public @interface Phone {
+
+	String message() default "{validation.phone}";
+
+	Class<?>[] groups() default {};
+
+	Class<? extends Payload>[] payload() default {};
+
+}

server/src/main/java/com/ticketing/server/global/validator/constraintvalidators/FieldsValueNotMatchValidator.java

@@ -0,0 +1,29 @@
+package com.ticketing.server.global.validator.constraintvalidators;
+
+import com.ticketing.server.global.validator.constraints.FieldsValueNotMatch;
+import javax.validation.ConstraintValidator;
+import javax.validation.ConstraintValidatorContext;
+import org.springframework.beans.BeanWrapperImpl;
+
+public class FieldsValueNotMatchValidator implements ConstraintValidator<FieldsValueNotMatch, Object> {
+
+	private String field;
+	private String fieldMatch;
+
+	public void initialize(FieldsValueNotMatch constraintAnnotation) {
+		this.field = constraintAnnotation.field();
+		this.fieldMatch = constraintAnnotation.fieldMatch();
+	}
+
+	@Override
+	public boolean isValid(Object value, ConstraintValidatorContext context) {
+		Object fieldValue = new BeanWrapperImpl(value).getPropertyValue(field);
+		Object fieldMatchValue = new BeanWrapperImpl(value).getPropertyValue(fieldMatch);
+
+		if (fieldValue != null) {
+			return !fieldValue.equals(fieldMatchValue);
+		} else {
+			return fieldMatchValue != null;
+		}
+	}
+}

server/src/main/java/com/ticketing/server/global/validator/constraintvalidators/PhoneValidator.java

@@ -0,0 +1,21 @@
+package com.ticketing.server.global.validator.constraintvalidators;
+
+import com.ticketing.server.global.validator.constraints.Phone;
+import java.util.regex.Pattern;
+import javax.validation.ConstraintValidator;
+import javax.validation.ConstraintValidatorContext;
+
+public class PhoneValidator implements ConstraintValidator<Phone, String> {
+
+	private static final String PATTERN = "\\d{3}-\\d{4}-\\d{4}";
+
+	@Override
+	public boolean isValid(String value, ConstraintValidatorContext context) {
+		if (value == null || value.isEmpty()) {
+			return true;
+		}
+
+		return Pattern.matches(PATTERN, value);
+	}
+
+}

server/src/main/java/com/ticketing/server/movie/application/MovieController.java

@@ -1,8 +1,30 @@
 package com.ticketing.server.movie.application;
 
+import com.ticketing.server.movie.application.response.MovieListResponse;
+import com.ticketing.server.movie.service.interfaces.MovieService;
+import io.swagger.annotations.Api;
+import io.swagger.annotations.ApiOperation;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
 @RestController
+@RequestMapping("/api/movies")
+@Api(value = "Movie API", tags = {"Movie"})
+@RequiredArgsConstructor
+@Slf4j
 public class MovieController {
 
+    private final MovieService movieService;
+
+    @GetMapping()
+    @ApiOperation(value = "영화 목록 조회")
+    public ResponseEntity<MovieListResponse> getMovies() {
+        return ResponseEntity.status(HttpStatus.OK).body(MovieListResponse.from(movieService.getMovies()));
+    }
+
 }

server/src/main/java/com/ticketing/server/movie/application/response/MovieListResponse.java

@@ -0,0 +1,23 @@
+package com.ticketing.server.movie.application.response;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+import com.ticketing.server.movie.service.dto.MovieDto;
+import io.swagger.annotations.ApiModelProperty;
+import java.util.List;
+import lombok.AccessLevel;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+
+@Getter
+@AllArgsConstructor(access = AccessLevel.PRIVATE)
+public class MovieListResponse {
+
+    @ApiModelProperty(value = "영화 제목")
+    @JsonProperty
+    private List<MovieDto> movieDtos;
+
+    public static MovieListResponse from(List<MovieDto> movieDtos) {
+        return new MovieListResponse(movieDtos);
+    }
+
+}

server/src/main/java/com/ticketing/server/movie/domain/Movie.java

@@ -1,18 +1,29 @@
 package com.ticketing.server.movie.domain;
 
 import com.ticketing.server.global.dto.repository.AbstractEntity;
+import com.ticketing.server.movie.service.dto.MovieDto;
+import javax.persistence.Column;
 import javax.persistence.Entity;
 import javax.validation.constraints.NotNull;
+import lombok.AllArgsConstructor;
 import lombok.Getter;
+import lombok.NoArgsConstructor;
 
 @Entity
 @Getter
+@NoArgsConstructor
+@AllArgsConstructor
 public class Movie extends AbstractEntity {
 
-	@NotNull
-	private String title;
+    @NotNull
+    @Column(unique = true)
+    private String title;
 
-	@NotNull
-	private Integer runningTime;
+    @NotNull
+    private Integer runningTime;
+
+    public MovieDto toDto() {
+        return new MovieDto(this.title);
+    }
 
 }

server/src/main/java/com/ticketing/server/movie/domain/Theater.java

@@ -3,10 +3,14 @@ package com.ticketing.server.movie.domain;
 import com.ticketing.server.global.dto.repository.AbstractEntity;
 import javax.persistence.Entity;
 import javax.validation.constraints.NotNull;
+import lombok.AllArgsConstructor;
 import lombok.Getter;
+import lombok.NoArgsConstructor;
 
 @Entity
 @Getter
+@NoArgsConstructor
+@AllArgsConstructor
 public class Theater extends AbstractEntity {
 
 	@NotNull

server/src/main/java/com/ticketing/server/movie/domain/TicketStatus.java

@@ -6,10 +6,10 @@ import lombok.Getter;
 @Getter
 @AllArgsConstructor
 public enum TicketStatus {
-	SALE("판매가능"),
-	SCHEDULED("환불"),
-	SOLD("판매완료");
+    SALE("판매가능"),
+    SCHEDULED("환불"),
+    SOLD("판매완료");
 
-	private String name;
+    private String name;
 
 }

server/src/main/java/com/ticketing/server/movie/domain/repository/MovieRepository.java

@@ -1,10 +1,21 @@
 package com.ticketing.server.movie.domain.repository;
 
 import com.ticketing.server.movie.domain.Movie;
+import java.time.LocalDateTime;
+import java.util.List;
+import java.util.Optional;
 import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.data.jpa.repository.Query;
 import org.springframework.stereotype.Repository;
 
 @Repository
 public interface MovieRepository extends JpaRepository<Movie, Long> {
 
+    Optional<Movie> findByTitle(String title);
+
+    @Query(value = "SELECT * "
+        + "FROM movie "
+        + "WHERE deleted_at IS NULL", nativeQuery = true)
+    List<Movie> findValidMovies();
+
 }

server/src/main/java/com/ticketing/server/movie/domain/repository/TheaterRepository.java

@@ -1,10 +1,13 @@
 package com.ticketing.server.movie.domain.repository;
 
 import com.ticketing.server.movie.domain.Theater;
+import java.util.Optional;
 import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.stereotype.Repository;
 
 @Repository
 public interface TheaterRepository extends JpaRepository<Theater, Long> {
 
+    Optional<Theater> findByTheaterNumber(Integer theaterNumber);
+
 }

server/src/main/java/com/ticketing/server/movie/service/MovieServiceImpl.java

@@ -1,9 +1,29 @@
 package com.ticketing.server.movie.service;
 
+import com.ticketing.server.movie.domain.Movie;
+import com.ticketing.server.movie.domain.repository.MovieRepository;
+import com.ticketing.server.movie.service.dto.MovieDto;
 import com.ticketing.server.movie.service.interfaces.MovieService;
+import java.util.List;
+import java.util.stream.Collectors;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.stereotype.Service;
 
 @Service
+@RequiredArgsConstructor
+@Slf4j
 public class MovieServiceImpl implements MovieService {
 
+    private final MovieRepository movieRepository;
+
+    public List<MovieDto> getMovies() {
+        List<Movie> movies = movieRepository.findValidMovies();
+
+        return movies.stream()
+            .map(movie -> movie.toDto())
+            .collect(Collectors.toList());
+
+    }
+
 }

server/src/main/java/com/ticketing/server/movie/service/TMBDServiceImpl.java

@@ -0,0 +1,9 @@
+package com.ticketing.server.movie.service;
+
+import com.ticketing.server.movie.service.interfaces.TMDBService;
+import org.springframework.stereotype.Service;
+
+@Service
+public class TMBDServiceImpl implements TMDBService {
+
+}

server/src/main/java/com/ticketing/server/movie/service/dto/MovieDto.java

@@ -0,0 +1,12 @@
+package com.ticketing.server.movie.service.dto;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+import lombok.AllArgsConstructor;
+
+@AllArgsConstructor
+public class MovieDto {
+
+    @JsonProperty
+    private String title;
+
+}

server/src/main/java/com/ticketing/server/movie/service/interfaces/MovieService.java

@@ -1,5 +1,10 @@
 package com.ticketing.server.movie.service.interfaces;
 
+import com.ticketing.server.movie.service.dto.MovieDto;
+import java.util.List;
+
 public interface MovieService {
 
+    List<MovieDto> getMovies();
+
 }

server/src/main/java/com/ticketing/server/movie/service/interfaces/TMDBService.java

@@ -0,0 +1,5 @@
+package com.ticketing.server.movie.service.interfaces;
+
+public interface TMDBService {
+
+}

server/src/main/java/com/ticketing/server/user/application/AuthController.java

@@ -0,0 +1,63 @@
+package com.ticketing.server.user.application;
+
+import com.ticketing.server.user.application.request.LoginRequest;
+import com.ticketing.server.user.application.response.LogoutResponse;
+import com.ticketing.server.user.application.response.TokenDto;
+import com.ticketing.server.user.service.interfaces.AuthenticationService;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.security.core.annotation.AuthenticationPrincipal;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+@RequiredArgsConstructor
+@RequestMapping("/api/auth")
+@Slf4j
+public class AuthController {
+
+	private final AuthenticationService authenticationService;
+
+	@PostMapping("/token")
+	public ResponseEntity<TokenDto> login(@RequestBody LoginRequest loginRequest) {
+		TokenDto tokenDto = authenticationService.generateTokenDto(loginRequest.toAuthentication());
+
+		return ResponseEntity.status(HttpStatus.OK)
+			.headers(getHttpHeaders())
+			.body(tokenDto);
+	}
+
+	@PostMapping("/refresh")
+	public ResponseEntity<TokenDto> refreshToken(@RequestParam("refreshToken") String refreshToken) {
+		TokenDto tokenDto = authenticationService.reissueTokenDto(refreshToken);
+
+		return ResponseEntity.status(HttpStatus.OK)
+			.headers(getHttpHeaders())
+			.body(tokenDto);
+	}
+
+	@PostMapping("/logout")
+	public ResponseEntity<LogoutResponse> logout(@AuthenticationPrincipal UserDetails userRequest) {
+		LogoutResponse logoutResponse = authenticationService.deleteRefreshToken(userRequest.getUsername());
+
+		return ResponseEntity.status(HttpStatus.OK)
+			.body(logoutResponse);
+	}
+
+	private HttpHeaders getHttpHeaders() {
+		HttpHeaders httpHeaders = new HttpHeaders();
+		httpHeaders.set(HttpHeaders.CACHE_CONTROL, "no-cache, no-store, must-revalidate");
+		httpHeaders.set(HttpHeaders.PRAGMA, "no-store");
+		httpHeaders.set(HttpHeaders.EXPIRES, "0");
+
+		return httpHeaders;
+	}
+
+}

server/src/main/java/com/ticketing/server/user/application/UserController.java

@@ -1,8 +1,68 @@
 package com.ticketing.server.user.application;
 
+import com.ticketing.server.user.application.request.SignUpRequest;
+import com.ticketing.server.user.application.request.UserChangePasswordRequest;
+import com.ticketing.server.user.application.request.UserDeleteRequest;
+import com.ticketing.server.user.application.response.SignUpResponse;
+import com.ticketing.server.user.application.response.UserChangePasswordResponse;
+import com.ticketing.server.user.application.response.UserDeleteResponse;
+import com.ticketing.server.user.application.response.UserDetailResponse;
+import com.ticketing.server.user.domain.User;
+import com.ticketing.server.user.domain.UserGrade;
+import com.ticketing.server.user.service.UserServiceImpl;
+import javax.validation.Valid;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.security.access.annotation.Secured;
+import org.springframework.security.core.annotation.AuthenticationPrincipal;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.web.bind.annotation.DeleteMapping;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.PutMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
 @RestController
+@RequiredArgsConstructor
+@RequestMapping("/api/users")
+@Slf4j
 public class UserController {
 
+	private final UserServiceImpl userService;
+	private final PasswordEncoder passwordEncoder;
+
+	@PostMapping
+	public ResponseEntity<SignUpResponse> register(@RequestBody @Valid SignUpRequest request) {
+		User user = userService.register(request.toSignUpDto(passwordEncoder));
+		return ResponseEntity.status(HttpStatus.CREATED).body(SignUpResponse.from(user));
+	}
+
+	@GetMapping("/details")
+	@Secured("ROLE_GUEST")
+	public ResponseEntity<UserDetailResponse> details(@AuthenticationPrincipal UserDetails userRequest) {
+		User user = userService.findByEmail(userRequest.getUsername());
+		return ResponseEntity.status(HttpStatus.OK).body(UserDetailResponse.from(user));
+	}
+
+	@DeleteMapping
+	@Secured(UserGrade.ROLES.GUEST)
+	public ResponseEntity<UserDeleteResponse> deleteUser(@RequestBody @Valid UserDeleteRequest request) {
+		User user = userService.delete(request.toDeleteUserDto(passwordEncoder));
+		return ResponseEntity.status(HttpStatus.OK).body(UserDeleteResponse.from(user));
+	}
+
+	@PutMapping("/password")
+	@Secured(UserGrade.ROLES.GUEST)
+	public ResponseEntity<UserChangePasswordResponse> changePassword(
+		@AuthenticationPrincipal UserDetails userRequest,
+		@RequestBody @Valid UserChangePasswordRequest request) {
+		User user = userService.changePassword(request.toChangePasswordDto(userRequest.getUsername(), passwordEncoder));
+		return ResponseEntity.status(HttpStatus.OK).body(UserChangePasswordResponse.from(user));
+	}
+
 }

server/src/main/java/com/ticketing/server/user/application/request/LoginRequest.java

@@ -0,0 +1,26 @@
+package com.ticketing.server.user.application.request;
+
+import javax.validation.constraints.Email;
+import javax.validation.constraints.NotEmpty;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+
+@Getter
+@NoArgsConstructor
+@AllArgsConstructor
+public class LoginRequest {
+
+	@NotEmpty(message = "{validation.not.empty.email}")
+	@Email(message = "{validation.email}")
+	private String email;
+
+	@NotEmpty(message = "{validation.not.empty.password}")
+	private String password;
+
+	public UsernamePasswordAuthenticationToken toAuthentication() {
+		return new UsernamePasswordAuthenticationToken(email, password);
+	}
+
+}

server/src/main/java/com/ticketing/server/user/application/request/SignUpRequest.java

@@ -0,0 +1,39 @@
+package com.ticketing.server.user.application.request;
+
+import com.ticketing.server.global.validator.constraints.Phone;
+import com.ticketing.server.user.service.dto.SignUpDTO;
+import javax.validation.constraints.Email;
+import javax.validation.constraints.NotEmpty;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+@Getter
+@NoArgsConstructor
+@AllArgsConstructor
+public class SignUpRequest {
+
+	@NotEmpty(message = "{validation.not.empty.name}")
+	private String name;
+
+	@NotEmpty(message = "{validation.not.empty.email}")
+	@Email(message = "{validation.email}")
+	private String email;
+
+	@NotEmpty(message = "{validation.not.empty.password}")
+	private String password;
+
+	@NotEmpty(message = "{validation.not.empty.phone}")
+	@Phone
+	private String phone;
+
+	public SignUpDTO toSignUpDto(PasswordEncoder passwordEncoder) {
+		return new SignUpDTO(name, email, getEncodePassword(passwordEncoder), phone);
+	}
+
+	private String getEncodePassword(PasswordEncoder passwordEncoder) {
+		return passwordEncoder.encode(password);
+	}
+
+}

server/src/main/java/com/ticketing/server/user/application/request/UserChangePasswordRequest.java

@@ -0,0 +1,31 @@
+package com.ticketing.server.user.application.request;
+
+import com.ticketing.server.global.validator.constraints.FieldsValueNotMatch;
+import com.ticketing.server.user.service.dto.ChangePasswordDTO;
+import javax.validation.constraints.NotEmpty;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+@Getter
+@NoArgsConstructor
+@AllArgsConstructor
+@FieldsValueNotMatch(
+	field = "oldPassword",
+	fieldMatch = "newPassword",
+	message = "{validation.password.not.change}"
+)
+public class UserChangePasswordRequest {
+
+	@NotEmpty(message = "{validation.not.empty.oldpassword}")
+	private String oldPassword;
+
+	@NotEmpty(message = "{validation.not.empty.newpassword}")
+	private String newPassword;
+
+	public ChangePasswordDTO toChangePasswordDto(String email, PasswordEncoder passwordEncoder) {
+		return new ChangePasswordDTO(email, oldPassword, newPassword, passwordEncoder);
+	}
+
+}

server/src/main/java/com/ticketing/server/user/application/request/UserDeleteRequest.java

@@ -0,0 +1,27 @@
+package com.ticketing.server.user.application.request;
+
+import com.ticketing.server.user.service.dto.DeleteUserDTO;
+import javax.validation.constraints.Email;
+import javax.validation.constraints.NotEmpty;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+@Getter
+@NoArgsConstructor
+@AllArgsConstructor
+public class UserDeleteRequest {
+
+	@NotEmpty(message = "{validation.not.empty.email}")
+	@Email(message = "{validation.email}")
+	private String email;
+
+	@NotEmpty(message = "{validation.not.empty.password}")
+	private String password;
+
+	public DeleteUserDTO toDeleteUserDto(PasswordEncoder passwordEncoder) {
+		return new DeleteUserDTO(email, password, passwordEncoder);
+	}
+
+}

server/src/main/java/com/ticketing/server/user/application/response/LogoutResponse.java

@@ -0,0 +1,28 @@
+package com.ticketing.server.user.application.response;
+
+import com.ticketing.server.global.redis.RefreshToken;
+import lombok.AccessLevel;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+
+@Getter
+@AllArgsConstructor(access = AccessLevel.PRIVATE)
+public class LogoutResponse {
+
+	private Long refreshTokenId;
+	private String email;
+	private String refreshToken;
+
+	private LogoutResponse(String email) {
+		this.email = email;
+	}
+
+	public static LogoutResponse from(String email) {
+		return new LogoutResponse(email);
+	}
+
+	public static LogoutResponse from(RefreshToken refreshToken) {
+		return new LogoutResponse(refreshToken.getId(), refreshToken.getEmail(), refreshToken.getToken());
+	}
+
+}

server/src/main/java/com/ticketing/server/user/application/response/SignUpResponse.java

@@ -0,0 +1,20 @@
+package com.ticketing.server.user.application.response;
+
+import com.ticketing.server.user.domain.User;
+import lombok.AccessLevel;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+
+@Getter
+@AllArgsConstructor(access = AccessLevel.PRIVATE)
+public class SignUpResponse {
+
+	private String name;
+
+	private String email;
+
+	public static SignUpResponse from(User user) {
+		return new SignUpResponse(user.getName(), user.getEmail());
+	}
+
+}

server/src/main/java/com/ticketing/server/user/application/response/TokenDto.java

@@ -0,0 +1,20 @@
+package com.ticketing.server.user.application.response;
+
+import lombok.AccessLevel;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+
+@Getter
+@AllArgsConstructor(access = AccessLevel.PRIVATE)
+public class TokenDto {
+
+	private final String accessToken;
+	private final String refreshToken;
+	private final String tokenType;
+	private final long expiresIn;
+
+	public static TokenDto of(String accessToken, String refreshToken, String tokenType, long expiresIn) {
+		return new TokenDto(accessToken, refreshToken, tokenType, expiresIn);
+	}
+
+}

server/src/main/java/com/ticketing/server/user/application/response/UserChangePasswordResponse.java

@@ -0,0 +1,20 @@
+package com.ticketing.server.user.application.response;
+
+import com.ticketing.server.user.domain.User;
+import lombok.AccessLevel;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+
+@Getter
+@AllArgsConstructor(access = AccessLevel.PRIVATE)
+public class UserChangePasswordResponse {
+
+	private String name;
+
+	private String email;
+
+	public static UserChangePasswordResponse from(User user) {
+		return new UserChangePasswordResponse(user.getName(), user.getEmail());
+	}
+
+}

server/src/main/java/com/ticketing/server/user/application/response/UserDeleteResponse.java

@@ -0,0 +1,20 @@
+package com.ticketing.server.user.application.response;
+
+import com.ticketing.server.user.domain.User;
+import lombok.AccessLevel;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+
+@Getter
+@AllArgsConstructor(access = AccessLevel.PRIVATE)
+public class UserDeleteResponse {
+
+	private String name;
+
+	private String email;
+
+	public static UserDeleteResponse from(User user) {
+		return new UserDeleteResponse(user.getName(), user.getEmail());
+	}
+
+}

server/src/main/java/com/ticketing/server/user/application/response/UserDetailResponse.java

@@ -0,0 +1,21 @@
+package com.ticketing.server.user.application.response;
+
+import com.ticketing.server.user.domain.User;
+import com.ticketing.server.user.domain.UserGrade;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+
+@Getter
+@AllArgsConstructor
+public class UserDetailResponse {
+
+	private String name;
+	private String email;
+	private UserGrade grade;
+	private String phone;
+
+	public static UserDetailResponse from(User user) {
+		return new UserDetailResponse(user.getName(), user.getEmail(), user.getGrade(), user.getPhone());
+	}
+
+}

server/src/main/java/com/ticketing/server/user/domain/User.java

@@ -1,12 +1,22 @@
 package com.ticketing.server.user.domain;
 
+import static com.ticketing.server.global.exception.ErrorCode.DELETED_EMAIL;
+import static com.ticketing.server.global.exception.ErrorCode.MISMATCH_PASSWORD;
+
 import com.ticketing.server.global.dto.repository.AbstractEntity;
+import com.ticketing.server.global.exception.TicketingException;
+import com.ticketing.server.global.validator.constraints.Phone;
+import com.ticketing.server.user.service.dto.ChangePasswordDTO;
+import com.ticketing.server.user.service.dto.DeleteUserDTO;
+import com.ticketing.server.user.service.dto.PasswordMatches;
 import java.time.LocalDateTime;
+import javax.persistence.Column;
 import javax.persistence.Entity;
 import javax.persistence.EnumType;
 import javax.persistence.Enumerated;
+import javax.validation.constraints.Email;
+import javax.validation.constraints.NotEmpty;
 import javax.validation.constraints.NotNull;
-import lombok.Builder;
 import lombok.Getter;
 import lombok.NoArgsConstructor;
 
@@ -15,28 +25,34 @@ import lombok.NoArgsConstructor;
 @NoArgsConstructor
 public class User extends AbstractEntity {
 
-	@NotNull
+	@Column(name = "name")
+	@NotEmpty(message = "{validation.not.empty.name}")
 	private String name;
 
-	@NotNull
+	@Column(name = "email")
+	@NotEmpty(message = "{validation.not.empty.email}")
+	@Email(message = "{validation.email}")
 	private String email;
 
-	@NotNull
+	@Column(name = "password")
+	@NotEmpty(message = "{validation.not.empty.password}")
 	private String password;
 
-	@NotNull
+	@Column(name = "grade")
+	@NotNull(message = "{validation.not.empty.grade}")
 	@Enumerated(value = EnumType.STRING)
-	private UserGrade grade;
+	private UserGrade grade = UserGrade.GUEST;
 
-	@NotNull
+	@Column(name = "phone")
+	@NotEmpty(message = "{validation.not.empty.phone}")
+	@Phone
 	private String phone;
 
 	private boolean isDeleted = false;
 
 	private LocalDateTime deletedAt;
 
-	@Builder
-	protected User(String name, String email, String password, UserGrade grade, String phone) {
+	public User(String name, String email, String password, UserGrade grade, String phone) {
 		this.name = name;
 		this.email = email;
 		this.password = password;
@@ -44,4 +60,29 @@ public class User extends AbstractEntity {
 		this.phone = phone;
 	}
 
+	public User delete(DeleteUserDTO deleteUser) {
+		if (isDeleted) {
+			throw new TicketingException(DELETED_EMAIL);
+		}
+
+		checkPassword(deleteUser);
+
+		isDeleted = true;
+		deletedAt = LocalDateTime.now();
+		return this;
+	}
+
+	public User changePassword(ChangePasswordDTO changePassword) {
+		checkPassword(changePassword);
+
+		this.password = changePassword.getEncodePassword();
+		return this;
+	}
+
+	public void checkPassword(PasswordMatches passwordMatches) {
+		if (!passwordMatches.passwordMatches(password)) {
+			throw new TicketingException(MISMATCH_PASSWORD);
+		}
+	}
+
 }

server/src/main/java/com/ticketing/server/user/domain/UserGrade.java

@@ -1,5 +1,38 @@
 package com.ticketing.server.user.domain;
 
+import lombok.RequiredArgsConstructor;
+
+@RequiredArgsConstructor
 public enum UserGrade {
-	GUEST, STAFF
+	ADMIN(ROLES.ADMIN, null),
+	STAFF(ROLES.STAFF, ROLES.ADMIN),
+	GUEST(ROLES.GUEST, ROLES.STAFF);
+
+	private final String roleName;
+	private final String parentName;
+
+	public static class ROLES {
+
+		public static final String ADMIN = "ROLE_ADMIN";
+		public static final String STAFF = "ROLE_STAFF";
+		public static final String GUEST = "ROLE_GUEST";
+
+		private ROLES() {
+		}
+	}
+
+	public static String getRoleHierarchy() {
+		StringBuilder sb = new StringBuilder();
+
+		for (UserGrade grade : UserGrade.values()) {
+			if (grade.parentName != null) {
+				sb.append(grade.parentName);
+				sb.append(" > ");
+				sb.append(grade.roleName);
+				sb.append("\n");
+			}
+		}
+
+		return sb.toString();
+	}
 }

server/src/main/java/com/ticketing/server/user/domain/repository/UserRepository.java

@@ -1,10 +1,15 @@
 package com.ticketing.server.user.domain.repository;
 
 import com.ticketing.server.user.domain.User;
+import java.util.Optional;
 import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.stereotype.Repository;
 
 @Repository
 public interface UserRepository extends JpaRepository<User, Long> {
 
+	Optional<User> findByEmail(String email);
+
+	Optional<User> findByEmailAndIsDeletedFalse(String email);
+
 }

server/src/main/java/com/ticketing/server/user/service/AuthenticationServiceImpl.java

@@ -0,0 +1,100 @@
+package com.ticketing.server.user.service;
+
+import static com.ticketing.server.global.exception.ErrorCode.REFRESH_TOKEN_NOT_FOUND;
+import static com.ticketing.server.global.exception.ErrorCode.TOKEN_TYPE;
+import static com.ticketing.server.global.exception.ErrorCode.UNAVAILABLE_REFRESH_TOKEN;
+
+import com.ticketing.server.global.exception.TicketingException;
+import com.ticketing.server.global.redis.RefreshRedisRepository;
+import com.ticketing.server.global.redis.RefreshToken;
+import com.ticketing.server.global.security.jwt.JwtProperties;
+import com.ticketing.server.global.security.jwt.JwtProvider;
+import com.ticketing.server.user.application.response.LogoutResponse;
+import com.ticketing.server.user.application.response.TokenDto;
+import com.ticketing.server.user.service.interfaces.AuthenticationService;
+import lombok.RequiredArgsConstructor;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.core.Authentication;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+import org.springframework.util.StringUtils;
+
+@Service
+@RequiredArgsConstructor
+public class AuthenticationServiceImpl implements AuthenticationService {
+
+	private final RefreshRedisRepository refreshRedisRepository;
+
+	private final JwtProvider jwtProvider;
+	private final JwtProperties jwtProperties;
+	private final AuthenticationManagerBuilder authenticationManagerBuilder;
+
+	@Override
+	@Transactional
+	public TokenDto generateTokenDto(UsernamePasswordAuthenticationToken authenticationToken) {
+		// 회원인증
+		Authentication authentication = authenticationManagerBuilder.getObject().authenticate(authenticationToken);
+
+		String email = authenticationToken.getName();
+
+		// 토큰 발급
+		TokenDto tokenDto = jwtProvider.generateTokenDto(authentication);
+
+		// refresh 토큰이 있으면 수정, 없으면 생성
+		refreshRedisRepository.findByEmail(email)
+			.ifPresentOrElse(
+				tokenEntity -> tokenEntity.changeToken(tokenDto.getRefreshToken()),
+				() -> refreshRedisRepository.save(new RefreshToken(email, tokenDto.getRefreshToken()))
+			);
+
+		return tokenDto;
+	}
+
+	@Override
+	@Transactional
+	public TokenDto reissueTokenDto(String bearerRefreshToken) {
+		String refreshToken = resolveToken(bearerRefreshToken);
+
+		// 토큰 검증
+		jwtProvider.validateToken(refreshToken);
+
+		Authentication authentication = jwtProvider.getAuthentication(refreshToken);
+
+		// Redis 에 토큰이 있는지 검증
+		RefreshToken findTokenEntity = refreshRedisRepository.findByEmail(authentication.getName())
+			.orElseThrow(() -> new TicketingException(REFRESH_TOKEN_NOT_FOUND));
+
+		// redis 토큰과 input 토큰이 일치한지 확인
+		if (!refreshToken.equals(findTokenEntity.getToken())) {
+			throw new TicketingException(UNAVAILABLE_REFRESH_TOKEN);
+		}
+
+		// 토큰 발급
+		TokenDto tokenDto = jwtProvider.generateTokenDto(authentication);
+
+		// 토큰 최신화
+		findTokenEntity.changeToken(tokenDto.getRefreshToken());
+		refreshRedisRepository.save(findTokenEntity);
+
+		return tokenDto;
+	}
+
+	@Override
+	@Transactional
+	public LogoutResponse deleteRefreshToken(String email) {
+		return refreshRedisRepository.findByEmail(email)
+			.map(tokenDto -> {
+				refreshRedisRepository.delete(tokenDto);
+				return LogoutResponse.from(tokenDto);
+			}).orElseGet(() -> LogoutResponse.from(email));
+	}
+
+	private String resolveToken(String bearerToken) {
+		if (StringUtils.hasText(bearerToken) && jwtProperties.hasTokenStartsWith(bearerToken)) {
+			return bearerToken.substring(7);
+		}
+		throw new TicketingException(TOKEN_TYPE);
+	}
+
+}

server/src/main/java/com/ticketing/server/user/service/CustomUserDetailsService.java

@@ -0,0 +1,38 @@
+package com.ticketing.server.user.service;
+
+import static com.ticketing.server.global.exception.ErrorCode.EMAIL_NOT_FOUND;
+
+import com.ticketing.server.global.exception.TicketingException;
+import com.ticketing.server.user.domain.User;
+import com.ticketing.server.user.domain.repository.UserRepository;
+import java.util.Collections;
+import lombok.RequiredArgsConstructor;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.stereotype.Service;
+
+@Service
+@RequiredArgsConstructor
+public class CustomUserDetailsService implements UserDetailsService {
+
+	private final UserRepository userRepository;
+
+	@Override
+	public UserDetails loadUserByUsername(String email) throws UsernameNotFoundException {
+		return userRepository.findByEmailAndIsDeletedFalse(email)
+			.map(this::createUserDetails)
+			.orElseThrow(() -> new TicketingException(EMAIL_NOT_FOUND));
+	}
+
+	private UserDetails createUserDetails(User user) {
+		SimpleGrantedAuthority grantedAuthority = new SimpleGrantedAuthority(user.getGrade().name());
+
+		return new org.springframework.security.core.userdetails.User(
+			user.getEmail()
+			, user.getPassword()
+			, Collections.singleton(grantedAuthority)
+		);
+	}
+}

server/src/main/java/com/ticketing/server/user/service/UserServiceImpl.java

@@ -1,9 +1,70 @@
 package com.ticketing.server.user.service;
 
+import static com.ticketing.server.global.exception.ErrorCode.DUPLICATE_EMAIL;
+import static com.ticketing.server.global.exception.ErrorCode.EMAIL_NOT_FOUND;
+
+import com.ticketing.server.global.exception.TicketingException;
+import com.ticketing.server.user.domain.User;
+import com.ticketing.server.user.domain.repository.UserRepository;
+import com.ticketing.server.user.service.dto.ChangePasswordDTO;
+import com.ticketing.server.user.service.dto.DeleteUserDTO;
+import com.ticketing.server.user.service.dto.SignUpDTO;
 import com.ticketing.server.user.service.interfaces.UserService;
+import java.util.Optional;
+import javax.validation.Valid;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+import org.springframework.validation.annotation.Validated;
 
 @Service
+@RequiredArgsConstructor
+@Transactional(readOnly = true)
+@Validated
+@Slf4j
 public class UserServiceImpl implements UserService {
 
+	private final UserRepository userRepository;
+
+	@Override
+	@Transactional
+	public User register(@Valid SignUpDTO signUpDto) {
+		Optional<User> user = userRepository.findByEmail(signUpDto.getEmail());
+		if (user.isEmpty()) {
+			return userRepository.save(signUpDto.toUser());
+		}
+
+		throw new TicketingException(DUPLICATE_EMAIL);
+	}
+
+	@Override
+	@Transactional
+	public User delete(@Valid DeleteUserDTO deleteUserDto) {
+		User user = findNotDeletedUserByEmail(deleteUserDto.getEmail());
+		return user.delete(deleteUserDto);
+	}
+
+	@Override
+	@Transactional
+	public User changePassword(@Valid ChangePasswordDTO changePasswordDto) {
+		User user = findNotDeletedUserByEmail(changePasswordDto.getEmail());
+		return user.changePassword(changePasswordDto);
+	}
+
+	@Override
+	public User findByEmail(String email) {
+		return userRepository.findByEmail(email)
+			.orElseThrow(UserServiceImpl::throwEmailNotFound);
+	}
+
+	private User findNotDeletedUserByEmail(String email) {
+		return userRepository.findByEmailAndIsDeletedFalse(email)
+			.orElseThrow(UserServiceImpl::throwEmailNotFound);
+	}
+
+	private static RuntimeException throwEmailNotFound() {
+		throw new TicketingException(EMAIL_NOT_FOUND);
+	}
+
 }

server/src/main/java/com/ticketing/server/user/service/dto/ChangePasswordDTO.java

@@ -0,0 +1,47 @@
+package com.ticketing.server.user.service.dto;
+
+import javax.validation.constraints.Email;
+import javax.validation.constraints.NotEmpty;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+public class ChangePasswordDTO implements PasswordMatches {
+
+	@NotEmpty(message = "{validation.not.empty.email}")
+	@Email(message = "{validation.email}")
+	private String email;
+
+	@NotEmpty(message = "{validation.not.empty.oldpassword}")
+	private String oldPassword;
+
+	@NotEmpty(message = "{validation.not.empty.newpassword}")
+	private String newPassword;
+
+	private PasswordEncoder passwordEncoder;
+
+	public ChangePasswordDTO(String email, String oldPassword, String newPassword, PasswordEncoder passwordEncoder) {
+		this.email = email;
+		this.oldPassword = oldPassword;
+		this.newPassword = newPassword;
+		this.passwordEncoder = passwordEncoder;
+	}
+
+	public String getEmail() {
+		return email;
+	}
+
+	@Override
+	public boolean passwordMatches(String password) {
+		return passwordEncoder.matches(oldPassword, password);
+	}
+
+	public String getEncodePassword() {
+		return passwordEncoder.encode(newPassword);
+	}
+
+	@Override
+	public String toString() {
+		return "ChangePassword{" +
+			"email='" + email + '\'' +
+			'}';
+	}
+}

server/src/main/java/com/ticketing/server/user/service/dto/DeleteUserDTO.java

@@ -0,0 +1,40 @@
+package com.ticketing.server.user.service.dto;
+
+import javax.validation.constraints.Email;
+import javax.validation.constraints.NotEmpty;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+public class DeleteUserDTO implements PasswordMatches {
+
+	@NotEmpty(message = "{validation.not.empty.email}")
+	@Email(message = "{validation.email}")
+	private String email;
+
+	@NotEmpty(message = "{validation.not.empty.password}")
+	private String inputPassword;
+
+	private PasswordEncoder passwordEncoder;
+
+	public DeleteUserDTO(String email, String inputPassword, PasswordEncoder passwordEncoder) {
+		this.email = email;
+		this.inputPassword = inputPassword;
+		this.passwordEncoder = passwordEncoder;
+	}
+
+	@Override
+	public boolean passwordMatches(String password) {
+		return passwordEncoder.matches(this.inputPassword, password);
+	}
+
+	public String getEmail() {
+		return email;
+	}
+
+	@Override
+	public String toString() {
+		return "DeleteUser{" +
+			"email='" + email + '\'' +
+			'}';
+	}
+
+}

server/src/main/java/com/ticketing/server/user/service/dto/PasswordMatches.java

@@ -0,0 +1,7 @@
+package com.ticketing.server.user.service.dto;
+
+@FunctionalInterface
+public interface PasswordMatches {
+
+	boolean passwordMatches(String password);
+}

server/src/main/java/com/ticketing/server/user/service/dto/SignUpDTO.java

@@ -0,0 +1,47 @@
+package com.ticketing.server.user.service.dto;
+
+import com.ticketing.server.global.validator.constraints.Phone;
+import com.ticketing.server.user.domain.User;
+import com.ticketing.server.user.domain.UserGrade;
+import javax.validation.constraints.Email;
+import javax.validation.constraints.NotEmpty;
+import lombok.Getter;
+
+@Getter
+public class SignUpDTO {
+
+	@NotEmpty(message = "{validation.not.empty.name}")
+	private String name;
+
+	@NotEmpty(message = "{validation.not.empty.email}")
+	@Email(message = "{validation.email}")
+	private String email;
+
+	@NotEmpty(message = "{validation.not.empty.password}")
+	private String password;
+
+	@NotEmpty(message = "{validation.not.empty.phone}")
+	@Phone
+	private String phone;
+
+	public SignUpDTO(String name, String email, String password, String phone) {
+		this.name = name;
+		this.email = email;
+		this.password = password;
+		this.phone = phone;
+	}
+
+	public User toUser() {
+		return new User(this.name, this.email, password, UserGrade.GUEST, this.phone);
+	}
+
+	@Override
+	public String toString() {
+		return "SignUp{" +
+			"name='" + name + '\'' +
+			", email='" + email + '\'' +
+			", phone='" + phone + '\'' +
+			'}';
+	}
+
+}

server/src/main/java/com/ticketing/server/user/service/interfaces/AuthenticationService.java

@@ -0,0 +1,15 @@
+package com.ticketing.server.user.service.interfaces;
+
+import com.ticketing.server.user.application.response.LogoutResponse;
+import com.ticketing.server.user.application.response.TokenDto;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+
+public interface AuthenticationService {
+
+	TokenDto generateTokenDto(UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken);
+
+	TokenDto reissueTokenDto(String bearerRefreshToken);
+
+	LogoutResponse deleteRefreshToken(String email);
+
+}

server/src/main/java/com/ticketing/server/user/service/interfaces/UserService.java

@@ -1,5 +1,18 @@
 package com.ticketing.server.user.service.interfaces;
 
+import com.ticketing.server.user.domain.User;
+import com.ticketing.server.user.service.dto.ChangePasswordDTO;
+import com.ticketing.server.user.service.dto.DeleteUserDTO;
+import com.ticketing.server.user.service.dto.SignUpDTO;
+import javax.validation.Valid;
+
 public interface UserService {
 
+	User register(@Valid SignUpDTO signUpDto);
+
+	User delete(@Valid DeleteUserDTO deleteUserDto);
+
+	User changePassword(@Valid ChangePasswordDTO changePasswordDto);
+
+	User findByEmail(String email);
 }

server/src/main/resources/application.yml

@@ -4,6 +4,9 @@ server:
 spring:
   profiles:
     active: local
+  redis:
+    host: localhost
+    port: 6379
 
   jpa:
     hibernate:
@@ -15,6 +18,24 @@ spring:
       maximum-pool-size: 10 # default 10
       max-lifetime: 1800000 # default 30 minutes
 
+  mvc:
+    pathmatch:
+      matching-strategy: ant_path_matcher
+    throw-exception-if-no-handler-found: true
+
 jasypt:
   encryptor:
     bean: jasyptStringEncryptor
+
+jwt:
+  access-header: Authorization
+  refresh-header: REFRESH_TOKEN
+  prefix: Bearer
+  secret-key: Zi1sYWItdGlja2V0aW5nLXByb2plY3Qtc3ByaW5nLWJvb3Qtc2VjdXJpdHktand0LXNlY3JldC1rZXktZi1sYWItdGlja2V0aW5nLXByb2plY3Qtc3ByaW5nLWJvb3Qtc2VjdXJpdHktand0LXNlY3JldC1rZXkK
+  access-token-validity-in-seconds: 60 # 1분
+  refresh-token-validity-in-seconds: 259200 # 3일
+
+springfox:
+  documentation:
+    swagger:
+      use-model-v3: false

server/src/main/resources/i18n/messages.properties

@@ -0,0 +1,10 @@
+validation.not.empty.name=\uC774\uB984\uC740 \uD544\uC218 \uC785\uB2C8\uB2E4.
+validation.not.empty.email=\uC774\uBA54\uC77C\uC740 \uD544\uC218 \uC785\uB2C8\uB2E4.
+validation.not.empty.password=\uD328\uC2A4\uC6CC\uB4DC\uB294 \uD544\uC218 \uC785\uB2C8\uB2E4.
+validation.not.empty.oldpassword=\uD604\uC7AC \uD328\uC2A4\uC6CC\uB4DC\uB294 \uD544\uC218 \uC785\uB2C8\uB2E4.
+validation.not.empty.newpassword=\uBCC0\uACBD\uD560 \uD328\uC2A4\uC6CC\uB4DC\uB294 \uD544\uC218 \uC785\uB2C8\uB2E4.
+validation.not.empty.grade=\uC0AC\uC6A9\uC790 \uB4F1\uAE09\uC740 \uD544\uC218 \uC785\uB2C8\uB2E4.
+validation.not.empty.phone=\uD734\uB300\uBC88\uD638\uB294 \uD544\uC218 \uC785\uB2C8\uB2E4.
+validation.email=\uC774\uBA54\uC77C\uC774 \uC62C\uBC14\uB974\uC9C0 \uC54A\uC2B5\uB2C8\uB2E4.
+validation.phone=\uD734\uB300\uBC88\uD638\uAC00 \uC62C\uBC14\uB974\uC9C0 \uC54A\uC2B5\uB2C8\uB2E4.
+validation.password.not.change=\uB3D9\uC77C\uD55C \uD328\uC2A4\uC6CC\uB4DC\uB85C \uBCC0\uACBD\uD560 \uC218 \uC5C6\uC2B5\uB2C8\uB2E4.

server/src/main/resources/i18n/messages_en.properties

@@ -0,0 +1,10 @@
+validation.not.empty.name=name is required.
+validation.not.empty.email=email is required.
+validation.not.empty.password=password is required.
+validation.not.empty.oldpassword=Old Password is required.
+validation.not.empty.newpassword=New Password is required.
+validation.not.empty.grade=user grade is required.
+validation.not.empty.phone=phone is required.
+validation.email=email is not valid.
+validation.phone=phone is not valid.
+validation.password.not.change=password not change.

server/src/main/resources/i18n/messages_ko.properties

@@ -0,0 +1,10 @@
+validation.not.empty.name=\uC774\uB984\uC740 \uD544\uC218 \uC785\uB2C8\uB2E4.
+validation.not.empty.email=\uC774\uBA54\uC77C\uC740 \uD544\uC218 \uC785\uB2C8\uB2E4.
+validation.not.empty.password=\uD328\uC2A4\uC6CC\uB4DC\uB294 \uD544\uC218 \uC785\uB2C8\uB2E4.
+validation.not.empty.oldpassword=\uD604\uC7AC \uD328\uC2A4\uC6CC\uB4DC\uB294 \uD544\uC218 \uC785\uB2C8\uB2E4.
+validation.not.empty.newpassword=\uBCC0\uACBD\uD560 \uD328\uC2A4\uC6CC\uB4DC\uB294 \uD544\uC218 \uC785\uB2C8\uB2E4.
+validation.not.empty.grade=\uC0AC\uC6A9\uC790 \uB4F1\uAE09\uC740 \uD544\uC218 \uC785\uB2C8\uB2E4.
+validation.not.empty.phone=\uD734\uB300\uBC88\uD638\uB294 \uD544\uC218 \uC785\uB2C8\uB2E4.
+validation.email=\uC774\uBA54\uC77C\uC774 \uC62C\uBC14\uB974\uC9C0 \uC54A\uC2B5\uB2C8\uB2E4.
+validation.phone=\uD734\uB300\uBC88\uD638\uAC00 \uC62C\uBC14\uB974\uC9C0 \uC54A\uC2B5\uB2C8\uB2E4.
+validation.password.not.change=\uB3D9\uC77C\uD55C \uD328\uC2A4\uC6CC\uB4DC\uB85C \uBCC0\uACBD\uD560 \uC218 \uC5C6\uC2B5\uB2C8\uB2E4.

server/src/test/java/com/ticketing/server/ServerApplicationTests.java

@@ -1,15 +0,0 @@
-package com.ticketing.server;
-
-import org.junit.jupiter.api.Test;
-import org.springframework.boot.test.context.SpringBootTest;
-import org.springframework.data.jpa.repository.config.EnableJpaAuditing;
-
-@SpringBootTest
-@EnableJpaAuditing
-class ServerApplicationTests {
-
-	@Test
-	void contextLoads() {
-	}
-
-}

server/src/test/java/com/ticketing/server/global/security/SecurityContextHolderTest.java

@@ -0,0 +1,66 @@
+package com.ticketing.server.global.security;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.junit.jupiter.api.Assertions.assertAll;
+
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.mockito.junit.jupiter.MockitoExtension;
+import org.springframework.security.authentication.TestingAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.context.SecurityContext;
+import org.springframework.security.core.context.SecurityContextHolder;
+
+@ExtendWith(MockitoExtension.class)
+class SecurityContextHolderTest {
+
+	private static final String ANY_USER = "ticketing";
+	private static final String ANY_PASSWORD = "password";
+	private static final String ROLE_GUEST = "ROLE_GUEST";
+
+	@BeforeEach
+	void init() {
+		SecurityContextHolder.setStrategyName(SecurityContextHolder.MODE_THREADLOCAL);
+		setMockAuthentication();
+	}
+
+	@AfterEach
+	void clear() {
+		SecurityContextHolder.clearContext();
+	}
+
+	@Test
+	@DisplayName("SecurityContextHolder 에 현재 인증된 사용자 정보를 확인한다.")
+	void SecurityContextHolder() {
+		// given
+		Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+
+		// when
+		// then
+		assertAll(
+			() -> assertThat(authentication.isAuthenticated()).isTrue()
+			, () -> assertThat(authentication.getName()).isEqualTo(ANY_USER)
+			, () -> assertThat(authentication.getCredentials()).isEqualTo(ANY_PASSWORD)
+			, () -> assertThat(authentication.getAuthorities())
+				.extracting(GrantedAuthority::getAuthority)
+				.contains(ROLE_GUEST)
+		);
+
+	}
+
+
+	private void setMockAuthentication() {
+		SecurityContext context = SecurityContextHolder.createEmptyContext();
+
+		TestingAuthenticationToken mockAuthentication
+			= new TestingAuthenticationToken(SecurityContextHolderTest.ANY_USER, SecurityContextHolderTest.ANY_PASSWORD, SecurityContextHolderTest.ROLE_GUEST);
+		context.setAuthentication(mockAuthentication);
+
+		SecurityContextHolder.setContext(context);
+	}
+
+}

server/src/test/java/com/ticketing/server/global/security/jwt/JwtPropertiesTest.java

@@ -0,0 +1,64 @@
+package com.ticketing.server.global.security.jwt;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.junit.jupiter.api.Assertions.assertAll;
+
+import com.ticketing.server.global.factory.YamlPropertySourceFactory;
+import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
+import org.springframework.context.annotation.PropertySource;
+import org.springframework.test.context.junit.jupiter.SpringExtension;
+
+@ExtendWith(SpringExtension.class)
+@EnableConfigurationProperties(value = JwtProperties.class)
+@PropertySource(value = "classpath:application.yml", factory = YamlPropertySourceFactory.class)
+class JwtPropertiesTest {
+
+	@Autowired
+	private JwtProperties jwtProperties;
+
+	@Test
+	@DisplayName("yml - jwt 설정파일 체크")
+	void jwtPropertiesCheck() {
+		// given
+		// when
+		// then
+		assertAll(
+			() -> assertThat(jwtProperties.getAccessHeader()).isEqualTo("Authorization")
+			, () -> assertThat(jwtProperties.getRefreshHeader()).isEqualTo("REFRESH_TOKEN")
+			, () -> assertThat(jwtProperties.getPrefix()).isEqualTo("Bearer")
+			, () -> assertThat(jwtProperties.getAccessTokenValidityInSeconds()).isEqualTo(60)
+			, () -> assertThat(jwtProperties.getRefreshTokenValidityInSeconds()).isEqualTo(259200)
+			, () -> assertThat(jwtProperties.getSecretKey()).isNotEmpty());
+	}
+
+	@Test
+	@DisplayName("token prefix 가 일치할 경우")
+	void hasTokenStartsWithTrue() {
+		// given
+		String token = jwtProperties.getPrefix() + " " + "tokenPrefixTest";
+
+		// when
+		boolean result = jwtProperties.hasTokenStartsWith(token);
+
+		// then
+		assertThat(result).isTrue();
+	}
+
+	@Test
+	@DisplayName("token prefix 가 일치하지 않을 경우")
+	void hasTokenStartsWithFalse() {
+		// given
+		String token = "tokenPrefixTest";
+
+		// when
+		boolean result = jwtProperties.hasTokenStartsWith(token);
+
+		// then
+		assertThat(result).isFalse();
+	}
+
+}

server/src/test/java/com/ticketing/server/global/security/jwt/TokenProviderTest.java

@@ -0,0 +1,68 @@
+package com.ticketing.server.global.security.jwt;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+import com.ticketing.server.global.factory.YamlPropertySourceFactory;
+import com.ticketing.server.user.application.response.TokenDto;
+import com.ticketing.server.user.domain.UserGrade;
+import java.util.Collections;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
+import org.springframework.context.annotation.PropertySource;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.test.context.junit.jupiter.SpringExtension;
+
+@ExtendWith(SpringExtension.class)
+@EnableConfigurationProperties(value = JwtProperties.class)
+@PropertySource(value = "classpath:application.yml", factory = YamlPropertySourceFactory.class)
+class TokenProviderTest {
+
+	@Autowired
+	private JwtProperties jwtProperties;
+
+	JwtProvider jwtProvider;
+
+
+	@BeforeEach
+	void init() {
+		jwtProvider = new JwtProvider(jwtProperties);
+	}
+
+	@Test
+	@DisplayName("토큰 생성 성공")
+	void createTokenSuccess() {
+		// given
+		SimpleGrantedAuthority grantedAuthority = new SimpleGrantedAuthority(UserGrade.GUEST.name());
+		UsernamePasswordAuthenticationToken authenticationToken =
+			new UsernamePasswordAuthenticationToken("ticketing@gmail.com", "123456", Collections.singleton(grantedAuthority));
+
+		// when
+		TokenDto tokenDto = jwtProvider.generateTokenDto(authenticationToken);
+
+		// then
+		assertThat(tokenDto).isInstanceOf(TokenDto.class);
+	}
+
+	@Test
+	@DisplayName("토큰 복호화 성공")
+	void getAuthentication() {
+		// given
+		SimpleGrantedAuthority grantedAuthority = new SimpleGrantedAuthority(UserGrade.GUEST.name());
+		UsernamePasswordAuthenticationToken authenticationToken =
+			new UsernamePasswordAuthenticationToken("ticketing@gmail.com", "123456", Collections.singleton(grantedAuthority));
+
+		// when
+		TokenDto tokenDto = jwtProvider.generateTokenDto(authenticationToken);
+		Authentication authentication = jwtProvider.getAuthentication(tokenDto.getAccessToken());
+
+		// then
+		assertThat(authentication.getName()).isEqualTo("ticketing@gmail.com");
+	}
+
+}

server/src/test/java/com/ticketing/server/movie/service/MovieServiceImplTest.java

@@ -0,0 +1,66 @@
+package com.ticketing.server.movie.service;
+
+import static org.junit.jupiter.api.Assertions.assertTrue;
+import static org.mockito.Mockito.when;
+
+import com.ticketing.server.movie.domain.Movie;
+import com.ticketing.server.movie.domain.repository.MovieRepository;
+import com.ticketing.server.movie.service.dto.MovieDto;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.mockito.InjectMocks;
+import org.mockito.Mock;
+import org.mockito.junit.jupiter.MockitoExtension;
+
+@ExtendWith(MockitoExtension.class)
+public class MovieServiceImplTest {
+
+    Movie movie;
+    MovieDto movieDto;
+    List<Movie> movies = new ArrayList<>();
+    List<MovieDto> movieDtos = new ArrayList<>();
+
+    @Mock
+    MovieRepository movieRepository;
+
+    @InjectMocks
+    MovieServiceImpl movieService;
+
+    @Test
+    @DisplayName("Movie Service Test - get movies when there is no movie")
+    void shouldGetEmptyList() {
+        // given
+        when(movieRepository.findValidMovies()).thenReturn(Collections.emptyList());
+
+        // when
+        List<MovieDto> movieDtoList = movieService.getMovies();
+
+        // then
+        assertTrue(movieDtoList.isEmpty());
+
+    }
+
+    @Test
+    @DisplayName("Movie Service Test - get movies")
+    void shouldAbleToGetMovies() {
+        // given
+        movie = new Movie("범죄도시2", 106);
+        movieDto = movie.toDto();
+        movies.add(movie);
+        movieDtos.add(movieDto);
+
+        when(movieRepository.findValidMovies()).thenReturn(movies);
+
+        // when
+        List<MovieDto> movieDtoList = movieService.getMovies();
+
+        // then
+        assertTrue(!movieDtoList.isEmpty());
+    }
+
+}

server/src/test/java/com/ticketing/server/user/domain/UserTest.java

@@ -0,0 +1,280 @@
+package com.ticketing.server.user.domain;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.assertj.core.api.Assertions.assertThatThrownBy;
+import static org.junit.jupiter.api.Assertions.assertAll;
+
+import com.ticketing.server.global.exception.TicketingException;
+import com.ticketing.server.user.service.dto.ChangePasswordDTO;
+import com.ticketing.server.user.service.dto.DeleteUserDTO;
+import com.ticketing.server.user.service.dto.DeleteUserDtoTest;
+import java.util.Map;
+import java.util.Set;
+import java.util.stream.Collectors;
+import java.util.stream.Stream;
+import javax.validation.ConstraintViolation;
+import javax.validation.Validation;
+import javax.validation.Validator;
+import javax.validation.ValidatorFactory;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.params.ParameterizedTest;
+import org.junit.jupiter.params.provider.MethodSource;
+
+class UserTest {
+
+	private Validator validator;
+	private Map<String, User> users;
+
+	@BeforeEach
+	void init() {
+		ValidatorFactory factory = Validation.buildDefaultValidatorFactory();
+		validator = factory.getValidator();
+		users = provideCorrectUsers().collect(Collectors.toMap(User::getEmail, user -> user));
+	}
+
+	@ParameterizedTest
+	@MethodSource("provideDifferentPasswordDeleteUsers")
+	@DisplayName("입력된 패스워드가 다를 경우")
+	void passwordMismatchException(DeleteUserDTO deleteUser) {
+		// given
+		User user = users.get(deleteUser.getEmail());
+
+		// when
+		// then
+		assertThatThrownBy(() -> user.delete(deleteUser))
+			.isInstanceOf(TicketingException.class);
+	}
+
+	@ParameterizedTest
+	@MethodSource("provideDeleteUsers")
+	@DisplayName("이미 회원탈퇴 되어 있는 경우")
+	void alreadyDeletedException(DeleteUserDTO deleteUserDto) {
+		// given
+		User user = users.get(deleteUserDto.getEmail());
+
+		// when
+		user.delete(deleteUserDto);
+
+		// then
+		assertThatThrownBy(() -> user.delete(deleteUserDto))
+			.isInstanceOf(TicketingException.class);
+
+	}
+
+	@ParameterizedTest
+	@MethodSource("provideDeleteUsers")
+	@DisplayName("회원탈퇴 성공")
+	void deleteSuccess(DeleteUserDTO deleteUserDto) {
+		// given
+		User user = users.get(deleteUserDto.getEmail());
+
+		// when
+		User deletedUser = user.delete(deleteUserDto);
+
+		// then
+		assertAll(
+			() -> assertThat(deletedUser.getDeletedAt()).isNotNull()
+			, () -> assertThat(deletedUser.isDeleted()).isTrue()
+		);
+	}
+
+	@Test
+	@DisplayName("입력받은 패스워드와 불일치로 변경 실패")
+	void changePasswordFail() {
+		// given
+		ChangePasswordDTO changePasswordDto = new ChangePasswordDTO("ticketing1@gmail.com", "1234567", "ticketing1234", DeleteUserDtoTest.CUSTOM_PASSWORD_ENCODER);
+		User user = users.get(changePasswordDto.getEmail());
+
+		// when
+		// then
+		assertThatThrownBy(() -> user.changePassword(changePasswordDto))
+			.isInstanceOf(TicketingException.class);
+	}
+
+	@Test
+	@DisplayName("패스워드 변경 성공")
+	void changePasswordSuccess() {
+		// given
+		ChangePasswordDTO changePasswordDto = new ChangePasswordDTO("ticketing1@gmail.com", "123456", "ticketing1234", DeleteUserDtoTest.CUSTOM_PASSWORD_ENCODER);
+		User user = users.get(changePasswordDto.getEmail());
+		String oldPassword = user.getPassword();
+
+		// when
+		User modifiedUser = user.changePassword(changePasswordDto);
+
+		// then
+		assertThat(modifiedUser.getPassword()).isNotEqualTo(oldPassword);
+	}
+
+	@ParameterizedTest
+	@MethodSource("provideCorrectUsers")
+	@DisplayName("유저 검증 성공")
+	void validateSuccess(User user) {
+		// given
+		// when
+		Set<ConstraintViolation<User>> constraintViolations = validator.validate(user);
+
+		// then
+		assertThat(constraintViolations).isEmpty();
+	}
+
+	@ParameterizedTest
+	@MethodSource("provideNullOrEmptyOfName")
+	@DisplayName("name null 혹은 빈값 검증")
+	void nameNullOrEmpty(User user) {
+		// given
+		// when
+		Set<ConstraintViolation<User>> constraintViolations = validator.validate(user);
+
+		// then
+		assertThat(constraintViolations).hasSize(1);
+	}
+
+	@ParameterizedTest
+	@MethodSource("provideNullOrEmptyOfEmail")
+	@DisplayName("email null or empty 검증")
+	void emailNullOrEmpty(User user) {
+		// given
+		// when
+		Set<ConstraintViolation<User>> constraintViolations = validator.validate(user);
+
+		// then
+		assertThat(constraintViolations).hasSize(1);
+	}
+
+	@ParameterizedTest
+	@MethodSource("provideValidationFailedOfEmail")
+	@DisplayName("email 실패 검증")
+	void emailValid(User user) {
+		// given
+		// when
+		Set<ConstraintViolation<User>> constraintViolations = validator.validate(user);
+
+		// then
+		assertThat(constraintViolations).hasSize(1);
+	}
+
+	@ParameterizedTest
+	@MethodSource("provideNullOrEmptyOfPassword")
+	@DisplayName("password null 혹은 빈값 검증")
+	void passwordNullOrEmpty(User user) {
+		// given
+		// when
+		Set<ConstraintViolation<User>> constraintViolations = validator.validate(user);
+
+		// then
+		assertThat(constraintViolations).hasSize(1);
+	}
+
+	@Test
+	@DisplayName("grade null 검증")
+	void gradeNull() {
+		// given
+		User user = new User("유저1", "email@gmail.com", "testPassword01", null, "010-1234-5678");
+
+		// when
+		Set<ConstraintViolation<User>> constraintViolations = validator.validate(user);
+
+		// then
+		assertThat(constraintViolations).hasSize(1);
+	}
+
+	@ParameterizedTest
+	@MethodSource("provideNullOrEmptyOfPhone")
+	@DisplayName("phone null or empty 검증")
+	void phoneNullOrEmpty(User user) {
+		// given
+		// when
+		Set<ConstraintViolation<User>> constraintViolations = validator.validate(user);
+
+		// then
+		assertThat(constraintViolations).hasSize(1);
+	}
+
+	@ParameterizedTest
+	@MethodSource("provideValidationFailedOfPhone")
+	@DisplayName("phone 실패 검증")
+	void phoneValid(User user) {
+		// given
+		// when
+		Set<ConstraintViolation<User>> constraintViolations = validator.validate(user);
+
+		// then
+		assertThat(constraintViolations).hasSize(1);
+	}
+
+	public static Stream<User> provideCorrectUsers() {
+		return Stream.of(
+			new User("유저1", "ticketing1@gmail.com", "123456", UserGrade.GUEST, "010-1234-5678")
+			, new User("유저2", "ticketing2@gmail.com", "qwe123", UserGrade.GUEST, "010-2234-5678")
+			, new User("유저3", "ticketing3@gmail.com", "ticketing", UserGrade.STAFF, "010-3234-5678")
+			, new User("유저4", "ticketing4@gmail.com", "ticketing123456", UserGrade.STAFF, "010-4234-5678")
+		);
+	}
+
+	public static Stream<User> provideNullOrEmptyOfName() {
+		return Stream.of(
+			new User(null, "ticketing1@gmail.com", "123456", UserGrade.GUEST, "010-1234-5678")
+			, new User("", "ticketing2@gmail.com", "qwe123", UserGrade.GUEST, "010-2234-5678")
+		);
+	}
+
+	public static Stream<User> provideNullOrEmptyOfEmail() {
+		return Stream.of(
+			new User("유저1", null, "123456", UserGrade.GUEST, "010-1234-5678")
+			, new User("유저2", "", "qwe123", UserGrade.GUEST, "010-2234-5678")
+		);
+	}
+
+	public static Stream<User> provideValidationFailedOfEmail() {
+		return Stream.of(
+			new User("유저1", "email", "123456", UserGrade.GUEST, "010-1234-5678")
+			, new User("유저2", "@gmail.com", "qwe123", UserGrade.GUEST, "010-2234-5678")
+			, new User("유저3", "12Bye#domain.com", "ticketing", UserGrade.STAFF, "010-3234-5678")
+		);
+	}
+
+	public static Stream<User> provideNullOrEmptyOfPassword() {
+		return Stream.of(
+			new User("유저1", "ticketing1@gmail.com", null, UserGrade.GUEST, "010-1234-5678")
+			, new User("유저2", "ticketing2@gmail.com", "", UserGrade.GUEST, "010-2234-5678")
+		);
+	}
+
+	public static Stream<User> provideNullOrEmptyOfPhone() {
+		return Stream.of(
+			new User("유저1", "ticketing1@gmail.com", "123456", UserGrade.GUEST, null)
+			, new User("유저2", "ticketing2@gmail.com", "qwe123", UserGrade.GUEST, "")
+		);
+	}
+
+	public static Stream<User> provideValidationFailedOfPhone() {
+		return Stream.of(
+			new User("유저1", "ticketing1@gmail.com", "123456", UserGrade.GUEST, "010-123-1234")
+			, new User("유저2", "ticketing2@gmail.com", "qwe123", UserGrade.GUEST, "02-0444-4044")
+			, new User("유저3", "ticketing3@gmail.com", "ticketing", UserGrade.STAFF, "033-7953")
+			, new User("유저4", "ticketing4@gmail.com", "ticketing123456", UserGrade.STAFF, "033-0455-504")
+		);
+	}
+
+	public static Stream<DeleteUserDTO> provideDifferentPasswordDeleteUsers() {
+		return Stream.of(
+			new DeleteUserDTO("ticketing1@gmail.com", "1234561", DeleteUserDtoTest.CUSTOM_PASSWORD_ENCODER)
+			, new DeleteUserDTO("ticketing2@gmail.com", "qwe1231", DeleteUserDtoTest.CUSTOM_PASSWORD_ENCODER)
+			, new DeleteUserDTO("ticketing3@gmail.com", "ticketing1", DeleteUserDtoTest.CUSTOM_PASSWORD_ENCODER)
+			, new DeleteUserDTO("ticketing4@gmail.com", "ticketing1234561", DeleteUserDtoTest.CUSTOM_PASSWORD_ENCODER)
+		);
+	}
+
+	public static Stream<DeleteUserDTO> provideDeleteUsers() {
+		return Stream.of(
+			new DeleteUserDTO("ticketing1@gmail.com", "123456", DeleteUserDtoTest.CUSTOM_PASSWORD_ENCODER)
+			, new DeleteUserDTO("ticketing2@gmail.com", "qwe123", DeleteUserDtoTest.CUSTOM_PASSWORD_ENCODER)
+			, new DeleteUserDTO("ticketing3@gmail.com", "ticketing", DeleteUserDtoTest.CUSTOM_PASSWORD_ENCODER)
+			, new DeleteUserDTO("ticketing4@gmail.com", "ticketing123456", DeleteUserDtoTest.CUSTOM_PASSWORD_ENCODER)
+		);
+	}
+
+}

server/src/test/java/com/ticketing/server/user/domain/repository/UserRepositoryTest.java

@@ -1,37 +0,0 @@
-package com.ticketing.server.user.domain.repository;
-
-import static org.assertj.core.api.Assertions.assertThat;
-
-import com.ticketing.server.user.domain.User;
-import com.ticketing.server.user.domain.UserGrade;
-import org.junit.jupiter.api.Test;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.boot.test.context.SpringBootTest;
-import org.springframework.transaction.annotation.Transactional;
-
-@SpringBootTest
-@Transactional
-class UserRepositoryTest {
-
-	@Autowired
-	UserRepository userRepository;
-
-	@Test
-	void 유저레포지토리테스트() {
-		// given
-		User user = User.builder()
-			.name("동효")
-			.password("test")
-			.email("test@test.com")
-			.grade(UserGrade.GUEST)
-			.phone("010-1234-5678")
-			.build();
-
-		// when
-		userRepository.save(user);
-
-		// then
-		assertThat(user).isNotNull();
-	}
-
-}

server/src/test/java/com/ticketing/server/user/service/AuthenticationServiceImplTest.java

@@ -0,0 +1,84 @@
+package com.ticketing.server.user.service;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.junit.jupiter.api.Assertions.assertAll;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.when;
+
+import com.ticketing.server.global.factory.YamlPropertySourceFactory;
+import com.ticketing.server.global.redis.RefreshRedisRepository;
+import com.ticketing.server.global.redis.RefreshToken;
+import com.ticketing.server.global.security.jwt.JwtProperties;
+import com.ticketing.server.global.security.jwt.JwtProvider;
+import com.ticketing.server.user.application.response.TokenDto;
+import com.ticketing.server.user.domain.UserGrade;
+import java.util.Collections;
+import java.util.Optional;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.mockito.InjectMocks;
+import org.mockito.Mock;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
+import org.springframework.context.annotation.PropertySource;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.test.context.junit.jupiter.SpringExtension;
+
+@ExtendWith(SpringExtension.class)
+@EnableConfigurationProperties(value = JwtProperties.class)
+@PropertySource(value = "classpath:application.yml", factory = YamlPropertySourceFactory.class)
+class AuthenticationServiceImplTest {
+
+	@Autowired
+	private JwtProperties useJwtProperties;
+	private JwtProvider useJwtProvider;
+
+	@Mock
+	JwtProperties jwtProperties;
+
+	@Mock
+	JwtProvider jwtProvider;
+
+	@Mock
+	RefreshRedisRepository redisRepository;
+
+	@InjectMocks
+	AuthenticationServiceImpl authenticationService;
+
+	UsernamePasswordAuthenticationToken authenticationToken;
+
+	@BeforeEach
+	void init() {
+		useJwtProvider = new JwtProvider(useJwtProperties);
+		SimpleGrantedAuthority grantedAuthority = new SimpleGrantedAuthority(UserGrade.GUEST.name());
+		authenticationToken =
+			new UsernamePasswordAuthenticationToken("ticketing@gmail.com", "123456", Collections.singleton(grantedAuthority));
+	}
+
+	@Test
+	@DisplayName("토큰 재발급 성공")
+	void reissueAccessToken() {
+		// given
+		String refreshToken = "Bearer eyJhbGciOiJIUzUxMiJ9";
+		when(jwtProvider.validateToken(any())).thenReturn(true);
+		when(jwtProvider.getAuthentication(any())).thenReturn(authenticationToken);
+		when(jwtProvider.generateTokenDto(any())).thenReturn(useJwtProvider.generateTokenDto(authenticationToken));
+		when(redisRepository.findByEmail("ticketing@gmail.com")).thenReturn(Optional.of(new RefreshToken("ticketing@gmail.com", "eyJhbGciOiJIUzUxMiJ9")));
+		when(jwtProperties.hasTokenStartsWith(refreshToken)).thenReturn(true);
+
+		// when
+		TokenDto tokenDto = authenticationService.reissueTokenDto(refreshToken);
+
+		// then
+		assertAll(
+			() -> assertThat(tokenDto.getAccessToken()).isNotEmpty()
+			, () -> assertThat(tokenDto.getRefreshToken()).isNotEmpty()
+			, () -> assertThat(tokenDto.getTokenType()).isEqualTo("Bearer")
+			, () -> assertThat(tokenDto.getExpiresIn()).isEqualTo(60)
+		);
+	}
+
+}

server/src/test/java/com/ticketing/server/user/service/UserServiceImplTest.java

@@ -0,0 +1,127 @@
+package com.ticketing.server.user.service;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.assertj.core.api.Assertions.assertThatThrownBy;
+import static org.junit.jupiter.api.Assertions.assertAll;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.when;
+
+import com.ticketing.server.global.exception.TicketingException;
+import com.ticketing.server.user.domain.User;
+import com.ticketing.server.user.domain.UserGrade;
+import com.ticketing.server.user.domain.repository.UserRepository;
+import com.ticketing.server.user.service.dto.ChangePasswordDTO;
+import com.ticketing.server.user.service.dto.DeleteUserDTO;
+import com.ticketing.server.user.service.dto.DeleteUserDtoTest;
+import com.ticketing.server.user.service.dto.SignUpDTO;
+import java.util.Optional;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.mockito.InjectMocks;
+import org.mockito.Mock;
+import org.mockito.junit.jupiter.MockitoExtension;
+
+@ExtendWith(MockitoExtension.class)
+class UserServiceImplTest {
+
+	User user;
+	SignUpDTO signUpDto;
+	DeleteUserDTO deleteUserDto;
+	ChangePasswordDTO changePasswordDto;
+
+	@Mock
+	UserRepository userRepository;
+
+	@InjectMocks
+	UserServiceImpl userService;
+
+	@BeforeEach
+	void init() {
+		signUpDto = new SignUpDTO("유저", "ticketing@gmail.com", "123456", "010-1234-5678");
+		user = new User("유저", "ticketing@gmail.com", "123456", UserGrade.GUEST, "010-1234-5678");
+		deleteUserDto = new DeleteUserDTO("ticketing@gmail.com", "123456", DeleteUserDtoTest.CUSTOM_PASSWORD_ENCODER);
+		changePasswordDto = new ChangePasswordDTO("ticketing@gmail.com", "123456", "ticketing1234", DeleteUserDtoTest.CUSTOM_PASSWORD_ENCODER);
+	}
+
+	@Test
+	@DisplayName("이미 동일한 이메일이 있을 경우")
+	void duplicateEmailException() {
+		// given
+		when(userRepository.findByEmail("ticketing@gmail.com")).thenReturn(Optional.of(user));
+
+		// when
+		// then
+		assertThatThrownBy(() -> userService.register(signUpDto))
+			.isInstanceOf(TicketingException.class);
+	}
+
+	@Test
+	@DisplayName("회원가입 성공했을 경우")
+	void registerSuccess() {
+		// given
+		when(userRepository.findByEmail("ticketing@gmail.com")).thenReturn(Optional.empty());
+		when(userRepository.save(any())).thenReturn(user);
+
+		// when
+		User user = userService.register(signUpDto);
+
+		// then
+		assertThat(user).isNotNull();
+	}
+
+	@Test
+	@DisplayName("회원탈퇴 시 이메일이 존재하지 않을 경우")
+	void deleteFail() {
+		// given
+		when(userRepository.findByEmailAndIsDeletedFalse("ticketing@gmail.com")).thenReturn(Optional.empty());
+
+		// when
+		// then
+		assertThatThrownBy(() -> userService.delete(deleteUserDto))
+			.isInstanceOf(TicketingException.class);
+	}
+
+	@Test
+	@DisplayName("회원탈퇴 성공했을 경우")
+	void deleteSuccess() {
+		// given
+		when(userRepository.findByEmailAndIsDeletedFalse("ticketing@gmail.com")).thenReturn(Optional.of(user));
+
+		// when
+		User user = userService.delete(deleteUserDto);
+
+		// then
+		assertAll(
+			() -> assertThat(user.isDeleted()).isTrue(),
+			() -> assertThat(user.getDeletedAt()).isNotNull()
+		);
+	}
+
+	@Test
+	@DisplayName("패스워드 변경 시 이메일이 존재하지 않을 경우")
+	void changePasswordFail() {
+		// given
+		when(userRepository.findByEmailAndIsDeletedFalse("ticketing@gmail.com")).thenReturn(Optional.empty());
+
+		// when
+		// then
+		assertThatThrownBy(() -> userService.changePassword(changePasswordDto))
+			.isInstanceOf(TicketingException.class);
+	}
+
+	@Test
+	@DisplayName("패스워드 변경 성공했을 경우")
+	void changePasswordSuccess() {
+		// given
+		when(userRepository.findByEmailAndIsDeletedFalse("ticketing@gmail.com")).thenReturn(Optional.of(user));
+
+		// when
+		User user = userService.changePassword(changePasswordDto);
+
+		// then
+		assertThat(user).isNotNull();
+	}
+
+}

server/src/test/java/com/ticketing/server/user/service/dto/DeleteUserDtoTest.java

@@ -0,0 +1,37 @@
+package com.ticketing.server.user.service.dto;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Test;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+public class DeleteUserDtoTest {
+
+	public static PasswordEncoder CUSTOM_PASSWORD_ENCODER = new CustomPasswordEncoder();
+
+	public static class CustomPasswordEncoder implements PasswordEncoder {
+
+		@Override
+		public String encode(CharSequence rawPassword) {
+			return null;
+		}
+
+		@Override
+		public boolean matches(CharSequence rawPassword, String encodedPassword) {
+			return rawPassword.toString().equals(encodedPassword);
+		}
+	}
+
+	@Test
+	@DisplayName("CustomPasswordEncoder matches 테스트")
+	void customPasswordEncoderMatches() {
+		// given
+		DeleteUserDTO deleteUserDto = new DeleteUserDTO("ticketing@gmail.com", "123456", CUSTOM_PASSWORD_ENCODER);
+
+		// when
+		// then
+		assertThat(deleteUserDto.passwordMatches("123456")).isTrue();
+	}
+
+}

server/src/test/java/com/ticketing/server/user/service/dto/SignUpDtoTest.java

@@ -0,0 +1,24 @@
+package com.ticketing.server.user.service.dto;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+import com.ticketing.server.user.domain.User;
+import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Test;
+
+class SignUpDtoTest {
+
+	@Test
+	@DisplayName("toUser 메소드로 User 객체 생성")
+	void toUser() {
+		// given
+		SignUpDTO signUp = new SignUpDTO("유저1", "ticketing@gmail.com", "123456", "010-1234-5678");
+
+		// when
+		User user = signUp.toUser();
+
+		// then
+		assertThat(user).isInstanceOf(User.class);
+	}
+
+}

server/src/test/resources/application.yml

@@ -1,18 +1,8 @@
-spring:
-  datasource:
-    url: jdbc:mysql://localhost:3306/ticketing_test?serverTimezone=Asia/Seoul&characterEncoding=UTF-8
-    username: ENC(LowN1n4w0Ep/DqLD8+q5Bq6AXM4b8e3V)
-    password: ENC(OMvGcpZLpggFTiGNkqNe66Zq/SmJXF6o)
-    driver-class-name: com.mysql.cj.jdbc.Driver
 
-  jpa:
-    properties:
-      hibernate:
-        show_sql: true
-        format_sql: true
-    hibernate:
-      ddl-auto: create
-
-jasypt:
-  encryptor:
-    bean: jasyptStringEncryptor
+jwt:
+  access-header: Authorization
+  refresh-header: REFRESH_TOKEN
+  prefix: Bearer
+  secret-key: Zi1sYWItdGlja2V0aW5nLXByb2plY3Qtc3ByaW5nLWJvb3Qtc2VjdXJpdHktand0LXNlY3JldC1rZXktZi1sYWItdGlja2V0aW5nLXByb2plY3Qtc3ByaW5nLWJvb3Qtc2VjdXJpdHktand0LXNlY3JldC1rZXkK
+  access-token-validity-in-seconds: 60
+  refresh-token-validity-in-seconds: 259200