refactor: 정적팩토리메서드 네이밍 통일

* feat: 로그인 시 refreshToken 추가 발행

* feat: redis 연결 및 refreshToken redis 저장

* refactor: Exception Class Naming 변경

.idea/workspace.xml

@@ -1,10 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <project version="4">
   <component name="ChangeListManager">
-    <list default="true" id="2a93e153-a90c-44db-b1da-6c4424693422" name="Changes" comment="">
-      <change afterPath="$PROJECT_DIR$/server/src/main/java/com/ticketing/server/global/config/SwaggerConfig.java" afterDir="false" />
-      <change beforePath="$PROJECT_DIR$/server/build.gradle.kts" beforeDir="false" afterPath="$PROJECT_DIR$/server/build.gradle.kts" afterDir="false" />
-    </list>
+    <list default="true" id="2a93e153-a90c-44db-b1da-6c4424693422" name="Changes" comment="" />
     <option name="SHOW_DIALOG" value="false" />
     <option name="HIGHLIGHT_CONFLICTS" value="true" />
     <option name="HIGHLIGHT_NON_ACTIVE_CHANGELIST" value="false" />

server/build.gradle.kts

@@ -1,7 +1,7 @@
 plugins {
-	java
-	id("org.springframework.boot") version "2.6.7"
-	id("io.spring.dependency-management") version "1.0.11.RELEASE"
+    java
+    id("org.springframework.boot") version "2.6.7"
+    id("io.spring.dependency-management") version "1.0.11.RELEASE"
 }
 
 group = "com.ticketing"
@@ -9,18 +9,18 @@ version = "0.0.1-SNAPSHOT"
 
 val javaVersion = JavaVersion.VERSION_11
 java {
-	sourceCompatibility = javaVersion
-	targetCompatibility = javaVersion
+    sourceCompatibility = javaVersion
+    targetCompatibility = javaVersion
 }
 
 configurations {
-	compileOnly {
-		extendsFrom(configurations.annotationProcessor.get())
-	}
+    compileOnly {
+        extendsFrom(configurations.annotationProcessor.get())
+    }
 }
 
 repositories {
-	mavenCentral()
+    mavenCentral()
 }
 
 
@@ -37,23 +37,32 @@ dependencies {
 	implementation("io.springfox:springfox-swagger-ui:3.0.0")
 	implementation("com.github.ulisesbocchio:jasypt-spring-boot-starter:3.0.4")
 	implementation("com.lmax:disruptor:3.4.2")
+	implementation("io.jsonwebtoken:jjwt-api:0.11.2")
+  implementation("com.googlecode.json-simple:json-simple:1.1.1")
+	implementation("org.springframework.boot:spring-boot-starter-data-redis")
 
-	modules {
-		module("org.springframework.boot:spring-boot-starter-logging") {
-			replacedBy("org.springframework.boot:spring-boot-starter-log4j2", "Use Log4j2 instead of Logback")
-		}
-	}
+    modules {
+        module("org.springframework.boot:spring-boot-starter-logging") {
+            replacedBy("org.springframework.boot:spring-boot-starter-log4j2", "Use Log4j2 instead of Logback")
+        }
+    }
 
-	testImplementation("org.springframework.boot:spring-boot-starter-test")
-	testImplementation("org.springframework.security:spring-security-test")
-	testImplementation("org.junit.jupiter:junit-jupiter-api:5.8.1")
+    testImplementation("org.springframework.boot:spring-boot-starter-test")
+    testImplementation("org.springframework.security:spring-security-test")
+    testImplementation("org.junit.jupiter:junit-jupiter-api:5.8.1")
 
-	compileOnly("org.projectlombok:lombok")
-	runtimeOnly("mysql:mysql-connector-java")
-	testRuntimeOnly("org.junit.jupiter:junit-jupiter-engine:5.8.1")
-	annotationProcessor("org.projectlombok:lombok")
+    compileOnly("org.projectlombok:lombok")
+    runtimeOnly("mysql:mysql-connector-java")
+    runtimeOnly("io.jsonwebtoken:jjwt-impl:0.11.2")
+    runtimeOnly("io.jsonwebtoken:jjwt-jackson:0.11.2")
+    annotationProcessor("org.projectlombok:lombok")
+    annotationProcessor("org.springframework.boot:spring-boot-configuration-processor")
+
+    testRuntimeOnly("org.junit.jupiter:junit-jupiter-engine:5.8.1")
+    testImplementation("org.springframework.boot:spring-boot-starter-test")
+    testImplementation("org.springframework.security:spring-security-test")
 }
 
 tasks.withType<Test> {
-	useJUnitPlatform()
+    useJUnitPlatform()
 }

server/src/main/java/com/ticketing/server/ServerApplication.java

@@ -1,11 +1,14 @@
 package com.ticketing.server;
 
+import com.ticketing.server.global.security.jwt.JwtProperties;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.data.jpa.repository.config.EnableJpaAuditing;
 
 @EnableJpaAuditing
 @SpringBootApplication
+@EnableConfigurationProperties(JwtProperties.class)
 public class ServerApplication {
 
 	public static void main(String[] args) {

server/src/main/java/com/ticketing/server/global/config/RestTemplateConfig.java

@@ -0,0 +1,25 @@
+package com.ticketing.server.global.config;
+
+import java.nio.charset.Charset;
+import java.time.Duration;
+import org.springframework.boot.web.client.RestTemplateBuilder;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.http.client.BufferingClientHttpRequestFactory;
+import org.springframework.http.client.SimpleClientHttpRequestFactory;
+import org.springframework.http.converter.StringHttpMessageConverter;
+import org.springframework.web.client.RestTemplate;
+
+@Configuration
+public class RestTemplateConfig {
+
+    @Bean
+    public RestTemplate restTemplate(RestTemplateBuilder restTemplateBuilder) {
+        return restTemplateBuilder
+            .requestFactory(() -> new BufferingClientHttpRequestFactory(new SimpleClientHttpRequestFactory()))
+            .setConnectTimeout(Duration.ofMillis(5000)) // connection-timeout
+            .setReadTimeout(Duration.ofMillis(5000)) // read-timeout
+            .additionalMessageConverters(new StringHttpMessageConverter(Charset.forName("UTF-8")))
+            .build();
+    }
+}

server/src/main/java/com/ticketing/server/global/config/WebSecurityConfig.java

@@ -1,29 +0,0 @@
-package com.ticketing.server.global.config;
-
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.security.crypto.factory.PasswordEncoderFactories;
-import org.springframework.security.crypto.password.PasswordEncoder;
-
-@Configuration
-@EnableWebSecurity
-public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
-
-	@Bean
-	public PasswordEncoder passwordEncoder() {
-		return PasswordEncoderFactories.createDelegatingPasswordEncoder();
-	}
-
-	@Override
-	protected void configure(HttpSecurity http) throws Exception {
-		http
-			.cors().disable()
-			.csrf().disable()
-			.formLogin().disable()
-			.headers().frameOptions().disable();
-	}
-
-}

server/src/main/java/com/ticketing/server/global/exception/EmailNotFoundException.java

@@ -1,10 +1,10 @@
 package com.ticketing.server.global.exception;
 
-public class NotFoundEmailException extends IllegalArgumentException {
+public class EmailNotFoundException extends IllegalArgumentException {
 
 	private static final String MESSAGE = "존재하지 않는 이메일 입니다.";
 
-	public NotFoundEmailException() {
+	public EmailNotFoundException() {
 		super(MESSAGE);
 	}
 

server/src/main/java/com/ticketing/server/global/exception/token/TokenException.java

@@ -0,0 +1,9 @@
+package com.ticketing.server.global.exception.token;
+
+public class TokenException extends RuntimeException {
+
+	public TokenException(String message) {
+		super(message);
+	}
+
+}

server/src/main/java/com/ticketing/server/global/exception/token/TokenNotFindException.java

@@ -0,0 +1,10 @@
+package com.ticketing.server.global.exception.token;
+
+public class TokenNotFindException extends TokenException {
+
+	private static final String MESSAGE = "일치하는 토큰을 찾지 못하였습니다.";
+
+	public TokenNotFindException() {
+		super(MESSAGE);
+	}
+}

server/src/main/java/com/ticketing/server/global/exception/token/TokenTypeException.java

@@ -0,0 +1,10 @@
+package com.ticketing.server.global.exception.token;
+
+public class TokenTypeException extends TokenException {
+
+	private static final String MESSAGE = "토큰 타입이 일치하지 않습니다.";
+
+	public TokenTypeException() {
+		super(MESSAGE);
+	}
+}

server/src/main/java/com/ticketing/server/global/exception/token/UnavailableRefreshTokenException.java

@@ -0,0 +1,11 @@
+package com.ticketing.server.global.exception.token;
+
+public class UnavailableRefreshTokenException extends TokenException {
+
+	private static final String MESSAGE = "사용할 수 없는 refresh Token 입니다.";
+
+	public UnavailableRefreshTokenException() {
+		super(MESSAGE);
+	}
+
+}

server/src/main/java/com/ticketing/server/global/factory/YamlPropertySourceFactory.java

@@ -0,0 +1,23 @@
+package com.ticketing.server.global.factory;
+
+import java.util.Objects;
+import java.util.Properties;
+import org.springframework.beans.factory.config.YamlPropertiesFactoryBean;
+import org.springframework.core.env.PropertiesPropertySource;
+import org.springframework.core.env.PropertySource;
+import org.springframework.core.io.Resource;
+import org.springframework.core.io.support.EncodedResource;
+import org.springframework.core.io.support.PropertySourceFactory;
+
+public class YamlPropertySourceFactory implements PropertySourceFactory {
+
+	@Override
+	public PropertySource<?> createPropertySource(String name, EncodedResource encodedResource) {
+		Resource resource = encodedResource.getResource();
+		YamlPropertiesFactoryBean factoryBean = new YamlPropertiesFactoryBean();
+		factoryBean.setResources(resource);
+
+		Properties properties = factoryBean.getObject();
+		return new PropertiesPropertySource(Objects.requireNonNull(resource.getFilename()), Objects.requireNonNull(properties));
+	}
+}

server/src/main/java/com/ticketing/server/global/redis/RedisConfig.java

@@ -0,0 +1,44 @@
+package com.ticketing.server.global.redis;
+
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.data.redis.connection.RedisConnectionFactory;
+import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
+import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.data.redis.repository.configuration.EnableRedisRepositories;
+import org.springframework.data.redis.serializer.StringRedisSerializer;
+import org.springframework.orm.jpa.JpaTransactionManager;
+import org.springframework.transaction.PlatformTransactionManager;
+
+@Configuration
+@EnableRedisRepositories
+public class RedisConfig {
+
+	@Value("${spring.redis.host}")
+	private String host;
+
+	@Value("${spring.redis.port}")
+	private int port;
+
+	@Bean
+	public RedisConnectionFactory redisConnectionFactory() {
+		return new LettuceConnectionFactory(host, port);
+	}
+
+	@Bean
+	public RedisTemplate<String, Object> redisTemplate() {
+		RedisTemplate<String, Object> redisTemplate = new RedisTemplate<>();
+		redisTemplate.setConnectionFactory(redisConnectionFactory());
+		redisTemplate.setKeySerializer(new StringRedisSerializer());
+		redisTemplate.setValueSerializer(new StringRedisSerializer());
+
+		return redisTemplate;
+	}
+
+	@Bean
+	public PlatformTransactionManager transactionManager() {
+		return new JpaTransactionManager();
+	}
+
+}

server/src/main/java/com/ticketing/server/global/redis/RefreshRedisRepository.java

@@ -0,0 +1,10 @@
+package com.ticketing.server.global.redis;
+
+import java.util.Optional;
+import org.springframework.data.repository.CrudRepository;
+
+public interface RefreshRedisRepository extends CrudRepository<RefreshToken, Long> {
+
+	Optional<RefreshToken> findByEmail(String email);
+
+}

server/src/main/java/com/ticketing/server/global/redis/RefreshToken.java

@@ -0,0 +1,35 @@
+package com.ticketing.server.global.redis;
+
+import javax.persistence.Column;
+import javax.persistence.GeneratedValue;
+import javax.persistence.Id;
+import lombok.AccessLevel;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import org.springframework.data.redis.core.RedisHash;
+import org.springframework.data.redis.core.index.Indexed;
+
+@Getter
+@RedisHash("RefreshToken")
+@NoArgsConstructor(access = AccessLevel.PROTECTED)
+public class RefreshToken {
+
+	@Id
+	@GeneratedValue
+	@Column(name = "refresh_token_id")
+	private Long id;
+
+	@Indexed
+	private String email;
+	private String token;
+
+	public RefreshToken(String email, String token) {
+		this.email = email;
+		this.token = token;
+	}
+
+	public void changeToken(String token) {
+		this.token = token;
+	}
+
+}

server/src/main/java/com/ticketing/server/global/security/SecurityUtil.java

@@ -0,0 +1,21 @@
+package com.ticketing.server.global.security;
+
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+
+public class SecurityUtil {
+
+	private SecurityUtil() {
+	}
+
+	public static String getCurrentUserEmail() {
+		final Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+
+		if (authentication == null || authentication.getName() == null) {
+			throw new IllegalStateException("Security Context 에 인증 정보가 없습니다.");
+		}
+
+		return authentication.getName();
+	}
+
+}

server/src/main/java/com/ticketing/server/global/security/WebSecurityConfig.java

@@ -0,0 +1,66 @@
+package com.ticketing.server.global.security;
+
+import com.ticketing.server.global.security.jwt.JwtFilter;
+import com.ticketing.server.global.security.jwt.JwtSecurityConfig;
+import com.ticketing.server.global.security.jwt.handle.JwtAccessDeniedHandler;
+import com.ticketing.server.global.security.jwt.handle.JwtAuthenticationEntryPoint;
+import lombok.RequiredArgsConstructor;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpMethod;
+import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.crypto.factory.PasswordEncoderFactories;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+@Configuration
+@EnableWebSecurity
+@EnableGlobalMethodSecurity(securedEnabled = true)
+@RequiredArgsConstructor
+public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
+
+	private final JwtFilter jwtFilter;
+	private final JwtAuthenticationEntryPoint jwtAuthenticationEntryPoint;
+	private final JwtAccessDeniedHandler jwtAccessDeniedHandler;
+
+	@Bean
+	public PasswordEncoder passwordEncoder() {
+		return PasswordEncoderFactories.createDelegatingPasswordEncoder();
+	}
+
+	@Override
+	protected void configure(HttpSecurity http) throws Exception {
+
+		http
+			.csrf().disable()
+			.exceptionHandling()
+			.authenticationEntryPoint(jwtAuthenticationEntryPoint)
+			.accessDeniedHandler(jwtAccessDeniedHandler)
+
+			.and()
+			.headers()
+			.frameOptions()
+			.sameOrigin()
+
+			// 시큐리티는 기본적으로 세션을 사용하지만, jwt 을 위해 세션을 Stateless 로 설정
+			.and()
+			.sessionManagement()
+			.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
+
+			.and()
+			.authorizeRequests()
+			.antMatchers(HttpMethod.POST, "/api/user/login").permitAll()
+			.antMatchers(HttpMethod.POST, "/api/user/refresh").permitAll()
+			.antMatchers(HttpMethod.POST, "/api/user").permitAll()
+			.antMatchers("/l7check").permitAll()
+			.antMatchers("/actuator/health").permitAll()
+			.anyRequest().authenticated()
+
+			.and()
+			.apply(new JwtSecurityConfig(jwtFilter));
+	}
+
+}

server/src/main/java/com/ticketing/server/global/security/jwt/JwtFilter.java

@@ -0,0 +1,48 @@
+package com.ticketing.server.global.security.jwt;
+
+import java.io.IOException;
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.util.StringUtils;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+@Slf4j
+@Configuration
+public class JwtFilter extends OncePerRequestFilter {
+
+	private final JwtProvider tokenProvider;
+	private final JwtProperties jwtProperties;
+
+	public JwtFilter(JwtProperties jwtProperties, JwtProvider tokenProvider) {
+		this.jwtProperties = jwtProperties;
+		this.tokenProvider = tokenProvider;
+	}
+
+	@Override
+	public void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException {
+		String jwt = resolveToken(request);
+
+		// 토큰이 정상이면 Authentication 을 가져와서 SecurityContext 에 저장
+		if (StringUtils.hasText(jwt) && tokenProvider.validateToken(jwt)) {
+			Authentication authentication = tokenProvider.getAuthentication(jwt);
+			SecurityContextHolder.getContext().setAuthentication(authentication);
+		}
+
+		chain.doFilter(request, response);
+	}
+
+	private String resolveToken(HttpServletRequest request) {
+		String bearerToken = request.getHeader(jwtProperties.getAccessHeader());
+		if (StringUtils.hasText(bearerToken) && jwtProperties.hasTokenStartsWith(bearerToken)) {
+			return bearerToken.substring(7);
+		}
+		return null;
+	}
+
+}

server/src/main/java/com/ticketing/server/global/security/jwt/JwtProperties.java

@@ -0,0 +1,27 @@
+package com.ticketing.server.global.security.jwt;
+
+import com.ticketing.server.global.factory.YamlPropertySourceFactory;
+import lombok.Getter;
+import lombok.RequiredArgsConstructor;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.boot.context.properties.ConstructorBinding;
+import org.springframework.context.annotation.PropertySource;
+
+@Getter
+@RequiredArgsConstructor
+@ConstructorBinding
+@ConfigurationProperties("jwt")
+@PropertySource(value = "classpath:application.yml", factory = YamlPropertySourceFactory.class)
+public class JwtProperties {
+
+	private final String accessHeader;
+	private final String refreshHeader;
+	private final String prefix;
+	private final String secretKey;
+	private final Integer accessTokenValidityInSeconds;
+	private final Integer refreshTokenValidityInSeconds;
+
+	public boolean hasTokenStartsWith(String token) {
+		return token.startsWith(prefix);
+	}
+}

server/src/main/java/com/ticketing/server/global/security/jwt/JwtProvider.java

@@ -0,0 +1,123 @@
+package com.ticketing.server.global.security.jwt;
+
+import com.ticketing.server.user.application.response.TokenDto;
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.SignatureAlgorithm;
+import io.jsonwebtoken.io.Decoders;
+import io.jsonwebtoken.security.Keys;
+import java.security.Key;
+import java.util.Arrays;
+import java.util.Date;
+import java.util.List;
+import java.util.StringJoiner;
+import java.util.stream.Collectors;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.stereotype.Component;
+
+@Component
+@Slf4j
+public class JwtProvider {
+
+	private static final String AUTHORITIES_KEY = "auth";
+	private static final String AUTHORITIES_DELIMITER = ",";
+
+	private final Key key;
+	private final String prefix;
+	private final long accessTokenValidityInMilliseconds;
+	private final long refreshTokenValidityInMilliseconds;
+
+	public JwtProvider(JwtProperties jwtProperties) {
+		byte[] keyBytes = Decoders.BASE64.decode(jwtProperties.getSecretKey());
+		this.key = Keys.hmacShaKeyFor(keyBytes);
+
+		this.prefix = jwtProperties.getPrefix();
+		this.accessTokenValidityInMilliseconds = jwtProperties.getAccessTokenValidityInSeconds() * 1000L;
+		this.refreshTokenValidityInMilliseconds = jwtProperties.getRefreshTokenValidityInSeconds() * 1000L;
+	}
+
+	public TokenDto generateTokenDto(Authentication authentication) {
+		String accessToken = createAccessToken(authentication);
+		String refreshToken = createRefreshToken(authentication);
+		long expiresIn = accessTokenValidityInMilliseconds / 1000L;
+
+		return TokenDto.of(accessToken, refreshToken, prefix, expiresIn);
+	}
+
+	private String createAccessToken(Authentication authentication) {
+		// 만료시간 계산
+		long now = (new Date()).getTime();
+		Date accessTokenExpiresIn = new Date(now + this.accessTokenValidityInMilliseconds);
+
+		return createToken(authentication, accessTokenExpiresIn);
+	}
+
+	private String createRefreshToken(Authentication authentication) {
+		// 만료시간 계산
+		long now = (new Date()).getTime();
+		Date refreshTokenExpiresIn = new Date(now + this.refreshTokenValidityInMilliseconds);
+
+		return createToken(authentication, refreshTokenExpiresIn);
+	}
+
+	private String createToken(Authentication authentication, Date expiration) {
+		// 권한 정보 가져오기
+		String authorities = generateStringToAuthorities(authentication);
+
+		// JWT 생성
+		return Jwts.builder()
+			.setSubject(authentication.getName()) // email
+			.claim(AUTHORITIES_KEY, authorities) // payload
+			.setExpiration(expiration) // 만료일
+			.signWith(key, SignatureAlgorithm.HS512) // 서명 키 값
+			.compact();
+	}
+
+	private String generateStringToAuthorities(Authentication authentication) {
+		StringJoiner authorities = new StringJoiner(AUTHORITIES_DELIMITER);
+		for (GrantedAuthority grantedAuthority : authentication.getAuthorities()) {
+			String roleName = makeRoleName(grantedAuthority.getAuthority());
+			authorities.add(roleName);
+		}
+		return authorities.toString();
+	}
+
+	private String makeRoleName(String role) {
+		return "ROLE_" + role.toUpperCase();
+	}
+
+	public Authentication getAuthentication(String token) {
+		// 토큰 복호화
+		Claims claims = parseClaims(token);
+
+		// 권한조회
+		List<SimpleGrantedAuthority> authorities =
+			Arrays.stream(claims.get(AUTHORITIES_KEY).toString().split(AUTHORITIES_DELIMITER))
+				.map(SimpleGrantedAuthority::new)
+				.collect(Collectors.toList());
+
+		UserDetails principal = new User(claims.getSubject(), "", authorities);
+		return new UsernamePasswordAuthenticationToken(principal, token, authorities);
+	}
+
+	public boolean validateToken(String token) {
+		parseClaims(token);
+		return true;
+	}
+
+	private Claims parseClaims(String token) {
+		return Jwts.parserBuilder()
+			.setSigningKey(key)
+			.build()
+			.parseClaimsJws(token)
+			.getBody();
+	}
+
+}
+

server/src/main/java/com/ticketing/server/global/security/jwt/JwtSecurityConfig.java

@@ -0,0 +1,18 @@
+package com.ticketing.server.global.security.jwt;
+
+import lombok.RequiredArgsConstructor;
+import org.springframework.security.config.annotation.SecurityConfigurerAdapter;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.web.DefaultSecurityFilterChain;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+
+@RequiredArgsConstructor
+public class JwtSecurityConfig extends SecurityConfigurerAdapter<DefaultSecurityFilterChain, HttpSecurity> {
+
+	private final JwtFilter jwtFilter;
+
+	@Override
+	public void configure(HttpSecurity builder) {
+		builder.addFilterBefore(jwtFilter, UsernamePasswordAuthenticationFilter.class);
+	}
+}

server/src/main/java/com/ticketing/server/global/security/jwt/handle/JwtAccessDeniedHandler.java

@@ -0,0 +1,17 @@
+package com.ticketing.server.global.security.jwt.handle;
+
+import java.io.IOException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import org.springframework.security.access.AccessDeniedException;
+import org.springframework.security.web.access.AccessDeniedHandler;
+import org.springframework.stereotype.Component;
+
+@Component
+public class JwtAccessDeniedHandler implements AccessDeniedHandler {
+
+	@Override
+	public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException {
+		response.sendError(HttpServletResponse.SC_FORBIDDEN);
+	}
+}

server/src/main/java/com/ticketing/server/global/security/jwt/handle/JwtAuthenticationEntryPoint.java

@@ -0,0 +1,17 @@
+package com.ticketing.server.global.security.jwt.handle;
+
+import java.io.IOException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.web.AuthenticationEntryPoint;
+import org.springframework.stereotype.Component;
+
+@Component
+public class JwtAuthenticationEntryPoint implements AuthenticationEntryPoint {
+
+	@Override
+	public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException {
+		response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
+	}
+}

server/src/main/java/com/ticketing/server/global/security/service/CustomUserDetailsService.java

@@ -0,0 +1,35 @@
+package com.ticketing.server.global.security.service;
+
+import com.ticketing.server.user.domain.User;
+import com.ticketing.server.user.domain.repository.UserRepository;
+import java.util.Collections;
+import lombok.RequiredArgsConstructor;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.stereotype.Service;
+
+@Service
+@RequiredArgsConstructor
+public class CustomUserDetailsService implements UserDetailsService {
+
+	private final UserRepository userRepository;
+
+	@Override
+	public UserDetails loadUserByUsername(String email) throws UsernameNotFoundException {
+		return userRepository.findByEmailAndIsDeletedFalse(email)
+			.map(this::createUserDetails)
+			.orElseThrow(() -> new UsernameNotFoundException("존재하지 않는 email 입니다. :: " + email));
+	}
+
+	private UserDetails createUserDetails(User user) {
+		SimpleGrantedAuthority grantedAuthority = new SimpleGrantedAuthority(user.getGrade().name());
+
+		return new org.springframework.security.core.userdetails.User(
+			user.getEmail()
+			, user.getPassword()
+			, Collections.singleton(grantedAuthority)
+		);
+	}
+}

server/src/main/java/com/ticketing/server/movie/service/TMBDServiceImpl.java

@@ -0,0 +1,9 @@
+package com.ticketing.server.movie.service;
+
+import com.ticketing.server.movie.service.interfaces.TMDBService;
+import org.springframework.stereotype.Service;
+
+@Service
+public class TMBDServiceImpl implements TMDBService {
+
+}

server/src/main/java/com/ticketing/server/movie/service/interfaces/TMDBService.java

@@ -0,0 +1,5 @@
+package com.ticketing.server.movie.service.interfaces;
+
+public interface TMDBService {
+
+}

server/src/main/java/com/ticketing/server/user/application/UserController.java

@@ -1,56 +1,86 @@
 package com.ticketing.server.user.application;
 
+import com.ticketing.server.global.security.jwt.JwtProperties;
+import com.ticketing.server.user.application.request.LoginRequest;
 import com.ticketing.server.user.application.request.SignUpRequest;
 import com.ticketing.server.user.application.request.UserDeleteRequest;
 import com.ticketing.server.user.application.request.UserModifyPasswordRequest;
 import com.ticketing.server.user.application.response.SignUpResponse;
-import com.ticketing.server.user.application.response.UserDeleteResponse;
+import com.ticketing.server.user.application.response.TokenDto;
 import com.ticketing.server.user.application.response.UserChangePasswordResponse;
+import com.ticketing.server.user.application.response.UserDeleteResponse;
 import com.ticketing.server.user.domain.User;
 import com.ticketing.server.user.service.UserServiceImpl;
+import com.ticketing.server.user.service.interfaces.AuthenticationService;
+import javax.servlet.http.HttpServletResponse;
 import javax.validation.Valid;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
+import org.springframework.security.access.annotation.Secured;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.web.bind.annotation.DeleteMapping;
-import org.springframework.web.bind.annotation.PatchMapping;
 import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.PutMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
 
 @RestController
 @RequiredArgsConstructor
-@RequestMapping("/user")
+@RequestMapping("/api/user")
 @Slf4j
+
 public class UserController {
 
 	private final UserServiceImpl userService;
+	private final AuthenticationService authenticationService;
 	private final PasswordEncoder passwordEncoder;
+	private final JwtProperties jwtProperties;
 
 	@PostMapping
-	public ResponseEntity<Object> register(@RequestBody @Valid SignUpRequest request) {
+	public ResponseEntity<SignUpResponse> register(@RequestBody @Valid SignUpRequest request) {
 		User user = userService.register(request.toSignUpDto(passwordEncoder));
-		return ResponseEntity.status(HttpStatus.CREATED).body(SignUpResponse.of(user));
+		return ResponseEntity.status(HttpStatus.CREATED).body(SignUpResponse.from(user));
 	}
 
 	@DeleteMapping
-	public ResponseEntity<Object> deleteUser(@RequestBody @Valid UserDeleteRequest request) {
+	@Secured("ROLE_GUEST")
+	public ResponseEntity<UserDeleteResponse> deleteUser(@RequestBody @Valid UserDeleteRequest request) {
 		User user = userService.delete(request.toDeleteUserDto(passwordEncoder));
-		return ResponseEntity.status(HttpStatus.OK).body(UserDeleteResponse.of(user));
+		return ResponseEntity.status(HttpStatus.OK).body(UserDeleteResponse.from(user));
 	}
 
-	@PatchMapping("/password")
-	public ResponseEntity<Object> changePassword(@RequestBody @Valid UserModifyPasswordRequest request) {
+	@PutMapping("/password")
+	@Secured("ROLE_GUEST")
+	public ResponseEntity<UserChangePasswordResponse> changePassword(@RequestBody @Valid UserModifyPasswordRequest request) {
 		if (request.oldEqualNew()) {
 			log.error("기존 패스워드와 동일한 패스워드로 변경할 수 없습니다.");
 			return ResponseEntity.status(HttpStatus.BAD_REQUEST).build();
 		}
 
 		User user = userService.changePassword(request.toChangePasswordDto(passwordEncoder));
-		return ResponseEntity.status(HttpStatus.OK).body(UserChangePasswordResponse.of(user));
+		return ResponseEntity.status(HttpStatus.OK).body(UserChangePasswordResponse.from(user));
+	}
+
+	@PostMapping("/login")
+	public ResponseEntity<TokenDto> login(@RequestBody LoginRequest loginRequest, HttpServletResponse response) {
+		TokenDto tokenDto = authenticationService.login(loginRequest.toAuthentication());
+
+		response.setHeader("Cache-Control", "no-store");
+		response.setHeader("Pragma", "no-store");
+		return ResponseEntity.status(HttpStatus.OK).body(tokenDto);
+	}
+
+	@PostMapping("/refresh")
+	public ResponseEntity<TokenDto> refreshToken(@RequestParam("refreshToken") String refreshToken, HttpServletResponse response) {
+		TokenDto tokenDto = authenticationService.reissueAccessToken(refreshToken);
+
+		response.setHeader(jwtProperties.getAccessHeader(), tokenDto.getAccessToken());
+		response.setHeader(jwtProperties.getRefreshHeader(), tokenDto.getRefreshToken());
+		return ResponseEntity.status(HttpStatus.OK).body(tokenDto);
 	}
 
 }

server/src/main/java/com/ticketing/server/user/application/request/LoginRequest.java

@@ -0,0 +1,26 @@
+package com.ticketing.server.user.application.request;
+
+import javax.validation.constraints.Email;
+import javax.validation.constraints.NotEmpty;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+
+@Getter
+@NoArgsConstructor
+@AllArgsConstructor
+public class LoginRequest {
+
+	@NotEmpty(message = "{validation.not.empty.email}")
+	@Email(message = "{validation.email}")
+	private String email;
+
+	@NotEmpty(message = "{validation.not.empty.password}")
+	private String password;
+
+	public UsernamePasswordAuthenticationToken toAuthentication() {
+		return new UsernamePasswordAuthenticationToken(email, password);
+	}
+
+}

server/src/main/java/com/ticketing/server/user/application/request/SignUpRequest.java

@@ -4,10 +4,14 @@ import com.ticketing.server.global.validator.constraints.Phone;
 import com.ticketing.server.user.service.dto.SignUpDTO;
 import javax.validation.constraints.Email;
 import javax.validation.constraints.NotEmpty;
+import lombok.AllArgsConstructor;
 import lombok.Getter;
+import lombok.NoArgsConstructor;
 import org.springframework.security.crypto.password.PasswordEncoder;
 
 @Getter
+@NoArgsConstructor
+@AllArgsConstructor
 public class SignUpRequest {
 
 	@NotEmpty(message = "{validation.not.empty.name}")

server/src/main/java/com/ticketing/server/user/application/request/UserDeleteRequest.java

@@ -3,10 +3,14 @@ package com.ticketing.server.user.application.request;
 import com.ticketing.server.user.service.dto.DeleteUserDTO;
 import javax.validation.constraints.Email;
 import javax.validation.constraints.NotEmpty;
+import lombok.AllArgsConstructor;
 import lombok.Getter;
+import lombok.NoArgsConstructor;
 import org.springframework.security.crypto.password.PasswordEncoder;
 
 @Getter
+@NoArgsConstructor
+@AllArgsConstructor
 public class UserDeleteRequest {
 
 	@NotEmpty(message = "{validation.not.empty.email}")

server/src/main/java/com/ticketing/server/user/application/request/UserModifyPasswordRequest.java

@@ -3,10 +3,14 @@ package com.ticketing.server.user.application.request;
 import com.ticketing.server.user.service.dto.ChangePasswordDTO;
 import javax.validation.constraints.Email;
 import javax.validation.constraints.NotEmpty;
+import lombok.AllArgsConstructor;
 import lombok.Getter;
+import lombok.NoArgsConstructor;
 import org.springframework.security.crypto.password.PasswordEncoder;
 
 @Getter
+@NoArgsConstructor
+@AllArgsConstructor
 public class UserModifyPasswordRequest {
 
 	@NotEmpty(message = "{validation.not.empty.email}")

server/src/main/java/com/ticketing/server/user/application/response/SignUpResponse.java

@@ -1,20 +1,20 @@
 package com.ticketing.server.user.application.response;
 
 import com.ticketing.server.user.domain.User;
+import lombok.AccessLevel;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
 
+@Getter
+@AllArgsConstructor(access = AccessLevel.PRIVATE)
 public class SignUpResponse {
 
-	public static SignUpResponse of(User user) {
-		return new SignUpResponse(user.getName(), user.getEmail());
-	}
-
-	public SignUpResponse(String name, String email) {
-		this.name = name;
-		this.email = email;
-	}
-
 	private String name;
 
 	private String email;
 
+	public static SignUpResponse from(User user) {
+		return new SignUpResponse(user.getName(), user.getEmail());
+	}
+
 }

server/src/main/java/com/ticketing/server/user/application/response/TokenDto.java

@@ -0,0 +1,20 @@
+package com.ticketing.server.user.application.response;
+
+import lombok.AccessLevel;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+
+@Getter
+@AllArgsConstructor(access = AccessLevel.PRIVATE)
+public class TokenDto {
+
+	private final String accessToken;
+	private final String refreshToken;
+	private final String tokenType;
+	private final long expiresIn;
+
+	public static TokenDto of(String accessToken, String refreshToken, String tokenType, long expiresIn) {
+		return new TokenDto(accessToken, refreshToken, tokenType, expiresIn);
+	}
+
+}

server/src/main/java/com/ticketing/server/user/application/response/UserChangePasswordResponse.java

@@ -1,20 +1,20 @@
 package com.ticketing.server.user.application.response;
 
 import com.ticketing.server.user.domain.User;
+import lombok.AccessLevel;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
 
+@Getter
+@AllArgsConstructor(access = AccessLevel.PRIVATE)
 public class UserChangePasswordResponse {
 
-	public static SignUpResponse of(User user) {
-		return new SignUpResponse(user.getName(), user.getEmail());
-	}
-
-	public UserChangePasswordResponse(String name, String email) {
-		this.name = name;
-		this.email = email;
-	}
-
 	private String name;
 
 	private String email;
 
+	public static UserChangePasswordResponse from(User user) {
+		return new UserChangePasswordResponse(user.getName(), user.getEmail());
+	}
+
 }

server/src/main/java/com/ticketing/server/user/application/response/UserDeleteResponse.java

@@ -1,20 +1,20 @@
 package com.ticketing.server.user.application.response;
 
 import com.ticketing.server.user.domain.User;
+import lombok.AccessLevel;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
 
+@Getter
+@AllArgsConstructor(access = AccessLevel.PRIVATE)
 public class UserDeleteResponse {
 
-	public static SignUpResponse of(User user) {
-		return new SignUpResponse(user.getName(), user.getEmail());
-	}
-
-	public UserDeleteResponse(String name, String email) {
-		this.name = name;
-		this.email = email;
-	}
-
 	private String name;
 
 	private String email;
 
+	public static UserDeleteResponse from(User user) {
+		return new UserDeleteResponse(user.getName(), user.getEmail());
+	}
+
 }

server/src/main/java/com/ticketing/server/user/domain/User.java

@@ -77,7 +77,7 @@ public class User extends AbstractEntity {
 		return this;
 	}
 
-	private void checkPassword(PasswordMatches passwordMatches) {
+	public void checkPassword(PasswordMatches passwordMatches) {
 		if (!passwordMatches.passwordMatches(password)) {
 			throw new PasswordMismatchException();
 		}

server/src/main/java/com/ticketing/server/user/service/AuthenticationServiceImpl.java

@@ -0,0 +1,87 @@
+package com.ticketing.server.user.service;
+
+import com.ticketing.server.global.exception.token.TokenNotFindException;
+import com.ticketing.server.global.exception.token.TokenTypeException;
+import com.ticketing.server.global.exception.token.UnavailableRefreshTokenException;
+import com.ticketing.server.global.redis.RefreshRedisRepository;
+import com.ticketing.server.global.redis.RefreshToken;
+import com.ticketing.server.global.security.jwt.JwtProperties;
+import com.ticketing.server.global.security.jwt.JwtProvider;
+import com.ticketing.server.user.application.response.TokenDto;
+import com.ticketing.server.user.service.interfaces.AuthenticationService;
+import lombok.RequiredArgsConstructor;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.core.Authentication;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+import org.springframework.util.StringUtils;
+
+@Service
+@RequiredArgsConstructor
+public class AuthenticationServiceImpl implements AuthenticationService {
+
+	private final RefreshRedisRepository refreshRedisRepository;
+
+	private final JwtProvider jwtProvider;
+	private final JwtProperties jwtProperties;
+	private final AuthenticationManagerBuilder authenticationManagerBuilder;
+
+	@Override
+	@Transactional
+	public TokenDto login(UsernamePasswordAuthenticationToken authenticationToken) {
+		// 회원인증
+		Authentication authentication = authenticationManagerBuilder.getObject().authenticate(authenticationToken);
+
+		String email = authenticationToken.getName();
+
+		// 토큰 발급
+		TokenDto tokenDto = jwtProvider.generateTokenDto(authentication);
+
+		// refresh 토큰이 있으면 수정, 없으면 생성
+		refreshRedisRepository.findByEmail(email)
+			.ifPresentOrElse(
+				tokenEntity -> tokenEntity.changeToken(tokenDto.getRefreshToken()),
+				() -> refreshRedisRepository.save(new RefreshToken(email, tokenDto.getRefreshToken()))
+			);
+
+		return tokenDto;
+	}
+
+	@Override
+	@Transactional
+	public TokenDto reissueAccessToken(String bearerRefreshToken) {
+		String refreshToken = resolveToken(bearerRefreshToken);
+
+		// 토큰 검증
+		jwtProvider.validateToken(refreshToken);
+
+		Authentication authentication = jwtProvider.getAuthentication(refreshToken);
+
+		// Redis 에 토큰이 있는지 검증
+		RefreshToken findTokenEntity = refreshRedisRepository.findByEmail(authentication.getName())
+			.orElseThrow(TokenNotFindException::new);
+
+		// redis 토큰과 input 토큰이 일치한지 확인
+		if (!refreshToken.equals(findTokenEntity.getToken())) {
+			throw new UnavailableRefreshTokenException();
+		}
+
+		// 토큰 발급
+		TokenDto tokenDto = jwtProvider.generateTokenDto(authentication);
+
+		// 토큰 최신화
+		findTokenEntity.changeToken(tokenDto.getRefreshToken());
+		refreshRedisRepository.save(findTokenEntity);
+
+		return tokenDto;
+	}
+
+	private String resolveToken(String bearerToken) {
+		if (StringUtils.hasText(bearerToken) && jwtProperties.hasTokenStartsWith(bearerToken)) {
+			return bearerToken.substring(7);
+		}
+		throw new TokenTypeException();
+	}
+
+}

server/src/main/java/com/ticketing/server/user/service/UserServiceImpl.java

@@ -1,6 +1,6 @@
 package com.ticketing.server.user.service;
 
-import com.ticketing.server.global.exception.NotFoundEmailException;
+import com.ticketing.server.global.exception.EmailNotFoundException;
 import com.ticketing.server.user.domain.User;
 import com.ticketing.server.user.domain.repository.UserRepository;
 import com.ticketing.server.user.service.dto.ChangePasswordDTO;
@@ -39,27 +39,29 @@ public class UserServiceImpl implements UserService {
 	@Override
 	@Transactional
 	public User delete(@Valid DeleteUserDTO deleteUserDto) {
-		Optional<User> optionalUser = userRepository.findByEmail(deleteUserDto.getEmail());
-		if (optionalUser.isEmpty()) {
-			log.error("존재하지 않는 이메일 입니다. :: {}", deleteUserDto);
-			throw new NotFoundEmailException();
-		}
+		User user = userRepository.findByEmail(deleteUserDto.getEmail())
+			.orElseThrow(() -> {
+					log.error("존재하지 않는 이메일 입니다. :: {}", deleteUserDto.getEmail());
+					throw new EmailNotFoundException();
+				}
+			);
 
-		User user = optionalUser.get();
 		return user.delete(deleteUserDto);
 	}
 
 	@Override
 	@Transactional
 	public User changePassword(@Valid ChangePasswordDTO changePasswordDto) {
-		Optional<User> optionalUser = userRepository.findByEmailAndIsDeletedFalse(changePasswordDto.getEmail());
-		if (optionalUser.isEmpty()) {
-			log.error("존재하지 않는 이메일 입니다. :: {}", changePasswordDto);
-			throw new NotFoundEmailException();
-		}
-
-		User user = optionalUser.get();
+		User user = findNotDeletedUserByEmail(changePasswordDto.getEmail());
 		return user.changePassword(changePasswordDto);
 	}
 
+	private User findNotDeletedUserByEmail(String email) {
+		return userRepository.findByEmailAndIsDeletedFalse(email)
+			.orElseThrow(() -> {
+				log.error("존재하지 않는 이메일 입니다. :: {}", email);
+				throw new EmailNotFoundException();
+			});
+	}
+
 }

server/src/main/java/com/ticketing/server/user/service/dto/ChangePasswordDTO.java

@@ -6,13 +6,6 @@ import org.springframework.security.crypto.password.PasswordEncoder;
 
 public class ChangePasswordDTO implements PasswordMatches {
 
-	public ChangePasswordDTO(String email, String oldPassword, String newPassword, PasswordEncoder passwordEncoder) {
-		this.email = email;
-		this.oldPassword = oldPassword;
-		this.newPassword = newPassword;
-		this.passwordEncoder = passwordEncoder;
-	}
-
 	@NotEmpty(message = "{validation.not.empty.email}")
 	@Email(message = "{validation.email}")
 	private String email;
@@ -25,6 +18,13 @@ public class ChangePasswordDTO implements PasswordMatches {
 
 	private PasswordEncoder passwordEncoder;
 
+	public ChangePasswordDTO(String email, String oldPassword, String newPassword, PasswordEncoder passwordEncoder) {
+		this.email = email;
+		this.oldPassword = oldPassword;
+		this.newPassword = newPassword;
+		this.passwordEncoder = passwordEncoder;
+	}
+
 	public String getEmail() {
 		return email;
 	}

server/src/main/java/com/ticketing/server/user/service/dto/DeleteUserDTO.java

@@ -6,12 +6,6 @@ import org.springframework.security.crypto.password.PasswordEncoder;
 
 public class DeleteUserDTO implements PasswordMatches {
 
-	public DeleteUserDTO(String email, String inputPassword, PasswordEncoder passwordEncoder) {
-		this.email = email;
-		this.inputPassword = inputPassword;
-		this.passwordEncoder = passwordEncoder;
-	}
-
 	@NotEmpty(message = "{validation.not.empty.email}")
 	@Email(message = "{validation.email}")
 	private String email;
@@ -21,6 +15,12 @@ public class DeleteUserDTO implements PasswordMatches {
 
 	private PasswordEncoder passwordEncoder;
 
+	public DeleteUserDTO(String email, String inputPassword, PasswordEncoder passwordEncoder) {
+		this.email = email;
+		this.inputPassword = inputPassword;
+		this.passwordEncoder = passwordEncoder;
+	}
+
 	@Override
 	public boolean passwordMatches(String password) {
 		return passwordEncoder.matches(this.inputPassword, password);

server/src/main/java/com/ticketing/server/user/service/interfaces/AuthenticationService.java

@@ -0,0 +1,12 @@
+package com.ticketing.server.user.service.interfaces;
+
+import com.ticketing.server.user.application.response.TokenDto;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+
+public interface AuthenticationService {
+
+	TokenDto login(UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken);
+
+	TokenDto reissueAccessToken(String bearerRefreshToken);
+
+}

server/src/main/resources/application.yml

@@ -4,6 +4,9 @@ server:
 spring:
   profiles:
     active: local
+  redis:
+    host: localhost
+    port: 6379
 
   jpa:
     hibernate:
@@ -18,3 +21,11 @@ spring:
 jasypt:
   encryptor:
     bean: jasyptStringEncryptor
+
+jwt:
+  access-header: ACCESS_TOKEN
+  refresh-header: REFRESH_TOKEN
+  prefix: Bearer
+  secret-key: Zi1sYWItdGlja2V0aW5nLXByb2plY3Qtc3ByaW5nLWJvb3Qtc2VjdXJpdHktand0LXNlY3JldC1rZXktZi1sYWItdGlja2V0aW5nLXByb2plY3Qtc3ByaW5nLWJvb3Qtc2VjdXJpdHktand0LXNlY3JldC1rZXkK
+  access-token-validity-in-seconds: 60 # 1분
+  refresh-token-validity-in-seconds: 259200 # 3일

server/src/test/java/com/ticketing/server/global/redis/RefreshRedisRepositoryTest.java

@@ -0,0 +1,75 @@
+package com.ticketing.server.global.redis;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.junit.jupiter.api.Assertions.assertAll;
+
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Test;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.context.SpringBootTest;
+
+@SpringBootTest
+class RefreshRedisRepositoryTest {
+
+	@Autowired
+	RefreshRedisRepository refreshRedisRepository;
+
+	@AfterEach
+	void tearDown() {
+		refreshRedisRepository.deleteAll();
+	}
+
+	@Test
+	@DisplayName("기본 등록 및 조회기능")
+	void saveAndFind() {
+		// given
+		RefreshToken refreshToken = new RefreshToken("ticketing@gmail.com", "refreshToken");
+
+		// when
+		refreshRedisRepository.save(refreshToken);
+
+		// then
+		RefreshToken findRefreshToken = refreshRedisRepository.findById(refreshToken.getId()).get();
+		assertAll(
+			() -> assertThat(findRefreshToken.getEmail()).isEqualTo("ticketing@gmail.com")
+			, () -> assertThat(findRefreshToken.getToken()).isEqualTo("refreshToken")
+		);
+	}
+
+	@Test
+	@DisplayName("기본 등록 및 이메일 조회")
+	void saveAndFindByEmail() {
+		// given
+		RefreshToken refreshToken = new RefreshToken("ticketing@gmail.com", "refreshToken");
+
+		// when
+		refreshRedisRepository.save(refreshToken);
+
+		// then
+		RefreshToken findRefreshToken = refreshRedisRepository.findByEmail(refreshToken.getEmail()).get();
+		assertAll(
+			() -> assertThat(findRefreshToken.getEmail()).isEqualTo("ticketing@gmail.com")
+			, () -> assertThat(findRefreshToken.getToken()).isEqualTo("refreshToken")
+		);
+	}
+
+	@Test
+	@DisplayName("기본 등록 및 수정기능")
+	void saveAndSave() {
+		// given
+		RefreshToken refreshToken = new RefreshToken("ticketing@gmail.com", "refreshToken");
+		refreshRedisRepository.save(refreshToken);
+		Long id = refreshToken.getId();
+
+		// when
+		RefreshToken savedRefreshToken = refreshRedisRepository.findById(id).get();
+		savedRefreshToken.changeToken("refreshToken2");
+		refreshRedisRepository.save(savedRefreshToken);
+
+		// then
+		RefreshToken lastSavedRefreshToken = refreshRedisRepository.findById(id).get();
+		assertThat(lastSavedRefreshToken.getToken()).isEqualTo("refreshToken2");
+	}
+
+}

server/src/test/java/com/ticketing/server/global/security/SecurityContextHolderTest.java

@@ -0,0 +1,66 @@
+package com.ticketing.server.global.security;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.junit.jupiter.api.Assertions.assertAll;
+
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.mockito.junit.jupiter.MockitoExtension;
+import org.springframework.security.authentication.TestingAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.context.SecurityContext;
+import org.springframework.security.core.context.SecurityContextHolder;
+
+@ExtendWith(MockitoExtension.class)
+class SecurityContextHolderTest {
+
+	private static final String ANY_USER = "ticketing";
+	private static final String ANY_PASSWORD = "password";
+	private static final String ROLE_GUEST = "ROLE_GUEST";
+
+	@BeforeEach
+	void init() {
+		SecurityContextHolder.setStrategyName(SecurityContextHolder.MODE_THREADLOCAL);
+		setMockAuthentication();
+	}
+
+	@AfterEach
+	void clear() {
+		SecurityContextHolder.clearContext();
+	}
+
+	@Test
+	@DisplayName("SecurityContextHolder 에 현재 인증된 사용자 정보를 확인한다.")
+	void SecurityContextHolder() {
+		// given
+		Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+
+		// when
+		// then
+		assertAll(
+			() -> assertThat(authentication.isAuthenticated()).isTrue()
+			, () -> assertThat(authentication.getName()).isEqualTo(ANY_USER)
+			, () -> assertThat(authentication.getCredentials()).isEqualTo(ANY_PASSWORD)
+			, () -> assertThat(authentication.getAuthorities())
+				.extracting(GrantedAuthority::getAuthority)
+				.contains(ROLE_GUEST)
+		);
+
+	}
+
+
+	private void setMockAuthentication() {
+		SecurityContext context = SecurityContextHolder.createEmptyContext();
+
+		TestingAuthenticationToken mockAuthentication
+			= new TestingAuthenticationToken(SecurityContextHolderTest.ANY_USER, SecurityContextHolderTest.ANY_PASSWORD, SecurityContextHolderTest.ROLE_GUEST);
+		context.setAuthentication(mockAuthentication);
+
+		SecurityContextHolder.setContext(context);
+	}
+
+}

server/src/test/java/com/ticketing/server/global/security/jwt/JwtPropertiesTest.java

@@ -0,0 +1,64 @@
+package com.ticketing.server.global.security.jwt;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.junit.jupiter.api.Assertions.assertAll;
+
+import com.ticketing.server.global.factory.YamlPropertySourceFactory;
+import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
+import org.springframework.context.annotation.PropertySource;
+import org.springframework.test.context.junit.jupiter.SpringExtension;
+
+@ExtendWith(SpringExtension.class)
+@EnableConfigurationProperties(value = JwtProperties.class)
+@PropertySource(value = "classpath:application.yml", factory = YamlPropertySourceFactory.class)
+class JwtPropertiesTest {
+
+	@Autowired
+	private JwtProperties jwtProperties;
+
+	@Test
+	@DisplayName("yml - jwt 설정파일 체크")
+	void jwtPropertiesCheck() {
+		// given
+		// when
+		// then
+		assertAll(
+			() -> assertThat(jwtProperties.getAccessHeader()).isEqualTo("ACCESS_TOKEN")
+			, () -> assertThat(jwtProperties.getRefreshHeader()).isEqualTo("REFRESH_TOKEN")
+			, () -> assertThat(jwtProperties.getPrefix()).isEqualTo("Bearer")
+			, () -> assertThat(jwtProperties.getAccessTokenValidityInSeconds()).isEqualTo(60)
+			, () -> assertThat(jwtProperties.getRefreshTokenValidityInSeconds()).isEqualTo(259200)
+			, () -> assertThat(jwtProperties.getSecretKey()).isNotEmpty());
+	}
+
+	@Test
+	@DisplayName("token prefix 가 일치할 경우")
+	void hasTokenStartsWithTrue() {
+		// given
+		String token = jwtProperties.getPrefix() + " " + "tokenPrefixTest";
+
+		// when
+		boolean result = jwtProperties.hasTokenStartsWith(token);
+
+		// then
+		assertThat(result).isTrue();
+	}
+
+	@Test
+	@DisplayName("token prefix 가 일치하지 않을 경우")
+	void hasTokenStartsWithFalse() {
+		// given
+		String token = "tokenPrefixTest";
+
+		// when
+		boolean result = jwtProperties.hasTokenStartsWith(token);
+
+		// then
+		assertThat(result).isFalse();
+	}
+
+}

server/src/test/java/com/ticketing/server/global/security/jwt/TokenProviderTest.java

@@ -0,0 +1,68 @@
+package com.ticketing.server.global.security.jwt;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+import com.ticketing.server.global.factory.YamlPropertySourceFactory;
+import com.ticketing.server.user.application.response.TokenDto;
+import com.ticketing.server.user.domain.UserGrade;
+import java.util.Collections;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
+import org.springframework.context.annotation.PropertySource;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.test.context.junit.jupiter.SpringExtension;
+
+@ExtendWith(SpringExtension.class)
+@EnableConfigurationProperties(value = JwtProperties.class)
+@PropertySource(value = "classpath:application.yml", factory = YamlPropertySourceFactory.class)
+class TokenProviderTest {
+
+	@Autowired
+	private JwtProperties jwtProperties;
+
+	JwtProvider jwtProvider;
+
+
+	@BeforeEach
+	void init() {
+		jwtProvider = new JwtProvider(jwtProperties);
+	}
+
+	@Test
+	@DisplayName("토큰 생성 성공")
+	void createTokenSuccess() {
+		// given
+		SimpleGrantedAuthority grantedAuthority = new SimpleGrantedAuthority(UserGrade.GUEST.name());
+		UsernamePasswordAuthenticationToken authenticationToken =
+			new UsernamePasswordAuthenticationToken("ticketing@gmail.com", "123456", Collections.singleton(grantedAuthority));
+
+		// when
+		TokenDto tokenDto = jwtProvider.generateTokenDto(authenticationToken);
+
+		// then
+		assertThat(tokenDto).isInstanceOf(TokenDto.class);
+	}
+
+	@Test
+	@DisplayName("토큰 복호화 성공")
+	void getAuthentication() {
+		// given
+		SimpleGrantedAuthority grantedAuthority = new SimpleGrantedAuthority(UserGrade.GUEST.name());
+		UsernamePasswordAuthenticationToken authenticationToken =
+			new UsernamePasswordAuthenticationToken("ticketing@gmail.com", "123456", Collections.singleton(grantedAuthority));
+
+		// when
+		TokenDto tokenDto = jwtProvider.generateTokenDto(authenticationToken);
+		Authentication authentication = jwtProvider.getAuthentication(tokenDto.getAccessToken());
+
+		// then
+		assertThat(authentication.getName()).isEqualTo("ticketing@gmail.com");
+	}
+
+}

server/src/test/java/com/ticketing/server/movie/service/TMDBServiceImplTest.java

@@ -0,0 +1,94 @@
+package com.ticketing.server.movie.service;
+
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
+import java.nio.charset.Charset;
+import java.nio.charset.StandardCharsets;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.Map;
+import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Test;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.http.HttpEntity;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpMethod;
+import org.springframework.http.MediaType;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.client.RestTemplate;
+
+@SpringBootTest
+public class TMDBServiceImplTest {
+
+    @Value("${tmdb.api-key}")
+    private String apiKey;
+
+    @Value("${tmdb.read-access-token}")
+    private String readAccessToken;
+
+    @Autowired
+    RestTemplate restTemplate;
+
+    @Test
+    @DisplayName("TMDB Service Test - Get [Now Playing] movies")
+    void shouldAbleToGetMovieList() throws Exception {
+        // given
+        assertNotNull(apiKey);
+        assertNotNull(readAccessToken);
+
+        ArrayList<Charset> acceptCharset = new ArrayList<>();
+        acceptCharset.add(StandardCharsets.UTF_8);
+
+        HttpHeaders headers = new HttpHeaders();
+        headers.setAcceptCharset(acceptCharset);
+        headers.setContentType(MediaType.APPLICATION_JSON);
+        headers.setBearerAuth(readAccessToken);
+
+        Map<String, String> params = new HashMap<>();
+        params.put("api_key", apiKey);
+        params.put("language", "ko");
+
+        HttpEntity<?> request = new HttpEntity<>(headers);
+
+        // when
+        ResponseEntity<?> response = restTemplate.exchange(
+            "https://api.themoviedb.org/3/movie/now_playing?" + mapToUrlParam(params),
+            HttpMethod.GET,
+            request,
+            String.class
+        );
+
+//        JSONParser parser  = new JSONParser();
+//        Object obj = parser.parse(String.valueOf(response));
+//        Object results = ((JSONObject) obj).get("results");
+//
+//        ArrayList<String> movieList = new ArrayList<>();
+//
+//        ArrayList<JSONObject> jsonMovieList = new ArrayList<>();
+
+        // then
+        assertTrue(response.getStatusCode().is2xxSuccessful());
+    }
+
+    private static String mapToUrlParam(Map<String, String> params) {
+        StringBuffer paramData = new StringBuffer();
+
+        for (Map.Entry<String, String> param : params.entrySet()) {
+            if (paramData.length() != 0) {
+                paramData.append('&');
+            }
+
+            paramData.append(param.getKey());
+            paramData.append('=');
+            paramData.append(param.getValue());
+        }
+
+        return paramData.toString();
+    }
+
+}
+
+

server/src/test/java/com/ticketing/server/user/application/UserControllerTest.java

@@ -0,0 +1,104 @@
+package com.ticketing.server.user.application;
+
+import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity;
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
+import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
+
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.ticketing.server.global.redis.RefreshRedisRepository;
+import com.ticketing.server.user.application.request.LoginRequest;
+import com.ticketing.server.user.application.request.SignUpRequest;
+import com.ticketing.server.user.service.interfaces.UserService;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Test;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.http.MediaType;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.test.web.servlet.MockMvc;
+import org.springframework.test.web.servlet.ResultActions;
+import org.springframework.test.web.servlet.setup.MockMvcBuilders;
+import org.springframework.transaction.annotation.Transactional;
+import org.springframework.web.context.WebApplicationContext;
+
+@SpringBootTest
+@Transactional
+class UserControllerTest {
+
+	@Autowired
+	WebApplicationContext context;
+
+	@Autowired
+	UserService userService;
+
+	@Autowired
+	PasswordEncoder passwordEncoder;
+
+	@Autowired
+	ObjectMapper objectMapper;
+
+	@Autowired
+	RefreshRedisRepository refreshRedisRepository;
+
+	MockMvc mvc;
+
+	@Test
+	@DisplayName("로그인 인증 성공")
+	void loginSuccess() throws Exception {
+		// given
+		LoginRequest request = new LoginRequest("ticketing@gmail.com", "qwe123");
+
+		// when
+		ResultActions actions = mvc.perform(post("/api/user/login")
+			.content(asJsonString(request))
+			.contentType(MediaType.APPLICATION_JSON));
+
+		// then
+		actions.andDo(print())
+			.andExpect(status().isOk());
+	}
+
+	@Test
+	@DisplayName("로그인 패스워드 인증 실패")
+	void loginPasswordFail() throws Exception {
+		// given
+		LoginRequest request = new LoginRequest("ticketing@gmail.com", "qwe1234");
+
+		// when
+		ResultActions actions = mvc.perform(post("/api/user/login")
+			.content(asJsonString(request))
+			.contentType(MediaType.APPLICATION_JSON));
+
+		// then
+		actions.andDo(print())
+			.andExpect(status().isUnauthorized());
+	}
+
+	private String asJsonString(Object object) throws JsonProcessingException {
+		return objectMapper.writeValueAsString(object);
+	}
+
+	@BeforeEach
+	void init() throws Exception {
+		mvc = MockMvcBuilders
+			.webAppContextSetup(context)
+			.apply(springSecurity())
+			.build();
+
+		SignUpRequest signUpRequest = new SignUpRequest("ticketing", "ticketing@gmail.com", "qwe123", "010-2240-7920");
+
+		mvc.perform(post("/api/user")
+			.content(asJsonString(signUpRequest))
+			.contentType(MediaType.APPLICATION_JSON));
+	}
+
+	@AfterEach
+	void tearDown() {
+		refreshRedisRepository.deleteAll();
+	}
+
+}

server/src/test/java/com/ticketing/server/user/service/AuthenticationServiceImplTest.java

@@ -0,0 +1,84 @@
+package com.ticketing.server.user.service;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.junit.jupiter.api.Assertions.assertAll;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.when;
+
+import com.ticketing.server.global.factory.YamlPropertySourceFactory;
+import com.ticketing.server.global.redis.RefreshRedisRepository;
+import com.ticketing.server.global.redis.RefreshToken;
+import com.ticketing.server.global.security.jwt.JwtProperties;
+import com.ticketing.server.global.security.jwt.JwtProvider;
+import com.ticketing.server.user.application.response.TokenDto;
+import com.ticketing.server.user.domain.UserGrade;
+import java.util.Collections;
+import java.util.Optional;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.mockito.InjectMocks;
+import org.mockito.Mock;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
+import org.springframework.context.annotation.PropertySource;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.test.context.junit.jupiter.SpringExtension;
+
+@ExtendWith(SpringExtension.class)
+@EnableConfigurationProperties(value = JwtProperties.class)
+@PropertySource(value = "classpath:application.yml", factory = YamlPropertySourceFactory.class)
+class AuthenticationServiceImplTest {
+
+	@Autowired
+	private JwtProperties useJwtProperties;
+	private JwtProvider useJwtProvider;
+
+	@Mock
+	JwtProperties jwtProperties;
+
+	@Mock
+	JwtProvider jwtProvider;
+
+	@Mock
+	RefreshRedisRepository redisRepository;
+
+	@InjectMocks
+	AuthenticationServiceImpl authenticationService;
+
+	UsernamePasswordAuthenticationToken authenticationToken;
+
+	@BeforeEach
+	void init() {
+		useJwtProvider = new JwtProvider(useJwtProperties);
+		SimpleGrantedAuthority grantedAuthority = new SimpleGrantedAuthority(UserGrade.GUEST.name());
+		authenticationToken =
+			new UsernamePasswordAuthenticationToken("ticketing@gmail.com", "123456", Collections.singleton(grantedAuthority));
+	}
+
+	@Test
+	@DisplayName("토큰 재발급 성공")
+	void reissueAccessToken() {
+		// given
+		String refreshToken = "Bearer eyJhbGciOiJIUzUxMiJ9";
+		when(jwtProvider.validateToken(any())).thenReturn(true);
+		when(jwtProvider.getAuthentication(any())).thenReturn(authenticationToken);
+		when(jwtProvider.generateTokenDto(any())).thenReturn(useJwtProvider.generateTokenDto(authenticationToken));
+		when(redisRepository.findByEmail("ticketing@gmail.com")).thenReturn(Optional.of(new RefreshToken("ticketing@gmail.com", "eyJhbGciOiJIUzUxMiJ9")));
+		when(jwtProperties.hasTokenStartsWith(refreshToken)).thenReturn(true);
+
+		// when
+		TokenDto tokenDto = authenticationService.reissueAccessToken(refreshToken);
+
+		// then
+		assertAll(
+			() -> assertThat(tokenDto.getAccessToken()).isNotEmpty()
+			, () -> assertThat(tokenDto.getRefreshToken()).isNotEmpty()
+			, () -> assertThat(tokenDto.getTokenType()).isEqualTo("Bearer")
+			, () -> assertThat(tokenDto.getExpiresIn()).isEqualTo(60)
+		);
+	}
+
+}

server/src/test/java/com/ticketing/server/user/service/UserServiceImplTest.java

@@ -5,7 +5,7 @@ import static org.assertj.core.api.Assertions.assertThatThrownBy;
 import static org.mockito.ArgumentMatchers.any;
 import static org.mockito.Mockito.when;
 
-import com.ticketing.server.global.exception.NotFoundEmailException;
+import com.ticketing.server.global.exception.EmailNotFoundException;
 import com.ticketing.server.user.domain.User;
 import com.ticketing.server.user.domain.UserGrade;
 import com.ticketing.server.user.domain.repository.UserRepository;
@@ -79,7 +79,7 @@ class UserServiceImplTest {
 		// when
 		// then
 		assertThatThrownBy(() -> userService.delete(deleteUserDto))
-			.isInstanceOf(NotFoundEmailException.class);
+			.isInstanceOf(EmailNotFoundException.class);
 	}
 
 	@Test
@@ -104,7 +104,7 @@ class UserServiceImplTest {
 		// when
 		// then
 		assertThatThrownBy(() -> userService.changePassword(changePasswordDto))
-			.isInstanceOf(NotFoundEmailException.class);
+			.isInstanceOf(EmailNotFoundException.class);
 	}
 
 	@Test

server/src/test/java/com/ticketing/server/user/service/dto/SignUpDtoTest.java

@@ -21,4 +21,4 @@ class SignUpDtoTest {
 		assertThat(user).isInstanceOf(User.class);
 	}
 
-}
+}

server/src/test/resources/application.yml

@@ -4,6 +4,9 @@ spring:
     username: ENC(LowN1n4w0Ep/DqLD8+q5Bq6AXM4b8e3V)
     password: ENC(OMvGcpZLpggFTiGNkqNe66Zq/SmJXF6o)
     driver-class-name: com.mysql.cj.jdbc.Driver
+  redis:
+    host: localhost
+    port: 6379
 
   jpa:
     properties:
@@ -16,3 +19,15 @@ spring:
 jasypt:
   encryptor:
     bean: jasyptStringEncryptor
+
+jwt:
+  access-header: ACCESS_TOKEN
+  refresh-header: REFRESH_TOKEN
+  prefix: Bearer
+  secret-key: Zi1sYWItdGlja2V0aW5nLXByb2plY3Qtc3ByaW5nLWJvb3Qtc2VjdXJpdHktand0LXNlY3JldC1rZXktZi1sYWItdGlja2V0aW5nLXByb2plY3Qtc3ByaW5nLWJvb3Qtc2VjdXJpdHktand0LXNlY3JldC1rZXkK
+  access-token-validity-in-seconds: 60
+  refresh-token-validity-in-seconds: 259200
+
+tmdb:
+  api-key: 0d1503b6dcbfe1c514299b5564c649b8
+  read-access-token: eyJhbGciOiJIUzI1NiJ9.eyJhdWQiOiIwZDE1MDNiNmRjYmZlMWM1MTQyOTliNTU2NGM2NDliOCIsInN1YiI6IjYyOWYwODRlNzI2ZmIxMTA2NDA4MjI2NCIsInNjb3BlcyI6WyJhcGlfcmVhZCJdLCJ2ZXJzaW9uIjoxfQ.rs8KZea8QLyashILiggWFx2s46lgUtzo-xSWoDgE58A