update

src/main/java/com/example/vue/config/SecurityConfiguration.java

@@ -34,6 +34,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
             .antMatchers("/auth/register").permitAll()
             .antMatchers("/users").authenticated()
             .antMatchers("/articles").authenticated()
+            .antMatchers("/me").authenticated()
             .and()
             .formLogin().disable()
             .addFilter(jwtAuthenticationFilter())
@@ -54,4 +55,5 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
     private Filter jwtAuthenticationFilter() throws Exception {
         return new JwtAuthenticationFilter(authenticationManager(), jwtUtil());
     }
+
 }

src/main/java/com/example/vue/config/security/JwtAuthenticationFilter.java

@@ -5,6 +5,7 @@ import com.example.vue.domain.user.User;
 import com.example.vue.util.JwtUtil;
 import io.jsonwebtoken.Claims;
 import io.jsonwebtoken.JwtException;
+import lombok.SneakyThrows;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
@@ -46,16 +47,17 @@ public class JwtAuthenticationFilter extends BasicAuthenticationFilter {
 
     private Authentication getAuthentication(HttpServletRequest request) {
 
-        String token = request.getHeader("Authorization");
+        String authorizationHeader = request.getHeader("Authorization");
 
-        if (token == null) {
+        if (authorizationHeader == null) {
             return null;
         }
 
-        Claims claims;
+        String token = authorizationHeader.substring("Bearer ".length());
 
+        Claims claims = null;
         try {
-            claims = jwtUtil.getClaims(token.substring("Bearer ".length()));
+            claims = jwtUtil.getClaims(token);
         } catch (JwtException e) {
             throw new AuthException.MalformedJwt(token);
         }

src/main/java/com/example/vue/domain/auth/AuthException.java

@@ -1,9 +1,11 @@
 package com.example.vue.domain.auth;
 
-import io.jsonwebtoken.JwtException;
 import org.springframework.http.HttpStatus;
+import org.springframework.security.access.AccessDeniedException;
 import org.springframework.web.bind.annotation.ResponseStatus;
 
+import javax.naming.AuthenticationException;
+
 public class AuthException {
 
     @ResponseStatus(HttpStatus.BAD_REQUEST)
@@ -28,9 +30,16 @@ public class AuthException {
     }
 
     @ResponseStatus(HttpStatus.BAD_REQUEST)
-    public static class MalformedJwt extends JwtException {
+    public static class MalformedJwt extends AccessDeniedException {
         public MalformedJwt(String token) {
             super("올바르지 않은 토큰 입니다. [token=" + token + "]");
         }
     }
+
+    @ResponseStatus(HttpStatus.FORBIDDEN)
+    public static class ExpiredJwt extends AuthenticationException {
+        public ExpiredJwt(String token) {
+            super("만료 된 토큰입니다. [accessToken=" + token + "]");
+        }
+    }
 }

src/main/java/com/example/vue/util/JwtUtil.java

@@ -13,7 +13,7 @@ public class JwtUtil {
 
     private Key key;
 
-    public static long PLUS_MILLS = (1000 * 60 * 60 * 24) * 30L;
+    public static long PLUS_MILLS = (1000 * 60 * 60 * 24) * 0L;
 
     public JwtUtil(String secret) {
         this.key = Keys.hmacShaKeyFor(secret.getBytes());