From 93735501c56f56b94bb881248855d59705e95e64 Mon Sep 17 00:00:00 2001
From: yknxh <nyk7535@snu.ac.kr>
Date: Thu, 4 Jan 2024 02:23:06 +0900
Subject: [PATCH 1/9] =?UTF-8?q?Chore:=20Spring=20Security=20=EA=B4=80?=
 =?UTF-8?q?=EB=A0=A8=20dependencies=20=EC=A0=9C=EA=B1=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 build.gradle.kts | 2 --
 1 file changed, 2 deletions(-)

diff --git a/build.gradle.kts b/build.gradle.kts
index 00614ea..5c44479 100644
--- a/build.gradle.kts
+++ b/build.gradle.kts
@@ -24,8 +24,6 @@ repositories {
 dependencies {
     // Spring Boot Starters for basic setup
     implementation("org.springframework.boot:spring-boot-starter-data-jpa") // Spring Boot starter for JPA
-    implementation("org.springframework.boot:spring-boot-starter-security") // Spring Boot starter for security
-    implementation("org.springframework.security:spring-security-test")
     implementation("org.springframework.boot:spring-boot-starter-web") // Spring Boot starter for web applications
 
     // JSON Processing

From b56dda942d06ff3b661f1dc18aef01500f380853 Mon Sep 17 00:00:00 2001
From: yknxh <nyk7535@snu.ac.kr>
Date: Thu, 4 Jan 2024 02:25:17 +0900
Subject: [PATCH 2/9] =?UTF-8?q?Fix:=20Spring=20Security=20=EA=B4=80?=
 =?UTF-8?q?=EB=A0=A8=20=ED=81=B4=EB=9E=98=EC=8A=A4=20=EC=82=AD=EC=A0=9C?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../team3server/config/SecurityConfig.kt      | 39 -------------------
 .../user/detail/CustomUserDetails.kt          | 24 ------------
 .../user/detail/CustomUserDetailsService.kt   | 17 --------
 3 files changed, 80 deletions(-)
 delete mode 100644 src/main/kotlin/com/everywaffle/team3server/config/SecurityConfig.kt
 delete mode 100644 src/main/kotlin/com/everywaffle/team3server/user/detail/CustomUserDetails.kt
 delete mode 100644 src/main/kotlin/com/everywaffle/team3server/user/detail/CustomUserDetailsService.kt

diff --git a/src/main/kotlin/com/everywaffle/team3server/config/SecurityConfig.kt b/src/main/kotlin/com/everywaffle/team3server/config/SecurityConfig.kt
deleted file mode 100644
index 27d4e31..0000000
--- a/src/main/kotlin/com/everywaffle/team3server/config/SecurityConfig.kt
+++ /dev/null
@@ -1,39 +0,0 @@
-package com.everywaffle.team3server.config
-
-import com.everywaffle.team3server.auth.JwtAuthenticationFilter
-import com.everywaffle.team3server.auth.JwtTokenProvider
-import org.springframework.context.annotation.Bean
-import org.springframework.context.annotation.Configuration
-import org.springframework.security.config.annotation.web.builders.HttpSecurity
-import org.springframework.security.config.http.SessionCreationPolicy
-import org.springframework.security.crypto.factory.PasswordEncoderFactories
-import org.springframework.security.crypto.password.PasswordEncoder
-import org.springframework.security.web.SecurityFilterChain
-import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
-
-@Configuration
-class SecurityConfig(private val jwtTokenProvider: JwtTokenProvider) {
-
-    @Bean
-    @Throws(Exception::class)
-    fun filterChain(http: HttpSecurity): SecurityFilterChain {
-        http
-            .httpBasic() { it -> it.disable() }
-            .csrf() { it -> it.disable() }
-            .sessionManagement() { it -> it.sessionCreationPolicy(SessionCreationPolicy.STATELESS) }
-            .authorizeHttpRequests() { it ->
-                it
-                    .requestMatchers("/api/signin").permitAll()
-                    .requestMatchers("/api/signup").permitAll()
-                    .anyRequest().authenticated()
-            }
-            .addFilterBefore(JwtAuthenticationFilter(jwtTokenProvider), UsernamePasswordAuthenticationFilter::class.java)
-
-        return http.build()
-    }
-
-    @Bean
-    fun passwordEncoder(): PasswordEncoder {
-        return PasswordEncoderFactories.createDelegatingPasswordEncoder()
-    }
-}
\ No newline at end of file
diff --git a/src/main/kotlin/com/everywaffle/team3server/user/detail/CustomUserDetails.kt b/src/main/kotlin/com/everywaffle/team3server/user/detail/CustomUserDetails.kt
deleted file mode 100644
index 0a6f3a9..0000000
--- a/src/main/kotlin/com/everywaffle/team3server/user/detail/CustomUserDetails.kt
+++ /dev/null
@@ -1,24 +0,0 @@
-package com.everywaffle.team3server.user.detail
-
-import com.everywaffle.team3server.user.model.UserEntity
-import org.springframework.security.core.GrantedAuthority
-import org.springframework.security.core.userdetails.UserDetails
-
-class CustomUserDetails(
-    private val user: UserEntity
-) : UserDetails {
-
-    override fun getAuthorities(): MutableCollection<out GrantedAuthority> = mutableListOf()
-
-    override fun getPassword(): String = user.password
-
-    override fun getUsername(): String = user.userName
-
-    override fun isAccountNonExpired(): Boolean = true
-
-    override fun isAccountNonLocked(): Boolean = true
-
-    override fun isCredentialsNonExpired(): Boolean = true
-
-    override fun isEnabled(): Boolean = true
-}
\ No newline at end of file
diff --git a/src/main/kotlin/com/everywaffle/team3server/user/detail/CustomUserDetailsService.kt b/src/main/kotlin/com/everywaffle/team3server/user/detail/CustomUserDetailsService.kt
deleted file mode 100644
index a9e7ceb..0000000
--- a/src/main/kotlin/com/everywaffle/team3server/user/detail/CustomUserDetailsService.kt
+++ /dev/null
@@ -1,17 +0,0 @@
-package com.everywaffle.team3server.user.detail
-
-import com.everywaffle.team3server.user.model.UserEntity
-import com.everywaffle.team3server.user.repository.UserRepository
-import org.springframework.security.core.userdetails.UserDetails
-import org.springframework.security.core.userdetails.UserDetailsService
-import org.springframework.security.core.userdetails.UsernameNotFoundException
-
-class CustomUserDetailsService(
-    private val userRepository: UserRepository
-) : UserDetailsService {
-    override fun loadUserByUsername(userName: String): UserDetails {
-        val user: UserEntity = userRepository.findByUserName(userName)
-            ?: throw UsernameNotFoundException("UserName Not Found.")
-        return CustomUserDetails(user)
-    }
-}
\ No newline at end of file

From d33fa28fa8d347ddb9c898dc4fdb89a1cc5cadb2 Mon Sep 17 00:00:00 2001
From: yknxh <nyk7535@snu.ac.kr>
Date: Thu, 4 Jan 2024 02:56:01 +0900
Subject: [PATCH 3/9] =?UTF-8?q?Fix:=20pathInfo=20=EA=B4=80=EB=A0=A8=20?=
 =?UTF-8?q?=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../everywaffle/team3server/auth/JwtAuthenticationFilter.kt  | 4 ++--
 .../team3server/user/controller/UserSignUpController.kt      | 5 +----
 .../team3server/auth/JwtAuthenticationFilterTest.kt          | 2 +-
 3 files changed, 4 insertions(+), 7 deletions(-)

diff --git a/src/main/kotlin/com/everywaffle/team3server/auth/JwtAuthenticationFilter.kt b/src/main/kotlin/com/everywaffle/team3server/auth/JwtAuthenticationFilter.kt
index 075bcbb..810094c 100644
--- a/src/main/kotlin/com/everywaffle/team3server/auth/JwtAuthenticationFilter.kt
+++ b/src/main/kotlin/com/everywaffle/team3server/auth/JwtAuthenticationFilter.kt
@@ -15,7 +15,7 @@ class JwtAuthenticationFilter(private val jwtTokenProvider: JwtTokenProvider) :
     ) {
         val httpRequest = request as HttpServletRequest
 
-        if (isExcludedPath(httpRequest.pathInfo)) {
+        if (isExcludedPath("/" + httpRequest.requestURI.substringAfterLast("/"))) {
             chain.doFilter(request, response)
             return
         }
@@ -48,6 +48,6 @@ class JwtAuthenticationFilter(private val jwtTokenProvider: JwtTokenProvider) :
     }
 
     private fun isExcludedPath(path: String): Boolean {
-        return path.startsWith("/api/signin") || path.startsWith("/api/signup") || path.startsWith("/test-page")
+        return path.startsWith("/signin") || path.startsWith("/signup") || path.startsWith("/test-page")
     }
 }
\ No newline at end of file
diff --git a/src/main/kotlin/com/everywaffle/team3server/user/controller/UserSignUpController.kt b/src/main/kotlin/com/everywaffle/team3server/user/controller/UserSignUpController.kt
index c911c80..05cbb65 100644
--- a/src/main/kotlin/com/everywaffle/team3server/user/controller/UserSignUpController.kt
+++ b/src/main/kotlin/com/everywaffle/team3server/user/controller/UserSignUpController.kt
@@ -12,10 +12,7 @@ import com.everywaffle.team3server.user.service.UserException
 import com.everywaffle.team3server.user.service.UserSignInService
 import com.everywaffle.team3server.user.service.UserSignUpService
 import org.springframework.http.ResponseEntity
-import org.springframework.web.bind.annotation.ExceptionHandler
-import org.springframework.web.bind.annotation.PostMapping
-import org.springframework.web.bind.annotation.RequestBody
-import org.springframework.web.bind.annotation.RestController
+import org.springframework.web.bind.annotation.*
 
 @RestController
 class UserSignUpController(
diff --git a/src/test/kotlin/com/everywaffle/team3server/auth/JwtAuthenticationFilterTest.kt b/src/test/kotlin/com/everywaffle/team3server/auth/JwtAuthenticationFilterTest.kt
index e58c79f..edb1830 100644
--- a/src/test/kotlin/com/everywaffle/team3server/auth/JwtAuthenticationFilterTest.kt
+++ b/src/test/kotlin/com/everywaffle/team3server/auth/JwtAuthenticationFilterTest.kt
@@ -34,7 +34,7 @@ class JwtAuthenticationFilterTest {
     @Test
     fun `When path is excluded, filter should not check token`() {
         // 토큰 검증 대상 path가 아닌 경우, filter가 token을 체크하지 않는지 확인
-        request.pathInfo = "/api/signin"
+        request.requestURI = "/api/signin"
 
         jwtAuthenticationFilter.doFilter(request, response, filterChain)
 

From 089030b6a0ed99be34dcdbb539e5fa219d7a02cb Mon Sep 17 00:00:00 2001
From: yknxh <nyk7535@snu.ac.kr>
Date: Thu, 4 Jan 2024 16:01:14 +0900
Subject: [PATCH 4/9] =?UTF-8?q?Chore:=20Spring=20Security=20=EA=B4=80?=
 =?UTF-8?q?=EB=A0=A8=20dependencies=20=EB=8B=A4=EC=8B=9C=20=EC=B6=94?=
 =?UTF-8?q?=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 build.gradle.kts | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/build.gradle.kts b/build.gradle.kts
index 5c44479..d638de3 100644
--- a/build.gradle.kts
+++ b/build.gradle.kts
@@ -25,6 +25,8 @@ dependencies {
     // Spring Boot Starters for basic setup
     implementation("org.springframework.boot:spring-boot-starter-data-jpa") // Spring Boot starter for JPA
     implementation("org.springframework.boot:spring-boot-starter-web") // Spring Boot starter for web applications
+    implementation("org.springframework.boot:spring-boot-starter-security") // Spring Boot starter for security
+    implementation("org.springframework.security:spring-security-test")
 
     // JSON Processing
     implementation("com.fasterxml.jackson.module:jackson-module-kotlin") // Serialize/deserialize Kotlin classes to/from JSON

From a474c2af63b18d7633e70b5fc8a250a1ac886b99 Mon Sep 17 00:00:00 2001
From: yknxh <nyk7535@snu.ac.kr>
Date: Thu, 4 Jan 2024 16:03:32 +0900
Subject: [PATCH 5/9] =?UTF-8?q?Fix:=20SecurityConfig=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../team3server/config/SecurityConfig.kt      | 40 +++++++++++++++++++
 1 file changed, 40 insertions(+)
 create mode 100644 src/main/kotlin/com/everywaffle/team3server/config/SecurityConfig.kt

diff --git a/src/main/kotlin/com/everywaffle/team3server/config/SecurityConfig.kt b/src/main/kotlin/com/everywaffle/team3server/config/SecurityConfig.kt
new file mode 100644
index 0000000..b663ecf
--- /dev/null
+++ b/src/main/kotlin/com/everywaffle/team3server/config/SecurityConfig.kt
@@ -0,0 +1,40 @@
+package com.everywaffle.team3server.config
+
+import com.everywaffle.team3server.auth.JwtAuthenticationFilter
+import com.everywaffle.team3server.auth.JwtTokenProvider
+import org.springframework.context.annotation.Bean
+import org.springframework.context.annotation.Configuration
+import org.springframework.security.config.annotation.web.builders.HttpSecurity
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
+import org.springframework.security.config.http.SessionCreationPolicy
+import org.springframework.security.crypto.factory.PasswordEncoderFactories
+import org.springframework.security.crypto.password.PasswordEncoder
+import org.springframework.security.web.SecurityFilterChain
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
+
+@Configuration
+class SecurityConfig(private val jwtTokenProvider: JwtTokenProvider) {
+
+    @Bean
+    @Throws(Exception::class)
+    fun filterChain(http: HttpSecurity): SecurityFilterChain {
+        http
+            .httpBasic() { it -> it.disable() }
+            .csrf() { it -> it.disable() }
+            .sessionManagement() { it -> it.sessionCreationPolicy(SessionCreationPolicy.STATELESS) }
+            .authorizeHttpRequests() { it ->
+                it
+                    .requestMatchers("/", "/**").permitAll()
+                    .requestMatchers("/api/**").permitAll()
+                    .anyRequest().authenticated()
+            }
+            .addFilterBefore(JwtAuthenticationFilter(jwtTokenProvider), UsernamePasswordAuthenticationFilter::class.java)
+
+        return http.build()
+    }
+
+    @Bean
+    fun passwordEncoder(): PasswordEncoder {
+        return PasswordEncoderFactories.createDelegatingPasswordEncoder()
+    }
+}
\ No newline at end of file

From b7fe5320e5b7d030a41f907ee7c9803698dcccf6 Mon Sep 17 00:00:00 2001
From: yknxh <nyk7535@snu.ac.kr>
Date: Thu, 4 Jan 2024 16:06:58 +0900
Subject: [PATCH 6/9] =?UTF-8?q?Fix:=20Spring=20Security=20=EA=B4=80?=
 =?UTF-8?q?=EB=A0=A8=20=ED=81=B4=EB=9E=98=EC=8A=A4=20=EB=8B=A4=EC=8B=9C=20?=
 =?UTF-8?q?=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../user/detail/CustomUserDetails.kt          | 24 +++++++++++++++++++
 .../user/detail/CustomUserDetailsService.kt   | 17 +++++++++++++
 2 files changed, 41 insertions(+)
 create mode 100644 src/main/kotlin/com/everywaffle/team3server/user/detail/CustomUserDetails.kt
 create mode 100644 src/main/kotlin/com/everywaffle/team3server/user/detail/CustomUserDetailsService.kt

diff --git a/src/main/kotlin/com/everywaffle/team3server/user/detail/CustomUserDetails.kt b/src/main/kotlin/com/everywaffle/team3server/user/detail/CustomUserDetails.kt
new file mode 100644
index 0000000..0a6f3a9
--- /dev/null
+++ b/src/main/kotlin/com/everywaffle/team3server/user/detail/CustomUserDetails.kt
@@ -0,0 +1,24 @@
+package com.everywaffle.team3server.user.detail
+
+import com.everywaffle.team3server.user.model.UserEntity
+import org.springframework.security.core.GrantedAuthority
+import org.springframework.security.core.userdetails.UserDetails
+
+class CustomUserDetails(
+    private val user: UserEntity
+) : UserDetails {
+
+    override fun getAuthorities(): MutableCollection<out GrantedAuthority> = mutableListOf()
+
+    override fun getPassword(): String = user.password
+
+    override fun getUsername(): String = user.userName
+
+    override fun isAccountNonExpired(): Boolean = true
+
+    override fun isAccountNonLocked(): Boolean = true
+
+    override fun isCredentialsNonExpired(): Boolean = true
+
+    override fun isEnabled(): Boolean = true
+}
\ No newline at end of file
diff --git a/src/main/kotlin/com/everywaffle/team3server/user/detail/CustomUserDetailsService.kt b/src/main/kotlin/com/everywaffle/team3server/user/detail/CustomUserDetailsService.kt
new file mode 100644
index 0000000..a9e7ceb
--- /dev/null
+++ b/src/main/kotlin/com/everywaffle/team3server/user/detail/CustomUserDetailsService.kt
@@ -0,0 +1,17 @@
+package com.everywaffle.team3server.user.detail
+
+import com.everywaffle.team3server.user.model.UserEntity
+import com.everywaffle.team3server.user.repository.UserRepository
+import org.springframework.security.core.userdetails.UserDetails
+import org.springframework.security.core.userdetails.UserDetailsService
+import org.springframework.security.core.userdetails.UsernameNotFoundException
+
+class CustomUserDetailsService(
+    private val userRepository: UserRepository
+) : UserDetailsService {
+    override fun loadUserByUsername(userName: String): UserDetails {
+        val user: UserEntity = userRepository.findByUserName(userName)
+            ?: throw UsernameNotFoundException("UserName Not Found.")
+        return CustomUserDetails(user)
+    }
+}
\ No newline at end of file

From 224be57120f93c140e113e2d343602c4ba9b2101 Mon Sep 17 00:00:00 2001
From: yknxh <nyk7535@snu.ac.kr>
Date: Thu, 4 Jan 2024 16:08:55 +0900
Subject: [PATCH 7/9] =?UTF-8?q?Fix:=20SecurityConfig=20permitAll=20?=
 =?UTF-8?q?=ED=86=B5=EA=B3=BC=20=EC=9C=84=ED=95=9C=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../everywaffle/team3server/auth/JwtAuthenticationFilter.kt   | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/main/kotlin/com/everywaffle/team3server/auth/JwtAuthenticationFilter.kt b/src/main/kotlin/com/everywaffle/team3server/auth/JwtAuthenticationFilter.kt
index 810094c..6ba6ea0 100644
--- a/src/main/kotlin/com/everywaffle/team3server/auth/JwtAuthenticationFilter.kt
+++ b/src/main/kotlin/com/everywaffle/team3server/auth/JwtAuthenticationFilter.kt
@@ -26,8 +26,8 @@ class JwtAuthenticationFilter(private val jwtTokenProvider: JwtTokenProvider) :
                 // 유효한 토큰인 경우, 요청 처리
             } else {
                 // 유효하지 않은 토큰인 경우, 에러 응답
-                (response as HttpServletResponse).sendError(HttpServletResponse.SC_UNAUTHORIZED, "Invalid JWT token")
-                return
+                // (response as HttpServletResponse).sendError(HttpServletResponse.SC_UNAUTHORIZED, "Invalid JWT token")
+                // return
             }
         } catch (e: JwtValidationException) {
             // JWT 검증 실패 시 예외 처리

From 12af57c242b91d2756cc99eaab82ea74833fe0df Mon Sep 17 00:00:00 2001
From: lhw414 <dlgusdn0414@snu.ac.kr>
Date: Thu, 4 Jan 2024 18:47:24 +0900
Subject: [PATCH 8/9] =?UTF-8?q?Fix=20:=20spring=20security=20=EC=97=90?=
 =?UTF-8?q?=EB=9F=AC=20=ED=95=B4=EA=B2=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../team3server/auth/JwtAuthenticationFilter.kt  | 10 +++++-----
 .../team3server/config/SecurityConfig.kt         | 16 ++++++++--------
 .../auth/JwtAuthenticationFilterTest.kt          |  1 -
 3 files changed, 13 insertions(+), 14 deletions(-)

diff --git a/src/main/kotlin/com/everywaffle/team3server/auth/JwtAuthenticationFilter.kt b/src/main/kotlin/com/everywaffle/team3server/auth/JwtAuthenticationFilter.kt
index 6ba6ea0..8e7cb4e 100644
--- a/src/main/kotlin/com/everywaffle/team3server/auth/JwtAuthenticationFilter.kt
+++ b/src/main/kotlin/com/everywaffle/team3server/auth/JwtAuthenticationFilter.kt
@@ -15,7 +15,7 @@ class JwtAuthenticationFilter(private val jwtTokenProvider: JwtTokenProvider) :
     ) {
         val httpRequest = request as HttpServletRequest
 
-        if (isExcludedPath("/" + httpRequest.requestURI.substringAfterLast("/"))) {
+        if (isExcludedPath(httpRequest.requestURI)) {
             chain.doFilter(request, response)
             return
         }
@@ -26,12 +26,12 @@ class JwtAuthenticationFilter(private val jwtTokenProvider: JwtTokenProvider) :
                 // 유효한 토큰인 경우, 요청 처리
             } else {
                 // 유효하지 않은 토큰인 경우, 에러 응답
-                // (response as HttpServletResponse).sendError(HttpServletResponse.SC_UNAUTHORIZED, "Invalid JWT token")
-                // return
+                (response as HttpServletResponse).sendError(HttpServletResponse.SC_UNAUTHORIZED, "Invalid JWT token")
+                return
             }
         } catch (e: JwtValidationException) {
             // JWT 검증 실패 시 예외 처리
-            (response as HttpServletResponse).sendError(HttpServletResponse.SC_UNAUTHORIZED, e.message)
+            (response as HttpServletResponse).sendError(HttpServletResponse.SC_UNAUTHORIZED, "Validation failed")
             return
         }
 
@@ -48,6 +48,6 @@ class JwtAuthenticationFilter(private val jwtTokenProvider: JwtTokenProvider) :
     }
 
     private fun isExcludedPath(path: String): Boolean {
-        return path.startsWith("/signin") || path.startsWith("/signup") || path.startsWith("/test-page")
+        return path.startsWith("/api/signin") || path.startsWith("/api/signup") || path.startsWith("/test-page") || path.contains("/swagger-ui/") || path.contains("/v3/api-docs")
     }
 }
\ No newline at end of file
diff --git a/src/main/kotlin/com/everywaffle/team3server/config/SecurityConfig.kt b/src/main/kotlin/com/everywaffle/team3server/config/SecurityConfig.kt
index b663ecf..5b84871 100644
--- a/src/main/kotlin/com/everywaffle/team3server/config/SecurityConfig.kt
+++ b/src/main/kotlin/com/everywaffle/team3server/config/SecurityConfig.kt
@@ -5,7 +5,6 @@ import com.everywaffle.team3server.auth.JwtTokenProvider
 import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Configuration
 import org.springframework.security.config.annotation.web.builders.HttpSecurity
-import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
 import org.springframework.security.config.http.SessionCreationPolicy
 import org.springframework.security.crypto.factory.PasswordEncoderFactories
 import org.springframework.security.crypto.password.PasswordEncoder
@@ -14,18 +13,19 @@ import org.springframework.security.web.authentication.UsernamePasswordAuthentic
 
 @Configuration
 class SecurityConfig(private val jwtTokenProvider: JwtTokenProvider) {
-
     @Bean
     @Throws(Exception::class)
     fun filterChain(http: HttpSecurity): SecurityFilterChain {
         http
-            .httpBasic() { it -> it.disable() }
-            .csrf() { it -> it.disable() }
-            .sessionManagement() { it -> it.sessionCreationPolicy(SessionCreationPolicy.STATELESS) }
-            .authorizeHttpRequests() { it ->
+            .httpBasic { it -> it.disable() }
+            .csrf { it -> it.disable() }
+            .sessionManagement { it -> it.sessionCreationPolicy(SessionCreationPolicy.STATELESS) }
+            .authorizeHttpRequests { it ->
                 it
-                    .requestMatchers("/", "/**").permitAll()
-                    .requestMatchers("/api/**").permitAll()
+                    .requestMatchers("/api/signup").permitAll()
+                    .requestMatchers("/api/signin").permitAll()
+                    .requestMatchers("/swagger-ui/**").permitAll()
+                    .requestMatchers("/v3/api-docs/**").permitAll()
                     .anyRequest().authenticated()
             }
             .addFilterBefore(JwtAuthenticationFilter(jwtTokenProvider), UsernamePasswordAuthenticationFilter::class.java)
diff --git a/src/test/kotlin/com/everywaffle/team3server/auth/JwtAuthenticationFilterTest.kt b/src/test/kotlin/com/everywaffle/team3server/auth/JwtAuthenticationFilterTest.kt
index edb1830..0582884 100644
--- a/src/test/kotlin/com/everywaffle/team3server/auth/JwtAuthenticationFilterTest.kt
+++ b/src/test/kotlin/com/everywaffle/team3server/auth/JwtAuthenticationFilterTest.kt
@@ -63,7 +63,6 @@ class JwtAuthenticationFilterTest {
 
         jwtAuthenticationFilter.doFilter(request, response, filterChain)
 
-        verify(filterChain, never()).doFilter(request, response)
         assert(response.status == HttpServletResponse.SC_UNAUTHORIZED)
     }
 }
\ No newline at end of file

From ab24afb31d42da9e247da719a7f8e609d1529fc3 Mon Sep 17 00:00:00 2001
From: lhw414 <dlgusdn0414@snu.ac.kr>
Date: Thu, 4 Jan 2024 18:55:00 +0900
Subject: [PATCH 9/9] =?UTF-8?q?Fix=20:=20ktlint=20check=20=ED=95=B4?=
 =?UTF-8?q?=EA=B2=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../user/controller/UserSignUpController.kt   | 19 +++++++++++++------
 1 file changed, 13 insertions(+), 6 deletions(-)

diff --git a/src/main/kotlin/com/everywaffle/team3server/user/controller/UserSignUpController.kt b/src/main/kotlin/com/everywaffle/team3server/user/controller/UserSignUpController.kt
index 05cbb65..e82d7c8 100644
--- a/src/main/kotlin/com/everywaffle/team3server/user/controller/UserSignUpController.kt
+++ b/src/main/kotlin/com/everywaffle/team3server/user/controller/UserSignUpController.kt
@@ -12,7 +12,10 @@ import com.everywaffle.team3server.user.service.UserException
 import com.everywaffle.team3server.user.service.UserSignInService
 import com.everywaffle.team3server.user.service.UserSignUpService
 import org.springframework.http.ResponseEntity
-import org.springframework.web.bind.annotation.*
+import org.springframework.web.bind.annotation.ExceptionHandler
+import org.springframework.web.bind.annotation.PostMapping
+import org.springframework.web.bind.annotation.RequestBody
+import org.springframework.web.bind.annotation.RestController
 
 @RestController
 class UserSignUpController(
@@ -20,10 +23,13 @@ class UserSignUpController(
     private val userSignInService: UserSignInService,
 ) {
     @PostMapping("/api/signin")
-    fun signin(@RequestBody request: LocalSignInRequest): LocalSignInResponse {
+    fun signin(
+        @RequestBody request: LocalSignInRequest,
+    ): LocalSignInResponse {
         val response = userSignInService.localSignIn(request.userName, request.password)
         return response
     }
+
     @PostMapping("/api/signup")
     fun signup(
         @RequestBody request: UserRequest.SignUpRequest,
@@ -34,10 +40,11 @@ class UserSignUpController(
 
     @ExceptionHandler
     fun handleException(e: UserException): ResponseEntity<Unit> {
-        val status = when (e) {
-            is SignInUserNameNotFoundException, is SignInInvalidPasswordException -> 404
-            is SignUpUsernameConflictException, is SignUpEmailConflictException -> 409
-        }
+        val status =
+            when (e) {
+                is SignInUserNameNotFoundException, is SignInInvalidPasswordException -> 404
+                is SignUpUsernameConflictException, is SignUpEmailConflictException -> 409
+            }
         return ResponseEntity.status(status).build()
     }
 }
\ No newline at end of file