Skip to content

feat: userId 카카오 로그인에서 추출 #10

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
juanxiu wants to merge 33 commits into
base: main
Choose a base branch
from
Open

feat: userId 카카오 로그인에서 추출 #10

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
33 commits
Select commit Hold shift + click to select a range
1177271
cicd: docker-compose.yml
juanxiu Oct 5, 2025
473dde2
cicd: healthcheck
juanxiu Oct 5, 2025
64b3bb4
feat: 매칭 카드 조회 시 userId 하드코딩 제거
juanxiu Oct 10, 2025
55d4870
feat: userId를 AuthUtils에서 가져오도록
juanxiu Oct 10, 2025
c9d5839
feat: 푸시알림으로부터 소비 내역 저장 TODO 추가
juanxiu Oct 10, 2025
0884c30
cicd: EC2 docker 설정 파일로 로컬 파일 변경
juanxiu Oct 11, 2025
f15001a
feat: proto 파일 변경
juanxiu Oct 11, 2025
6a7de02
feat: proto 데이터에 맞게 entity 필드 수정
juanxiu Oct 11, 2025
834da0e
feat: 변경된 cardData, cardCompany.proto 에 맞게 이벤트 컴포넌트 및 관련 엔티티, dto 변경
juanxiu Oct 12, 2025
0c63207
feat: 비즈니스 로직 수정
juanxiu Oct 13, 2025
15de794
feat:PromotionServiceImpl
juanxiu Oct 14, 2025
8388b23
feat: StoreInfoDTO 매장 위치 정보 dto 필드 추가
juanxiu Oct 15, 2025
a5211f1
fix: jpa 테이블 설정
juanxiu Oct 15, 2025
dd82c55
feat: PromotionEventListener 추가
juanxiu Oct 15, 2025
cfc8b9f
feat: application.yml mysql datasource 로
juanxiu Oct 15, 2025
8e8e179
feat: deploy.yml에 디비네임 수정
juanxiu Oct 15, 2025
41cf4bb
fix: 각 세부 혜택 데이터베이스에 저장 및 레포지토리 타입 참조 해결
juanxiu Oct 15, 2025
9d3a03f
fix: 카드데이터 비동기 처리 제거
juanxiu Oct 15, 2025
e0b06ed
fix: 프로모션 리스너 어노테이션
juanxiu Oct 15, 2025
53c941d
fix: 프로모션 데이터 예외처리 개선
juanxiu Oct 15, 2025
91c8e6d
fix: Benefit 엔티티 생성 시 Card 도 함꼐 전달
juanxiu Oct 15, 2025
dab0be3
fix: 데이터 변경 감지 로직 없이 곧바로 수신 후 저장되도록
juanxiu Oct 15, 2025
e5fe0f9
feat: summary 필드 타입 TEXT 로 변경
juanxiu Oct 15, 2025
697b912
feat: 카드 등록 시 UserCard 엔티티 생성할 때 registeredAt 추가
juanxiu Oct 15, 2025
1325389
logs: 디버깅용 로그 추가
juanxiu Oct 15, 2025
9b1d5ee
feat: 카카오 API 호출 시 query 파라미터가 필수 필드, "매장"으로 하드코딩
juanxiu Oct 15, 2025
7a807d2
feat: 카카오 검색 로그
juanxiu Oct 15, 2025
5f4861f
feat: 카카오 검색 카테고리 제거, 반경 5KM 로
juanxiu Oct 15, 2025
d5ca147
feat: 카카오 호출 쿼리 ""로 변경
juanxiu Oct 15, 2025
2fb875a
feat: 카카오 API URL 변경
juanxiu Oct 15, 2025
97821a9
feat: StoreInfo 객체 생성할 때 위치 정보 포함
juanxiu Nov 4, 2025
5b07aeb
feat: 회원가입&로그인 login에 통합
sominyun Nov 4, 2025
5febf7e
feat: 로직 수정
juanxiu Nov 15, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions .github/workflows/deploy.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -111,9 +111,9 @@ jobs:
DB_USERNAME=admin
DB_PASSWORD=${{ secrets.DB_PASSWORD }}
DB_PORT=3306
REDIS_HOST=172.17.0.1
REDIS_HOST=redis
REDIS_PORT=6379
REDIS_PASSWORD=1234
REDIS_PASSWORD=
Comment on lines +114 to +116
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot Oct 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

프로덕션 환경에서 Redis 비밀번호가 비어있습니다.

배포 워크플로우에서 Redis 비밀번호를 빈 값으로 설정하는 것은 보안 위험입니다.

  1. GitHub Secrets에 REDIS_PASSWORD를 추가하세요.
  2. 해당 시크릿을 환경 변수로 전달하세요.

다음과 같이 수정하세요:

           DB_HOST=${{ secrets.DB_HOST }}
           DB_NAME=db-wisecard
           DB_USERNAME=admin
           DB_PASSWORD=${{ secrets.DB_PASSWORD }}
           DB_PORT=3306
           REDIS_HOST=redis
           REDIS_PORT=6379
-          REDIS_PASSWORD=
+          REDIS_PASSWORD=${{ secrets.REDIS_PASSWORD }}
           APP_API_KAKAO_KEY=${{ secrets.APP_API_KAKAO_KEY }}
           APP_PORT=8080
           GRPC_PORT=9091
           JWT_SECRET=${{ secrets.JWT_SECRET }}

그리고 GitHub repository settings에서 REDIS_PASSWORD 시크릿을 추가해야 합니다.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
REDIS_HOST=redis
REDIS_PORT=6379
REDIS_PASSWORD=1234
REDIS_PASSWORD=
DB_HOST=${{ secrets.DB_HOST }}
DB_NAME=db-wisecard
DB_USERNAME=admin
DB_PASSWORD=${{ secrets.DB_PASSWORD }}
DB_PORT=3306
REDIS_HOST=redis
REDIS_PORT=6379
REDIS_PASSWORD=${{ secrets.REDIS_PASSWORD }}
APP_API_KAKAO_KEY=${{ secrets.APP_API_KAKAO_KEY }}
APP_PORT=8080
GRPC_PORT=9091
JWT_SECRET=${{ secrets.JWT_SECRET }}
🤖 Prompt for AI Agents 
.github/workflows/deploy.yml around lines 114-116: Redis password is currently
set to an empty string which is insecure for production; add a REDIS_PASSWORD
secret in the GitHub repository settings and update the workflow to read the
secret into the environment variable (use secrets.REDIS_PASSWORD) instead of
hardcoding an empty value, ensuring the workflow injects the secret at runtime.

Comment on lines +112 to +116
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot Oct 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

환경 변수에 비밀번호를 하드코딩하지 마세요.

DB_PASSWORD를 평문 wisecard로 고정하면 워크플로 로그·PR에서 그대로 노출되어 실서비스 DB가 즉시 위험해집니다. 기존처럼 GitHub Secrets (secrets.DB_PASSWORD)을 사용하도록 되돌려 주세요. Redis 비밀번호도 동일하게 Secrets로 전달돼야 합니다.

-          DB_PASSWORD=wisecard
+          DB_PASSWORD=${{ secrets.DB_PASSWORD }}
...
-          REDIS_PASSWORD=
+          REDIS_PASSWORD=${{ secrets.REDIS_PASSWORD }}
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
DB_PASSWORD=wisecard
DB_PORT=3306
REDIS_HOST=172.17.0.1
REDIS_HOST=redis
REDIS_PORT=6379
REDIS_PASSWORD=1234
REDIS_PASSWORD=
DB_PASSWORD=${{ secrets.DB_PASSWORD }}
DB_PORT=3306
REDIS_HOST=redis
REDIS_PORT=6379
REDIS_PASSWORD=${{ secrets.REDIS_PASSWORD }}
🤖 Prompt for AI Agents 
.github/workflows/deploy.yml lines 112-116: DB/Redis passwords are hardcoded
(DB_PASSWORD=wisecard, REDIS_PASSWORD=) — revert to using GitHub Secrets.
Replace the hardcoded DB_PASSWORD and REDIS_PASSWORD with the corresponding
secrets (e.g. set DB_PASSWORD: ${{ secrets.DB_PASSWORD }} and REDIS_PASSWORD:
${{ secrets.REDIS_PASSWORD }}) in the workflow env or job step, remove
plain-text credentials from the file, and ensure the repository Actions secrets
are populated before merging.

APP_API_KAKAO_KEY=${{ secrets.APP_API_KAKAO_KEY }}
APP_PORT=8080
GRPC_PORT=9091
Expand Down
27 changes: 8 additions & 19 deletions docker-compose.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,11 @@

services:
# Redis는 AWS ElastiCache를 사용하므로 로컬 컨테이너 제거
# Redis 컨테이너 추가
redis:
image: redis:alpine
container_name: redis
restart: unless-stopped
networks:
- wisecard-network
Comment on lines +3 to +8
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot Oct 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

Redis 서비스 구성에 보안 및 데이터 지속성 문제가 있습니다.

Redis 서비스를 추가한 것은 좋지만 다음 문제들을 해결해야 합니다:

  1. 보안: Redis에 비밀번호가 설정되어 있지 않습니다. 내부 네트워크라도 최소한의 인증을 설정하는 것이 좋습니다.
  2. 데이터 지속성: 볼륨이 마운트되어 있지 않아 컨테이너 재시작 시 모든 데이터가 손실됩니다.
  3. 리소스 제한: 메모리 및 CPU 제한이 없어 시스템 리소스를 과도하게 사용할 수 있습니다.

다음과 같이 개선하는 것을 권장합니다:

   redis:
     image: redis:alpine
     container_name: redis
     restart: unless-stopped
+    command: redis-server --requirepass ${REDIS_PASSWORD}
+    volumes:
+      - redis_data:/data
+    deploy:
+      resources:
+        limits:
+          memory: 512M
+          cpus: '0.5'
     networks:
       - wisecard-network

그리고 volumes 섹션에 Redis 데이터 볼륨 추가:

 volumes:
   app_logs:
     driver: local
+  redis_data:
+    driver: local

또한, .env 파일이나 GitHub Secrets에 REDIS_PASSWORD를 설정하고 앱 서비스의 환경 변수에도 동일한 비밀번호를 전달해야 합니다.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
redis:
image: redis:alpine
container_name: redis
restart: unless-stopped
networks:
- wisecard-network
redis:
image: redis:alpine
container_name: redis
restart: unless-stopped
command: redis-server --requirepass ${REDIS_PASSWORD}
volumes:
- redis_data:/data
deploy:
resources:
limits:
memory: 512M
cpus: '0.5'
networks:
- wisecard-network
Suggested change
redis:
image: redis:alpine
container_name: redis
restart: unless-stopped
networks:
- wisecard-network
volumes:
app_logs:
driver: local
redis_data:
driver: local


# WiseCard Backend 애플리케이션
app:
Expand Down Expand Up @@ -37,26 +42,10 @@ services:
retries: 3
start_period: 40s

# Nginx 리버스 프록시 (선택사항)
# nginx:
# image: nginx:alpine
# container_name: wisecard-nginx
# restart: unless-stopped
# ports:
# - "80:80"
# - "443:443"
# volumes:
# - ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro
# - ./nginx/ssl:/etc/nginx/ssl:ro
# networks:
# - wisecard-network
# depends_on:
# - app

volumes:
app_logs:
driver: local

networks:
wisecard-network:
driver: bridge
driver: bridge
3 changes: 2 additions & 1 deletion src/main/java/com/example/demo/controller/BenefitController.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
package com.example.demo.controller;

import com.example.demo.auth.util.AuthUtils;
import com.example.demo.benefit.dto.MatchingCardsResponse;
import com.example.demo.benefit.service.OptimalBenefitService;
import lombok.RequiredArgsConstructor;
Expand Down Expand Up @@ -29,7 +30,7 @@ public class BenefitController {
public ResponseEntity<MatchingCardsResponse> getMatchingCards(
@RequestParam String storeName) {

Long userId = 1L; // 고정 사용자 ID
Long userId = AuthUtils.getMemberId();

try {
MatchingCardsResponse response = optimalBenefitService.getMatchingCardsWithRealTimeFilter(
Expand Down
14 changes: 14 additions & 0 deletions src/main/java/com/example/demo/controller/HealthController.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
package com.example.demo.controller;

import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
@RequestMapping("/api/health")
public class HealthController {

@RequestMapping("/check")
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot Oct 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion | 🟠 Major

HTTP 메서드를 명시적으로 지정하세요.

@RequestMapping보다는 @GetMapping을 사용하여 HTTP 메서드를 명확히 하는 것이 Spring의 모범 사례입니다.

+    @GetMapping("/check")
-    @RequestMapping("/check")
     public String check() {
         return "ok";
     }

As per coding guidelines (Google Java Style Guide와 Spring Framework 모범 사례).

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
@RequestMapping("/check")
@GetMapping("/check")
public String check() {
return "ok";
}
🤖 Prompt for AI Agents 
In src/main/java/com/example/demo/controller/HealthController.java around line
10, the mapping annotation uses @RequestMapping without specifying an HTTP
method; replace it with @GetMapping("/check") and add the corresponding import
(org.springframework.web.bind.annotation.GetMapping) so the endpoint explicitly
handles GET requests per Spring best practices.

public String check() {
return "ok";
}
}