LOOP-ON · chltjsdl0119 · Feb 18, 2026 · Feb 18, 2026 · Feb 18, 2026 · Feb 18, 2026
diff --git a/src/main/java/com/loopon/auth/application/dto/request/LoginRequest.java b/src/main/java/com/loopon/auth/application/dto/request/LoginRequest.java
@@ -5,6 +5,7 @@
 public record LoginRequest(
         @NotBlank(message = "이메일을 입력해주세요.")
         String email,
+
         @NotBlank(message = "비밀번호를 입력해주세요.")
         String password
 ) {

diff --git a/src/main/java/com/loopon/auth/application/dto/request/PasswordResetRequest.java b/src/main/java/com/loopon/auth/application/dto/request/PasswordResetRequest.java
@@ -5,13 +5,14 @@
 import jakarta.validation.constraints.Pattern;
 
 public record PasswordResetRequest(
-        @NotBlank @Email
+        @NotBlank(message = "이메일을 입력해주세요.")
+        @Email(message = "유효한 이메일 주소를 입력해주세요.")
         String email,
 
-        @NotBlank
+        @NotBlank(message = "리셋 토큰을 입력해주세요.")
         String resetToken,
 
-        @NotBlank
+        @NotBlank(message = "새 비밀번호를 입력해주세요.")
         @Pattern(regexp = "^(?=.*[A-Za-z])(?=.*\\d)(?=.*[@$!%*#?&])[A-Za-z\\d@$!%*#?&]{8,}$",
                 message = "비밀번호는 영문, 숫자, 특수문자를 포함하여 8자 이상이어야 합니다.")
         String newPassword

diff --git a/src/main/java/com/loopon/auth/application/dto/request/SocialLoginRequest.java b/src/main/java/com/loopon/auth/application/dto/request/SocialLoginRequest.java
@@ -5,7 +5,10 @@
 import jakarta.validation.constraints.NotNull;
 
 public record SocialLoginRequest(
-        @NotNull UserProvider provider,
-        @NotBlank String accessToken
+        @NotNull(message = "소셜 로그인 제공자를 선택해주세요.")
+        UserProvider provider,
+
+        @NotBlank(message = "액세스 토큰을 입력해주세요.")
+        String accessToken
 ) {
 }
diff --git a/src/main/java/com/loopon/auth/application/dto/request/VerificationRequest.java b/src/main/java/com/loopon/auth/application/dto/request/VerificationRequest.java
@@ -6,10 +6,11 @@
 import jakarta.validation.constraints.NotNull;
 
 public record VerificationRequest(
-        @NotBlank @Email
+        @NotBlank(message = "이메일을 입력해주세요.")
+        @Email(message = "유효한 이메일 주소를 입력해주세요.")
         String email,
 
-        @NotNull
+        @NotNull(message = "검증 목적을 선택해주세요.")
         VerificationPurpose purpose
 ) {
 }
diff --git a/src/main/java/com/loopon/auth/application/dto/request/VerificationVerifyRequest.java b/src/main/java/com/loopon/auth/application/dto/request/VerificationVerifyRequest.java
@@ -6,13 +6,14 @@
 import jakarta.validation.constraints.NotNull;
 
 public record VerificationVerifyRequest(
-        @NotBlank @Email
+        @NotBlank(message = "이메일을 입력해주세요.")
+        @Email(message = "유효한 이메일 주소를 입력해주세요.")
         String email,
 
-        @NotBlank
+        @NotBlank(message = "검증 코드를 입력해주세요.")
         String code,
 
-        @NotNull
+        @NotNull(message = "검증 목적을 선택해주세요.")
         VerificationPurpose purpose
 ) {
 }
diff --git a/src/main/java/com/loopon/auth/application/dto/response/AuthResult.java b/src/main/java/com/loopon/auth/application/dto/response/AuthResult.java
@@ -1,7 +1,12 @@
 package com.loopon.auth.application.dto.response;
 
+import io.swagger.v3.oas.annotations.media.Schema;
+
 public record AuthResult(
+        @Schema(description = "액세스 토큰 (Bearer)", example = "eyJhbGciOiJIUzI1NiJ9...")
-        @Schema(description = "액세스 토큰 (Bearer)", example = "eyJhbGciOiJIUzI1NiJ9...")
+        @Schema(description = "액세스 토큰(JWT). Authorization 헤더 전송 시 'Bearer ' 접두어를 붙여 사용", example = "eyJhbGciOiJIUzI1NiJ9...")
-        @Schema(description = "액세스 토큰 (Bearer)", example = "eyJhbGciOiJIUzI1NiJ9...")
+        @Schema(description = "액세스 토큰(JWT). Authorization 헤더 전송 시 'Bearer ' 접두어를 붙여 사용", example = "eyJhbGciOiJIUzI1NiJ9...")
         String accessToken,
+
+        @Schema(description = "리프레시 토큰", example = "d1f2e3c4b5a6...")
         String refreshToken
 ) {
 

diff --git a/src/main/java/com/loopon/auth/infrastructure/apple/AppleAuthClientAdapter.java b/src/main/java/com/loopon/auth/infrastructure/apple/AppleAuthClientAdapter.java
@@ -17,7 +17,7 @@
 @Component
 @RequiredArgsConstructor
 public class AppleAuthClientAdapter {
-    private final RestClient kakaoRestClient;
+    private final RestClient appleRestClient;
     private final AppleClientSecretGenerator secretGenerator;
 
     @Value("${apple.client-id}")
@@ -33,7 +33,7 @@ public AppleTokenResponse getTokens(String authorizationCode) {
         params.add("grant_type", "authorization_code");
 
         try {
-            return kakaoRestClient.post()
+            return appleRestClient.post()
                     .uri("https://appleid.apple.com/auth/token")
-                    .uri("https://appleid.apple.com/auth/token")
+                    .uri("/auth/token")
-                    .uri("https://appleid.apple.com/auth/token")
+                    .uri("/auth/token")
                     .contentType(MediaType.APPLICATION_FORM_URLENCODED)
                     .body(params)

diff --git a/src/main/java/com/loopon/global/config/HttpInterfaceConfig.java b/src/main/java/com/loopon/global/config/HttpInterfaceConfig.java
diff --git a/src/main/java/com/loopon/global/config/RestClientConfig.java b/src/main/java/com/loopon/global/config/RestClientConfig.java
@@ -14,6 +14,13 @@ public RestClient kakaoRestClient() {
                 .build();
     }
 
+    @Bean("appleRestClient")
+    public RestClient appleRestClient() {
+        return RestClient.builder()
+                .baseUrl("https://appleid.apple.com")
+                .build();
+    }
+
     @Bean("geminiRestClient")
     public RestClient geminiRestClient() {
         return RestClient.builder()

diff --git a/src/main/java/com/loopon/global/config/SecurityConfig.java b/src/main/java/com/loopon/global/config/SecurityConfig.java
@@ -31,6 +31,7 @@ public class SecurityConfig {
 
     private static final String[] PUBLIC_URLS = {
             "/",
+            "/health",
             "/favicon.ico",
             "/v3/api-docs/**",
             "/swagger-ui/**",
@@ -50,7 +51,7 @@ public class SecurityConfig {
     private static final String[] API_URLS = {
             "/api/users/me",
             "/api/users/profile",
-            "/api/users/password",
+            "/api/users/password"
     };
 
     @Bean

diff --git a/src/main/java/com/loopon/global/health/HealthCheckController.java b/src/main/java/com/loopon/global/health/HealthCheckController.java
@@ -0,0 +1,38 @@
+package com.loopon.global.health;
+
+import com.loopon.global.domain.dto.CommonResponse;
+import io.swagger.v3.oas.annotations.Hidden;
+import lombok.RequiredArgsConstructor;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import java.time.LocalDateTime;
+import java.util.Map;
+
+@RestController
+@Hidden
+@RequiredArgsConstructor
+public class HealthCheckController {
+
+    @Value("${spring.profiles.active:default}")
+    private String activeProfile;
+
+    @GetMapping("/")
+    public ResponseEntity<CommonResponse<Map<String, String>>> systemStatus() {
+        Map<String, String> status = Map.of(
+                "status", "UP",
+                "profile", activeProfile,
+                "serverTime", LocalDateTime.now().toString(),
+                "message", "LoopOn API Server is running!"
+        );
+
+        return ResponseEntity.ok(CommonResponse.onSuccess(status));
+    }
+
+    @GetMapping("/health")
+    public String healthCheck() {
+        return "OK";
+    }
+}
diff --git a/src/main/java/com/loopon/global/security/filter/JwtAuthenticationFilter.java b/src/main/java/com/loopon/global/security/filter/JwtAuthenticationFilter.java
@@ -28,6 +28,7 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
 
     private final List<String> excludeUrlPatterns = List.of(
             "/",
+            "/health",
             "/favicon.ico",
             "/v3/api-docs/**",
             "/swagger-ui/**",
@@ -40,6 +41,7 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
             "/api/users/upload-profile-image",
             "/api/auth/login/**",
             "/api/auth/reissue",
+            "/api/auth/logout",
             "/api/auth/verification/**"
     );