From 8e786f0877472e4c31f06ac73074d9d425ea366b Mon Sep 17 00:00:00 2001 From: jbh010204 Date: Mon, 11 Aug 2025 01:48:43 +0900 Subject: [PATCH 1/2] feat: add authentication exception handling for exam application endpoint --- .../mosuserver/global/filter/Whitelist.java | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/src/main/java/life/mosu/mosuserver/global/filter/Whitelist.java b/src/main/java/life/mosu/mosuserver/global/filter/Whitelist.java index 0e64e7a6..47e65e9e 100644 --- a/src/main/java/life/mosu/mosuserver/global/filter/Whitelist.java +++ b/src/main/java/life/mosu/mosuserver/global/filter/Whitelist.java @@ -2,6 +2,7 @@ import jakarta.servlet.http.HttpServletRequest; import java.util.Arrays; +import java.util.List; import java.util.Optional; import lombok.Getter; import lombok.RequiredArgsConstructor; @@ -51,10 +52,31 @@ public enum Whitelist { USER_FIND_PASSWORD("/api/v1/user/me/find-password", WhitelistMethod.POST), APPLICATION_GUEST("/api/v1/applications/guest", WhitelistMethod.ALL); + + private static final List AUTH_REQUIRED_EXCEPTIONS = List.of( + new ExceptionRule("/api/v1/exam-application", WhitelistMethod.GET) + ); + private final String path; private final WhitelistMethod method; + public static boolean isAuthException(final HttpServletRequest request) { + String uri = request.getRequestURI(); + String method = request.getMethod(); + for (ExceptionRule rule : AUTH_REQUIRED_EXCEPTIONS) { + if (matchesPath(uri, rule.path()) + && (rule.method() == WhitelistMethod.ALL + || rule.method().name().equalsIgnoreCase(method))) { + return true; + } + } + return false; + } + public static boolean isWhitelisted(final HttpServletRequest request) { + if (isAuthException(request)) { + return false; + } return findMatch(request).isPresent(); } @@ -68,4 +90,16 @@ private static Optional findMatch(final HttpServletRequest request) { .equalsIgnoreCase(requestMethod)) .findFirst(); } + + private static boolean matchesPath(String requestUri, String base) { + if (requestUri == null || base == null) { + return false; + } + String normalizedBase = base.endsWith("/") ? base : base + "/"; + return requestUri.equals(base) || requestUri.startsWith(normalizedBase); + } + + private record ExceptionRule(String path, WhitelistMethod method) { + + } } \ No newline at end of file From a5226a9253f3cf4ac32f0fae08fd1e0ddd6dacc4 Mon Sep 17 00:00:00 2001 From: jbh010204 Date: Mon, 11 Aug 2025 01:49:17 +0900 Subject: [PATCH 2/2] fix: remove caching from getNotices method in NoticeService --- .../life/mosu/mosuserver/application/notice/NoticeService.java | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/main/java/life/mosu/mosuserver/application/notice/NoticeService.java b/src/main/java/life/mosu/mosuserver/application/notice/NoticeService.java index 379df88b..134c94c1 100644 --- a/src/main/java/life/mosu/mosuserver/application/notice/NoticeService.java +++ b/src/main/java/life/mosu/mosuserver/application/notice/NoticeService.java @@ -37,8 +37,6 @@ public void createNotice(NoticeCreateRequest request, UserJpaEntity user) { attachmentService.createAttachment(request.attachments(), noticeEntity); } - @Cacheable(cacheNames = "notice", - key = "'page=' + #page + ',size=' + #size") @Transactional(readOnly = true, propagation = Propagation.SUPPORTS) public List getNotices(int page, int size) { Pageable pageable = PageRequest.of(page, size, Sort.by("id"));