diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md
new file mode 100644
index 0000000..a61084c
--- /dev/null
+++ b/.github/pull_request_template.md
@@ -0,0 +1,22 @@
+## 📌 몇 주차 워크북인가요?
+- 예: Week01
+
+---
+
+## ✨ 이번 주에 작업한 내용
+- 구현/수정한 기능 요약
+  - 예: 회원가입 API 구현
+  - 예: UI 레이아웃 정리
+
+---
+
+## 🙋 리뷰 요청/확인 받고 싶은 부분
+- 예: 비밀번호 유효성 검사 로직이 적절한지 확인 부탁드립니다.
+- 예: Controller 단의 코드 구조 피드백 원합니다.
+
+---
+
+## ✅ 체크리스트
+- [ ] `weekN/` 폴더 안에 과제 정리 완료
+- [ ]  PR 생성 시 **base = 조직 내 본인 브랜치**, **compare = 내 Fork main 브랜치**로 설정했는지 확인
+- [ ]  PR 제목에 **`[WeekN] 닉네임/이름 미션 제출`** 규칙 맞게 작성
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..b157827
--- /dev/null
+++ b/README.md
@@ -0,0 +1,40 @@
+# 🌱 9th-Springboot  
+> 9th 서경대 **UMC Springboot 파트 Repository** 입니다.  
+
+<p>
+  <img src="https://img.shields.io/badge/UMC-9th-6A5ACD?style=for-the-badge&logo=github&logoColor=white" />
+  <img src="https://img.shields.io/badge/Repository-Springboot%20Part-6DB33F?style=for-the-badge" />
+</p>
+
+<br>
+  
+## 🚀 GitHub 미션 제출 방법
+1. 본인의 닉네임으로 새 브랜치를 만들어 주세요.
+2. 이 레포지토리를 본인 계정으로 Fork 합니다.
+3. Fork한 레포지토리에 미션 결과물을 올립니다.
+4. 본인 레포지토리에서 SKU-UMC 레포지토리의 닉네임 브랜치로 Pull Request(PR)를 보내면 끝!
+- [SKU UMC GitHub 미션 제출 가이드](https://acoustic-daffodil-00e.notion.site/GitHub-26731d49a1348042878ff024dcbde258)
+  
+<br>
+
+## 🍀 PR 규칙
+- **제목 형식**  
+  - [WeekN] 닉네임/이름 미션 제출
+  - ex) `[Week01] 프롬/전다인 미션 제출`
+
+- **주의사항**  
+  - main 브랜치로는 절대 PR ❌  
+  - 반드시 fork된 본인 레포 → original 레포 본인 브랜치로 PR 보내기 ✅
+
+- **리뷰 & 머지**  
+  - 파트장이 PR 내용을 확인 후 피드백을 남깁니다.  
+  - 필요 시 수정/보완을 진행한 뒤 다시 확인을 받습니다.  
+  - 최종적으로 확인되면 approve 후 머지합니다.
+    
+<br>
+
+## 📢 안내사항
+- PR 기준으로 워크북 수행 여부를 체크합니다.  
+  → 모든 미션을 완료하지 못했더라도 진행한 만큼 제출 부탁드립니다!
+- 리뷰는 단순한 평가가 아니라 함께 배우는 과정이니, 피드백을 참고해 부족했던 부분을 채워가면 됩니다.
+- 모르는 부분이 있으면 언제든 운영진에게 질문해 주세요!
diff --git a/build.gradle b/build.gradle
index d36aabf..8ac929f 100644
--- a/build.gradle
+++ b/build.gradle
@@ -46,6 +46,16 @@ dependencies {
 
     // Validation
     implementation 'org.springframework.boot:spring-boot-starter-validation'
+
+    // Security
+    implementation 'org.springframework.boot:spring-boot-starter-security'
+    testImplementation 'org.springframework.security:spring-security-test'
+
+    // Jwt
+    implementation 'io.jsonwebtoken:jjwt-api:0.12.3'
+    implementation 'io.jsonwebtoken:jjwt-impl:0.12.3'
+    implementation 'io.jsonwebtoken:jjwt-jackson:0.12.3'
+    implementation 'org.springframework.boot:spring-boot-configuration-processor'
 }
 
 tasks.named('test') {
diff --git a/src/main/java/com/example/umc_9th_springboot/domain/user/controller/UserController.java b/src/main/java/com/example/umc_9th_springboot/domain/user/controller/UserController.java
new file mode 100644
index 0000000..5294b58
--- /dev/null
+++ b/src/main/java/com/example/umc_9th_springboot/domain/user/controller/UserController.java
@@ -0,0 +1,61 @@
+package com.example.umc_9th_springboot.domain.user.controller;
+
+import com.example.umc_9th_springboot.domain.user.dto.req.UserReqDTO;
+import com.example.umc_9th_springboot.domain.user.dto.res.UserResDTO;
+import com.example.umc_9th_springboot.domain.user.service.UserCommandService;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpSession;
+import lombok.RequiredArgsConstructor;
+import org.springframework.web.bind.annotation.*;
+
+@RestController
+@RequestMapping("/api/users")
+@RequiredArgsConstructor
+public class UserController {
+
+    private final UserCommandService userCommandService;
+
+    //회원가입 세션 API
+    @PostMapping("/sign-up/session")
+    public UserResDTO.SignUpDTO signUp(@RequestBody UserReqDTO.SignUpDTO request) {
+        return userCommandService.signup(request);
+    }
+
+    // 로그인 세션 API
+    @PostMapping("/login/session")
+    public UserResDTO.LoginSessionDTO loginSession(
+            @RequestBody UserReqDTO.LoginSessionDTO request,
+            HttpServletRequest httpRequest
+    ) {
+        UserResDTO.LoginSessionDTO response = userCommandService.login(request);
+
+        // 세션 생성 및 사용자 정보 저장
+        HttpSession session = httpRequest.getSession(true);
+        session.setAttribute("loginUserId", response.getUserId());
+        session.setAttribute("loginUserEmail", response.getEmail());
+
+        return response;
+    }
+    // 로그아웃 세션 방식
+    @PostMapping("/logout/session")
+    public void logoutSession(HttpServletRequest httpRequest) {
+        HttpSession session = httpRequest.getSession(false);
+        if (session != null) {
+            session.invalidate();
+        }
+    }
+
+    // 로그인 JWT 방식 API
+    @PostMapping("/login/jwt")
+    public UserResDTO.LoginJwtDTO loginJwt(
+            @RequestBody UserReqDTO.LoginJwtDTO request
+    ) {
+        return userCommandService.loginJwt(request);
+    }
+
+    // jwt 회원가입 API
+    @PostMapping("/sign-up/jwt")
+    public UserResDTO.SignUpJwtDTO signUpJwt(@RequestBody UserReqDTO.SignUpDTO request) {
+        return userCommandService.signupJwt(request);
+    }
+}
diff --git a/src/main/java/com/example/umc_9th_springboot/domain/user/converter/UserConverter.java b/src/main/java/com/example/umc_9th_springboot/domain/user/converter/UserConverter.java
new file mode 100644
index 0000000..2764cc9
--- /dev/null
+++ b/src/main/java/com/example/umc_9th_springboot/domain/user/converter/UserConverter.java
@@ -0,0 +1,26 @@
+package com.example.umc_9th_springboot.domain.user.converter;
+
+import com.example.umc_9th_springboot.domain.user.dto.req.UserReqDTO;
+import com.example.umc_9th_springboot.domain.user.entity.User;
+import com.example.umc_9th_springboot.global.auth.enums.Role;
+
+import java.time.LocalDate;
+
+public class UserConverter {
+    public static User toUser(
+            UserReqDTO.SignUpDTO request,
+            String encodedPassword,
+            Role role
+    ) {
+        return User.builder()
+                .email(request.getEmail())
+                .password(encodedPassword)
+                .name(request.getName())
+                .gender(request.getGender())
+                .birth(LocalDate.parse(request.getBirth()))
+                .address(request.getAddress())
+                .role(role)
+                .point(0)
+                .build();
+    }
+}
diff --git a/src/main/java/com/example/umc_9th_springboot/domain/user/dto/req/UserReqDTO.java b/src/main/java/com/example/umc_9th_springboot/domain/user/dto/req/UserReqDTO.java
new file mode 100644
index 0000000..05af230
--- /dev/null
+++ b/src/main/java/com/example/umc_9th_springboot/domain/user/dto/req/UserReqDTO.java
@@ -0,0 +1,43 @@
+package com.example.umc_9th_springboot.domain.user.dto.req;
+
+import com.example.umc_9th_springboot.domain.user.enums.Gender;
+import jakarta.validation.constraints.NotBlank;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+
+public class UserReqDTO {
+
+    //회원가입 세션 방식 요청 DTO
+    @Getter
+    @NoArgsConstructor
+    @AllArgsConstructor
+    @Builder
+    public static class SignUpDTO {
+        private String email;
+        private String password;
+        private String name;
+        private Gender gender;
+        private String birth;
+        private String address;
+    }
+
+    //로그인 세션 방식 요청 DTO
+    @Getter
+    @NoArgsConstructor
+    @AllArgsConstructor
+    @Builder
+    public static class LoginSessionDTO {
+        private String email;
+        private String password;
+    }
+
+    // 로그인 jwt 방식 요청 DTO
+    public record LoginJwtDTO(
+            @NotBlank
+            String email,
+            @NotBlank
+            String password
+    ) {}
+}
diff --git a/src/main/java/com/example/umc_9th_springboot/domain/user/dto/res/UserResDTO.java b/src/main/java/com/example/umc_9th_springboot/domain/user/dto/res/UserResDTO.java
new file mode 100644
index 0000000..6a9fe23
--- /dev/null
+++ b/src/main/java/com/example/umc_9th_springboot/domain/user/dto/res/UserResDTO.java
@@ -0,0 +1,53 @@
+package com.example.umc_9th_springboot.domain.user.dto.res;
+import com.example.umc_9th_springboot.global.auth.enums.Role;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+
+public class UserResDTO {
+
+    //회원가입 세션 방식 응답 DTO
+    @Getter
+    @NoArgsConstructor
+    @AllArgsConstructor
+    @Builder
+    public static class SignUpDTO {
+        private Long userId;
+        private String email;
+        private String name;
+        private Role role;
+    }
+
+    //로그인 세션 방식 응답 DTO
+    @Getter
+    @NoArgsConstructor
+    @AllArgsConstructor
+    @Builder
+    public static class LoginSessionDTO {
+        private Long userId;
+        private String email;
+        private String name;
+        private Role role;
+    }
+
+    // 로그인 jwt 방식 응답 DTO
+    @Builder
+    public record LoginJwtDTO(
+            Long userId,
+            String accessToken
+    ) {}
+
+    // jwt 회원가입 응답 DTO
+    @Getter
+    @NoArgsConstructor
+    @AllArgsConstructor
+    @Builder
+    public static class SignUpJwtDTO {
+        private Long userId;
+        private String email;
+        private String name;
+        private Role role;
+        private String accessToken;
+    }
+}
diff --git a/src/main/java/com/example/umc_9th_springboot/domain/user/entity/User.java b/src/main/java/com/example/umc_9th_springboot/domain/user/entity/User.java
index 02d25fc..b113a27 100644
--- a/src/main/java/com/example/umc_9th_springboot/domain/user/entity/User.java
+++ b/src/main/java/com/example/umc_9th_springboot/domain/user/entity/User.java
@@ -7,6 +7,7 @@
 import com.example.umc_9th_springboot.domain.shop.entity.UserRegion;
 import com.example.umc_9th_springboot.domain.review.entity.Review;
 import com.example.umc_9th_springboot.domain.review.entity.ReviewComment;
+import com.example.umc_9th_springboot.global.auth.enums.Role;
 import jakarta.persistence.*;
 import lombok.*;
 import org.springframework.data.jpa.domain.support.AuditingEntityListener;
@@ -31,6 +32,15 @@ public class User extends BaseEntity {
     @GeneratedValue(strategy = GenerationType.IDENTITY)
     private Long id;
 
+    @Column(nullable = false, unique = true)
+    private String email;
+
+    @Column(nullable = false)
+    private String password;
+
+    @Enumerated(EnumType.STRING)
+    private Role role;
+
     @Column(nullable = false, length = 20)
     private String name;
 
diff --git a/src/main/java/com/example/umc_9th_springboot/domain/user/repository/UserRepository.java b/src/main/java/com/example/umc_9th_springboot/domain/user/repository/UserRepository.java
index 6a26a5d..6414849 100644
--- a/src/main/java/com/example/umc_9th_springboot/domain/user/repository/UserRepository.java
+++ b/src/main/java/com/example/umc_9th_springboot/domain/user/repository/UserRepository.java
@@ -9,6 +9,9 @@
 
 public interface UserRepository extends JpaRepository<User, Long> {
 
+    // 이메일로 조회
+    Optional<User> findByEmail(String email);
+
     //마이페이지 회원 정보 조회
     Optional<User> findById(Long id);
 }
diff --git a/src/main/java/com/example/umc_9th_springboot/domain/user/service/UserCommandService.java b/src/main/java/com/example/umc_9th_springboot/domain/user/service/UserCommandService.java
new file mode 100644
index 0000000..296bce9
--- /dev/null
+++ b/src/main/java/com/example/umc_9th_springboot/domain/user/service/UserCommandService.java
@@ -0,0 +1,18 @@
+package com.example.umc_9th_springboot.domain.user.service;
+
+import com.example.umc_9th_springboot.domain.user.dto.req.UserReqDTO;
+import com.example.umc_9th_springboot.domain.user.dto.res.UserResDTO;
+
+public interface UserCommandService {
+
+    // Session 회원가입
+    UserResDTO.SignUpDTO signup(UserReqDTO.SignUpDTO dto);
+    // Session 로그인
+    UserResDTO.LoginSessionDTO login(UserReqDTO.LoginSessionDTO dto);
+
+    // jwt 로그인
+    UserResDTO.LoginJwtDTO loginJwt(UserReqDTO.LoginJwtDTO dto);
+
+    // jwt 회원가입
+    UserResDTO.SignUpJwtDTO signupJwt(UserReqDTO.SignUpDTO dto);
+}
diff --git a/src/main/java/com/example/umc_9th_springboot/domain/user/service/impl/UserCommandServiceImpl.java b/src/main/java/com/example/umc_9th_springboot/domain/user/service/impl/UserCommandServiceImpl.java
new file mode 100644
index 0000000..11cda96
--- /dev/null
+++ b/src/main/java/com/example/umc_9th_springboot/domain/user/service/impl/UserCommandServiceImpl.java
@@ -0,0 +1,115 @@
+package com.example.umc_9th_springboot.domain.user.service.impl;
+
+import com.example.umc_9th_springboot.domain.user.converter.UserConverter;
+import com.example.umc_9th_springboot.domain.user.dto.req.UserReqDTO;
+import com.example.umc_9th_springboot.domain.user.dto.res.UserResDTO;
+import com.example.umc_9th_springboot.domain.user.entity.User;
+import com.example.umc_9th_springboot.domain.user.repository.UserRepository;
+import com.example.umc_9th_springboot.domain.user.service.UserCommandService;
+import com.example.umc_9th_springboot.global.auth.enums.Role;
+import com.example.umc_9th_springboot.global.auth.util.JwtUtil;
+import lombok.RequiredArgsConstructor;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.stereotype.Service;
+
+import java.util.NoSuchElementException;
+
+
+@Service
+@RequiredArgsConstructor
+public class UserCommandServiceImpl implements UserCommandService {
+
+    private final UserRepository userRepository;
+
+    private final PasswordEncoder passwordEncoder;
+
+    private final JwtUtil jwtUtil;
+
+    //회원가입
+    @Override
+    public UserResDTO.SignUpDTO signup(UserReqDTO.SignUpDTO dto) {
+
+        String encodedPassword = passwordEncoder.encode(dto.getPassword());
+
+        User user = UserConverter.toUser(dto, encodedPassword, Role.USER);
+
+        User savedUser = userRepository.save(user);
+
+        return UserResDTO.SignUpDTO.builder()
+                .userId(savedUser.getId())
+                .email(savedUser.getEmail())
+                .name(savedUser.getName())
+                .role(savedUser.getRole())
+                .build();
+    }
+
+    // Session 로그인
+    @Override
+    public UserResDTO.LoginSessionDTO login(UserReqDTO.LoginSessionDTO dto) {
+
+        User user = userRepository.findByEmail(dto.getEmail())
+                .orElseThrow(() -> new NoSuchElementException("존재하지 않는 회원입니다."));
+
+        if (!passwordEncoder.matches(dto.getPassword(), user.getPassword())) {
+            throw new IllegalArgumentException("비밀번호가 일치하지 않습니다.");
+        }
+
+        return UserResDTO.LoginSessionDTO.builder()
+                .userId(user.getId())
+                .email(user.getEmail())
+                .name(user.getName())
+                .role(user.getRole())
+                .build();
+    }
+
+    // jwt 로그인
+    @Override
+    public UserResDTO.LoginJwtDTO loginJwt(UserReqDTO.LoginJwtDTO dto) {
+
+        UserResDTO.LoginSessionDTO loginResult = login(
+                new UserReqDTO.LoginSessionDTO(
+                        dto.email(),
+                        dto.password()
+                )
+        );
+
+        String accessToken = jwtUtil.createAccessToken(
+                loginResult.getUserId(),
+                loginResult.getEmail(),
+                loginResult.getRole().name()
+        );
+
+        return UserResDTO.LoginJwtDTO.builder()
+                .userId(loginResult.getUserId())
+                .accessToken(accessToken)
+                .build();
+    }
+
+    // jwt 회원가입
+    @Override
+    public UserResDTO.SignUpJwtDTO signupJwt(UserReqDTO.SignUpDTO dto) {
+
+        String encodedPassword = passwordEncoder.encode(dto.getPassword());
+
+        User user = UserConverter.toUser(dto, encodedPassword, Role.USER);
+
+        User savedUser = userRepository.save(user);
+
+
+        String accessToken = jwtUtil.createAccessToken(
+                savedUser.getId(),
+                savedUser.getEmail(),
+                savedUser.getRole().name()
+        );
+
+
+        return UserResDTO.SignUpJwtDTO.builder()
+                .userId(savedUser.getId())
+                .email(savedUser.getEmail())
+                .name(savedUser.getName())
+                .role(savedUser.getRole())
+                .accessToken(accessToken)
+                .build();
+    }
+
+}
diff --git a/src/main/java/com/example/umc_9th_springboot/global/auth/enums/Role.java b/src/main/java/com/example/umc_9th_springboot/global/auth/enums/Role.java
new file mode 100644
index 0000000..4ab46fb
--- /dev/null
+++ b/src/main/java/com/example/umc_9th_springboot/global/auth/enums/Role.java
@@ -0,0 +1,5 @@
+package com.example.umc_9th_springboot.global.auth.enums;
+
+public enum Role {
+    ROLE_ADMIN, USER, ROLE_USER
+}
\ No newline at end of file
diff --git a/src/main/java/com/example/umc_9th_springboot/global/auth/service/CustomUserDetailsService.java b/src/main/java/com/example/umc_9th_springboot/global/auth/service/CustomUserDetailsService.java
new file mode 100644
index 0000000..cef0057
--- /dev/null
+++ b/src/main/java/com/example/umc_9th_springboot/global/auth/service/CustomUserDetailsService.java
@@ -0,0 +1,29 @@
+package com.example.umc_9th_springboot.global.auth.service;
+
+import com.example.umc_9th_springboot.domain.user.entity.User;
+import com.example.umc_9th_springboot.domain.user.repository.UserRepository;
+import com.example.umc_9th_springboot.global.auth.util.CustomUserDetails;
+import lombok.RequiredArgsConstructor;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.stereotype.Service;
+
+@Service
+@RequiredArgsConstructor
+public class CustomUserDetailsService implements UserDetailsService {
+
+    private final UserRepository userRepository;
+
+    @Override
+    public UserDetails loadUserByUsername(String email)
+            throws UsernameNotFoundException {
+
+        User user = userRepository.findByEmail(email)
+                .orElseThrow(() ->
+                        new UsernameNotFoundException("해당 이메일을 가진 유저가 없습니다: " + email)
+                );
+
+        return new CustomUserDetails(user);
+    }
+}
diff --git a/src/main/java/com/example/umc_9th_springboot/global/auth/util/CustomUserDetails.java b/src/main/java/com/example/umc_9th_springboot/global/auth/util/CustomUserDetails.java
new file mode 100644
index 0000000..ea60e40
--- /dev/null
+++ b/src/main/java/com/example/umc_9th_springboot/global/auth/util/CustomUserDetails.java
@@ -0,0 +1,43 @@
+package com.example.umc_9th_springboot.global.auth.util;
+
+import com.example.umc_9th_springboot.domain.user.entity.User;
+import lombok.Getter;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+
+import java.util.Collection;
+import java.util.List;
+
+@Getter
+public class CustomUserDetails implements UserDetails {
+
+    private final User user;
+
+    public CustomUserDetails(User user){
+        this.user = user;
+    }
+
+    @Override
+    public Collection<? extends GrantedAuthority> getAuthorities() {
+        return List.of(new SimpleGrantedAuthority("ROLE_" + user.getRole().name()));
+    }
+
+    @Override
+    public String getPassword() { return user.getPassword(); }
+
+    @Override
+    public String getUsername() { return user.getEmail(); }
+
+    @Override
+    public boolean isAccountNonExpired() { return true; }
+
+    @Override
+    public boolean isAccountNonLocked() { return true; }
+
+    @Override
+    public boolean isCredentialsNonExpired() { return true; }
+
+    @Override
+    public boolean isEnabled() { return true; }
+}
diff --git a/src/main/java/com/example/umc_9th_springboot/global/auth/util/JwtAuthFilter.java b/src/main/java/com/example/umc_9th_springboot/global/auth/util/JwtAuthFilter.java
new file mode 100644
index 0000000..e769e6d
--- /dev/null
+++ b/src/main/java/com/example/umc_9th_springboot/global/auth/util/JwtAuthFilter.java
@@ -0,0 +1,80 @@
+package com.example.umc_9th_springboot.global.auth.util;
+
+import com.example.umc_9th_springboot.global.apiPayload.ApiResponse;
+import com.example.umc_9th_springboot.global.apiPayload.code.GeneralErrorCode;
+import com.example.umc_9th_springboot.global.auth.service.CustomUserDetailsService;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import lombok.NonNull;
+import lombok.RequiredArgsConstructor;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.stereotype.Component;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+import java.io.IOException;
+
+@Component
+@RequiredArgsConstructor
+public class JwtAuthFilter extends OncePerRequestFilter {
+
+    private final JwtUtil jwtUtil;
+    private final CustomUserDetailsService customUserDetailsService;
+
+    @Override
+    protected void doFilterInternal(
+            @NonNull HttpServletRequest request,
+            @NonNull HttpServletResponse response,
+            @NonNull FilterChain filterChain
+    ) throws ServletException, IOException {
+
+        try {
+            // 토큰 가져오기
+            String token = request.getHeader("Authorization");
+
+            // token이 없거나 Bearer가 아니면 넘기기
+            if (token == null || !token.startsWith("Bearer ")) {
+                filterChain.doFilter(request, response);
+                return;
+            }
+
+            // Bearer이면 추출
+            token = token.replace("Bearer ", "");
+
+            // AccessToken 검증하기
+            if (jwtUtil.isValid(token)) {
+                // 토큰에서 이메일 추출
+                String email = jwtUtil.getEmail(token);
+
+                // 인증 객체 생성
+                UserDetails user = customUserDetailsService.loadUserByUsername(email);
+                Authentication auth = new UsernamePasswordAuthenticationToken(
+                        user,
+                        null,
+                        user.getAuthorities()
+                );
+
+                // SecurityContext에 인증 저장
+                SecurityContextHolder.getContext().setAuthentication(auth);
+            }
+
+            filterChain.doFilter(request, response);
+        } catch (Exception e) {
+            response.setContentType("application/json;charset=UTF-8");
+            response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+
+            ApiResponse<Void> errorResponse = ApiResponse.onFailure(
+                    GeneralErrorCode.UNAUTHORIZED,
+                    null
+            );
+
+            ObjectMapper mapper = new ObjectMapper();
+            mapper.writeValue(response.getOutputStream(), errorResponse);
+        }
+    }
+}
diff --git a/src/main/java/com/example/umc_9th_springboot/global/auth/util/JwtUtil.java b/src/main/java/com/example/umc_9th_springboot/global/auth/util/JwtUtil.java
new file mode 100644
index 0000000..82c46a4
--- /dev/null
+++ b/src/main/java/com/example/umc_9th_springboot/global/auth/util/JwtUtil.java
@@ -0,0 +1,82 @@
+package com.example.umc_9th_springboot.global.auth.util;
+
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.Jws;
+import io.jsonwebtoken.JwtException;
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.security.Keys;
+import jakarta.annotation.PostConstruct;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Component;
+
+import javax.crypto.SecretKey;
+import java.nio.charset.StandardCharsets;
+import java.time.Duration;
+import java.time.Instant;
+import java.util.Date;
+
+@Component
+public class JwtUtil {
+
+    private SecretKey secretKey;
+    private final String secret;
+    private final Duration accessExpiration;
+
+    // application.yml 의 jwt.token.* 값 주입
+    public JwtUtil(
+            @Value("${jwt.token.secretKey}") String secret,
+            @Value("${jwt.token.expiration.access}") Long accessExpiration
+    ) {
+        this.secret = secret;
+        this.accessExpiration = Duration.ofMillis(accessExpiration);
+    }
+
+    @PostConstruct
+    public void init() {
+        this.secretKey = Keys.hmacShaKeyFor(secret.getBytes(StandardCharsets.UTF_8));
+    }
+
+    // AccessToken 생성
+    public String createAccessToken(Long userId, String email, String role) {
+        return createToken(userId, email, role, accessExpiration);
+    }
+
+    public String getEmail(String token) {
+        try {
+            return getClaims(token).getPayload().get("email", String.class);
+        } catch (JwtException e) {
+            return null;
+        }
+    }
+
+    public boolean isValid(String token) {
+        try {
+            getClaims(token);
+            return true;
+        } catch (JwtException e) {
+            return false;
+        }
+    }
+
+
+    private String createToken(Long userId, String email, String role, Duration expiration) {
+        Instant now = Instant.now();
+
+        return Jwts.builder()
+                .subject(String.valueOf(userId))
+                .claim("email", email)
+                .claim("role", role)
+                .issuedAt(Date.from(now))
+                .expiration(Date.from(now.plus(expiration)))
+                .signWith(secretKey)
+                .compact();
+    }
+
+    private Jws<Claims> getClaims(String token) throws JwtException {
+        return Jwts.parser()
+                .verifyWith(secretKey)
+                .clockSkewSeconds(60)
+                .build()
+                .parseSignedClaims(token);
+    }
+}
\ No newline at end of file
diff --git a/src/main/java/com/example/umc_9th_springboot/global/config/SecurityConfig.java b/src/main/java/com/example/umc_9th_springboot/global/config/SecurityConfig.java
new file mode 100644
index 0000000..b01194c
--- /dev/null
+++ b/src/main/java/com/example/umc_9th_springboot/global/config/SecurityConfig.java
@@ -0,0 +1,68 @@
+package com.example.umc_9th_springboot.global.config;
+
+import com.example.umc_9th_springboot.global.auth.util.JwtAuthFilter;
+import lombok.RequiredArgsConstructor;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+
+
+@EnableWebSecurity
+@Configuration
+@RequiredArgsConstructor
+public class SecurityConfig {
+
+    private final JwtAuthFilter jwtAuthFilter;
+
+    private final String[] allowUris = {
+            "/swagger-ui/**",
+            "/swagger-resources/**",
+            "/v3/api-docs/**",
+            "/webjars/**",
+            "/api/users/sign-up/session",
+            "/api/users/login/session",
+            "/api/users/logout/session",
+            "/api/users/login/jwt",
+            "/api/users/sign-up/jwt"
+    };
+
+    // PasswordEncoder 빈 등록
+    @Bean
+    public PasswordEncoder passwordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
+
+    // Security 필터 체인 설정
+    @Bean
+    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+        http
+                .csrf(AbstractHttpConfigurer::disable)
+
+                .authorizeHttpRequests(requests -> requests
+                        .requestMatchers(allowUris).permitAll()
+                        .requestMatchers("/admin/**").hasRole("ADMIN")
+                        .anyRequest().authenticated()
+                )
+
+                .formLogin(form -> form
+                        .defaultSuccessUrl("/swagger-ui/index.html", true)
+                        .permitAll()
+                )
+
+                .logout(logout -> logout
+                        .logoutUrl("/logout")
+                        .logoutSuccessUrl("/login?logout")
+                        .permitAll()
+                )
+
+                .addFilterBefore(jwtAuthFilter, UsernamePasswordAuthenticationFilter.class);
+
+        return http.build();
+    }
+}
\ No newline at end of file
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
index 4df69a7..25a5c57 100644
--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
@@ -23,3 +23,9 @@ spring:
     properties:
       hibernate:
         format_sql: true
+
+jwt:
+  token:
+    secretKey: ${JWT_SECRET_KEY}
+    expiration:
+      access: ${JWT_ACCESS_EXPIRE}