Yeogigallae · Neo1228 · Feb 17, 2025 · Feb 17, 2025 · Feb 17, 2025
diff --git a/src/main/java/com/umc/yeogi_gal_lae/global/error/ErrorStatus.java b/src/main/java/com/umc/yeogi_gal_lae/global/error/ErrorStatus.java
@@ -16,7 +16,8 @@ public enum ErrorStatus {
 
     // JWT 관련 에러
     JWT_GENERATION_FAILED(HttpStatus.INTERNAL_SERVER_ERROR, "JWT_500", "JWT 토큰 생성 중 오류가 발생했습니다."),
-    JWT_INVALID_TOKEN(HttpStatus.UNAUTHORIZED, "JWT_401", "유효하지 않은 JWT 토큰입니다.");
+    JWT_INVALID_TOKEN(HttpStatus.UNAUTHORIZED, "JWT_401", "유효하지 않은 JWT 토큰입니다."),
+    JWT_EXPIRED_TOKEN(HttpStatus.BAD_REQUEST, "JWT_402", "만료된 JWT 토큰입니다.");
 
     private final HttpStatus httpStatus;
     private final String code;

diff --git a/src/main/java/com/umc/yeogi_gal_lae/global/jwt/JwtAuthenticationFilter.java b/src/main/java/com/umc/yeogi_gal_lae/global/jwt/JwtAuthenticationFilter.java
@@ -26,19 +26,28 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
     protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
         throws ServletException, IOException {
 
-        // 스웨거 및 로그인 관련 URL이면 필터 동작 X
         String requestURI = request.getRequestURI();
+
+        // 인증이 필요 없는 요청이면 필터를 통과시킴
         if (isExcluded(requestURI)) {
             filterChain.doFilter(request, response);
             return;
         }
 
+        // JWT 토큰 확인
         String token = resolveToken(request);
 
         if (token != null && jwtUtil.validateToken(token)) {
             String email = jwtUtil.extractEmail(token);
+
+            // 현재 로그인한 사용자 정보 SecurityContext에 저장
             JwtAuthenticationToken authentication = new JwtAuthenticationToken(email);
             SecurityContextHolder.getContext().setAuthentication(authentication);
+
+            // Authorization 헤더가 없으면 자동으로 추가
+            if (request.getHeader("Authorization") == null) {
+                request.setAttribute("Authorization", "Bearer " + token);
+            }
         }
 
         filterChain.doFilter(request, response);

diff --git a/src/main/java/com/umc/yeogi_gal_lae/global/jwt/JwtUtil.java b/src/main/java/com/umc/yeogi_gal_lae/global/jwt/JwtUtil.java
@@ -3,6 +3,7 @@
 import com.umc.yeogi_gal_lae.global.error.AuthHandler;
 import com.umc.yeogi_gal_lae.global.error.ErrorStatus;
 import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.ExpiredJwtException;
 import io.jsonwebtoken.JwtException;
 import io.jsonwebtoken.Jwts;
 import io.jsonwebtoken.SignatureAlgorithm;
@@ -63,6 +64,8 @@ public boolean validateToken(String token) {
         try {
             Jwts.parserBuilder().setSigningKey(getSigningKey()).build().parseClaimsJws(token);
             return true;
+        } catch (ExpiredJwtException e) {
+            throw new AuthHandler(ErrorStatus.JWT_EXPIRED_TOKEN);
         } catch (JwtException e) {
             throw new AuthHandler(ErrorStatus.JWT_INVALID_TOKEN);
         }