로그인 시, 접속 IP 대역 확인

2026-05-12 09:50:26 +09:00
parent 8c70ec345c
commit 176d27c229
2 changed files with 12 additions and 3 deletions
--- a/src/main/java/com/kamco/cd/kamcoback/config/api/ApiLogFunction.java
+++ b/src/main/java/com/kamco/cd/kamcoback/config/api/ApiLogFunction.java
@@ -39,10 +39,10 @@ public class ApiLogFunction {

  public static String getXFowardedForIp(HttpServletRequest request) {
    String ip = request.getHeader("X-Forwarded-For");
-    if (ip != null) {
-      ip = ip.split(",")[0].trim();
+    if (ip != null && !ip.isBlank()) {
+      return ip.split(",")[0].trim();
    }
-    return ip;
+    return request.getRemoteAddr();
  }

  // 사용자 ID 추출 예시 (Spring Security 기준)
--- a/src/main/java/com/kamco/cd/kamcoback/members/AuthController.java
+++ b/src/main/java/com/kamco/cd/kamcoback/members/AuthController.java
@@ -4,6 +4,7 @@ import com.kamco.cd.kamcoback.auth.CustomUserDetails;
 import com.kamco.cd.kamcoback.auth.JwtTokenProvider;
 import com.kamco.cd.kamcoback.auth.RefreshTokenService;
 import com.kamco.cd.kamcoback.common.enums.StatusType;
+import com.kamco.cd.kamcoback.config.api.ApiLogFunction;
 import com.kamco.cd.kamcoback.config.api.ApiResponseDto;
 import com.kamco.cd.kamcoback.members.dto.MembersDto;
 import com.kamco.cd.kamcoback.members.dto.SignInRequest;
@@ -16,11 +17,13 @@ import io.swagger.v3.oas.annotations.media.Schema;
 import io.swagger.v3.oas.annotations.responses.ApiResponse;
 import io.swagger.v3.oas.annotations.responses.ApiResponses;
 import io.swagger.v3.oas.annotations.tags.Tag;
+import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import java.nio.file.AccessDeniedException;
 import java.time.Duration;
 import java.util.UUID;
 import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.ResponseCookie;
@@ -34,6 +37,7 @@ import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;

+@Slf4j
@Tag(name = "인증(Auth)", description = "로그인, 토큰 재발급, 로그아웃 API")
@RestController
@RequestMapping("/api/auth")
@@ -103,8 +107,13 @@ public class AuthController {
              required = true)
          @RequestBody
          SignInRequest request,
+      HttpServletRequest servletRequest,
      HttpServletResponse response) {

+    // TODO: 접속 가능한 IP 대역 조회
+    String clientIp = ApiLogFunction.getXFowardedForIp(servletRequest);
+    log.info("####### clientIp: {}", clientIp);
+
    // 사용자 상태 조회
    String status = authService.getUserStatus(request);
    Authentication authentication = null;