Nexters · jeyongsong · Feb 5, 2026 · Feb 4, 2026 · Feb 4, 2026 · Feb 4, 2026
diff --git a/.github/workflows/prod-deploy.yml b/.github/workflows/prod-deploy.yml
@@ -81,9 +81,9 @@ jobs:
 
       - name: Stop existing container and pull latest image
         run: |
-          if sudo docker inspect moa-test-server &>/dev/null; then
-            sudo docker stop moa-test-server || true
-            sudo docker rm -f moa-test-server || true
+          if sudo docker inspect moa-server &>/dev/null; then
+            sudo docker stop moa-server || true
+            sudo docker rm -f moa-server || true
             sudo docker image prune -af || true
           fi
 
@@ -92,8 +92,9 @@ jobs:
       - name: Run container
         run: |
           sudo docker run -v /home/ubuntu/app/logs:/app/logs \
-            --name moa-test-server \
+            --name moa-server \
+            --add-host host.docker.internal:host-gateway \
             --restart unless-stopped \
             -p 8080:8080 \
-            -e PROFILE=prod\
+            -e SPRING_PROFILES_ACTIVE=prod \
             -d godqhr721/moa_server:${{ needs.setup.outputs.docker_tag }}
diff --git a/build.gradle.kts b/build.gradle.kts
@@ -24,6 +24,7 @@ dependencies {
     implementation("org.springframework.boot:spring-boot-starter-webmvc")
     implementation("org.springframework.boot:spring-boot-starter-actuator")
     implementation("org.springframework.boot:spring-boot-starter-validation")
+    implementation("org.springdoc:springdoc-openapi-starter-webmvc-ui:3.0.0")
 
     // data
     implementation("org.springframework.boot:spring-boot-starter-data-jpa")

diff --git a/src/main/kotlin/com/moa/common/config/SwaggerConfig.kt b/src/main/kotlin/com/moa/common/config/SwaggerConfig.kt
@@ -0,0 +1,50 @@
+package com.moa.common.config
+
+import com.moa.common.auth.AuthenticatedMember
+import io.swagger.v3.oas.models.Components
+import io.swagger.v3.oas.models.OpenAPI
+import io.swagger.v3.oas.models.info.Info
+import io.swagger.v3.oas.models.security.SecurityRequirement
+import io.swagger.v3.oas.models.security.SecurityScheme
+import io.swagger.v3.oas.models.servers.Server
+import org.springdoc.core.utils.SpringDocUtils
+import org.springframework.context.annotation.Bean
+import org.springframework.context.annotation.Configuration
+
+@Configuration
+class SwaggerConfig {
+
+    init {
+        SpringDocUtils.getConfig().addAnnotationsToIgnore(AuthenticatedMember::class.java)
+    }
+
+    @Bean
+    fun openAPI(): OpenAPI {
+        val jwt = "JWT"
+        val securitySchemeName = "bearerAuth"
+
+        val securityRequirement = SecurityRequirement().addList(securitySchemeName)
+
+        val securityScheme = SecurityScheme()
+            .name(securitySchemeName)
+            .type(SecurityScheme.Type.HTTP)
+            .scheme("bearer")
+            .bearerFormat(jwt)
+            .`in`(SecurityScheme.In.HEADER)
+
+        return OpenAPI()
+            .components(Components().addSecuritySchemes(securitySchemeName, securityScheme))
+            .addSecurityItem(securityRequirement)
+            .servers(
+                listOf(
+                    Server().url("/")
+                )
+            )
+            .info(apiInfo())
+    }
+
+    private fun apiInfo() = Info()
+        .title("MOA SERVER API")
+        .description("Nexters 28th MOA SERVER")
+        .version("1.0.0")
+}
diff --git a/src/main/kotlin/com/moa/common/exception/ErrorCode.kt b/src/main/kotlin/com/moa/common/exception/ErrorCode.kt
@@ -19,5 +19,5 @@ enum class ErrorCode(
 
     INVALID_ID_TOKEN("INVALID_ID_TOKEN", "유효하지 않은 ID 토큰입니다"),
     INVALID_PROVIDER("INVALID_PROVIDER", "유효하지 않는 로그인 방식입니다."),
-    OIDC_PROVIDER_ERROR("OIDC_PROVIDER_ERROR", "인증 제공자 연동 중 오류가 발생했습니다"),
+    EXPIRED_TOKEN("EXPIRED_TOKEN", "토큰이 만료되었습니다"),
 }
diff --git a/src/main/kotlin/com/moa/common/filter/JwtAuthenticationFilter.kt b/src/main/kotlin/com/moa/common/filter/JwtAuthenticationFilter.kt
@@ -3,6 +3,7 @@ package com.moa.common.filter
 import com.moa.common.auth.AuthConstants
 import com.moa.common.auth.JwtTokenProvider
 import com.moa.common.exception.ErrorCode
+import io.jsonwebtoken.ExpiredJwtException
 import jakarta.servlet.FilterChain
 import jakarta.servlet.http.HttpServletRequest
 import jakarta.servlet.http.HttpServletResponse
@@ -21,6 +22,10 @@ class JwtAuthenticationFilter(
         private val EXCLUDED_PATHS = listOf(
             "/api/v1/auth",
             "/h2-console",
+            "/api-docs-ui",
+            "/swagger-ui",
+            "/swagger-resources",
+            "/v3/api-docs",
         )
     }
 
@@ -36,27 +41,33 @@ class JwtAuthenticationFilter(
     ) {
         val token = jwtTokenProvider.extractToken(request)
 
-        if (token == null || !jwtTokenProvider.validateToken(token)) {
-            writeUnauthorizedResponse(response)
+        if (token == null) {
+            writeErrorResponse(response, ErrorCode.UNAUTHORIZED)
             return
         }
 
-        val memberId = jwtTokenProvider.getUserIdFromToken(token)
-        if (memberId == null) {
-            writeUnauthorizedResponse(response)
-            return
-        }
+        try {
+            jwtTokenProvider.validateToken(token)
 
-        request.setAttribute(AuthConstants.CURRENT_MEMBER_ID, memberId)
-        filterChain.doFilter(request, response)
+            val memberId = jwtTokenProvider.getUserIdFromToken(token)
+            if (memberId == null) {
+                writeErrorResponse(response, ErrorCode.UNAUTHORIZED)
+                return
+            }
+            request.setAttribute(AuthConstants.CURRENT_MEMBER_ID, memberId)
+            filterChain.doFilter(request, response)
+        } catch (ex: ExpiredJwtException) {
+            writeErrorResponse(response, ErrorCode.EXPIRED_TOKEN)
+        } catch (ex: Exception) {
+            writeErrorResponse(response, ErrorCode.UNAUTHORIZED)
+        }
     }
 
-    private fun writeUnauthorizedResponse(response: HttpServletResponse) {
+    private fun writeErrorResponse(response: HttpServletResponse, errorCode: ErrorCode) {
         response.status = HttpServletResponse.SC_UNAUTHORIZED
         response.contentType = MediaType.APPLICATION_JSON_VALUE
         response.characterEncoding = "UTF-8"
 
-        val errorCode = ErrorCode.UNAUTHORIZED
         val errorResponse = mapOf(
             "code" to errorCode.code,
             "message" to errorCode.message,

diff --git a/src/main/resources/moa-secret b/src/main/resources/moa-secret