gc/gc-guide-api
1
0
포크 0
코드 이슈 풀 리퀘스트 Actions 위키 활동

Compare commits

병합하기: gc:codex/wing-login
브랜치 태그
gc:main
gc:develop
gc:feature/audit-log
gc:feature/wing-proxy
gc:codex/wing-login
gc:feature/admin-and-api
gc:feature/auth-api
...
다음으로부터 풀: gc:main
브랜치 태그
gc:main
gc:develop
gc:feature/audit-log
gc:feature/wing-proxy
gc:codex/wing-login
gc:feature/admin-and-api
gc:feature/auth-api

23 커밋
codex/wing ... main

작성자 SHA1 메시지 날짜
htlee
983de6a71a Merge pull request 'develop' (#22) from develop into main
All checks were successful
Build and Deploy API / build-and-deploy (push) Successful in 14s
Details 
Reviewed-on: #22
 2026-02-17 17:46:13 +09:00
htlee
98956afcb1 Merge pull request 'fix(audit): origin_domain Referer fallback' (#21) from feature/audit-log into develop 
Reviewed-on: #21
 2026-02-17 17:45:57 +09:00
htlee
710cb1d0f6 fix(audit): origin_domain 추출 시 Referer 헤더 fallback 추가 
same-origin 요청(guide→guide)은 Origin 헤더가 없으므로
Referer 헤더에서 도메인을 추출하도록 fallback 로직 추가

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-17 17:37:41 +09:00
htlee
f558e43810 Merge pull request 'feat(audit): API 접근 감사 로그 시스템' (#20) from develop into main
All checks were successful
Build and Deploy API / build-and-deploy (push) Successful in 18s
Details 
Reviewed-on: #20
 2026-02-17 17:33:21 +09:00
htlee
1b08afee8b Merge pull request 'feat(audit): API 접근 감사 로그 시스템' (#19) from feature/audit-log into develop 2026-02-17 17:31:39 +09:00
htlee
539b018e45 feat(audit): API 접근 감사 로그 시스템 구현 
- ApiAccessLog 엔티티: 사용자/도메인/URI/파라미터/응답코드/처리시간 기록
- HandlerInterceptor로 /api/** 전체 요청 자동 기록 (health 제외)
- Origin 헤더로 guide/wing 도메인 구분
- @Async 비동기 저장으로 응답 지연 방지
- GET /api/admin/audit-logs 관리자 조회 API (필터: origin, userId, uri, 기간)
- ClientIpUtils 유틸 분리 (AuthController에서 공용화)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-17 17:31:00 +09:00
htlee
b39b0df6b9 Merge pull request 'develop → main: Wing 프록시 API + IP 추출 수정' (#18) from develop into main
All checks were successful
Build and Deploy API / build-and-deploy (push) Successful in 14s
Details 
Reviewed-on: #18
 2026-02-16 23:52:55 +09:00
htlee
c35084d3dc Merge pull request 'fix(auth): 로그인 IP를 X-Forwarded-For 헤더에서 추출' (#17) from feature/wing-proxy into develop 2026-02-16 23:50:58 +09:00
htlee
4092f5e8b4 fix(auth): 로그인 IP를 X-Forwarded-For 헤더에서 추출 
Nginx 리버스 프록시 환경에서 getRemoteAddr()가 127.0.0.1 반환하는 문제 수정.
X-Forwarded-For → X-Real-IP → getRemoteAddr() 순서로 폴백.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-16 23:50:41 +09:00
htlee
f62751229e Merge pull request 'feat(settings): 관리자 설정 기반 신규 사용자 자동승인 + 기본 롤 부여' (#15) from develop into main
All checks were successful
Build and Deploy API / build-and-deploy (push) Successful in 18s
Details 
Reviewed-on: #15
 2026-02-16 23:36:32 +09:00
htlee
2619dce781 Merge pull request 'feat(wing): Wing 데모 사이트 프록시 API + 복수 Google Client ID 지원' (#16) from feature/wing-proxy into develop 2026-02-16 23:35:25 +09:00
htlee
69de3f9ae7 feat(wing): Wing 데모 사이트 프록시 API + 복수 Google Client ID 지원 
- WingAisController: AIS 선박 위치 조회 프록시 (bbox 필터링 포함)
- WingDataController: 해역/케이블 정적 GeoJSON 데이터 서빙
- GoogleTokenVerifier: app.google.client-ids 복수 audience 지원
- wing-data/: zones, chinese-permitted GeoJSON 데이터 파일

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-16 23:34:58 +09:00
htlee
cf9b4d118b Merge pull request 'feat(settings): 관리자 설정 기반 신규 사용자 자동승인 + 기본 롤 부여' (#14) from codex/wing-login into develop 2026-02-16 23:20:30 +09:00
htlee
4c837b0ce4 Merge pull request 'fix(cors): wing.gc-si.dev CORS 허용 (application.yml + SecurityConfig)' (#13) from develop into main
All checks were successful
Build and Deploy API / build-and-deploy (push) Successful in 13s
Details 
Reviewed-on: #13
 2026-02-16 09:08:24 +09:00
htlee
460f941a8b Merge pull request 'fix(cors): application.yml CORS 기본값에 wing.gc-si.dev 추가' (#12) from codex/wing-login into develop 2026-02-16 09:07:51 +09:00
htlee
a5f58970a9 Merge pull request 'fix(cors): wing.gc-si.dev CORS 허용 + wing 관련 기능' (#11) from develop into main
All checks were successful
Build and Deploy API / build-and-deploy (push) Successful in 17s
Details 
Reviewed-on: #11
 2026-02-16 09:02:38 +09:00
htlee
89b7936671 Merge pull request 'fix(cors): @Value 기본값에 wing.gc-si.dev 추가' (#10) from codex/wing-login into develop 2026-02-16 09:02:07 +09:00
htlee
30f0b28460 Merge pull request 'fix(security): 인증 에러 401 응답 + permitAll 패턴 수정' (#9) from develop into main
All checks were successful
Build and Deploy API / build-and-deploy (push) Successful in 17s
Details 
Reviewed-on: #9
 2026-02-14 22:06:45 +09:00
htlee
c0e33e11d7 Merge pull request 'fix(security): 인증 에러 401 응답 + CORS 헤더 누락 수정' (#8) from develop into main
All checks were successful
Build and Deploy API / build-and-deploy (push) Successful in 17s
Details 
Reviewed-on: #8
 2026-02-14 21:55:11 +09:00
htlee
e92b0e15ef Merge pull request 'develop' (#7) from develop into main
All checks were successful
Build and Deploy API / build-and-deploy (push) Successful in 17s
Details 
Reviewed-on: #7
 2026-02-14 21:38:36 +09:00
htlee
57b11774eb Merge pull request 'develop' (#5) from develop into main
All checks were successful
Build and Deploy API / build-and-deploy (push) Successful in 16s
Details 
Reviewed-on: #5
 2026-02-14 21:15:16 +09:00
htlee
3e918baf74 Merge pull request 'fix: CI/CD 워크플로우 checkout 에러 수정' (#3) from develop into main
All checks were successful
Build and Deploy API / build-and-deploy (push) Successful in 21s
Details 
Reviewed-on: #3
 2026-02-14 20:21:12 +09:00
htlee
acf18221ae Merge pull request 'feat: CI/CD 자동 배포 워크플로우 추가' (#2) from develop into main
Some checks failed
Build and Deploy API / build-and-deploy (push) Failing after 21s
Details 
Reviewed-on: #2
 2026-02-14 20:15:38 +09:00
16개의 변경된 파일624개의 추가작업 그리고 4개의 파일을 삭제
Show Stats Expand all files Collapse all files

2
src/main/java/com/gcsc/guide/GcGuideApiApplication.java
파일 보기

@ -2,8 +2,10 @@ package com.gcsc.guide;
import org.springframework.boot.SpringApplication; import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.scheduling.annotation.EnableAsync;
@SpringBootApplication @SpringBootApplication
@EnableAsync
public class GcGuideApiApplication { public class GcGuideApiApplication {
public static void main(String[] args) { public static void main(String[] args) {

4
src/main/java/com/gcsc/guide/auth/AuthController.java
파일 보기

@ -9,6 +9,7 @@ import com.gcsc.guide.repository.RoleRepository;
import com.gcsc.guide.repository.UserRepository; import com.gcsc.guide.repository.UserRepository;
import com.gcsc.guide.service.ActivityService; import com.gcsc.guide.service.ActivityService;
import com.gcsc.guide.service.SettingsService; import com.gcsc.guide.service.SettingsService;
import com.gcsc.guide.util.ClientIpUtils;
import com.google.api.client.googleapis.auth.oauth2.GoogleIdToken; import com.google.api.client.googleapis.auth.oauth2.GoogleIdToken;
import io.swagger.v3.oas.annotations.Operation; import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.media.Content; import io.swagger.v3.oas.annotations.media.Content;
@ -24,7 +25,6 @@ import lombok.extern.slf4j.Slf4j;
import java.util.HashSet; import java.util.HashSet;
import java.util.List; import java.util.List;
import java.util.Set;
import org.springframework.http.HttpStatus; import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity; import org.springframework.http.ResponseEntity;
import org.springframework.security.core.Authentication; import org.springframework.security.core.Authentication;
@ -85,7 +85,7 @@ public class AuthController {
activityService.recordLogin( activityService.recordLogin(
userWithRoles.getId(), userWithRoles.getId(),
httpRequest.getRemoteAddr(), ClientIpUtils.resolve(httpRequest),
httpRequest.getHeader("User-Agent")); httpRequest.getHeader("User-Agent"));
String token = jwtTokenProvider.generateToken( String token = jwtTokenProvider.generateToken(

20
src/main/java/com/gcsc/guide/auth/GoogleTokenVerifier.java
파일 보기

@ -8,7 +8,9 @@ import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Value; import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
import java.util.ArrayList;
import java.util.Collections; import java.util.Collections;
import java.util.List;
@Slf4j @Slf4j
@Component @Component
@ -18,12 +20,26 @@ public class GoogleTokenVerifier {
private final String allowedEmailDomain; private final String allowedEmailDomain;
public GoogleTokenVerifier( public GoogleTokenVerifier(
@Value("${app.google.client-id}") String clientId, @Value("${app.google.client-ids:}") String clientIdsCsv,
@Value("${app.google.client-id:}") String clientId,
@Value("${app.allowed-email-domain}") String allowedEmailDomain @Value("${app.allowed-email-domain}") String allowedEmailDomain
) { ) {
List<String> audiences = new ArrayList<>();
if (clientIdsCsv != null && !clientIdsCsv.isBlank()) {
for (String part : clientIdsCsv.split(",")) {
String trimmed = part == null ? "" : part.trim();
if (!trimmed.isEmpty()) audiences.add(trimmed);
}
}
if (audiences.isEmpty() && clientId != null && !clientId.isBlank()) {
audiences.add(clientId.trim());
}
if (audiences.isEmpty()) {
log.warn("Google client id is not configured (app.google.client-id / app.google.client-ids empty). Google login will fail.");
}
this.verifier = new GoogleIdTokenVerifier.Builder( this.verifier = new GoogleIdTokenVerifier.Builder(
new NetHttpTransport(), GsonFactory.getDefaultInstance()) new NetHttpTransport(), GsonFactory.getDefaultInstance())
.setAudience(Collections.singletonList(clientId)) .setAudience(audiences.isEmpty() ? Collections.emptyList() : audiences)
.build(); .build();
this.allowedEmailDomain = allowedEmailDomain; this.allowedEmailDomain = allowedEmailDomain;
} }

5
src/main/java/com/gcsc/guide/auth/JwtTokenProvider.java
파일 보기

@ -46,6 +46,11 @@ public class JwtTokenProvider {
return Long.parseLong(claims.getSubject()); return Long.parseLong(claims.getSubject());
} }
public String getEmailFromToken(String token) {
Claims claims = parseToken(token);
return claims.get("email", String.class);
}
public boolean validateToken(String token) { public boolean validateToken(String token) {
try { try {
parseToken(token); parseToken(token);

90
src/main/java/com/gcsc/guide/config/ApiAccessLogInterceptor.java Normal file
파일 보기

@ -0,0 +1,90 @@
package com.gcsc.guide.config;
import com.gcsc.guide.auth.JwtTokenProvider;
import com.gcsc.guide.entity.ApiAccessLog;
import com.gcsc.guide.service.ActivityService;
import com.gcsc.guide.util.ClientIpUtils;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;
import java.net.URI;
@Slf4j
@Component
@RequiredArgsConstructor
public class ApiAccessLogInterceptor implements HandlerInterceptor {
private static final String ATTR_START_TIME = "_auditStartTime";
private final ActivityService activityService;
private final JwtTokenProvider jwtTokenProvider;
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) {
request.setAttribute(ATTR_START_TIME, System.currentTimeMillis());
return true;
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response,
Object handler, Exception ex) {
try {
Long startTime = (Long) request.getAttribute(ATTR_START_TIME);
long durationMs = startTime != null ? System.currentTimeMillis() - startTime : 0;
Long userId = null;
String userEmail = null;
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
if (auth != null && auth.isAuthenticated() && auth.getPrincipal() instanceof Long) {
userId = (Long) auth.getPrincipal();
Object credentials = auth.getCredentials();
if (credentials instanceof String token) {
userEmail = jwtTokenProvider.getEmailFromToken(token);
}
}
String originDomain = resolveOriginDomain(
request.getHeader("Origin"), request.getHeader("Referer"));
String queryString = request.getQueryString();
if (queryString != null && queryString.length() > 2000) {
queryString = queryString.substring(0, 2000);
}
ApiAccessLog accessLog = ApiAccessLog.builder()
.userId(userId)
.userEmail(userEmail)
.clientIp(ClientIpUtils.resolve(request))
.originDomain(originDomain)
.httpMethod(request.getMethod())
.requestUri(request.getRequestURI())
.queryString(queryString)
.responseStatus(response.getStatus())
.durationMs(durationMs)
.userAgent(request.getHeader("User-Agent"))
.build();
activityService.saveAccessLog(accessLog);
} catch (Exception e) {
log.warn("감사 로그 기록 실패: {}", e.getMessage());
}
}
private String resolveOriginDomain(String origin, String referer) {
String url = (origin != null && !origin.isBlank()) ? origin : referer;
if (url == null || url.isBlank()) {
return null;
}
try {
return URI.create(url).getHost();
} catch (Exception e) {
return null;
}
}
}

20
src/main/java/com/gcsc/guide/config/WebMvcConfig.java Normal file
파일 보기

@ -0,0 +1,20 @@
package com.gcsc.guide.config;
import lombok.RequiredArgsConstructor;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
@Configuration
@RequiredArgsConstructor
public class WebMvcConfig implements WebMvcConfigurer {
private final ApiAccessLogInterceptor apiAccessLogInterceptor;
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(apiAccessLogInterceptor)
.addPathPatterns("/api/**")
.excludePathPatterns("/api/health", "/api/health/**");
}
}

44
src/main/java/com/gcsc/guide/controller/AdminAuditController.java Normal file
파일 보기

@ -0,0 +1,44 @@
package com.gcsc.guide.controller;
import com.gcsc.guide.dto.AuditLogResponse;
import com.gcsc.guide.service.ActivityService;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.security.SecurityRequirement;
import io.swagger.v3.oas.annotations.tags.Tag;
import lombok.RequiredArgsConstructor;
import org.springframework.data.domain.Page;
import org.springframework.data.domain.Pageable;
import org.springframework.data.domain.Sort;
import org.springframework.data.web.PageableDefault;
import org.springframework.format.annotation.DateTimeFormat;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import java.time.LocalDateTime;
@RestController
@RequestMapping("/api/admin/audit-logs")
@RequiredArgsConstructor
@Tag(name = "07. 감사 로그", description = "API 접근 감사 로그 조회 (관리자 전용)")
@SecurityRequirement(name = "Bearer JWT")
public class AdminAuditController {
private final ActivityService activityService;
@Operation(summary = "감사 로그 목록 조회",
description = "API 접근 로그를 필터링하여 조회합니다. 모든 파라미터는 선택사항입니다.")
@GetMapping
public ResponseEntity<Page<AuditLogResponse>> getAuditLogs(
@RequestParam(required = false) String origin,
@RequestParam(required = false) Long userId,
@RequestParam(required = false) String uri,
@RequestParam(required = false) @DateTimeFormat(iso = DateTimeFormat.ISO.DATE_TIME) LocalDateTime from,
@RequestParam(required = false) @DateTimeFormat(iso = DateTimeFormat.ISO.DATE_TIME) LocalDateTime to,
@PageableDefault(size = 50, sort = "createdAt", direction = Sort.Direction.DESC) Pageable pageable) {
return ResponseEntity.ok(
activityService.getAuditLogs(origin, userId, uri, from, to, pageable));
}
}

215
src/main/java/com/gcsc/guide/controller/WingAisController.java Normal file
파일 보기

@ -0,0 +1,215 @@
package com.gcsc.guide.controller;
import com.fasterxml.jackson.core.type.TypeReference;
import com.fasterxml.jackson.databind.ObjectMapper;
import io.swagger.v3.oas.annotations.tags.Tag;
import jakarta.annotation.PostConstruct;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import java.net.URI;
import java.net.http.HttpClient;
import java.net.http.HttpRequest;
import java.net.http.HttpResponse;
import java.time.Duration;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
@Slf4j
@RestController
@RequestMapping("/api/wing/ais-target")
@RequiredArgsConstructor
@Tag(name = "WING · AIS", description = "WING demo AIS proxy (JWT required)")
public class WingAisController {
private final ObjectMapper objectMapper;
@Value("${app.wing.ais.upstream-base:http://211.208.115.83:8041}")
private String upstreamBase;
@Value("${app.wing.ais.timeout-ms:20000}")
private long timeoutMs;
private HttpClient httpClient;
@PostConstruct
void initHttpClient() {
this.httpClient = HttpClient.newBuilder()
.connectTimeout(Duration.ofSeconds(5))
.followRedirects(HttpClient.Redirect.NORMAL)
.build();
}
private record Bbox(double lonMin, double latMin, double lonMax, double latMax) {
}
@GetMapping("/search")
public ResponseEntity<?> search(
@RequestParam(name = "minutes") String minutesRaw,
@RequestParam(name = "bbox", required = false) String bboxRaw,
@RequestParam(name = "centerLon", required = false) Double centerLon,
@RequestParam(name = "centerLat", required = false) Double centerLat,
@RequestParam(name = "radiusMeters", required = false) Double radiusMeters
) {
Integer minutes = parseMinutes(minutesRaw);
if (minutes == null) {
return error(HttpStatus.BAD_REQUEST, "invalid minutes", "BAD_REQUEST");
}
Bbox bbox = parseBbox(bboxRaw);
if (bboxRaw != null && bbox == null) {
return error(HttpStatus.BAD_REQUEST, "invalid bbox", "BAD_REQUEST");
}
URI upstreamUrl = buildUpstreamUrl(minutes, centerLon, centerLat, radiusMeters);
HttpRequest req = HttpRequest.newBuilder(upstreamUrl)
.timeout(Duration.ofMillis(timeoutMs))
.header("accept", "application/json")
.GET()
.build();
int status;
String body;
try {
HttpResponse<String> res = httpClient.send(req, HttpResponse.BodyHandlers.ofString());
status = res.statusCode();
body = res.body() == null ? "" : res.body();
} catch (java.net.http.HttpTimeoutException e) {
log.warn("AIS upstream timeout ({}ms): {}", timeoutMs, upstreamUrl);
return error(HttpStatus.GATEWAY_TIMEOUT, "upstream timeout (" + timeoutMs + "ms)", "UPSTREAM_TIMEOUT");
} catch (Exception e) {
log.warn("AIS upstream fetch failed: {} ({})", upstreamUrl, e.toString());
return error(HttpStatus.BAD_GATEWAY, "upstream fetch failed", "UPSTREAM_FETCH_FAILED");
}
if (status < 200 || status >= 300) {
log.warn("AIS upstream error: status={} url={}", status, upstreamUrl);
return error(HttpStatus.BAD_GATEWAY, "upstream error", "UPSTREAM");
}
// Fast path: no bbox requested, proxy raw payload.
if (bbox == null) {
return ResponseEntity.ok()
.contentType(MediaType.APPLICATION_JSON)
.body(body);
}
try {
Map<String, Object> json = objectMapper.readValue(body, new TypeReference<>() {
});
Object dataObj = json.get("data");
List<?> rows = dataObj instanceof List<?> l ? l : List.of();
List<Object> filtered = new ArrayList<>(rows.size());
for (Object row : rows) {
if (inBbox(row, bbox)) {
filtered.add(row);
}
}
json.put("data", filtered);
Object msgObj = json.get("message");
String msg = msgObj instanceof String s ? s : "";
String suffix = " (bbox: " + filtered.size() + "/" + rows.size() + ")";
json.put("message", (msg + suffix).trim());
return ResponseEntity.ok()
.contentType(MediaType.APPLICATION_JSON)
.body(json);
} catch (Exception e) {
log.warn("AIS upstream JSON parse/filter failed: {}", e.toString());
return error(HttpStatus.BAD_GATEWAY, "upstream invalid json", "UPSTREAM_INVALID_JSON");
}
}
private Integer parseMinutes(String raw) {
if (raw == null) return null;
int minutes;
try {
minutes = Integer.parseInt(raw);
} catch (NumberFormatException e) {
return null;
}
if (minutes <= 0 || minutes > 60 * 24) return null;
return minutes;
}
private Bbox parseBbox(String raw) {
if (raw == null || raw.isBlank()) return null;
String[] parts = raw.split(",");
if (parts.length != 4) return null;
Double lonMin = toDouble(parts[0]);
Double latMin = toDouble(parts[1]);
Double lonMax = toDouble(parts[2]);
Double latMax = toDouble(parts[3]);
if (lonMin == null || latMin == null || lonMax == null || latMax == null) return null;
boolean ok =
lonMin >= -180 && lonMax <= 180 &&
latMin >= -90 && latMax <= 90 &&
lonMin < lonMax &&
latMin < latMax;
if (!ok) return null;
return new Bbox(lonMin, latMin, lonMax, latMax);
}
private boolean inBbox(Object row, Bbox bbox) {
if (!(row instanceof Map<?, ?> m)) return false;
Double lon = toDouble(m.get("lon"));
Double lat = toDouble(m.get("lat"));
if (lon == null || lat == null) return false;
return lon >= bbox.lonMin && lon <= bbox.lonMax && lat >= bbox.latMin && lat <= bbox.latMax;
}
private Double toDouble(Object value) {
if (value == null) return null;
if (value instanceof Number n) return n.doubleValue();
if (value instanceof String s) {
String t = s.trim();
if (t.isEmpty()) return null;
try {
return Double.parseDouble(t);
} catch (NumberFormatException e) {
return null;
}
}
return null;
}
private URI buildUpstreamUrl(int minutes, Double centerLon, Double centerLat, Double radiusMeters) {
String base = upstreamBase == null ? "" : upstreamBase.trim();
if (base.endsWith("/")) base = base.substring(0, base.length() - 1);
StringBuilder sb = new StringBuilder(base);
sb.append("/snp-api/api/ais-target/search");
sb.append("?minutes=").append(minutes);
// Upstream supports center/radius filtering; bbox is ignored (filtered server-side here).
if (centerLon != null && Double.isFinite(centerLon)) sb.append("&centerLon=").append(centerLon);
if (centerLat != null && Double.isFinite(centerLat)) sb.append("&centerLat=").append(centerLat);
if (radiusMeters != null && Double.isFinite(radiusMeters)) sb.append("&radiusMeters=").append(radiusMeters);
return URI.create(sb.toString());
}
private ResponseEntity<Map<String, Object>> error(HttpStatus status, String message, String errorCode) {
return ResponseEntity.status(status)
.contentType(MediaType.APPLICATION_JSON)
.body(Map.of(
"success", false,
"message", message,
"data", List.of(),
"errorCode", errorCode
));
}
}

57
src/main/java/com/gcsc/guide/controller/WingDataController.java Normal file
파일 보기

@ -0,0 +1,57 @@
package com.gcsc.guide.controller;
import io.swagger.v3.oas.annotations.tags.Tag;
import lombok.RequiredArgsConstructor;
import org.springframework.core.io.ClassPathResource;
import org.springframework.core.io.Resource;
import org.springframework.http.CacheControl;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.server.ResponseStatusException;
import java.util.concurrent.TimeUnit;
import static org.springframework.http.HttpStatus.NOT_FOUND;
@RestController
@RequestMapping("/api/wing/data")
@RequiredArgsConstructor
@Tag(name = "WING · Data", description = "WING embedded datasets (JWT required)")
public class WingDataController {
@GetMapping(value = "/zones", produces = MediaType.APPLICATION_JSON_VALUE)
public ResponseEntity<Resource> zones() {
return serveJson("wing-data/zones.wgs84.geojson");
}
@GetMapping(value = "/legacy", produces = MediaType.APPLICATION_JSON_VALUE)
public ResponseEntity<Resource> legacyChinesePermitted() {
return serveJson("wing-data/chinese-permitted.v1.json");
}
@GetMapping(value = "/subcables/geo", produces = MediaType.APPLICATION_JSON_VALUE)
public ResponseEntity<Resource> subcablesGeo() {
return serveJson("wing-data/subcables/cable-geo.json");
}
@GetMapping(value = "/subcables/details", produces = MediaType.APPLICATION_JSON_VALUE)
public ResponseEntity<Resource> subcablesDetails() {
return serveJson("wing-data/subcables/cable-details.min.json");
}
private ResponseEntity<Resource> serveJson(String classpathLocation) {
Resource resource = new ClassPathResource(classpathLocation);
if (!resource.exists()) {
throw new ResponseStatusException(NOT_FOUND, "Resource not found: " + classpathLocation);
}
return ResponseEntity.ok()
// Authenticated endpoint: allow browser caching but keep it private.
.cacheControl(CacheControl.maxAge(6, TimeUnit.HOURS).cachePrivate())
.contentType(MediaType.APPLICATION_JSON)
.body(resource);
}
}

35
src/main/java/com/gcsc/guide/dto/AuditLogResponse.java Normal file
파일 보기

@ -0,0 +1,35 @@
package com.gcsc.guide.dto;
import com.gcsc.guide.entity.ApiAccessLog;
import java.time.LocalDateTime;
public record AuditLogResponse(
Long id,
Long userId,
String userEmail,
String clientIp,
String originDomain,
String httpMethod,
String requestUri,
String queryString,
Integer responseStatus,
Long durationMs,
LocalDateTime createdAt
) {
public static AuditLogResponse from(ApiAccessLog log) {
return new AuditLogResponse(
log.getId(),
log.getUserId(),
log.getUserEmail(),
log.getClientIp(),
log.getOriginDomain(),
log.getHttpMethod(),
log.getRequestUri(),
log.getQueryString(),
log.getResponseStatus(),
log.getDurationMs(),
log.getCreatedAt()
);
}
}

64
src/main/java/com/gcsc/guide/entity/ApiAccessLog.java Normal file
파일 보기

@ -0,0 +1,64 @@
package com.gcsc.guide.entity;
import jakarta.persistence.*;
import lombok.AllArgsConstructor;
import lombok.Builder;
import lombok.Getter;
import lombok.NoArgsConstructor;
import java.time.LocalDateTime;
@Entity
@Table(name = "api_access_logs", indexes = {
@Index(name = "idx_access_logs_created", columnList = "created_at"),
@Index(name = "idx_access_logs_user", columnList = "user_id"),
@Index(name = "idx_access_logs_uri", columnList = "request_uri")
})
@Getter
@NoArgsConstructor
@AllArgsConstructor
@Builder
public class ApiAccessLog {
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
private Long id;
@Column(name = "user_id")
private Long userId;
@Column(name = "user_email")
private String userEmail;
@Column(name = "client_ip", length = 45)
private String clientIp;
@Column(name = "origin_domain")
private String originDomain;
@Column(name = "http_method", nullable = false, length = 10)
private String httpMethod;
@Column(name = "request_uri", nullable = false, length = 500)
private String requestUri;
@Column(name = "query_string", length = 2000)
private String queryString;
@Column(name = "response_status")
private Integer responseStatus;
@Column(name = "duration_ms")
private Long durationMs;
@Column(name = "user_agent", length = 500)
private String userAgent;
@Column(name = "created_at", nullable = false, updatable = false)
private LocalDateTime createdAt;
@PrePersist
protected void onCreate() {
this.createdAt = LocalDateTime.now();
}
}

27
src/main/java/com/gcsc/guide/repository/ApiAccessLogRepository.java Normal file
파일 보기

@ -0,0 +1,27 @@
package com.gcsc.guide.repository;
import com.gcsc.guide.entity.ApiAccessLog;
import org.springframework.data.domain.Page;
import org.springframework.data.domain.Pageable;
import org.springframework.data.jpa.repository.JpaRepository;
import org.springframework.data.jpa.repository.Query;
import org.springframework.data.repository.query.Param;
import java.time.LocalDateTime;
public interface ApiAccessLogRepository extends JpaRepository<ApiAccessLog, Long> {
@Query("SELECT a FROM ApiAccessLog a WHERE "
+ "(:originDomain IS NULL OR a.originDomain = :originDomain) AND "
+ "(:userId IS NULL OR a.userId = :userId) AND "
+ "(:requestUri IS NULL OR a.requestUri LIKE CONCAT(:requestUri, '%')) AND "
+ "(:from IS NULL OR a.createdAt >= :from) AND "
+ "(:to IS NULL OR a.createdAt <= :to)")
Page<ApiAccessLog> findFiltered(
@Param("originDomain") String originDomain,
@Param("userId") Long userId,
@Param("requestUri") String requestUri,
@Param("from") LocalDateTime from,
@Param("to") LocalDateTime to,
Pageable pageable);
}

22
src/main/java/com/gcsc/guide/service/ActivityService.java
파일 보기

@ -1,17 +1,24 @@
package com.gcsc.guide.service; package com.gcsc.guide.service;
import com.gcsc.guide.dto.AuditLogResponse;
import com.gcsc.guide.dto.LoginHistoryResponse; import com.gcsc.guide.dto.LoginHistoryResponse;
import com.gcsc.guide.entity.ApiAccessLog;
import com.gcsc.guide.entity.LoginHistory; import com.gcsc.guide.entity.LoginHistory;
import com.gcsc.guide.entity.PageView; import com.gcsc.guide.entity.PageView;
import com.gcsc.guide.entity.User; import com.gcsc.guide.entity.User;
import com.gcsc.guide.exception.ResourceNotFoundException; import com.gcsc.guide.exception.ResourceNotFoundException;
import com.gcsc.guide.repository.ApiAccessLogRepository;
import com.gcsc.guide.repository.LoginHistoryRepository; import com.gcsc.guide.repository.LoginHistoryRepository;
import com.gcsc.guide.repository.PageViewRepository; import com.gcsc.guide.repository.PageViewRepository;
import com.gcsc.guide.repository.UserRepository; import com.gcsc.guide.repository.UserRepository;
import lombok.RequiredArgsConstructor; import lombok.RequiredArgsConstructor;
import org.springframework.data.domain.Page;
import org.springframework.data.domain.Pageable;
import org.springframework.scheduling.annotation.Async;
import org.springframework.stereotype.Service; import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional; import org.springframework.transaction.annotation.Transactional;
import java.time.LocalDateTime;
import java.util.List; import java.util.List;
@Service @Service
@ -21,6 +28,7 @@ public class ActivityService {
private final LoginHistoryRepository loginHistoryRepository; private final LoginHistoryRepository loginHistoryRepository;
private final PageViewRepository pageViewRepository; private final PageViewRepository pageViewRepository;
private final UserRepository userRepository; private final UserRepository userRepository;
private final ApiAccessLogRepository apiAccessLogRepository;
@Transactional @Transactional
public void recordLogin(Long userId, String ipAddress, String userAgent) { public void recordLogin(Long userId, String ipAddress, String userAgent) {
@ -42,4 +50,18 @@ public class ActivityService {
.map(LoginHistoryResponse::from) .map(LoginHistoryResponse::from)
.toList(); .toList();
} }
@Async
@Transactional
public void saveAccessLog(ApiAccessLog log) {
apiAccessLogRepository.save(log);
}
@Transactional(readOnly = true)
public Page<AuditLogResponse> getAuditLogs(
String originDomain, Long userId, String requestUri,
LocalDateTime from, LocalDateTime to, Pageable pageable) {
return apiAccessLogRepository.findFiltered(originDomain, userId, requestUri, from, to, pageable)
.map(AuditLogResponse::from);
}
} }

21
src/main/java/com/gcsc/guide/util/ClientIpUtils.java Normal file
파일 보기

@ -0,0 +1,21 @@
package com.gcsc.guide.util;
import jakarta.servlet.http.HttpServletRequest;
public final class ClientIpUtils {
private ClientIpUtils() {
}
public static String resolve(HttpServletRequest request) {
String xff = request.getHeader("X-Forwarded-For");
if (xff != null && !xff.isBlank()) {
return xff.split(",")[0].trim();
}
String realIp = request.getHeader("X-Real-IP");
if (realIp != null && !realIp.isBlank()) {
return realIp.trim();
}
return request.getRemoteAddr();
}
}

1
src/main/resources/wing-data/chinese-permitted.v1.json Normal file
파일 보기

File diff suppressed because one or more lines are too long

1
src/main/resources/wing-data/zones.wgs84.geojson Normal file
파일 보기

File diff suppressed because one or more lines are too long