[refactor] Auth Redis 장애 발생 시, DB로 fallback. CirCuitBreaker추가하여 Auth Redis 장애 대처

Author: LeeMinwoo115

backend/build.gradle.kts

@@ -5,6 +5,7 @@ plugins {
     checkstyle
     jacoco
 }
+val springCloudVersion by extra("2025.0.1")
 
 group = "com"
 version = "0.0.1-SNAPSHOT"
@@ -89,6 +90,9 @@ dependencies {
     // flyway
     implementation("org.flywaydb:flyway-core")
     implementation("org.flywaydb:flyway-database-postgresql")
+
+    // resilience4j
+    implementation("org.springframework.cloud:spring-cloud-starter-circuitbreaker-resilience4j")
 }
 
 tasks.withType<Test> {
@@ -326,4 +330,9 @@ tasks.named<org.gradle.api.plugins.quality.Checkstyle>("checkstyleMain") {
     dependsOn(tasks.named("compileTestJava"))
     // QueryDSL generated 폴더 제외 (src/main/generated 기준 상대 경로)
     exclude("com/back/**/entity/Q*.java")
-}
+}
+dependencyManagement {
+    imports {
+        mavenBom("org.springframework.cloud:spring-cloud-dependencies:$springCloudVersion")
+    }
+}

backend/src/main/java/com/back/api/auth/service/AuthService.java

@@ -14,10 +14,10 @@
 import com.back.api.auth.dto.response.AuthResponse;
 import com.back.api.auth.dto.response.TokenResponse;
 import com.back.api.auth.dto.response.UserResponse;
+import com.back.api.auth.store.AuthStore;
 import com.back.domain.auth.entity.ActiveSession;
 import com.back.domain.auth.entity.RefreshToken;
 import com.back.domain.auth.repository.ActiveSessionRepository;
-import com.back.domain.auth.repository.RefreshTokenRedisRepository;
 import com.back.domain.auth.repository.RefreshTokenRepository;
 import com.back.domain.user.entity.User;
 import com.back.domain.user.entity.UserActiveStatus;
@@ -29,9 +29,11 @@
 import com.back.global.utils.TokenHash;
 
 import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 
 @Service
 @RequiredArgsConstructor
+@Slf4j
 public class AuthService {
 
 	private final UserRepository userRepository;
@@ -41,7 +43,7 @@ public class AuthService {
 	private final RefreshTokenRepository refreshTokenRepository;
 	private final ActiveSessionCache activeSessionCache;
 	private final ActiveSessionRepository activeSessionRepository;
-	private final RefreshTokenRedisRepository refreshTokenRedisRepository;
+	private final AuthStore authStore;
 
 	@Transactional
 	public AuthResponse signup(SignupRequest request) {
@@ -103,8 +105,7 @@ public void logout() {
 			.orElseThrow(() -> new ErrorException(AuthErrorCode.ACCESS_OTHER_DEVICE));
 
 		refreshToken.revoke();
-
-		refreshTokenRedisRepository.delete(userId);
+		authStore.deleteRefreshCache(userId);
 
 		// ActiveSession 캐시 무효화
 		activeSessionCache.evict(userId);
@@ -129,7 +130,7 @@ private JwtDto loginAsSingleDevice(User user) {
 		ActiveSession saved = activeSessionRepository.saveAndFlush(session);
 
 		refreshTokenRepository.revokeAllActiveByUserId(user.getId());
-		refreshTokenRedisRepository.delete(user.getId());
+		authStore.deleteRefreshCache(user.getId());
 
 		// 로그인 직후 Redis에 캐싱 불필요 DB접근 최소화
 		ActiveSessionDto dto = ActiveSessionDto.from(saved);

backend/src/main/java/com/back/api/auth/service/AuthTokenService.java

@@ -4,45 +4,48 @@
 import java.time.LocalDateTime;
 
 import org.apache.commons.lang3.StringUtils;
+import org.springframework.dao.DataIntegrityViolationException;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
 import com.back.api.auth.dto.JwtDto;
 import com.back.api.auth.dto.cache.RefreshTokenCache;
+import com.back.api.auth.store.AuthStore;
 import com.back.domain.auth.entity.ActiveSession;
 import com.back.domain.auth.entity.RefreshToken;
-import com.back.domain.auth.repository.RefreshTokenRedisRepository;
 import com.back.domain.auth.repository.RefreshTokenRepository;
 import com.back.domain.user.entity.User;
 import com.back.domain.user.repository.UserRepository;
 import com.back.global.error.code.AuthErrorCode;
 import com.back.global.error.exception.ErrorException;
-import com.back.global.http.HttpRequestContext;
+import com.back.global.http.RequestMetaProvider;
 import com.back.global.security.JwtClaims;
 import com.back.global.security.JwtProvider;
 import com.back.global.utils.TokenHash;
 
 import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 
 @Service
 @RequiredArgsConstructor
+@Slf4j
 public class AuthTokenService {
 
 	private final JwtProvider jwtProvider;
 	private final RefreshTokenRepository tokenRepository;
 	private final UserRepository userRepository;
-	private final HttpRequestContext requestContext;
-	private final RefreshTokenRedisRepository refreshTokenRedisRepository;
+	private final RequestMetaProvider requestMetaProvider;
 	private final SessionGuard sessionGuard;
+	private final AuthStore authStore;
 
 	@Transactional
 	public JwtDto issueTokens(User user, String sessionId, long tokenVersion) {
 		JwtDto dto = createJwtDto(user, sessionId, tokenVersion);
 
-		saveRefreshToRedis(user.getId(), dto.refreshToken(), sessionId, tokenVersion);
-
 		saveRefreshMetaToDB(user, dto.refreshToken(), sessionId, tokenVersion);
 
+		saveRefreshToStoreBestEffort(user.getId(), dto.refreshToken(), sessionId, tokenVersion);
+
 		return dto;
 	}
 
@@ -65,32 +68,91 @@ public JwtDto rotateTokenByRefreshToken(String refreshTokenStr) {
 		long userId = claims.userId();
 		String sid = claims.sessionId();
 		long tokenVersion = claims.tokenVersion();
-
-		// 1. 세션을 읽고 현재 세션과 비교
-		ActiveSession active = sessionGuard.requireActiveSessionForUpdate(userId);
-
-		sessionGuard.assertMatches(active, sid, tokenVersion);
-
-		// 2. Redis 검증: 현재 유효 refresh 인지 확인 (해시 비교)
-		RefreshTokenCache cached = refreshTokenRedisRepository.find(userId)
-			.orElseThrow(() -> new ErrorException(AuthErrorCode.ACCESS_OTHER_DEVICE));
+		String jti = claims.jti();
 
 		String hash = TokenHash.sha256(refreshTokenStr);
-		if (!hash.equals(cached.getRefreshTokenHash())
-			|| !sid.equals(cached.getSessionId())
-			|| tokenVersion != cached.getTokenVersion()) {
+
+		// 캐시에 "현재 유효 refresh"가 들어있다면, 불일치 요청은 DB까지 가지 않고 차단
+		if (tryEarlyRejectByCache(userId, sid, tokenVersion, hash)) {
+			log.warn("ROTATE_EARLY_DENY(cache): userId={} sid={} tokenVersion={} jti={}",
+				userId, sid, tokenVersion, jti);
 			throw new ErrorException(AuthErrorCode.ACCESS_OTHER_DEVICE);
 		}
 
+		// 1. 세션을 읽고 현재 세션과 비교
+		ActiveSession active = sessionGuard.requireActiveSessionForUpdate(userId);
+		sessionGuard.assertMatches(active, sid, tokenVersion);
+
 		int updated = tokenRepository.revokeIfActive(hash);
 		if (updated != 1) {
+			log.warn("Rotate denied by concurrent/invalid refresh userId={} sid={} tokenVersion={}",
+				userId, sid, tokenVersion);
 			throw new ErrorException(AuthErrorCode.ACCESS_OTHER_DEVICE);
 		}
 
 		User user = userRepository.findById(userId)
 			.orElseThrow(() -> new ErrorException(AuthErrorCode.UNAUTHORIZED));
 
-		return issueTokens(user, active.getSessionId(), active.getTokenVersion());
+		try {
+			JwtDto dto = issueTokens(user, active.getSessionId(), active.getTokenVersion());
+			log.info("ROTATE_OK: userId={} sid={} tokenVersion={} oldJti={}", userId, sid, tokenVersion, jti);
+			return dto;
+		} catch (DataIntegrityViolationException e) {
+			// partial unique index(유저당 active 1개) 위반 시그널
+			log.error("ROTATE_CONFLICT: unique active refresh violated userId={} sid={} tokenVersion={} jti={}",
+				userId, sid, tokenVersion, jti, e);
+			throw new ErrorException(AuthErrorCode.ACCESS_OTHER_DEVICE);
+		}
+	}
+
+	private boolean tryEarlyRejectByCache(long userId, String sid, long tokenVersion, String refreshHash) {
+		try {
+			// 캐시가 아예 unavailable 이면(OPEN/timeout) -> DB로
+			if (!authStore.isAvailable()) {
+				return false;
+			}
+
+			return authStore.findRefreshCache(userId)
+				.map(cache ->
+					!refreshHash.equals(cache.getRefreshTokenHash())
+						|| !sid.equals(cache.getSessionId())
+						|| tokenVersion != cache.getTokenVersion())
+				.orElse(false); // cache miss 면 DB로
+		} catch (Exception e) {
+			// Redis 장애는 rotate 자체를 막지 않고 DB로 진행 (가용성)
+			log.warn("Redis cache check failed -> DB fallback. userId={}, cause={}", userId, e.toString());
+			return false;
+		}
+	}
+
+	private void saveRefreshToStoreBestEffort(long userId, String refreshToken, String sid, long tokenVersion) {
+		if (!authStore.isAvailable()) {
+			log.warn("RedisAuthStore unavailable: skip cache write userId={}", userId);
+			return;
+		}
+
+		JwtClaims claims = jwtProvider.payloadOrNull(refreshToken);
+		if (claims == null) {
+			// 캐시에 잘못된 값 저장 방지
+			log.warn("Refresh token claims null: skip cache write userId={}", userId);
+			return;
+		}
+
+		long refreshValiditySeconds = jwtProvider.getRefreshTokenValiditySeconds();
+
+		RefreshTokenCache cache = RefreshTokenCache.builder()
+			.refreshTokenHash(TokenHash.sha256(refreshToken))
+			.sessionId(sid)
+			.tokenVersion(tokenVersion)
+			.jti(claims.jti())
+			.issuedAtEpochMs(System.currentTimeMillis())
+			.build();
+
+		try {
+			authStore.saveRefreshCache(userId, cache, Duration.ofSeconds(refreshValiditySeconds));
+		} catch (Exception e) {
+			log.warn("Cache write failed (ignored). userId={}", userId, e);
+		}
 	}
 
 	private JwtDto createJwtDto(User user, String sessionId, long tokenVersion) {
@@ -119,25 +181,6 @@ private JwtDto createJwtDto(User user, String sessionId, long tokenVersion) {
 		);
 	}
 
-	private void saveRefreshToRedis(long userId, String refreshToken, String sid, long tokenVersion) {
-		JwtClaims claims = jwtProvider.payloadOrNull(refreshToken);
-		if (claims == null) {
-			throw new ErrorException(AuthErrorCode.INVALID_TOKEN);
-		}
-
-		long refreshValiditySeconds = jwtProvider.getRefreshTokenValiditySeconds();
-
-		RefreshTokenCache cache = RefreshTokenCache.builder()
-			.refreshTokenHash(TokenHash.sha256(refreshToken))
-			.sessionId(sid)
-			.tokenVersion(tokenVersion)
-			.jti(claims.jti())
-			.issuedAtEpochMs(System.currentTimeMillis())
-			.build();
-
-		refreshTokenRedisRepository.save(userId, cache, Duration.ofSeconds(refreshValiditySeconds));
-	}
-
 	private void saveRefreshMetaToDB(User user, String refreshToken, String sid, long tokenVersion) {
 		JwtClaims claims = jwtProvider.payloadOrNull(refreshToken);
 		String jti = (claims == null) ? null : claims.jti();
@@ -152,8 +195,8 @@ private void saveRefreshMetaToDB(User user, String refreshToken, String sid, lon
 			.issuedAt(issuedAt)
 			.expiresAt(expiresAt)
 			.revoked(false)
-			.userAgent(requestContext.getUserAgent())
-			.ipAddress(requestContext.getClientIp())
+			.userAgent(requestMetaProvider.userAgent())
+			.ipAddress(requestMetaProvider.clientIp())
 			.sessionId(sid)
 			.tokenVersion(tokenVersion)
 			.build();

backend/src/main/java/com/back/api/auth/store/AuthStore.java

@@ -0,0 +1,16 @@
+package com.back.api.auth.store;
+
+import java.time.Duration;
+import java.util.Optional;
+
+import com.back.api.auth.dto.cache.RefreshTokenCache;
+
+public interface AuthStore {
+	Optional<RefreshTokenCache> findRefreshCache(long userId);
+
+	void saveRefreshCache(long userId, RefreshTokenCache value, Duration ttl);
+
+	void deleteRefreshCache(long userId);
+
+	boolean isAvailable(); // redis 가 건강한지 확인
+}

backend/src/main/java/com/back/api/auth/store/SafeRedisAuthStore.java

@@ -0,0 +1,100 @@
+package com.back.api.auth.store;
+
+import java.time.Duration;
+import java.util.Optional;
+import java.util.concurrent.atomic.AtomicLong;
+
+import org.springframework.cloud.client.circuitbreaker.CircuitBreaker;
+import org.springframework.cloud.client.circuitbreaker.CircuitBreakerFactory;
+import org.springframework.stereotype.Component;
+
+import com.back.api.auth.dto.cache.RefreshTokenCache;
+import com.back.domain.auth.repository.RefreshTokenRedisRepository;
+
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+
+@Component
+@RequiredArgsConstructor
+@Slf4j
+public class SafeRedisAuthStore implements AuthStore {
+
+	private static final String CB_NAME = "redisAuth";
+	private static final long COOL_DOWN_MS = 3000;
+
+	private final RefreshTokenRedisRepository redisRepository;
+	private final CircuitBreakerFactory<?, ?> circuitBreakerFactory;
+
+	// isAvailable()을 매번 ping 하면 비용이 있으니, 최근 실패시간 기반으로 빠르게 false 처리
+	private final AtomicLong lastFailureEpochMs = new AtomicLong(0);
+
+	private CircuitBreaker circuitBreaker() {
+		return circuitBreakerFactory.create(CB_NAME);
+	}
+
+	@Override
+	public Optional<RefreshTokenCache> findRefreshCache(long userId) {
+		return circuitBreaker().run(
+			() -> redisRepository.find(userId),
+			throwable -> {
+				markFailure(throwable, "find", userId);
+				return Optional.empty();
+			}
+		);
+	}
+
+	@Override
+	public void saveRefreshCache(long userId, RefreshTokenCache value, Duration ttl) {
+		circuitBreaker().run(
+			() -> {
+				redisRepository.save(userId, value, ttl);
+				return null;
+			},
+			throwable -> {
+				markFailure(throwable, "save", userId);
+				return null;
+			}
+		);
+	}
+
+	@Override
+	public void deleteRefreshCache(long userId) {
+		circuitBreaker().run(
+			() -> {
+				redisRepository.delete(userId);
+				return null;
+			},
+			throwable -> {
+				markFailure(throwable, "delete", userId);
+				return null;
+			}
+		);
+	}
+
+	@Override
+	public boolean isAvailable() {
+		// 최근에 장애가 났으면 잠깐 false로 보고 빠르게 반환 (ex: 3초)
+		long lastFail = lastFailureEpochMs.get();
+		long now = System.currentTimeMillis();
+		if (lastFail > 0 && (now - lastFail) < COOL_DOWN_MS) {
+			return false;
+		}
+		// circuit breaker 가 run 에 성공하면 true 반환
+		return circuitBreaker().run(
+			() -> true,
+			throwable -> {
+				markFailure(throwable, "available-check", -1L);
+				return false;
+			}
+		);
+	}
+
+	private void markFailure(Throwable throwable, String op, long userId) {
+		lastFailureEpochMs.set(System.currentTimeMillis());
+		if (userId >= 0) {
+			log.warn("Redis op failed. op={}, userId={}, cause={}", op, userId, throwable.toString());
+		} else {
+			log.warn("Redis op failed. op={}, cause={}", op, throwable.toString());
+		}
+	}
+}