From 8b2c7474666d059f4788f32b5fb2527f02638496 Mon Sep 17 00:00:00 2001
From: corpi <lj845854@gmail.com>
Date: Tue, 3 Feb 2026 15:15:38 +0900
Subject: [PATCH] =?UTF-8?q?feat:=20auth=20=EB=B3=B4=EC=9D=BC=EB=9F=AC=20?=
 =?UTF-8?q?=ED=94=8C=EB=A0=88=EC=9D=B4=ED=8A=B8?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .gitignore                                    |   4 +
 build.gradle                                  |  67 +++++
 gradlew                                       | 251 ++++++++++++++++++
 gradlew.bat                                   |  94 +++++++
 settings.gradle                               |   1 +
 .../java/com/boilerplate/Application.java     |  13 +
 .../com/boilerplate/common/ApiResponse.java   |   7 +
 .../common/GlobalExceptionResponse.java       |  18 ++
 .../common/HealthCheckController.java         |  16 ++
 .../com/boilerplate/common/TokenProvider.java | 116 ++++++++
 .../config/properties/TokenProperties.java    |  22 ++
 .../security/JwtAuthenticationFilter.java     |  66 +++++
 .../config/security/JwtConfig.java            |  51 ++++
 .../config/security/SecurityConfig.java       |  65 +++++
 .../config/web/GlobalApiResponseAdvice.java   |  31 +++
 .../config/web/GlobalExceptionHandler.java    |  75 ++++++
 .../auth/api/controller/AuthController.java   |  54 ++++
 .../auth/api/controller/TestController.java   |  24 ++
 .../core/auth/api/dto/req/LoginRequest.java   |  13 +
 .../core/auth/api/dto/req/SignUpRequest.java  |  16 ++
 .../core/auth/api/dto/res/LoginResponse.java  |  17 ++
 .../core/auth/api/dto/res/SignUpResponse.java |  16 ++
 .../core/auth/application/LoginUseCase.java   |  29 ++
 .../auth/application/RegisterUseCase.java     |  40 +++
 .../dto/command/RegisterUseCaseCommand.java   |  17 ++
 .../application/dto/result/LoginResult.java   |  16 ++
 .../dto/result/RegisterUseCaseResult.java     |  17 ++
 .../auth/application/userDetail/User.java     |  66 +++++
 .../userDetail/UserDetailService.java         |  14 +
 .../core/auth/domain/entity/Account.java      |  40 +++
 .../repository/AccountQueryRepository.java    |   4 +
 .../domain/repository/AccountRepository.java  |  11 +
 .../auth/domain/service/AccountService.java   |  59 ++++
 .../repository/AccountQueryDslRepository.java |  11 +
 .../exception/auth/ExistLoginIdException.java |  19 ++
 .../auth/InvalidCredentialsException.java     |  19 ++
 .../common/NotExistEntityException.java       |  19 ++
 .../resources/config/application-local.yaml   |  27 ++
 src/main/resources/config/application.yaml    |  21 ++
 .../resources/db/changelog/changelog.yaml     |   3 +
 src/main/resources/db/master.yaml             |   3 +
 .../db/sql/account/1_create_account.sql       |   0
 .../com/boilerplate/ApplicationTests.java     |  13 +
 43 files changed, 1485 insertions(+)
 create mode 100644 .gitignore
 create mode 100644 build.gradle
 create mode 100755 gradlew
 create mode 100644 gradlew.bat
 create mode 100644 settings.gradle
 create mode 100644 src/main/java/com/boilerplate/Application.java
 create mode 100644 src/main/java/com/boilerplate/common/ApiResponse.java
 create mode 100644 src/main/java/com/boilerplate/common/GlobalExceptionResponse.java
 create mode 100644 src/main/java/com/boilerplate/common/HealthCheckController.java
 create mode 100644 src/main/java/com/boilerplate/common/TokenProvider.java
 create mode 100644 src/main/java/com/boilerplate/config/properties/TokenProperties.java
 create mode 100644 src/main/java/com/boilerplate/config/security/JwtAuthenticationFilter.java
 create mode 100644 src/main/java/com/boilerplate/config/security/JwtConfig.java
 create mode 100644 src/main/java/com/boilerplate/config/security/SecurityConfig.java
 create mode 100644 src/main/java/com/boilerplate/config/web/GlobalApiResponseAdvice.java
 create mode 100644 src/main/java/com/boilerplate/config/web/GlobalExceptionHandler.java
 create mode 100644 src/main/java/com/boilerplate/core/auth/api/controller/AuthController.java
 create mode 100644 src/main/java/com/boilerplate/core/auth/api/controller/TestController.java
 create mode 100644 src/main/java/com/boilerplate/core/auth/api/dto/req/LoginRequest.java
 create mode 100644 src/main/java/com/boilerplate/core/auth/api/dto/req/SignUpRequest.java
 create mode 100644 src/main/java/com/boilerplate/core/auth/api/dto/res/LoginResponse.java
 create mode 100644 src/main/java/com/boilerplate/core/auth/api/dto/res/SignUpResponse.java
 create mode 100644 src/main/java/com/boilerplate/core/auth/application/LoginUseCase.java
 create mode 100644 src/main/java/com/boilerplate/core/auth/application/RegisterUseCase.java
 create mode 100644 src/main/java/com/boilerplate/core/auth/application/dto/command/RegisterUseCaseCommand.java
 create mode 100644 src/main/java/com/boilerplate/core/auth/application/dto/result/LoginResult.java
 create mode 100644 src/main/java/com/boilerplate/core/auth/application/dto/result/RegisterUseCaseResult.java
 create mode 100644 src/main/java/com/boilerplate/core/auth/application/userDetail/User.java
 create mode 100644 src/main/java/com/boilerplate/core/auth/application/userDetail/UserDetailService.java
 create mode 100644 src/main/java/com/boilerplate/core/auth/domain/entity/Account.java
 create mode 100644 src/main/java/com/boilerplate/core/auth/domain/repository/AccountQueryRepository.java
 create mode 100644 src/main/java/com/boilerplate/core/auth/domain/repository/AccountRepository.java
 create mode 100644 src/main/java/com/boilerplate/core/auth/domain/service/AccountService.java
 create mode 100644 src/main/java/com/boilerplate/core/auth/infra/repository/AccountQueryDslRepository.java
 create mode 100644 src/main/java/com/boilerplate/core/exception/auth/ExistLoginIdException.java
 create mode 100644 src/main/java/com/boilerplate/core/exception/auth/InvalidCredentialsException.java
 create mode 100644 src/main/java/com/boilerplate/core/exception/common/NotExistEntityException.java
 create mode 100644 src/main/resources/config/application-local.yaml
 create mode 100644 src/main/resources/config/application.yaml
 create mode 100644 src/main/resources/db/changelog/changelog.yaml
 create mode 100644 src/main/resources/db/master.yaml
 create mode 100644 src/main/resources/db/sql/account/1_create_account.sql
 create mode 100644 src/test/java/com/boilerplate/ApplicationTests.java

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..c84f08c
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,4 @@
+.idea
+gradle
+build
+.gradle
diff --git a/build.gradle b/build.gradle
new file mode 100644
index 0000000..3502735
--- /dev/null
+++ b/build.gradle
@@ -0,0 +1,67 @@
+plugins {
+	id 'java'
+	id 'org.springframework.boot' version '3.5.8'
+	id 'io.spring.dependency-management' version '1.1.7'
+}
+
+group = 'com.boilerplate'
+version = '0.0.1'
+description = ''
+
+java {
+	toolchain {
+		languageVersion = JavaLanguageVersion.of(17)
+	}
+}
+
+configurations {
+	compileOnly {
+		extendsFrom annotationProcessor
+	}
+}
+
+repositories {
+	mavenCentral()
+}
+
+dependencies {
+	implementation 'org.springframework.boot:spring-boot-starter-actuator'
+	implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
+	implementation 'org.springframework.boot:spring-boot-starter-security'
+	implementation 'org.springframework.boot:spring-boot-starter-web'
+	implementation 'org.liquibase:liquibase-core'
+	compileOnly 'org.projectlombok:lombok'
+	developmentOnly 'org.springframework.boot:spring-boot-devtools'
+
+	implementation 'io.github.openfeign.querydsl:querydsl-jpa:5.6.1:jakarta'
+	annotationProcessor 'io.github.openfeign.querydsl:querydsl-apt:5.6.1:jakarta'
+
+	annotationProcessor 'jakarta.annotation:jakarta.annotation-api'
+	annotationProcessor 'jakarta.persistence:jakarta.persistence-api'
+
+	runtimeOnly 'com.mysql:mysql-connector-j'
+	runtimeOnly 'io.micrometer:micrometer-registry-prometheus'
+	annotationProcessor 'org.projectlombok:lombok'
+	testImplementation 'org.springframework.boot:spring-boot-starter-test'
+	testImplementation 'org.springframework.security:spring-security-test'
+	testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
+
+	// JWT
+	implementation 'io.jsonwebtoken:jjwt-api:0.11.5'
+	runtimeOnly 'io.jsonwebtoken:jjwt-impl:0.11.5'
+	runtimeOnly 'io.jsonwebtoken:jjwt-jackson:0.11.5'
+}
+
+tasks.named('test') {
+	useJUnitPlatform()
+}
+
+def querydslDir = "build/generated/querydsl"
+
+sourceSets {
+	main.java.srcDir querydslDir
+}
+
+tasks.withType(JavaCompile).configureEach {
+	options.generatedSourceOutputDirectory = file(querydslDir)
+}
\ No newline at end of file
diff --git a/gradlew b/gradlew
new file mode 100755
index 0000000..faf9300
--- /dev/null
+++ b/gradlew
@@ -0,0 +1,251 @@
+#!/bin/sh
+
+#
+# Copyright © 2015-2021 the original authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+#
+
+##############################################################################
+#
+#   Gradle start up script for POSIX generated by Gradle.
+#
+#   Important for running:
+#
+#   (1) You need a POSIX-compliant shell to run this script. If your /bin/sh is
+#       noncompliant, but you have some other compliant shell such as ksh or
+#       bash, then to run this script, type that shell name before the whole
+#       command line, like:
+#
+#           ksh Gradle
+#
+#       Busybox and similar reduced shells will NOT work, because this script
+#       requires all of these POSIX shell features:
+#         * functions;
+#         * expansions «$var», «${var}», «${var:-default}», «${var+SET}»,
+#           «${var#prefix}», «${var%suffix}», and «$( cmd )»;
+#         * compound commands having a testable exit status, especially «case»;
+#         * various built-in commands including «command», «set», and «ulimit».
+#
+#   Important for patching:
+#
+#   (2) This script targets any POSIX shell, so it avoids extensions provided
+#       by Bash, Ksh, etc; in particular arrays are avoided.
+#
+#       The "traditional" practice of packing multiple parameters into a
+#       space-separated string is a well documented source of bugs and security
+#       problems, so this is (mostly) avoided, by progressively accumulating
+#       options in "$@", and eventually passing that to Java.
+#
+#       Where the inherited environment variables (DEFAULT_JVM_OPTS, JAVA_OPTS,
+#       and GRADLE_OPTS) rely on word-splitting, this is performed explicitly;
+#       see the in-line comments for details.
+#
+#       There are tweaks for specific operating systems such as AIX, CygWin,
+#       Darwin, MinGW, and NonStop.
+#
+#   (3) This script is generated from the Groovy template
+#       https://github.com/gradle/gradle/blob/HEAD/platforms/jvm/plugins-application/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
+#       within the Gradle project.
+#
+#       You can find Gradle at https://github.com/gradle/gradle/.
+#
+##############################################################################
+
+# Attempt to set APP_HOME
+
+# Resolve links: $0 may be a link
+app_path=$0
+
+# Need this for daisy-chained symlinks.
+while
+    APP_HOME=${app_path%"${app_path##*/}"}  # leaves a trailing /; empty if no leading path
+    [ -h "$app_path" ]
+do
+    ls=$( ls -ld "$app_path" )
+    link=${ls#*' -> '}
+    case $link in             #(
+      /*)   app_path=$link ;; #(
+      *)    app_path=$APP_HOME$link ;;
+    esac
+done
+
+# This is normally unused
+# shellcheck disable=SC2034
+APP_BASE_NAME=${0##*/}
+# Discard cd standard output in case $CDPATH is set (https://github.com/gradle/gradle/issues/25036)
+APP_HOME=$( cd -P "${APP_HOME:-./}" > /dev/null && printf '%s\n' "$PWD" ) || exit
+
+# Use the maximum available, or set MAX_FD != -1 to use that value.
+MAX_FD=maximum
+
+warn () {
+    echo "$*"
+} >&2
+
+die () {
+    echo
+    echo "$*"
+    echo
+    exit 1
+} >&2
+
+# OS specific support (must be 'true' or 'false').
+cygwin=false
+msys=false
+darwin=false
+nonstop=false
+case "$( uname )" in                #(
+  CYGWIN* )         cygwin=true  ;; #(
+  Darwin* )         darwin=true  ;; #(
+  MSYS* | MINGW* )  msys=true    ;; #(
+  NONSTOP* )        nonstop=true ;;
+esac
+
+CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar
+
+
+# Determine the Java command to use to start the JVM.
+if [ -n "$JAVA_HOME" ] ; then
+    if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
+        # IBM's JDK on AIX uses strange locations for the executables
+        JAVACMD=$JAVA_HOME/jre/sh/java
+    else
+        JAVACMD=$JAVA_HOME/bin/java
+    fi
+    if [ ! -x "$JAVACMD" ] ; then
+        die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME
+
+Please set the JAVA_HOME variable in your environment to match the
+location of your Java installation."
+    fi
+else
+    JAVACMD=java
+    if ! command -v java >/dev/null 2>&1
+    then
+        die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
+
+Please set the JAVA_HOME variable in your environment to match the
+location of your Java installation."
+    fi
+fi
+
+# Increase the maximum file descriptors if we can.
+if ! "$cygwin" && ! "$darwin" && ! "$nonstop" ; then
+    case $MAX_FD in #(
+      max*)
+        # In POSIX sh, ulimit -H is undefined. That's why the result is checked to see if it worked.
+        # shellcheck disable=SC2039,SC3045
+        MAX_FD=$( ulimit -H -n ) ||
+            warn "Could not query maximum file descriptor limit"
+    esac
+    case $MAX_FD in  #(
+      '' | soft) :;; #(
+      *)
+        # In POSIX sh, ulimit -n is undefined. That's why the result is checked to see if it worked.
+        # shellcheck disable=SC2039,SC3045
+        ulimit -n "$MAX_FD" ||
+            warn "Could not set maximum file descriptor limit to $MAX_FD"
+    esac
+fi
+
+# Collect all arguments for the java command, stacking in reverse order:
+#   * args from the command line
+#   * the main class name
+#   * -classpath
+#   * -D...appname settings
+#   * --module-path (only if needed)
+#   * DEFAULT_JVM_OPTS, JAVA_OPTS, and GRADLE_OPTS environment variables.
+
+# For Cygwin or MSYS, switch paths to Windows format before running java
+if "$cygwin" || "$msys" ; then
+    APP_HOME=$( cygpath --path --mixed "$APP_HOME" )
+    CLASSPATH=$( cygpath --path --mixed "$CLASSPATH" )
+
+    JAVACMD=$( cygpath --unix "$JAVACMD" )
+
+    # Now convert the arguments - kludge to limit ourselves to /bin/sh
+    for arg do
+        if
+            case $arg in                                #(
+              -*)   false ;;                            # don't mess with options #(
+              /?*)  t=${arg#/} t=/${t%%/*}              # looks like a POSIX filepath
+                    [ -e "$t" ] ;;                      #(
+              *)    false ;;
+            esac
+        then
+            arg=$( cygpath --path --ignore --mixed "$arg" )
+        fi
+        # Roll the args list around exactly as many times as the number of
+        # args, so each arg winds up back in the position where it started, but
+        # possibly modified.
+        #
+        # NB: a `for` loop captures its iteration list before it begins, so
+        # changing the positional parameters here affects neither the number of
+        # iterations, nor the values presented in `arg`.
+        shift                   # remove old arg
+        set -- "$@" "$arg"      # push replacement arg
+    done
+fi
+
+
+# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
+DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
+
+# Collect all arguments for the java command:
+#   * DEFAULT_JVM_OPTS, JAVA_OPTS, and optsEnvironmentVar are not allowed to contain shell fragments,
+#     and any embedded shellness will be escaped.
+#   * For example: A user cannot expect ${Hostname} to be expanded, as it is an environment variable and will be
+#     treated as '${Hostname}' itself on the command line.
+
+set -- \
+        "-Dorg.gradle.appname=$APP_BASE_NAME" \
+        -classpath "$CLASSPATH" \
+        org.gradle.wrapper.GradleWrapperMain \
+        "$@"
+
+# Stop when "xargs" is not available.
+if ! command -v xargs >/dev/null 2>&1
+then
+    die "xargs is not available"
+fi
+
+# Use "xargs" to parse quoted args.
+#
+# With -n1 it outputs one arg per line, with the quotes and backslashes removed.
+#
+# In Bash we could simply go:
+#
+#   readarray ARGS < <( xargs -n1 <<<"$var" ) &&
+#   set -- "${ARGS[@]}" "$@"
+#
+# but POSIX shell has neither arrays nor command substitution, so instead we
+# post-process each arg (as a line of input to sed) to backslash-escape any
+# character that might be a shell metacharacter, then use eval to reverse
+# that process (while maintaining the separation between arguments), and wrap
+# the whole thing up as a single "set" statement.
+#
+# This will of course break if any of these variables contains a newline or
+# an unmatched quote.
+#
+
+eval "set -- $(
+        printf '%s\n' "$DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS" |
+        xargs -n1 |
+        sed ' s~[^-[:alnum:]+,./:=@_]~\\&~g; ' |
+        tr '\n' ' '
+    )" '"$@"'
+
+exec "$JAVACMD" "$@"
diff --git a/gradlew.bat b/gradlew.bat
new file mode 100644
index 0000000..9b42019
--- /dev/null
+++ b/gradlew.bat
@@ -0,0 +1,94 @@
+@rem
+@rem Copyright 2015 the original author or authors.
+@rem
+@rem Licensed under the Apache License, Version 2.0 (the "License");
+@rem you may not use this file except in compliance with the License.
+@rem You may obtain a copy of the License at
+@rem
+@rem      https://www.apache.org/licenses/LICENSE-2.0
+@rem
+@rem Unless required by applicable law or agreed to in writing, software
+@rem distributed under the License is distributed on an "AS IS" BASIS,
+@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+@rem See the License for the specific language governing permissions and
+@rem limitations under the License.
+@rem
+@rem SPDX-License-Identifier: Apache-2.0
+@rem
+
+@if "%DEBUG%"=="" @echo off
+@rem ##########################################################################
+@rem
+@rem  Gradle startup script for Windows
+@rem
+@rem ##########################################################################
+
+@rem Set local scope for the variables with windows NT shell
+if "%OS%"=="Windows_NT" setlocal
+
+set DIRNAME=%~dp0
+if "%DIRNAME%"=="" set DIRNAME=.
+@rem This is normally unused
+set APP_BASE_NAME=%~n0
+set APP_HOME=%DIRNAME%
+
+@rem Resolve any "." and ".." in APP_HOME to make it shorter.
+for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi
+
+@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
+set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m"
+
+@rem Find java.exe
+if defined JAVA_HOME goto findJavaFromJavaHome
+
+set JAVA_EXE=java.exe
+%JAVA_EXE% -version >NUL 2>&1
+if %ERRORLEVEL% equ 0 goto execute
+
+echo. 1>&2
+echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. 1>&2
+echo. 1>&2
+echo Please set the JAVA_HOME variable in your environment to match the 1>&2
+echo location of your Java installation. 1>&2
+
+goto fail
+
+:findJavaFromJavaHome
+set JAVA_HOME=%JAVA_HOME:"=%
+set JAVA_EXE=%JAVA_HOME%/bin/java.exe
+
+if exist "%JAVA_EXE%" goto execute
+
+echo. 1>&2
+echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% 1>&2
+echo. 1>&2
+echo Please set the JAVA_HOME variable in your environment to match the 1>&2
+echo location of your Java installation. 1>&2
+
+goto fail
+
+:execute
+@rem Setup the command line
+
+set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar
+
+
+@rem Execute Gradle
+"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %*
+
+:end
+@rem End local scope for the variables with windows NT shell
+if %ERRORLEVEL% equ 0 goto mainEnd
+
+:fail
+rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of
+rem the _cmd.exe /c_ return code!
+set EXIT_CODE=%ERRORLEVEL%
+if %EXIT_CODE% equ 0 set EXIT_CODE=1
+if not ""=="%GRADLE_EXIT_CONSOLE%" exit %EXIT_CODE%
+exit /b %EXIT_CODE%
+
+:mainEnd
+if "%OS%"=="Windows_NT" endlocal
+
+:omega
diff --git a/settings.gradle b/settings.gradle
new file mode 100644
index 0000000..ac5fb66
--- /dev/null
+++ b/settings.gradle
@@ -0,0 +1 @@
+rootProject.name = 'boilerplate'
\ No newline at end of file
diff --git a/src/main/java/com/boilerplate/Application.java b/src/main/java/com/boilerplate/Application.java
new file mode 100644
index 0000000..7a4e287
--- /dev/null
+++ b/src/main/java/com/boilerplate/Application.java
@@ -0,0 +1,13 @@
+package com.boilerplate;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+@SpringBootApplication
+public class Application {
+
+	public static void main(String[] args) {
+		SpringApplication.run(Application.class, args);
+	}
+
+}
diff --git a/src/main/java/com/boilerplate/common/ApiResponse.java b/src/main/java/com/boilerplate/common/ApiResponse.java
new file mode 100644
index 0000000..8fed168
--- /dev/null
+++ b/src/main/java/com/boilerplate/common/ApiResponse.java
@@ -0,0 +1,7 @@
+package com.boilerplate.common;
+
+public record ApiResponse<T>(T data) {
+    public static <T> ApiResponse<T> ok(T data) {
+        return new ApiResponse<>(data);
+    }
+}
\ No newline at end of file
diff --git a/src/main/java/com/boilerplate/common/GlobalExceptionResponse.java b/src/main/java/com/boilerplate/common/GlobalExceptionResponse.java
new file mode 100644
index 0000000..e9670e6
--- /dev/null
+++ b/src/main/java/com/boilerplate/common/GlobalExceptionResponse.java
@@ -0,0 +1,18 @@
+package com.boilerplate.common;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+
+@Builder
+@AllArgsConstructor
+@NoArgsConstructor
+@Getter
+public class GlobalExceptionResponse {
+
+    private int code;
+    private String message;
+    private String status;
+    private String instance;
+}
\ No newline at end of file
diff --git a/src/main/java/com/boilerplate/common/HealthCheckController.java b/src/main/java/com/boilerplate/common/HealthCheckController.java
new file mode 100644
index 0000000..675a39e
--- /dev/null
+++ b/src/main/java/com/boilerplate/common/HealthCheckController.java
@@ -0,0 +1,16 @@
+package com.boilerplate.common;
+
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+@RequestMapping("/health-check")
+public class HealthCheckController {
+
+    @GetMapping
+    public ResponseEntity<Boolean> healthCheck() {
+        return ResponseEntity.ok(true);
+    }
+}
diff --git a/src/main/java/com/boilerplate/common/TokenProvider.java b/src/main/java/com/boilerplate/common/TokenProvider.java
new file mode 100644
index 0000000..9de1ada
--- /dev/null
+++ b/src/main/java/com/boilerplate/common/TokenProvider.java
@@ -0,0 +1,116 @@
+package com.boilerplate.common;
+
+import com.boilerplate.core.auth.application.userDetail.User;
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.JwtException;
+import io.jsonwebtoken.JwtParser;
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.SignatureAlgorithm;
+import java.time.Duration;
+import java.time.Instant;
+import java.util.Date;
+import java.util.List;
+import javax.crypto.SecretKey;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+
+@Slf4j
+@RequiredArgsConstructor
+public class TokenProvider {
+    private final String issuer;
+    private final SecretKey key;
+    private final JwtParser parser;
+    private final Duration accessToken;
+    private final Duration refreshToken;
+
+    /** Access Token 생성 */
+    public String createUserAccessToken(Long accountId) {
+        Instant now = Instant.now();
+        Instant exp = now.plus(accessToken);
+
+        return Jwts.builder()
+            .setIssuer(issuer)
+            .setSubject(accountId.toString())
+            .setIssuedAt(Date.from(now))
+            .setExpiration(Date.from(exp))
+            .claim("typ", "access")
+            .claim("roles", User.roles)
+            .signWith(key, SignatureAlgorithm.HS256)
+            .compact();
+    }
+
+    /** Refresh Token 생성 */
+    public String createUserRefreshToken(Long accountId) {
+        Instant now = Instant.now();
+        Instant exp = now.plus(refreshToken);
+
+        return Jwts.builder()
+            .setIssuer(issuer)
+            .setSubject(accountId.toString())
+            .setIssuedAt(Date.from(now))
+            .setExpiration(Date.from(exp))
+            .claim("typ", "refresh")
+            .signWith(key, SignatureAlgorithm.HS256)
+            .compact();
+    }
+
+    /** 서명/만료/issuer 검증 */
+    public boolean validate(String token) {
+        try {
+            parser.parseClaimsJws(stripBearer(token));
+            return true;
+        } catch (JwtException | IllegalArgumentException e) {
+            return false;
+        }
+    }
+
+    /** Access 토큰인지(typ=access)까지 확인 */
+    public boolean validateAccessToken(String token) {
+        try {
+            log.info("액세스 토큰 검증");
+            log.info(token);
+
+            Claims claims = getClaims(token);
+
+            log.info("sub: {}", claims.getSubject());
+            log.info("typ: {}", claims.get("typ", String.class));
+
+            return "access".equals(claims.get("typ", String.class));
+        } catch (JwtException | IllegalArgumentException e) {
+            log.error(e.getMessage());
+            return false;
+        }
+    }
+
+    /** Refresh 토큰인지(typ=refresh)까지 확인 */
+    public boolean validateRefreshToken(String token) {
+        try {
+            Claims claims = getClaims(token);
+            return "refresh".equals(claims.get("typ", String.class));
+        } catch (JwtException | IllegalArgumentException e) {
+            return false;
+        }
+    }
+
+    /** Claims 추출(검증 포함) */
+    public Claims getClaims(String token) {
+        return parser.parseClaimsJws(stripBearer(token)).getBody();
+    }
+
+    public String getSubject(String token) {
+        return getClaims(token).getSubject();
+    }
+
+    public Instant getExpiresAt(String token) {
+        return getClaims(token).getExpiration().toInstant();
+    }
+
+    public List<String> getRoles(String token) {
+        return getClaims(token).get("roles", List.class);
+    }
+
+    private String stripBearer(String token) {
+        if (token == null || !token.startsWith("Bearer ")) return null;
+        return token.substring(7);
+    }
+}
\ No newline at end of file
diff --git a/src/main/java/com/boilerplate/config/properties/TokenProperties.java b/src/main/java/com/boilerplate/config/properties/TokenProperties.java
new file mode 100644
index 0000000..e5455d4
--- /dev/null
+++ b/src/main/java/com/boilerplate/config/properties/TokenProperties.java
@@ -0,0 +1,22 @@
+package com.boilerplate.config.properties;
+
+import java.time.Duration;
+import lombok.Getter;
+import lombok.Setter;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+
+@ConfigurationProperties(prefix = "token")
+@Getter
+@Setter
+public class TokenProperties {
+    private String secret;
+    private String issuer;
+    private Lifetime lifetime;
+
+    @Getter
+    @Setter
+    public static class Lifetime {
+        private Duration accessToken;
+        private Duration refreshToken;
+    }
+}
diff --git a/src/main/java/com/boilerplate/config/security/JwtAuthenticationFilter.java b/src/main/java/com/boilerplate/config/security/JwtAuthenticationFilter.java
new file mode 100644
index 0000000..6ace3a9
--- /dev/null
+++ b/src/main/java/com/boilerplate/config/security/JwtAuthenticationFilter.java
@@ -0,0 +1,66 @@
+package com.boilerplate.config.security;
+
+import com.boilerplate.common.TokenProvider;
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import lombok.RequiredArgsConstructor;
+import org.springframework.http.MediaType;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.util.AntPathMatcher;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+import java.io.IOException;
+
+@RequiredArgsConstructor
+public class JwtAuthenticationFilter extends OncePerRequestFilter {
+    private final TokenProvider tokenProvider;
+    private final UserDetailsService userDetailsService;
+    private final AntPathMatcher pathMatcher = new AntPathMatcher();
+    private final String[] permitAllPatterns;
+
+    @Override
+    protected boolean shouldNotFilter(HttpServletRequest request) {
+        String path = request.getRequestURI();
+        for (String pattern : permitAllPatterns) {
+            if (pathMatcher.match(pattern, path)) {
+                return true;
+            }
+        }
+        return false;
+    }
+
+    @Override
+    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
+        throws ServletException, IOException {
+
+        String authHeader = request.getHeader("Authorization");
+        String token = (authHeader != null && authHeader.startsWith("Bearer ")) ? authHeader.substring(7) : null;
+
+        if (token == null || token.isBlank()) {
+            filterChain.doFilter(request, response);
+            return;
+        }
+
+        // 토큰이 있는데 유효하지 않으면 401로 즉시 종료
+        if (!tokenProvider.validateAccessToken(token)) {
+            SecurityContextHolder.clearContext();
+            response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+            response.setContentType(MediaType.APPLICATION_JSON_VALUE);
+            response.getWriter().write("{\"message\":\"유효하지 않은 토큰\"}");
+            return;
+        }
+
+        // 유효하면 인증 객체 세팅
+        String accountId = tokenProvider.getSubject(token);
+        UserDetails user = userDetailsService.loadUserByUsername(accountId);
+        SecurityContextHolder.getContext()
+            .setAuthentication(new UsernamePasswordAuthenticationToken(user, null, user.getAuthorities()));
+
+        filterChain.doFilter(request, response);
+    }
+}
diff --git a/src/main/java/com/boilerplate/config/security/JwtConfig.java b/src/main/java/com/boilerplate/config/security/JwtConfig.java
new file mode 100644
index 0000000..bc817eb
--- /dev/null
+++ b/src/main/java/com/boilerplate/config/security/JwtConfig.java
@@ -0,0 +1,51 @@
+package com.boilerplate.config.security;
+
+import com.boilerplate.common.TokenProvider;
+import com.boilerplate.config.properties.TokenProperties;
+import io.jsonwebtoken.JwtParser;
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.io.Decoders;
+import io.jsonwebtoken.security.Keys;
+import javax.crypto.SecretKey;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.util.StringUtils;
+
+@Configuration
+@EnableConfigurationProperties(TokenProperties.class)
+public class JwtConfig {
+
+    @Bean
+    public SecretKey jwtSecretKey(TokenProperties props) {
+        byte[] keyBytes = Decoders.BASE64.decode(props.getSecret());
+        return Keys.hmacShaKeyFor(keyBytes);
+    }
+
+    @Bean
+    public JwtParser jwtParser(TokenProperties props, SecretKey jwtSecretKey) {
+        String issuer = effectiveIssuer(props);
+
+        return Jwts.parserBuilder()
+            .setSigningKey(jwtSecretKey)
+            .requireIssuer(issuer)
+            .build();
+    }
+
+    @Bean
+    public TokenProvider tokenProvider(TokenProperties props, SecretKey jwtSecretKey, JwtParser jwtParser) {
+        String issuer = effectiveIssuer(props);
+
+        return new TokenProvider(
+            issuer,
+            jwtSecretKey,
+            jwtParser,
+            props.getLifetime().getAccessToken(),
+            props.getLifetime().getRefreshToken()
+        );
+    }
+
+    private String effectiveIssuer(TokenProperties props) {
+        return StringUtils.hasText(props.getIssuer()) ? props.getIssuer() : "audio";
+    }
+}
diff --git a/src/main/java/com/boilerplate/config/security/SecurityConfig.java b/src/main/java/com/boilerplate/config/security/SecurityConfig.java
new file mode 100644
index 0000000..0a42bcb
--- /dev/null
+++ b/src/main/java/com/boilerplate/config/security/SecurityConfig.java
@@ -0,0 +1,65 @@
+package com.boilerplate.config.security;
+
+import com.boilerplate.common.TokenProvider;
+import jakarta.servlet.http.HttpServletResponse;
+import lombok.RequiredArgsConstructor;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.http.MediaType;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+
+@Configuration
+@RequiredArgsConstructor
+public class SecurityConfig {
+
+    private static final String[] allAuthorizedUrls = {
+        "/health-check",
+        "/api/v1/auth/**"
+    };
+
+    @Bean
+    public JwtAuthenticationFilter jwtAuthenticationFilter(
+        TokenProvider tokenProvider,
+        UserDetailsService userDetailsService
+    ) {
+        return new JwtAuthenticationFilter(tokenProvider, userDetailsService, allAuthorizedUrls);
+    }
+
+    @Bean
+    public SecurityFilterChain securityFilterChain(HttpSecurity http, JwtAuthenticationFilter jwtFilter) throws Exception {
+        http.csrf(AbstractHttpConfigurer::disable)
+            .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
+            .authorizeHttpRequests(auth -> auth
+                .requestMatchers(allAuthorizedUrls).permitAll()
+                .anyRequest().authenticated()
+            )
+            .addFilterBefore(jwtFilter, UsernamePasswordAuthenticationFilter.class)
+            .exceptionHandling(ex -> ex
+                // 인증이 아예 없을 때(토큰 없음 등) -> 401
+                .authenticationEntryPoint((request, response, authException) -> {
+                    response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+                    response.setContentType(MediaType.APPLICATION_JSON_VALUE);
+                    response.getWriter().write("{\"message\":\"Unauthorized\"}");
+                })
+                // 인증은 됐는데 권한이 없을 때 -> 403
+                .accessDeniedHandler((request, response, accessDeniedException) -> {
+                    response.setStatus(HttpServletResponse.SC_FORBIDDEN);
+                    response.setContentType(MediaType.APPLICATION_JSON_VALUE);
+                    response.getWriter().write("{\"message\":\"Forbidden\"}");
+                })
+            );
+        return http.build();
+    }
+
+    @Bean
+    public PasswordEncoder passwordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
+}
diff --git a/src/main/java/com/boilerplate/config/web/GlobalApiResponseAdvice.java b/src/main/java/com/boilerplate/config/web/GlobalApiResponseAdvice.java
new file mode 100644
index 0000000..5ed762d
--- /dev/null
+++ b/src/main/java/com/boilerplate/config/web/GlobalApiResponseAdvice.java
@@ -0,0 +1,31 @@
+package com.boilerplate.config.web;
+
+import com.boilerplate.common.ApiResponse;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.core.MethodParameter;
+import org.springframework.http.MediaType;
+import org.springframework.http.ResponseEntity;
+import org.springframework.http.converter.HttpMessageConverter;
+import org.springframework.http.server.ServerHttpRequest;
+import org.springframework.http.server.ServerHttpResponse;
+import org.springframework.web.bind.annotation.ControllerAdvice;
+import org.springframework.web.servlet.mvc.method.annotation.ResponseBodyAdvice;
+
+@Slf4j
+@ControllerAdvice
+public class GlobalApiResponseAdvice implements ResponseBodyAdvice<Object> {
+    @Override
+    public boolean supports(MethodParameter returnType, Class<? extends HttpMessageConverter<?>> converterType) {
+        return returnType.getParameterType().equals(ResponseEntity.class);
+    }
+
+    @Override
+    public Object beforeBodyWrite(
+            Object body, MethodParameter returnType,
+            MediaType selectedContentType,
+            Class<? extends HttpMessageConverter<?>> selectedConverterType,
+            ServerHttpRequest request, ServerHttpResponse response) {
+
+        return ApiResponse.ok(body);
+    }
+}
diff --git a/src/main/java/com/boilerplate/config/web/GlobalExceptionHandler.java b/src/main/java/com/boilerplate/config/web/GlobalExceptionHandler.java
new file mode 100644
index 0000000..f123a34
--- /dev/null
+++ b/src/main/java/com/boilerplate/config/web/GlobalExceptionHandler.java
@@ -0,0 +1,75 @@
+package com.boilerplate.config.web;
+
+import com.boilerplate.common.GlobalExceptionResponse;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.HttpStatusCode;
+import org.springframework.http.ResponseEntity;
+import org.springframework.security.access.AccessDeniedException;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.web.AuthenticationEntryPoint;
+import org.springframework.security.web.access.AccessDeniedHandler;
+import org.springframework.web.ErrorResponseException;
+import org.springframework.web.bind.annotation.RestControllerAdvice;
+import org.springframework.web.context.request.ServletWebRequest;
+import org.springframework.web.context.request.WebRequest;
+import org.springframework.web.servlet.mvc.method.annotation.ResponseEntityExceptionHandler;
+
+@RestControllerAdvice
+@Slf4j
+public class GlobalExceptionHandler extends ResponseEntityExceptionHandler
+    implements AccessDeniedHandler, AuthenticationEntryPoint {
+
+    @Override
+    protected ResponseEntity<Object> handleErrorResponseException(
+        ErrorResponseException ex, HttpHeaders headers,
+        HttpStatusCode status, WebRequest request
+    ) {
+        HttpStatus httpStatus = HttpStatus.valueOf(ex.getStatusCode().value());
+
+        String message = ex.getBody().getDetail() != null
+            ? ex.getBody().getDetail()
+            : ex.getMessage();
+
+        String uri = null;
+        if (request instanceof ServletWebRequest servletWebRequest) {
+            HttpServletRequest httpReq = servletWebRequest.getRequest();
+            String queryString = httpReq.getQueryString();
+
+            uri = httpReq.getRequestURI();
+            if (queryString != null) {
+                uri += "?" + queryString;
+            }
+        }
+
+        GlobalExceptionResponse body = GlobalExceptionResponse.builder()
+            .code(httpStatus.value())
+            .message(message)
+            .status(httpStatus.name())
+            .instance(uri)
+            .build();
+
+        return ResponseEntity.status(httpStatus).body(body);
+    }
+
+    @Override
+    public void commence(
+        HttpServletRequest request, HttpServletResponse response,
+        AuthenticationException authException
+    ) throws IOException, ServletException {
+
+    }
+
+    @Override
+    public void handle(
+        HttpServletRequest request, HttpServletResponse response,
+        AccessDeniedException accessDeniedException
+    ) throws IOException, ServletException {
+
+    }
+}
diff --git a/src/main/java/com/boilerplate/core/auth/api/controller/AuthController.java b/src/main/java/com/boilerplate/core/auth/api/controller/AuthController.java
new file mode 100644
index 0000000..8af60fe
--- /dev/null
+++ b/src/main/java/com/boilerplate/core/auth/api/controller/AuthController.java
@@ -0,0 +1,54 @@
+package com.boilerplate.core.auth.api.controller;
+
+import com.boilerplate.core.auth.api.dto.req.LoginRequest;
+import com.boilerplate.core.auth.api.dto.req.SignUpRequest;
+import com.boilerplate.core.auth.api.dto.res.LoginResponse;
+import com.boilerplate.core.auth.api.dto.res.SignUpResponse;
+import com.boilerplate.core.auth.application.LoginUseCase;
+import com.boilerplate.core.auth.application.RegisterUseCase;
+import com.boilerplate.core.auth.application.dto.command.RegisterUseCaseCommand;
+import com.boilerplate.core.auth.application.dto.result.LoginResult;
+import com.boilerplate.core.auth.application.dto.result.RegisterUseCaseResult;
+import lombok.RequiredArgsConstructor;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+@RequestMapping("/api/v1/auth")
+@RequiredArgsConstructor
+public class AuthController {
+
+    private final RegisterUseCase registerUseCase;
+    private final LoginUseCase loginUseCase;
+
+    @PostMapping("/register")
+    public ResponseEntity<SignUpResponse> register(
+        @RequestBody SignUpRequest request
+    ) {
+        RegisterUseCaseResult result = registerUseCase.execute(
+            RegisterUseCaseCommand.builder().loginId(request.getLoginId()).password(request.getPassword()).build());
+
+        SignUpResponse response = SignUpResponse.builder()
+            .accessToken(result.getAccessToken())
+            .refreshToken(result.getRefreshToken())
+            .build();
+
+        return ResponseEntity.ok(response);
+    }
+
+    @PostMapping("/login")
+    public ResponseEntity<LoginResponse> login(
+        @RequestBody LoginRequest request
+    ) {
+        LoginResult result = loginUseCase.execute(request.getLoginId(), request.getPassword());
+        LoginResponse response = LoginResponse.builder()
+            .accessToken(result.getAccessToken())
+            .refreshToken(result.getRefreshToken())
+            .build();
+
+        return ResponseEntity.ok(response);
+    }
+}
diff --git a/src/main/java/com/boilerplate/core/auth/api/controller/TestController.java b/src/main/java/com/boilerplate/core/auth/api/controller/TestController.java
new file mode 100644
index 0000000..751860a
--- /dev/null
+++ b/src/main/java/com/boilerplate/core/auth/api/controller/TestController.java
@@ -0,0 +1,24 @@
+package com.boilerplate.core.auth.api.controller;
+
+import com.boilerplate.core.auth.application.userDetail.User;
+import lombok.RequiredArgsConstructor;
+import org.springframework.http.ResponseEntity;
+import org.springframework.security.core.annotation.AuthenticationPrincipal;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@RequiredArgsConstructor
+@RestController
+@RequestMapping
+public class TestController {
+
+    @GetMapping("/test")
+    public ResponseEntity<Boolean> test(
+        @AuthenticationPrincipal User user
+    ) {
+        System.out.println(user.getAccountId());
+
+        return ResponseEntity.ok(true);
+    }
+}
diff --git a/src/main/java/com/boilerplate/core/auth/api/dto/req/LoginRequest.java b/src/main/java/com/boilerplate/core/auth/api/dto/req/LoginRequest.java
new file mode 100644
index 0000000..c0bdd7b
--- /dev/null
+++ b/src/main/java/com/boilerplate/core/auth/api/dto/req/LoginRequest.java
@@ -0,0 +1,13 @@
+package com.boilerplate.core.auth.api.dto.req;
+
+import lombok.Getter;
+import lombok.Setter;
+
+@Getter
+@Setter
+public class LoginRequest {
+
+    private String loginId;
+
+    private String password;
+}
diff --git a/src/main/java/com/boilerplate/core/auth/api/dto/req/SignUpRequest.java b/src/main/java/com/boilerplate/core/auth/api/dto/req/SignUpRequest.java
new file mode 100644
index 0000000..3e59377
--- /dev/null
+++ b/src/main/java/com/boilerplate/core/auth/api/dto/req/SignUpRequest.java
@@ -0,0 +1,16 @@
+package com.boilerplate.core.auth.api.dto.req;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+
+@Builder
+@AllArgsConstructor
+@NoArgsConstructor
+@Getter
+public class SignUpRequest {
+
+    private String loginId;
+    private String password;
+}
diff --git a/src/main/java/com/boilerplate/core/auth/api/dto/res/LoginResponse.java b/src/main/java/com/boilerplate/core/auth/api/dto/res/LoginResponse.java
new file mode 100644
index 0000000..4a1e381
--- /dev/null
+++ b/src/main/java/com/boilerplate/core/auth/api/dto/res/LoginResponse.java
@@ -0,0 +1,17 @@
+package com.boilerplate.core.auth.api.dto.res;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+@Getter
+public class LoginResponse {
+
+    private String accessToken;
+
+    private String refreshToken;
+}
diff --git a/src/main/java/com/boilerplate/core/auth/api/dto/res/SignUpResponse.java b/src/main/java/com/boilerplate/core/auth/api/dto/res/SignUpResponse.java
new file mode 100644
index 0000000..09e45ea
--- /dev/null
+++ b/src/main/java/com/boilerplate/core/auth/api/dto/res/SignUpResponse.java
@@ -0,0 +1,16 @@
+package com.boilerplate.core.auth.api.dto.res;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+
+@Builder
+@Getter
+@AllArgsConstructor
+@NoArgsConstructor
+public class SignUpResponse {
+
+    private String accessToken;
+    private String refreshToken;
+}
diff --git a/src/main/java/com/boilerplate/core/auth/application/LoginUseCase.java b/src/main/java/com/boilerplate/core/auth/application/LoginUseCase.java
new file mode 100644
index 0000000..7d921cb
--- /dev/null
+++ b/src/main/java/com/boilerplate/core/auth/application/LoginUseCase.java
@@ -0,0 +1,29 @@
+package com.boilerplate.core.auth.application;
+
+import com.boilerplate.common.TokenProvider;
+import com.boilerplate.core.auth.application.dto.result.LoginResult;
+import com.boilerplate.core.auth.domain.service.AccountService;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.stereotype.Component;
+
+@Component
+@RequiredArgsConstructor
+@Slf4j
+public class LoginUseCase {
+
+    private final AccountService accountService;
+    private final TokenProvider tokenProvider;
+
+    public LoginResult execute(String loginId, String password) {
+        long accountId = accountService.login(loginId, password);
+
+        String accessToken = tokenProvider.createUserAccessToken(accountId);
+        String refreshToken = tokenProvider.createUserRefreshToken(accountId);
+
+        return LoginResult.builder()
+            .accessToken(accessToken)
+            .refreshToken(refreshToken)
+            .build();
+    }
+}
diff --git a/src/main/java/com/boilerplate/core/auth/application/RegisterUseCase.java b/src/main/java/com/boilerplate/core/auth/application/RegisterUseCase.java
new file mode 100644
index 0000000..f8f9e77
--- /dev/null
+++ b/src/main/java/com/boilerplate/core/auth/application/RegisterUseCase.java
@@ -0,0 +1,40 @@
+package com.boilerplate.core.auth.application;
+
+import com.boilerplate.common.TokenProvider;
+import com.boilerplate.core.auth.application.dto.command.RegisterUseCaseCommand;
+import com.boilerplate.core.auth.application.dto.result.RegisterUseCaseResult;
+import com.boilerplate.core.auth.domain.service.AccountService;
+import com.boilerplate.core.exception.auth.ExistLoginIdException;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.stereotype.Component;
+
+@RequiredArgsConstructor
+@Component
+@Slf4j
+public final class RegisterUseCase {
+
+    private final AccountService accountService;
+    private final TokenProvider tokenProvider;
+
+    public RegisterUseCaseResult execute(RegisterUseCaseCommand command) {
+        String loginId = command.getLoginId();
+
+        boolean isExistLoginId = accountService.isExistLoginId(loginId);
+
+        if (isExistLoginId) {
+            throw new ExistLoginIdException(loginId);
+        }
+
+        long accountId = accountService.register(loginId, command.getPassword());
+        String accessToken = tokenProvider.createUserAccessToken(accountId);
+        String refreshToken = tokenProvider.createUserRefreshToken(accountId);
+
+        return RegisterUseCaseResult.builder()
+            .accessToken(accessToken)
+            .refreshToken(refreshToken)
+            .build();
+    }
+
+
+}
diff --git a/src/main/java/com/boilerplate/core/auth/application/dto/command/RegisterUseCaseCommand.java b/src/main/java/com/boilerplate/core/auth/application/dto/command/RegisterUseCaseCommand.java
new file mode 100644
index 0000000..9e2e11f
--- /dev/null
+++ b/src/main/java/com/boilerplate/core/auth/application/dto/command/RegisterUseCaseCommand.java
@@ -0,0 +1,17 @@
+package com.boilerplate.core.auth.application.dto.command;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+
+@Builder
+@AllArgsConstructor
+@NoArgsConstructor
+@Getter
+public class RegisterUseCaseCommand {
+
+    private String loginId;
+
+    private String password;
+}
diff --git a/src/main/java/com/boilerplate/core/auth/application/dto/result/LoginResult.java b/src/main/java/com/boilerplate/core/auth/application/dto/result/LoginResult.java
new file mode 100644
index 0000000..e28afa8
--- /dev/null
+++ b/src/main/java/com/boilerplate/core/auth/application/dto/result/LoginResult.java
@@ -0,0 +1,16 @@
+package com.boilerplate.core.auth.application.dto.result;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+
+@Builder
+@AllArgsConstructor
+@NoArgsConstructor
+@Getter
+public class LoginResult {
+
+    private String accessToken;
+    private String refreshToken;
+}
diff --git a/src/main/java/com/boilerplate/core/auth/application/dto/result/RegisterUseCaseResult.java b/src/main/java/com/boilerplate/core/auth/application/dto/result/RegisterUseCaseResult.java
new file mode 100644
index 0000000..5ca3dec
--- /dev/null
+++ b/src/main/java/com/boilerplate/core/auth/application/dto/result/RegisterUseCaseResult.java
@@ -0,0 +1,17 @@
+package com.boilerplate.core.auth.application.dto.result;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+
+@Builder
+@AllArgsConstructor
+@NoArgsConstructor
+@Getter
+public class RegisterUseCaseResult {
+
+    private String accessToken;
+
+    private String refreshToken;
+}
diff --git a/src/main/java/com/boilerplate/core/auth/application/userDetail/User.java b/src/main/java/com/boilerplate/core/auth/application/userDetail/User.java
new file mode 100644
index 0000000..5911ff6
--- /dev/null
+++ b/src/main/java/com/boilerplate/core/auth/application/userDetail/User.java
@@ -0,0 +1,66 @@
+package com.boilerplate.core.auth.application.userDetail;
+
+import java.io.Serial;
+import java.util.Collection;
+import java.util.List;
+import java.util.Objects;
+import java.util.stream.Collectors;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+
+public final class User implements UserDetails {
+    public static final List<String> roles = List.of("USER");
+
+    private static final List<SimpleGrantedAuthority> authorities = roles.stream()
+        .map(SimpleGrantedAuthority::new).collect(Collectors.toList());
+    @Serial
+    private static final long serialVersionUID = 0L;
+    private final Long accountId;
+
+    public User(Long accountId) {
+        this.accountId = accountId;
+    }
+
+    @Override
+    public Collection<? extends GrantedAuthority> getAuthorities() {
+        return authorities;
+    }
+
+    @Override
+    public String getPassword() {
+        return null;
+    }
+
+    public Long getAccountId() {
+        return accountId;
+    }
+
+    @Override
+    public String getUsername() {
+        return null;
+    }
+
+    @Override
+    public boolean equals(Object obj) {
+        if (obj == this) {
+            return true;
+        }
+        if (obj == null || obj.getClass() != this.getClass()) {
+            return false;
+        }
+        var that = (User) obj;
+        return Objects.equals(this.accountId, that.accountId);
+    }
+
+    @Override
+    public int hashCode() {
+        return Objects.hash(accountId);
+    }
+
+    @Override
+    public String toString() {
+        return "User[" + "accountId=" + accountId + ']';
+    }
+
+}
\ No newline at end of file
diff --git a/src/main/java/com/boilerplate/core/auth/application/userDetail/UserDetailService.java b/src/main/java/com/boilerplate/core/auth/application/userDetail/UserDetailService.java
new file mode 100644
index 0000000..5accbae
--- /dev/null
+++ b/src/main/java/com/boilerplate/core/auth/application/userDetail/UserDetailService.java
@@ -0,0 +1,14 @@
+package com.boilerplate.core.auth.application.userDetail;
+
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.stereotype.Service;
+
+@Service
+public class UserDetailService implements UserDetailsService {
+    @Override
+    public UserDetails loadUserByUsername(String accountId) throws UsernameNotFoundException {
+        return new User(Long.valueOf(accountId));
+    }
+}
diff --git a/src/main/java/com/boilerplate/core/auth/domain/entity/Account.java b/src/main/java/com/boilerplate/core/auth/domain/entity/Account.java
new file mode 100644
index 0000000..ccbfabd
--- /dev/null
+++ b/src/main/java/com/boilerplate/core/auth/domain/entity/Account.java
@@ -0,0 +1,40 @@
+package com.boilerplate.core.auth.domain.entity;
+
+import jakarta.persistence.Entity;
+import jakarta.persistence.GeneratedValue;
+import jakarta.persistence.GenerationType;
+import jakarta.persistence.Id;
+import java.time.LocalDateTime;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.ToString;
+import org.springframework.data.annotation.LastModifiedDate;
+
+@Entity
+@AllArgsConstructor
+@NoArgsConstructor
+@Builder
+@Getter
+@ToString
+public class Account {
+
+    @Id
+    @GeneratedValue(strategy = GenerationType.IDENTITY)
+    private Long id;
+
+    private String loginId;
+    private String passwordHash;
+    private String name;
+
+    @Builder.Default
+    private LocalDateTime createdAt = LocalDateTime.now();
+
+    @Builder.Default
+    @LastModifiedDate
+    private LocalDateTime updatedAt = LocalDateTime.now();
+
+    @Builder.Default
+    private Boolean deleted = false;
+}
diff --git a/src/main/java/com/boilerplate/core/auth/domain/repository/AccountQueryRepository.java b/src/main/java/com/boilerplate/core/auth/domain/repository/AccountQueryRepository.java
new file mode 100644
index 0000000..bdae5e6
--- /dev/null
+++ b/src/main/java/com/boilerplate/core/auth/domain/repository/AccountQueryRepository.java
@@ -0,0 +1,4 @@
+package com.boilerplate.core.auth.domain.repository;
+
+public interface AccountQueryRepository {
+}
diff --git a/src/main/java/com/boilerplate/core/auth/domain/repository/AccountRepository.java b/src/main/java/com/boilerplate/core/auth/domain/repository/AccountRepository.java
new file mode 100644
index 0000000..8833087
--- /dev/null
+++ b/src/main/java/com/boilerplate/core/auth/domain/repository/AccountRepository.java
@@ -0,0 +1,11 @@
+package com.boilerplate.core.auth.domain.repository;
+
+import com.boilerplate.core.auth.domain.entity.Account;
+import java.util.Optional;
+import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.stereotype.Repository;
+
+@Repository
+public interface AccountRepository extends JpaRepository<Account, Long> {
+    Optional<Account> findByLoginId(String loginId);
+}
diff --git a/src/main/java/com/boilerplate/core/auth/domain/service/AccountService.java b/src/main/java/com/boilerplate/core/auth/domain/service/AccountService.java
new file mode 100644
index 0000000..2297ed0
--- /dev/null
+++ b/src/main/java/com/boilerplate/core/auth/domain/service/AccountService.java
@@ -0,0 +1,59 @@
+package com.boilerplate.core.auth.domain.service;
+
+import com.boilerplate.core.auth.domain.entity.Account;
+import com.boilerplate.core.auth.domain.repository.AccountRepository;
+import com.boilerplate.core.exception.auth.InvalidCredentialsException;
+import com.boilerplate.core.exception.common.NotExistEntityException;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
+@Service
+@RequiredArgsConstructor
+@Slf4j
+public class AccountService {
+
+    private final AccountRepository accountRepository;
+    private final PasswordEncoder passwordEncoder;
+
+    @Transactional
+    public long register(String loginId, String password) {
+        log.info("회원 등록: {}", loginId);
+
+        String hashedPassword = passwordEncoder.encode(password);
+
+        Account account = Account.builder()
+            .loginId(loginId)
+            .name("임시 이름")
+            .passwordHash(hashedPassword)
+            .build();
+
+        log.info("account: {}", account);
+
+        accountRepository.save(account);
+
+        return account.getId();
+    }
+
+    public boolean isExistLoginId(String loginId) {
+        log.info("로그인 아이디 존재 여부 조회");
+
+        return accountRepository.findByLoginId(loginId).isPresent();
+    }
+
+    public long login(String loginId, String password) {
+        log.info("로그인");
+
+        Account account = accountRepository.findByLoginId(loginId)
+            .orElseThrow(() -> new NotExistEntityException(Account.class.getName()));
+
+        if (!passwordEncoder.matches(password, account.getPasswordHash())) {
+            throw new InvalidCredentialsException();
+        }
+
+        return account.getId();
+
+    }
+}
diff --git a/src/main/java/com/boilerplate/core/auth/infra/repository/AccountQueryDslRepository.java b/src/main/java/com/boilerplate/core/auth/infra/repository/AccountQueryDslRepository.java
new file mode 100644
index 0000000..cb3e013
--- /dev/null
+++ b/src/main/java/com/boilerplate/core/auth/infra/repository/AccountQueryDslRepository.java
@@ -0,0 +1,11 @@
+package com.boilerplate.core.auth.infra.repository;
+
+import com.boilerplate.core.auth.domain.repository.AccountQueryRepository;
+import com.querydsl.jpa.impl.JPAQueryFactory;
+import lombok.RequiredArgsConstructor;
+
+@RequiredArgsConstructor
+public class AccountQueryDslRepository implements AccountQueryRepository {
+
+    private final JPAQueryFactory queryFactory;
+}
diff --git a/src/main/java/com/boilerplate/core/exception/auth/ExistLoginIdException.java b/src/main/java/com/boilerplate/core/exception/auth/ExistLoginIdException.java
new file mode 100644
index 0000000..905849d
--- /dev/null
+++ b/src/main/java/com/boilerplate/core/exception/auth/ExistLoginIdException.java
@@ -0,0 +1,19 @@
+package com.boilerplate.core.exception.auth;
+
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ProblemDetail;
+import org.springframework.web.ErrorResponseException;
+
+public class ExistLoginIdException extends ErrorResponseException {
+
+    public ExistLoginIdException(String loginId) {
+        super(
+            HttpStatus.CONFLICT,
+            ProblemDetail.forStatusAndDetail(
+                HttpStatus.CONFLICT,
+                "이미 존재하는 loginId 입니다: " + loginId
+            ),
+            null
+        );
+    }
+}
\ No newline at end of file
diff --git a/src/main/java/com/boilerplate/core/exception/auth/InvalidCredentialsException.java b/src/main/java/com/boilerplate/core/exception/auth/InvalidCredentialsException.java
new file mode 100644
index 0000000..5c853f7
--- /dev/null
+++ b/src/main/java/com/boilerplate/core/exception/auth/InvalidCredentialsException.java
@@ -0,0 +1,19 @@
+package com.boilerplate.core.exception.auth;
+
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ProblemDetail;
+import org.springframework.web.ErrorResponseException;
+
+public class InvalidCredentialsException extends ErrorResponseException {
+
+    public InvalidCredentialsException() {
+        super(
+            HttpStatus.UNAUTHORIZED,
+            ProblemDetail.forStatusAndDetail(
+                HttpStatus.UNAUTHORIZED,
+                "아이디 또는 비밀번호가 올바르지 않습니다."
+            ),
+            null
+        );
+    }
+}
\ No newline at end of file
diff --git a/src/main/java/com/boilerplate/core/exception/common/NotExistEntityException.java b/src/main/java/com/boilerplate/core/exception/common/NotExistEntityException.java
new file mode 100644
index 0000000..4d565f4
--- /dev/null
+++ b/src/main/java/com/boilerplate/core/exception/common/NotExistEntityException.java
@@ -0,0 +1,19 @@
+package com.boilerplate.core.exception.common;
+
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ProblemDetail;
+import org.springframework.web.ErrorResponseException;
+
+public class NotExistEntityException extends ErrorResponseException {
+
+    public NotExistEntityException(String entityName) {
+        super(
+            HttpStatus.NOT_FOUND,
+            ProblemDetail.forStatusAndDetail(
+                HttpStatus.NOT_FOUND,
+                "존재하지 않는 엔티티: " + entityName
+            ),
+            null
+        );
+    }
+}
\ No newline at end of file
diff --git a/src/main/resources/config/application-local.yaml b/src/main/resources/config/application-local.yaml
new file mode 100644
index 0000000..9adaa7c
--- /dev/null
+++ b/src/main/resources/config/application-local.yaml
@@ -0,0 +1,27 @@
+spring:
+  datasource:
+    url: jdbc:mysql://localhost:3306/db?useSSL=false&allowPublicKeyRetrieval=true&serverTimezone=Asia/Seoul
+    username: root
+    password: root
+    driver-class-name: com.mysql.cj.jdbc.Driver
+
+logging:
+  level:
+    org:
+      hibernate:
+        SQL: debug
+        orm:
+          jdbc:
+            bind: trace
+
+token:
+  secret: randomkeygen=com/randomkeygen=com/randomkeygen=com/randomkeygen=com/randomkeygen=com/
+  issuer: localhost
+  lifetime:
+    access-token: 365d
+    refresh-token: 365d
+
+storage:
+  bucket: "audio-dev"
+  access-key: "corpi"
+  secret-key: "corpi7589"
diff --git a/src/main/resources/config/application.yaml b/src/main/resources/config/application.yaml
new file mode 100644
index 0000000..f0511d6
--- /dev/null
+++ b/src/main/resources/config/application.yaml
@@ -0,0 +1,21 @@
+spring:
+  application:
+    name: boilerplate
+
+  jpa:
+    hibernate:
+      ddl-auto: validate
+    show-sql: false
+    properties:
+      hibernate:
+        format_sql: true
+#        dialect: org.hibernate.dialect.MySQL8Dialect
+
+  liquibase:
+    change-log: classpath:/db/master.yaml
+    enabled: true
+
+#logging:
+#  level:
+#    org.hibernate.SQL: null
+#    org.hibernate.type: trace
diff --git a/src/main/resources/db/changelog/changelog.yaml b/src/main/resources/db/changelog/changelog.yaml
new file mode 100644
index 0000000..2df8ee4
--- /dev/null
+++ b/src/main/resources/db/changelog/changelog.yaml
@@ -0,0 +1,3 @@
+databaseChangeLog:
+  - include:
+      file: db/sql/account/1_create_account.sql
\ No newline at end of file
diff --git a/src/main/resources/db/master.yaml b/src/main/resources/db/master.yaml
new file mode 100644
index 0000000..e6f819e
--- /dev/null
+++ b/src/main/resources/db/master.yaml
@@ -0,0 +1,3 @@
+databaseChangeLog:
+  - include:
+      file: db/changelog/changelog.yaml
\ No newline at end of file
diff --git a/src/main/resources/db/sql/account/1_create_account.sql b/src/main/resources/db/sql/account/1_create_account.sql
new file mode 100644
index 0000000..e69de29
diff --git a/src/test/java/com/boilerplate/ApplicationTests.java b/src/test/java/com/boilerplate/ApplicationTests.java
new file mode 100644
index 0000000..d4c870b
--- /dev/null
+++ b/src/test/java/com/boilerplate/ApplicationTests.java
@@ -0,0 +1,13 @@
+package com.boilerplate;
+
+import org.junit.jupiter.api.Test;
+import org.springframework.boot.test.context.SpringBootTest;
+
+@SpringBootTest
+class ApplicationTests {
+
+	@Test
+	void contextLoads() {
+	}
+
+}