From 1e852671f372038f91e2761aedc9676fd4a57b6c Mon Sep 17 00:00:00 2001
From: icurfer <icurfer@gmail.com>
Date: Sun, 28 Sep 2025 23:37:42 +0900
Subject: [PATCH] change RS256 algorithm

---
 .gitignore           |  1 +
 Dockerfile           |  2 +-
 README.md            | 11 +++++++++++
 blog_prj/settings.py | 21 +++++++++++++++++++++
 version              |  2 +-
 5 files changed, 35 insertions(+), 2 deletions(-)

diff --git a/.gitignore b/.gitignore
index 307d311..c464c52 100644
--- a/.gitignore
+++ b/.gitignore
@@ -162,3 +162,4 @@ cython_debug/
 #  option (not recommended) you can uncomment the following to ignore the entire idea folder.
 #.idea/
 
+keys
\ No newline at end of file
diff --git a/Dockerfile b/Dockerfile
index 243e20b..c81bf04 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,5 +1,5 @@
 # pull official base image
-FROM python:3.10-slim-buster
+FROM python:3.10-slim-bullseye
 
 # set work directory
 WORKDIR /usr/src/app
diff --git a/README.md b/README.md
index 8c1e861..89ce890 100644
--- a/README.md
+++ b/README.md
@@ -1,2 +1,13 @@
 # msa-django-blog
 
+## dev run server
+
+```bash
+python3 manage.py runserver 0.0.0.0:8800
+```
+
+### blog
+
+```bash
+gunicorn auth_prj.wsgi:application --bind 0.0.0.0:8800 --workers 3
+```
\ No newline at end of file
diff --git a/blog_prj/settings.py b/blog_prj/settings.py
index af3acf5..d2cb847 100644
--- a/blog_prj/settings.py
+++ b/blog_prj/settings.py
@@ -13,6 +13,7 @@ https://docs.djangoproject.com/en/4.2/ref/settings/
 import os
 from dotenv import load_dotenv
 from pathlib import Path
+from datetime import timedelta
 import sys
 
 LOGGING = {
@@ -183,6 +184,26 @@ TEMPLATES = [
 
 WSGI_APPLICATION = 'blog_prj.wsgi.application'
 
+# JWT 설정
+# https://django-rest-framework-simplejwt.readthedocs.io/en/latest/settings.html
+# istio jwt token check 
+ISTIO_JWT = os.environ.get("ISTIO_JWT", "0") == "1"
+
+if ISTIO_JWT:
+    # RS256 모드 
+    # 운영환경에서 key파일은 POD mount로 적용하는게 안전
+    with open(BASE_DIR / "keys/private.pem", "r") as f:
+        PRIVATE_KEY = f.read()
+    with open(BASE_DIR / "keys/public.pem", "r") as f:
+        PUBLIC_KEY = f.read()
+
+    SIMPLE_JWT = {
+        "ALGORITHM": "RS256",
+        "VERIFYING_KEY": PUBLIC_KEY,
+        "ISSUER": "msa-user",
+        "ACCESS_TOKEN_LIFETIME": timedelta(minutes=30),  
+        "REFRESH_TOKEN_LIFETIME": timedelta(days=1),
+    }
 
 # Database
 # https://docs.djangoproject.com/en/4.2/ref/settings/#databases
diff --git a/version b/version
index 64360a1..254a9f2 100644
--- a/version
+++ b/version
@@ -1 +1 @@
-0.0.5-r1
\ No newline at end of file
+v0.0.6
\ No newline at end of file