diff --git a/build.gradle b/build.gradle
index 2339281..b8ca311 100644
--- a/build.gradle
+++ b/build.gradle
@@ -20,14 +20,23 @@ repositories {
 
 dependencies {
 	implementation 'org.springframework.boot:spring-boot-starter-web'
-//	implementation 'org.springframework.boot:spring-boot-starter-jdbc'
-	testImplementation 'org.springframework.boot:spring-boot-starter-test'
 	implementation "org.springframework.boot:spring-boot-starter-validation"
-	testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
 	implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
-	testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
+	implementation 'io.jsonwebtoken:jjwt-api:0.12.3'
+	implementation 'org.springframework.security:spring-security-crypto'
+	implementation 'org.projectlombok:lombok'
+
 	runtimeOnly 'com.mysql:mysql-connector-j'
+	runtimeOnly 'io.jsonwebtoken:jjwt-impl:0.12.3'
+	runtimeOnly 'io.jsonwebtoken:jjwt-jackson:0.12.3'
+
+	testImplementation 'org.springframework.boot:spring-boot-starter-test'
+	testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
+	testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
+
 	developmentOnly 'org.springframework.boot:spring-boot-docker-compose'
+
+	annotationProcessor 'org.projectlombok:lombok'
 }
 
 tasks.named('test') {
diff --git a/src/main/java/com/example/devSns/GlobalExceptionHandler.java b/src/main/java/com/example/devSns/GlobalExceptionHandler.java
index 3c6f280..c84f44c 100644
--- a/src/main/java/com/example/devSns/GlobalExceptionHandler.java
+++ b/src/main/java/com/example/devSns/GlobalExceptionHandler.java
@@ -2,14 +2,13 @@
 
 
 import com.example.devSns.dto.ErrorDto;
-import com.example.devSns.exception.InvalidRequestException;
-import com.example.devSns.exception.NotFoundException;
-import com.example.devSns.exception.RequestConflictException;
+import com.example.devSns.exception.*;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.HttpRequestMethodNotSupportedException;
 import org.springframework.web.bind.MethodArgumentNotValidException;
+import org.springframework.web.bind.MissingRequestCookieException;
 import org.springframework.web.bind.annotation.ExceptionHandler;
 import org.springframework.web.bind.annotation.RestControllerAdvice;
 import org.springframework.web.client.HttpClientErrorException;
@@ -49,6 +48,17 @@ public ResponseEntity<ErrorDto> handleRequestConflictException(RequestConflictEx
         return ResponseEntity.status(409).body(new ErrorDto(e.getMessage()));
     }
 
+    @ExceptionHandler(UnauthorizedException.class)
+    public ResponseEntity<ErrorDto> handleUnauthorizedException(UnauthorizedException e) {
+        return ResponseEntity.status(401).body(new ErrorDto(e.getMessage()));
+    }
+
+    @ExceptionHandler(ForbiddenException.class)
+    public ResponseEntity<ErrorDto> handleForbiddenException(ForbiddenException e) {
+        return ResponseEntity.status(403).body(new ErrorDto(e.getMessage()));
+    }
+
+
     @ExceptionHandler(NoResourceFoundException.class)
     public ResponseEntity<ErrorDto> handleNoResource(NoResourceFoundException e) {
         // 필요하면 logger.debug로만 남기기
@@ -61,6 +71,11 @@ public ResponseEntity<ErrorDto> handleHttpRequestMethodNotSupportedException(Htt
         return ResponseEntity.status(404).body(new ErrorDto("Not Found"));
     }
 
+    @ExceptionHandler(MissingRequestCookieException.class)
+    public ResponseEntity<ErrorDto> handleMissingRequestCookieException(MissingRequestCookieException e) {
+        return ResponseEntity.status(400).body(new ErrorDto("Invalid Request"));
+    }
+
     @ExceptionHandler(Exception.class)
     public ResponseEntity<ErrorDto> handleException(Exception e) {
 
diff --git a/src/main/java/com/example/devSns/annotation/LoginUser.java b/src/main/java/com/example/devSns/annotation/LoginUser.java
new file mode 100644
index 0000000..5dac7e4
--- /dev/null
+++ b/src/main/java/com/example/devSns/annotation/LoginUser.java
@@ -0,0 +1,11 @@
+package com.example.devSns.annotation;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+@Target(ElementType.PARAMETER)
+@Retention(RetentionPolicy.RUNTIME)
+public @interface LoginUser {
+}
diff --git a/src/main/java/com/example/devSns/config/WebConfig.java b/src/main/java/com/example/devSns/config/WebConfig.java
new file mode 100644
index 0000000..7be85c7
--- /dev/null
+++ b/src/main/java/com/example/devSns/config/WebConfig.java
@@ -0,0 +1,54 @@
+package com.example.devSns.config;
+
+import com.example.devSns.interceptor.JwtInterceptor;
+import com.example.devSns.resolver.LoginUserArgumentResolver;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpMethod;
+import org.springframework.web.method.support.HandlerMethodArgumentResolver;
+import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+import java.util.List;
+import java.util.Set;
+
+@Configuration
+public class WebConfig implements WebMvcConfigurer {
+    private final JwtInterceptor jwtInterceptor;
+    private final LoginUserArgumentResolver loginUserArgumentResolver;
+
+    public WebConfig(JwtInterceptor jwtInterceptor, LoginUserArgumentResolver loginUserArgumentResolver) {
+        this.loginUserArgumentResolver = loginUserArgumentResolver;
+        this.jwtInterceptor = jwtInterceptor;
+    }
+
+    @Override
+    public void addInterceptors(InterceptorRegistry registry) {
+        jwtInterceptor.setMethodAllows("/posts", Set.of(HttpMethod.GET));
+        jwtInterceptor.setMethodAllows("/posts/{postId}/comments", Set.of(HttpMethod.GET));
+        jwtInterceptor.setMethodAllows("/members", Set.of(HttpMethod.POST));
+        jwtInterceptor.setMethodAllows("/", Set.of(HttpMethod.GET));
+
+        registry.addInterceptor(jwtInterceptor)
+                .addPathPatterns("/**")
+                .excludePathPatterns(
+                        "/auth/login",
+                        "/auth/logout",
+                        "/auth",
+                        "/",
+                        "/index.html",
+                        "/favicon.ico",
+                        "/error",
+                        "/static/**",
+                        "/css/**",
+                        "/js/**",
+                        "/images/**"
+
+                );
+
+    }
+
+    @Override
+    public void addArgumentResolvers(List<HandlerMethodArgumentResolver> resolvers) {
+        resolvers.add(loginUserArgumentResolver);
+    }
+}
diff --git a/src/main/java/com/example/devSns/controller/AuthController.java b/src/main/java/com/example/devSns/controller/AuthController.java
new file mode 100644
index 0000000..b750eec
--- /dev/null
+++ b/src/main/java/com/example/devSns/controller/AuthController.java
@@ -0,0 +1,57 @@
+package com.example.devSns.controller;
+
+import com.example.devSns.dto.GenericDataDto;
+import com.example.devSns.dto.auth.AuthResponseDto;
+import com.example.devSns.dto.auth.LoginDto;
+import com.example.devSns.service.AuthService;
+import com.example.devSns.util.JwtUtil;
+import jakarta.validation.Valid;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseCookie;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.*;
+
+@RestController
+@RequestMapping("/auth")
+public class AuthController {
+    private final AuthService authService;
+    private final JwtUtil jwtUtil;
+
+    public AuthController(AuthService authService, JwtUtil jwtUtil) {
+        this.authService = authService;
+        this.jwtUtil = jwtUtil;
+    }
+
+    @PostMapping("/login")
+    public ResponseEntity<GenericDataDto<String>> login(@RequestBody @Valid LoginDto loginDto) {
+        AuthResponseDto authResponse = authService.login(loginDto);
+        ResponseCookie cookie = ResponseCookie
+                .from("refresh_token", authResponse.refreshToken())
+                .httpOnly(true)
+                .secure(false) // 개발환경
+                .sameSite("Strict")
+                .path("/auth")
+                .maxAge(jwtUtil.getRefreshExpiration())
+                .build();
+
+        return ResponseEntity.ok()
+                .header(HttpHeaders.SET_COOKIE, cookie.toString())
+                .body(new GenericDataDto<>(authResponse.accessToken()));
+    }
+
+    @GetMapping("/logout")
+    public ResponseEntity<Void> logout(@CookieValue("refresh_token") String refreshToken) {
+        authService.logout(refreshToken);
+        return ResponseEntity.noContent().build();
+    }
+
+
+    @GetMapping
+    public ResponseEntity<GenericDataDto<String>> reAuthByRefreshToken(@CookieValue("refresh_token") String refreshToken) {
+        GenericDataDto<String> accessToken = authService.reAuth(refreshToken);
+        return ResponseEntity.ok().body(accessToken);
+    }
+
+
+}
diff --git a/src/main/java/com/example/devSns/controller/CommentController.java b/src/main/java/com/example/devSns/controller/CommentController.java
index 011f491..ddc32d6 100644
--- a/src/main/java/com/example/devSns/controller/CommentController.java
+++ b/src/main/java/com/example/devSns/controller/CommentController.java
@@ -1,9 +1,9 @@
 package com.example.devSns.controller;
 
+import com.example.devSns.annotation.LoginUser;
 import com.example.devSns.dto.GenericDataDto;
 import com.example.devSns.dto.comment.CommentCreateDto;
 import com.example.devSns.dto.comment.CommentResponseDto;
-import com.example.devSns.dto.post.PostResponseDto;
 import com.example.devSns.service.CommentService;
 import jakarta.validation.Valid;
 import jakarta.validation.constraints.Positive;
@@ -28,8 +28,8 @@ public CommentController(CommentService commentService) {
 
 
     @PostMapping
-    public ResponseEntity<GenericDataDto<Long>> create(@RequestBody @Valid CommentCreateDto commentCreateDto) {
-        Long id = commentService.create(commentCreateDto);
+    public ResponseEntity<GenericDataDto<Long>> create(@RequestBody @Valid CommentCreateDto commentCreateDto, @LoginUser Long memberId) {
+        Long id = commentService.create(commentCreateDto, memberId);
 
         URI uri = ServletUriComponentsBuilder
                 .fromCurrentRequest()
@@ -42,20 +42,21 @@ public ResponseEntity<GenericDataDto<Long>> create(@RequestBody @Valid CommentCr
 
     @GetMapping("/{id}")
     public ResponseEntity<CommentResponseDto> getOne(@PathVariable @Positive Long id) {
-        CommentResponseDto comment = commentService.findOne(id);
+        CommentResponseDto comment = commentService.findCommentById(id);
         return ResponseEntity.ok().body(comment);
     }
 
     @DeleteMapping("/{id}")
-    public ResponseEntity<Void> delete(@PathVariable @Positive Long id) {
-        commentService.delete(id);
+    public ResponseEntity<Void> delete(@PathVariable @Positive Long id, @LoginUser Long memberId) {
+        commentService.delete(id, memberId);
         return ResponseEntity.noContent().build();
     }
 
     @PatchMapping("/{id}/contents")
     public ResponseEntity<CommentResponseDto> contents(@PathVariable @Positive Long id,
-                                                       @RequestBody @Valid GenericDataDto<String> contentsDto) {
-        CommentResponseDto comment = commentService.updateContent(id, contentsDto);
+                                                       @RequestBody @Valid GenericDataDto<String> contentsDto,
+                                                       @LoginUser Long memberId) {
+        CommentResponseDto comment = commentService.updateContent(id, contentsDto, memberId);
         return ResponseEntity.ok().body(comment);
     }
 
diff --git a/src/main/java/com/example/devSns/controller/FollowsController.java b/src/main/java/com/example/devSns/controller/FollowsController.java
deleted file mode 100644
index 9b5ce05..0000000
--- a/src/main/java/com/example/devSns/controller/FollowsController.java
+++ /dev/null
@@ -1,42 +0,0 @@
-package com.example.devSns.controller;
-
-
-import com.example.devSns.dto.GenericDataDto;
-import com.example.devSns.dto.follow.FollowRequestDto;
-import com.example.devSns.service.FollowsService;
-import jakarta.validation.Valid;
-import org.springframework.http.ResponseEntity;
-import org.springframework.web.bind.annotation.*;
-import org.springframework.web.servlet.support.ServletUriComponentsBuilder;
-
-import java.net.URI;
-
-@RestController
-@RequestMapping("/members")
-public class FollowsController {
-
-    private final FollowsService followsService;
-    public FollowsController(FollowsService followsService) {
-        this.followsService = followsService;
-    }
-
-    @PostMapping("/{id}/follower")
-    public ResponseEntity<Void> follow(@PathVariable Long id, @RequestBody @Valid GenericDataDto<Long> followerIdDto) {
-        Long followId = followsService.follow(new FollowRequestDto(id, followerIdDto.data()));
-
-        URI uri = ServletUriComponentsBuilder
-                .fromCurrentRequest()
-                .path("/{id}")
-                .buildAndExpand(followId)
-                .toUri();
-
-        return ResponseEntity.created(uri).build();
-    }
-
-    @DeleteMapping("/{id}/follower")
-    public ResponseEntity<Void> unfollow(@PathVariable Long id, @RequestBody @Valid GenericDataDto<Long> followerIdDto) {
-        followsService.unfollow(new FollowRequestDto(id, followerIdDto.data()));
-        return ResponseEntity.noContent().build();
-    }
-
-}
diff --git a/src/main/java/com/example/devSns/controller/LikeController.java b/src/main/java/com/example/devSns/controller/LikeController.java
index d6750a6..66bee5f 100644
--- a/src/main/java/com/example/devSns/controller/LikeController.java
+++ b/src/main/java/com/example/devSns/controller/LikeController.java
@@ -1,6 +1,7 @@
 package com.example.devSns.controller;
 
 
+import com.example.devSns.annotation.LoginUser;
 import com.example.devSns.dto.GenericDataDto;
 import com.example.devSns.dto.likes.LikesRequestDto;
 import com.example.devSns.dto.member.MemberResponseDto;
@@ -8,6 +9,7 @@
 import com.example.devSns.service.LikesService;
 import jakarta.validation.Valid;
 import jakarta.validation.constraints.Positive;
+import lombok.extern.java.Log;
 import org.springframework.data.domain.Pageable;
 import org.springframework.data.domain.Slice;
 import org.springframework.data.domain.Sort;
@@ -23,14 +25,14 @@ public LikeController(LikesService<T> likeService) {
     }
 
     @PostMapping("/{id}/likes")
-    public ResponseEntity<Void> like(@PathVariable @Positive Long id, @RequestBody @Valid GenericDataDto<Long> memberIdDto) {
-        likeService.like(new LikesRequestDto(id, memberIdDto.data()));
+    public ResponseEntity<Void> like(@PathVariable @Positive Long id, @LoginUser Long memberId) {
+        likeService.like(new LikesRequestDto(id, memberId));
         return ResponseEntity.noContent().build();
     }
 
     @DeleteMapping("/{id}/likes")
-    public ResponseEntity<Void> unlike(@PathVariable @Positive Long id, @RequestBody @Valid GenericDataDto<Long> memberIdDto) {
-        likeService.unlike(new LikesRequestDto(id, memberIdDto.data()));
+    public ResponseEntity<Void> unlike(@PathVariable @Positive Long id, @LoginUser Long memberId) {
+        likeService.unlike(new LikesRequestDto(id, memberId));
         return ResponseEntity.noContent().build();
     }
 
diff --git a/src/main/java/com/example/devSns/controller/MemberController.java b/src/main/java/com/example/devSns/controller/MemberController.java
index 3c10ba1..0120494 100644
--- a/src/main/java/com/example/devSns/controller/MemberController.java
+++ b/src/main/java/com/example/devSns/controller/MemberController.java
@@ -1,8 +1,12 @@
 package com.example.devSns.controller;
 
+import com.example.devSns.annotation.LoginUser;
 import com.example.devSns.dto.GenericDataDto;
+import com.example.devSns.dto.follow.FollowRequestDto;
+import com.example.devSns.dto.follow.FollowsResponseDto;
 import com.example.devSns.dto.member.MemberCreateDto;
 import com.example.devSns.dto.member.MemberResponseDto;
+import com.example.devSns.service.FollowsService;
 import com.example.devSns.service.MemberService;
 import jakarta.validation.Valid;
 import jakarta.validation.constraints.NotEmpty;
@@ -22,8 +26,10 @@
 public class MemberController {
 
     private final MemberService memberService;
-    public MemberController(MemberService memberService) {
+    private final FollowsService followsService;
+    public MemberController(MemberService memberService, FollowsService followsService) {
         this.memberService = memberService;
+        this.followsService = followsService;
     }
 
     @PostMapping
@@ -60,6 +66,12 @@ public ResponseEntity<Slice<MemberResponseDto>> getMembersByNickname(
     }
 
 
+    @GetMapping("/{followingId}/follower/{followerId}")
+    public ResponseEntity<FollowsResponseDto> getFollows(@PathVariable Long followingId, @PathVariable Long followerId) {
+        FollowsResponseDto follows = followsService.findFollows(new FollowRequestDto(followerId, followingId));
+        return ResponseEntity.ok(follows);
+    }
+
     @GetMapping("/{id}/follower")
     public ResponseEntity<Slice<MemberResponseDto>> getFollowers(
             @PageableDefault(
@@ -70,10 +82,12 @@ public ResponseEntity<Slice<MemberResponseDto>> getFollowers(
             Pageable pageable,
             @PathVariable Long id
     ) {
-        Slice<MemberResponseDto> members = memberService.findFollowers(pageable, id);
+        Slice<MemberResponseDto> members = followsService.findFollowers(pageable, id);
         return ResponseEntity.ok(members);
     }
 
+
+
     @GetMapping("/{id}/following")
     public ResponseEntity<Slice<MemberResponseDto>> getFollowing(
             @PageableDefault(
@@ -84,7 +98,26 @@ public ResponseEntity<Slice<MemberResponseDto>> getFollowing(
             Pageable pageable,
             @PathVariable Long id
     ) {
-        Slice<MemberResponseDto> members = memberService.findFollowing(pageable, id);
+        Slice<MemberResponseDto> members = followsService.findFollowing(pageable, id);
         return ResponseEntity.ok(members);
     }
+
+    @PostMapping("/{id}/follower")
+    public ResponseEntity<Void> follow(@PathVariable Long id, @LoginUser Long memberId) {
+        Long followId = followsService.follow(new FollowRequestDto(memberId, id));
+
+        URI uri = ServletUriComponentsBuilder
+                .fromCurrentRequest()
+                .path("/{followerId}")
+                .buildAndExpand(memberId)
+                .toUri();
+
+        return ResponseEntity.created(uri).build();
+    }
+
+    @DeleteMapping("/{id}/follower")
+    public ResponseEntity<Void> unfollow(@PathVariable Long id, @LoginUser Long memberId) {
+        followsService.unfollow(new FollowRequestDto(memberId, id));
+        return ResponseEntity.noContent().build();
+    }
 }
diff --git a/src/main/java/com/example/devSns/controller/PostController.java b/src/main/java/com/example/devSns/controller/PostController.java
index 904a62c..4f949c3 100644
--- a/src/main/java/com/example/devSns/controller/PostController.java
+++ b/src/main/java/com/example/devSns/controller/PostController.java
@@ -1,10 +1,9 @@
 package com.example.devSns.controller;
 
+import com.example.devSns.annotation.LoginUser;
 import com.example.devSns.dto.GenericDataDto;
-import com.example.devSns.dto.likes.LikesRequestDto;
 import com.example.devSns.dto.post.PostCreateDto;
 import com.example.devSns.dto.post.PostResponseDto;
-import com.example.devSns.service.PostLikesService;
 import com.example.devSns.service.PostService;
 import jakarta.annotation.Nullable;
 import jakarta.validation.Valid;
@@ -30,8 +29,10 @@ public PostController(PostService postService) {
     }
 
     @PostMapping
-    public ResponseEntity<GenericDataDto<Long>> create(@RequestBody @Valid PostCreateDto postCreateDto) {
-        Long id = postService.create(postCreateDto);
+    public ResponseEntity<GenericDataDto<Long>> create(
+            @RequestBody @Valid PostCreateDto postCreateDto, @LoginUser Long memberId
+    ) {
+        Long id = postService.create(postCreateDto, memberId);
 
         URI uri = ServletUriComponentsBuilder
                 .fromCurrentRequest()
@@ -44,13 +45,13 @@ public ResponseEntity<GenericDataDto<Long>> create(@RequestBody @Valid PostCreat
 
     @GetMapping("/{id}")
     public ResponseEntity<PostResponseDto> getOne(@PathVariable @Positive Long id) {
-        PostResponseDto post = postService.findOne(id);
+        PostResponseDto post = postService.findPostById(id);
         return ResponseEntity.ok().body(post);
     }
 
     @DeleteMapping("/{id}")
-    public ResponseEntity<Void> delete(@PathVariable @Positive Long id) {
-        postService.delete(id);
+    public ResponseEntity<Void> delete(@PathVariable @Positive Long id, @LoginUser Long memberId) {
+        postService.delete(id, memberId);
         return ResponseEntity.noContent().build();
     }
 
@@ -74,9 +75,9 @@ public ResponseEntity<Slice<PostResponseDto>> getAsPaginated(
 
     @PatchMapping("/{id}/contents")
     public ResponseEntity<PostResponseDto> contents(
-            @PathVariable @Positive Long id, @RequestBody @Valid GenericDataDto<String> contentsDto) {
+            @PathVariable @Positive Long id, @RequestBody @Valid GenericDataDto<String> contentsDto, @LoginUser Long memberId) {
 
-        PostResponseDto post = postService.updateContent(id, contentsDto);
+        PostResponseDto post = postService.updateContent(id, contentsDto, memberId);
         return ResponseEntity.ok().body(post);
     }
 
diff --git a/src/main/java/com/example/devSns/domain/BaseLikeEntity.java b/src/main/java/com/example/devSns/domain/BaseLikeEntity.java
index b8e2349..ddc46f0 100644
--- a/src/main/java/com/example/devSns/domain/BaseLikeEntity.java
+++ b/src/main/java/com/example/devSns/domain/BaseLikeEntity.java
@@ -3,7 +3,7 @@
 import jakarta.persistence.*;
 
 @MappedSuperclass
-public abstract class BaseLikeEntity extends BaseTimeEntity{
+public abstract class BaseLikeEntity extends BaseTimeEntity implements OwnableEntity{
 
     @Id
     @GeneratedValue(strategy = GenerationType.IDENTITY)
diff --git a/src/main/java/com/example/devSns/domain/Comment.java b/src/main/java/com/example/devSns/domain/Comment.java
index 88354e4..77c3dad 100644
--- a/src/main/java/com/example/devSns/domain/Comment.java
+++ b/src/main/java/com/example/devSns/domain/Comment.java
@@ -14,7 +14,7 @@
 
 @Entity
 @Table(name="comments")
-public class Comment extends BaseTimeEntity{
+public class Comment extends BaseTimeEntity implements OwnableEntity {
 
     @Id
     @GeneratedValue(strategy = GenerationType.IDENTITY)
diff --git a/src/main/java/com/example/devSns/domain/Follows.java b/src/main/java/com/example/devSns/domain/Follows.java
index 3efe33c..c5b222e 100644
--- a/src/main/java/com/example/devSns/domain/Follows.java
+++ b/src/main/java/com/example/devSns/domain/Follows.java
@@ -26,4 +26,12 @@ public Follows(Member follower, Member following) {
     public Long getId() {
         return id;
     }
+
+    public Member getFollower() {
+        return follower;
+    }
+
+    public Member getFollowing() {
+        return following;
+    }
 }
diff --git a/src/main/java/com/example/devSns/domain/Member.java b/src/main/java/com/example/devSns/domain/Member.java
index d607cd9..a395fd8 100644
--- a/src/main/java/com/example/devSns/domain/Member.java
+++ b/src/main/java/com/example/devSns/domain/Member.java
@@ -2,6 +2,7 @@
 
 import jakarta.persistence.*;
 
+import java.util.ArrayList;
 import java.util.List;
 
 @Entity
@@ -11,6 +12,12 @@ public class Member extends BaseTimeEntity {
     @GeneratedValue(strategy = GenerationType.IDENTITY)
     private Long id;
 
+    @Column(name="email", nullable = false, unique = true)
+    private String email;
+    
+    @Column(name="password", nullable = false)
+    private String password;
+    
     @Column(name = "nickname", nullable = false, unique = true)
     private String nickname;
 
@@ -29,12 +36,20 @@ public class Member extends BaseTimeEntity {
     @OneToMany(fetch = FetchType.LAZY, mappedBy = "member", cascade = CascadeType.ALL)
     private List<PostLikes> postLikes;
 
+    @OneToMany(fetch = FetchType.LAZY, mappedBy = "member", cascade = CascadeType.ALL)
+    private List<CommentLikes> commentLikes;
+
+    @OneToMany(fetch = FetchType.LAZY, mappedBy = "member", cascade = CascadeType.ALL, orphanRemoval = true)
+    private List<RefreshTokens> refreshTokens = new ArrayList<>();
+
     @Version
     private Long version;
 
     public Member() {}
-    public Member(String nickname) {
+    public Member(String nickname, String email, String passwordHash) {
         this.nickname = nickname;
+        this.email = email;
+        this.password = passwordHash;
     }
 
     public Long getId() {
@@ -44,5 +59,17 @@ public Long getId() {
     public String getNickname() {
         return nickname;
     }
+    
+    public String getEmail() {
+        return email;
+    }
+    
+    public String getPassword() {
+        return password;
+    }
+
+    public void addRefreshToken(RefreshTokens refreshToken) {
+        refreshTokens.add(refreshToken);
+    }
 
 }
diff --git a/src/main/java/com/example/devSns/domain/OwnableEntity.java b/src/main/java/com/example/devSns/domain/OwnableEntity.java
new file mode 100644
index 0000000..1482ae7
--- /dev/null
+++ b/src/main/java/com/example/devSns/domain/OwnableEntity.java
@@ -0,0 +1,11 @@
+package com.example.devSns.domain;
+
+
+public interface OwnableEntity {
+
+    default boolean checkOwnership(Long memberId) {
+        return getMember().getId().equals(memberId);
+    }
+
+    Member getMember();
+}
diff --git a/src/main/java/com/example/devSns/domain/Post.java b/src/main/java/com/example/devSns/domain/Post.java
index 0b71e32..5f3ebbc 100644
--- a/src/main/java/com/example/devSns/domain/Post.java
+++ b/src/main/java/com/example/devSns/domain/Post.java
@@ -8,7 +8,7 @@
 
 @Entity
 @Table(name = "posts")
-public class Post extends BaseTimeEntity{
+public class Post extends BaseTimeEntity implements OwnableEntity {
 
     @Id
     @GeneratedValue(strategy = GenerationType.IDENTITY)
diff --git a/src/main/java/com/example/devSns/domain/RefreshTokens.java b/src/main/java/com/example/devSns/domain/RefreshTokens.java
new file mode 100644
index 0000000..c529285
--- /dev/null
+++ b/src/main/java/com/example/devSns/domain/RefreshTokens.java
@@ -0,0 +1,53 @@
+package com.example.devSns.domain;
+
+import jakarta.persistence.*;
+
+import java.time.LocalDateTime;
+import java.util.Base64;
+
+@Entity
+@Table(name = "refresh_tokens")
+public class RefreshTokens {
+
+    @Id
+    @Column(columnDefinition = "BINARY(32)")
+    private byte []id;
+
+    @Column(name = "valid_until", nullable = false)
+    private LocalDateTime validUntil;
+
+    @Column(name = "valid", nullable = false)
+    private Boolean valid = true;
+
+    @ManyToOne(fetch = FetchType.LAZY)
+    @JoinColumn(name = "member_id")
+    private Member member;
+
+    public RefreshTokens() {}
+    public RefreshTokens(byte []id, LocalDateTime validUntil, Member member) {
+        this.id = id;
+        this.validUntil = validUntil;
+        this.member = member;
+    }
+
+    public void disable() {
+        this.valid = false;
+    }
+
+    public boolean isValidToken() {
+        return (this.valid) && (this.validUntil.isAfter(LocalDateTime.now()));
+    }
+
+    public void setMember(Member member) {
+        this.member = member;
+    }
+
+    public Member getMember() {
+        return this.member;
+    }
+
+    public byte[] getTokenHash() {
+        return id;
+    }
+
+}
diff --git a/src/main/java/com/example/devSns/dto/GenericPairDto.java b/src/main/java/com/example/devSns/dto/GenericPairDto.java
new file mode 100644
index 0000000..d8a5825
--- /dev/null
+++ b/src/main/java/com/example/devSns/dto/GenericPairDto.java
@@ -0,0 +1,4 @@
+package com.example.devSns.dto;
+
+public record GenericPairDto<T1, T2>(T1 first, T2 second) {
+}
diff --git a/src/main/java/com/example/devSns/dto/auth/AuthResponseDto.java b/src/main/java/com/example/devSns/dto/auth/AuthResponseDto.java
new file mode 100644
index 0000000..3f8235a
--- /dev/null
+++ b/src/main/java/com/example/devSns/dto/auth/AuthResponseDto.java
@@ -0,0 +1,9 @@
+package com.example.devSns.dto.auth;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+
+public record AuthResponseDto(
+        @JsonProperty("access_token") String accessToken,
+        @JsonProperty("refresh_token") String refreshToken
+) {
+}
diff --git a/src/main/java/com/example/devSns/dto/auth/LoginDto.java b/src/main/java/com/example/devSns/dto/auth/LoginDto.java
new file mode 100644
index 0000000..0f9877a
--- /dev/null
+++ b/src/main/java/com/example/devSns/dto/auth/LoginDto.java
@@ -0,0 +1,12 @@
+package com.example.devSns.dto.auth;
+
+import jakarta.validation.constraints.Email;
+import jakarta.validation.constraints.NotBlank;
+import jakarta.validation.constraints.NotNull;
+import jakarta.validation.constraints.Size;
+
+public record LoginDto(
+        @NotNull @Email String email,
+        @NotBlank @Size(min = 6, max = 20) String password
+) {
+}
diff --git a/src/main/java/com/example/devSns/dto/comment/CommentCreateDto.java b/src/main/java/com/example/devSns/dto/comment/CommentCreateDto.java
index 71eedd0..71266de 100644
--- a/src/main/java/com/example/devSns/dto/comment/CommentCreateDto.java
+++ b/src/main/java/com/example/devSns/dto/comment/CommentCreateDto.java
@@ -7,7 +7,6 @@
 
 public record CommentCreateDto(
         @NotNull @JsonProperty("post_id") Long postId,
-        @NotNull @JsonProperty("member_id") Long memberId,
         @NotEmpty String content
         ) {
 }
diff --git a/src/main/java/com/example/devSns/dto/comment/CommentResponseDto.java b/src/main/java/com/example/devSns/dto/comment/CommentResponseDto.java
index 41f0b30..e77ba44 100644
--- a/src/main/java/com/example/devSns/dto/comment/CommentResponseDto.java
+++ b/src/main/java/com/example/devSns/dto/comment/CommentResponseDto.java
@@ -12,6 +12,7 @@ public record CommentResponseDto(
     Long id,
     @JsonProperty("post_id") Long postId,
     String content,
+    @JsonProperty("user_id") Long userId,
     @JsonProperty("user_name") String userName,
     @JsonProperty("like_count") Long likeCount,
     @JsonProperty("created_at") LocalDateTime createdAt,
@@ -23,6 +24,7 @@ public static CommentResponseDto from(Comment comment) {
                 comment.getId(),
                 comment.getPost().getId(),
                 comment.getContent(),
+                comment.getMember().getId(),
                 comment.getMember().getNickname(),
                 comment.getCommentLikes().stream().count(),
                 comment.getCreatedAt(),
diff --git a/src/main/java/com/example/devSns/dto/follow/FollowsDto.java b/src/main/java/com/example/devSns/dto/follow/FollowsDto.java
new file mode 100644
index 0000000..af8da35
--- /dev/null
+++ b/src/main/java/com/example/devSns/dto/follow/FollowsDto.java
@@ -0,0 +1,5 @@
+package com.example.devSns.dto.follow;
+
+import com.example.devSns.domain.Member;
+
+public record FollowsDto(Member follower, Member following) {}
diff --git a/src/main/java/com/example/devSns/dto/follow/FollowsResponseDto.java b/src/main/java/com/example/devSns/dto/follow/FollowsResponseDto.java
new file mode 100644
index 0000000..2f6928a
--- /dev/null
+++ b/src/main/java/com/example/devSns/dto/follow/FollowsResponseDto.java
@@ -0,0 +1,9 @@
+package com.example.devSns.dto.follow;
+
+import com.example.devSns.dto.member.MemberResponseDto;
+
+public record FollowsResponseDto(
+        MemberResponseDto follower,
+        MemberResponseDto following
+) {
+}
diff --git a/src/main/java/com/example/devSns/dto/member/MemberCreateDto.java b/src/main/java/com/example/devSns/dto/member/MemberCreateDto.java
index d9ea0d8..c5b06f4 100644
--- a/src/main/java/com/example/devSns/dto/member/MemberCreateDto.java
+++ b/src/main/java/com/example/devSns/dto/member/MemberCreateDto.java
@@ -1,8 +1,12 @@
 package com.example.devSns.dto.member;
 
+import jakarta.validation.constraints.Email;
 import jakarta.validation.constraints.NotBlank;
+import jakarta.validation.constraints.Size;
 
 public record MemberCreateDto(
-    @NotBlank String nickname
+    @NotBlank String nickname,
+    @NotBlank @Email String email,
+    @NotBlank @Size(min = 6, max = 20) String password
 ) {
 }
diff --git a/src/main/java/com/example/devSns/dto/post/PostCreateDto.java b/src/main/java/com/example/devSns/dto/post/PostCreateDto.java
index ceabd06..da15d0d 100644
--- a/src/main/java/com/example/devSns/dto/post/PostCreateDto.java
+++ b/src/main/java/com/example/devSns/dto/post/PostCreateDto.java
@@ -6,7 +6,6 @@
 import jakarta.validation.constraints.NotNull;
 
 public record PostCreateDto(
-        @NotNull @NotEmpty String content,
-        @NotNull @JsonProperty("member_id") Long memberId
+        @NotNull @NotEmpty String content
 ) {
 }
diff --git a/src/main/java/com/example/devSns/dto/post/PostResponseDto.java b/src/main/java/com/example/devSns/dto/post/PostResponseDto.java
index dd45323..6ff709e 100644
--- a/src/main/java/com/example/devSns/dto/post/PostResponseDto.java
+++ b/src/main/java/com/example/devSns/dto/post/PostResponseDto.java
@@ -15,6 +15,7 @@
 public record PostResponseDto(
         Long id,
         String content,
+        @JsonProperty("user_id") Long userId,
         @JsonProperty("user_name") String userName,
         @JsonProperty("like_count") Long likeCount,
         @JsonProperty("created_at") LocalDateTime createdAt,
@@ -28,11 +29,12 @@ public static PostResponseDto from(Post post) {
         return new PostResponseDto(
                 post.getId(),
                 post.getContent(),
+                post.getMember().getId(),
                 post.getMember().getNickname(),
-                post.getPostLikes().stream().count(),
+                post.getPostLikes() == null ? 0L : post.getPostLikes().stream().count(),
                 post.getCreatedAt(),
                 post.getUpdatedAt(),
-                post.getComments().stream().count()
+                post.getComments() == null ? 0L : post.getComments().stream().count()
         );
     }
 }
diff --git a/src/main/java/com/example/devSns/exception/ForbiddenException.java b/src/main/java/com/example/devSns/exception/ForbiddenException.java
new file mode 100644
index 0000000..b7297da
--- /dev/null
+++ b/src/main/java/com/example/devSns/exception/ForbiddenException.java
@@ -0,0 +1,7 @@
+package com.example.devSns.exception;
+
+public class ForbiddenException extends RuntimeException {
+    public ForbiddenException(String message) {
+        super(message);
+    }
+}
diff --git a/src/main/java/com/example/devSns/exception/UnauthorizedException.java b/src/main/java/com/example/devSns/exception/UnauthorizedException.java
new file mode 100644
index 0000000..c8e37c0
--- /dev/null
+++ b/src/main/java/com/example/devSns/exception/UnauthorizedException.java
@@ -0,0 +1,7 @@
+package com.example.devSns.exception;
+
+public class UnauthorizedException extends RuntimeException {
+    public UnauthorizedException(String message) {
+        super(message);
+    }
+}
diff --git a/src/main/java/com/example/devSns/interceptor/JwtInterceptor.java b/src/main/java/com/example/devSns/interceptor/JwtInterceptor.java
new file mode 100644
index 0000000..9d4bf2d
--- /dev/null
+++ b/src/main/java/com/example/devSns/interceptor/JwtInterceptor.java
@@ -0,0 +1,80 @@
+package com.example.devSns.interceptor;
+
+import com.example.devSns.dto.GenericPairDto;
+import com.example.devSns.exception.NotFoundException;
+import com.example.devSns.util.JwtUtil;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import org.springframework.http.HttpMethod;
+import org.springframework.stereotype.Component;
+import org.springframework.web.cors.CorsUtils;
+import org.springframework.web.servlet.HandlerInterceptor;
+import org.springframework.web.servlet.HandlerMapping;
+import lombok.extern.slf4j.Slf4j;
+
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Set;
+
+
+@Slf4j
+@Component
+public class JwtInterceptor implements HandlerInterceptor {
+
+    private final JwtUtil jwtUtil;
+    private final Map<String, Set<HttpMethod>> allowedMethods;
+
+
+    public JwtInterceptor(JwtUtil jwtUtil) {
+        this.jwtUtil = jwtUtil;
+        this.allowedMethods = new HashMap<>();
+    }
+
+    public void setMethodAllows(String url, Set<HttpMethod> allowedHttpMethods) {
+        allowedMethods.put(url, allowedHttpMethods);
+    }
+
+    private boolean checkMethodAllows(String url, HttpMethod httpMethod) {
+        return allowedMethods.containsKey(url) && allowedMethods.get(url).contains(httpMethod);
+    }
+
+    @Override
+    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
+        if (CorsUtils.isPreFlightRequest(request)) {
+            return true;
+        }
+        String pattern = (String) request.getAttribute(HandlerMapping.BEST_MATCHING_PATTERN_ATTRIBUTE);
+
+        if (pattern == null) {
+            return false;
+        }
+
+        if (checkMethodAllows(pattern, HttpMethod.valueOf(request.getMethod()))) {
+            return true;
+        }
+
+        String authHeader = request.getHeader("Authorization");
+        log.info("Authorization header: {}", authHeader);
+        if (authHeader == null || !authHeader.startsWith("Bearer ")) {
+            response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+            response.getWriter().write("Unauthorized");
+            return false;
+        }
+
+        // "Bearer " 제거
+        String token = authHeader.substring(7);
+
+        if (!jwtUtil.validateToken(token)) {
+            response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+            response.getWriter().write("Unauthorized");
+            return false;
+        }
+
+        Long userId = jwtUtil.getUserIdFromToken(token);
+        request.setAttribute("userId", userId);
+
+        return true;
+    }
+
+}
diff --git a/src/main/java/com/example/devSns/repository/CommentRepository.java b/src/main/java/com/example/devSns/repository/CommentRepository.java
index 467fbd3..6b23afe 100644
--- a/src/main/java/com/example/devSns/repository/CommentRepository.java
+++ b/src/main/java/com/example/devSns/repository/CommentRepository.java
@@ -27,6 +27,7 @@ public interface CommentRepository extends JpaRepository<Comment, Long> {
             c.id,
             c.post.id,
             c.content,
+            m.id,
             m.nickname,
             (select count(*) as likes from CommentLikes cl where c = cl.comment),
             c.createdAt,
@@ -44,6 +45,7 @@ public interface CommentRepository extends JpaRepository<Comment, Long> {
             c.id,
             c.post.id,
             c.content,
+            m.id,
             m.nickname,
             (select count(*) as likes from CommentLikes cl where c = cl.comment),
             c.createdAt,
diff --git a/src/main/java/com/example/devSns/repository/FollowsRepository.java b/src/main/java/com/example/devSns/repository/FollowsRepository.java
index 7f3e955..147a7dd 100644
--- a/src/main/java/com/example/devSns/repository/FollowsRepository.java
+++ b/src/main/java/com/example/devSns/repository/FollowsRepository.java
@@ -2,8 +2,34 @@
 
 import com.example.devSns.domain.Follows;
 import com.example.devSns.domain.Member;
+import com.example.devSns.dto.member.MemberResponseDto;
+import org.springframework.data.domain.Pageable;
+import org.springframework.data.domain.Slice;
 import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.data.jpa.repository.Query;
+
+import java.util.Optional;
 
 public interface FollowsRepository extends JpaRepository<Follows, Long> {
-    Follows findByFollowerAndFollowing(Member follower, Member following);
+    Optional<Follows> findByFollowerAndFollowing(Member follower, Member following);
+    Optional<Follows> findByFollowerIdAndFollowingId(Long followerId, Long followingId);
+
+
+    @Query("""
+        SELECT new com.example.devSns.dto.member.MemberResponseDto(
+            f.follower.id, f.follower.nickname
+        )
+        FROM Follows f
+        WHERE f.following.id = :id
+    """)
+    Slice<MemberResponseDto> findFollowersOf(Long id, Pageable pageable);
+
+    @Query("""
+        SELECT new com.example.devSns.dto.member.MemberResponseDto(
+            f.following.id, f.following.nickname
+        )
+        FROM Follows f
+        WHERE f.follower.id = :id
+    """)
+    Slice<MemberResponseDto> findFollowingsOf(Long id, Pageable pageable);
 }
diff --git a/src/main/java/com/example/devSns/repository/MemberRepository.java b/src/main/java/com/example/devSns/repository/MemberRepository.java
index 52e045b..2e14081 100644
--- a/src/main/java/com/example/devSns/repository/MemberRepository.java
+++ b/src/main/java/com/example/devSns/repository/MemberRepository.java
@@ -7,28 +7,15 @@
 import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.data.jpa.repository.Query;
 
+import javax.swing.text.html.Option;
 import java.util.List;
 import java.util.Optional;
 
 public interface MemberRepository extends JpaRepository<Member, Long> {
+    Optional<Member> findByEmail(String email);
+
     Slice<Member> findMembersByNickname(String nickname, Pageable pageable);
     List<Member> findMembersByIdIn(List<Long> id);
 
-    @Query("""
-        SELECT new com.example.devSns.dto.member.MemberResponseDto(
-            f.follower.id, f.follower.nickname
-        )
-        FROM Follows f
-        WHERE f.following.id = :id
-    """)
-    Slice<MemberResponseDto> findFollowings(Long id, Pageable pageable);
 
-    @Query("""
-        SELECT new com.example.devSns.dto.member.MemberResponseDto(
-            f.following.id, f.following.nickname
-        )
-        FROM Follows f
-        WHERE f.follower.id = :id
-    """)
-    Slice<MemberResponseDto> findFollowers(Long id, Pageable pageable);
 }
diff --git a/src/main/java/com/example/devSns/repository/PostRepository.java b/src/main/java/com/example/devSns/repository/PostRepository.java
index 7abfab6..38b3a3f 100644
--- a/src/main/java/com/example/devSns/repository/PostRepository.java
+++ b/src/main/java/com/example/devSns/repository/PostRepository.java
@@ -24,6 +24,7 @@ public interface PostRepository extends JpaRepository<Post, Long> {
         SELECT NEW com.example.devSns.dto.post.PostResponseDto(
             p.id,
             p.content,
+            m.id,
             m.nickname,
             (select count(*) as likes from PostLikes pl where p = pl.post),
             p.createdAt,
@@ -39,6 +40,7 @@ public interface PostRepository extends JpaRepository<Post, Long> {
     SELECT NEW com.example.devSns.dto.post.PostResponseDto(
             p.id,
             p.content,
+            m.id,
             m.nickname,
             (select count(*) as likes from PostLikes pl where p = pl.post),
             p.createdAt,
diff --git a/src/main/java/com/example/devSns/repository/RefreshTokensRepository.java b/src/main/java/com/example/devSns/repository/RefreshTokensRepository.java
new file mode 100644
index 0000000..066c8c5
--- /dev/null
+++ b/src/main/java/com/example/devSns/repository/RefreshTokensRepository.java
@@ -0,0 +1,9 @@
+package com.example.devSns.repository;
+
+import com.example.devSns.domain.RefreshTokens;
+import org.springframework.data.jpa.repository.JpaRepository;
+
+public interface RefreshTokensRepository extends JpaRepository<RefreshTokens, byte[]> {
+
+
+}
diff --git a/src/main/java/com/example/devSns/resolver/LoginUserArgumentResolver.java b/src/main/java/com/example/devSns/resolver/LoginUserArgumentResolver.java
new file mode 100644
index 0000000..b2db2c6
--- /dev/null
+++ b/src/main/java/com/example/devSns/resolver/LoginUserArgumentResolver.java
@@ -0,0 +1,30 @@
+package com.example.devSns.resolver;
+
+import com.example.devSns.annotation.LoginUser;
+import org.springframework.core.MethodParameter;
+import org.springframework.lang.NonNullApi;
+import org.springframework.stereotype.Component;
+import org.springframework.web.bind.support.WebDataBinderFactory;
+import org.springframework.web.context.request.NativeWebRequest;
+import org.springframework.web.context.request.RequestAttributes;
+import org.springframework.web.method.support.HandlerMethodArgumentResolver;
+import org.springframework.web.method.support.ModelAndViewContainer;
+
+@Component
+public class LoginUserArgumentResolver implements HandlerMethodArgumentResolver {
+
+    @Override
+    public boolean supportsParameter(MethodParameter parameter) {
+        boolean hasLoginAnnotation = parameter.hasParameterAnnotation(LoginUser.class);
+
+        boolean hasLongType = Long.class.isAssignableFrom(parameter.getParameterType());
+
+        return hasLoginAnnotation && hasLongType;
+    }
+
+    @Override
+    public Object resolveArgument( MethodParameter parameter, ModelAndViewContainer mavContainer,
+                                  NativeWebRequest webRequest, WebDataBinderFactory binderFactory) throws Exception {
+        return webRequest.getAttribute("userId", RequestAttributes.SCOPE_REQUEST);
+    }
+}
diff --git a/src/main/java/com/example/devSns/service/AuthService.java b/src/main/java/com/example/devSns/service/AuthService.java
new file mode 100644
index 0000000..94b0b3a
--- /dev/null
+++ b/src/main/java/com/example/devSns/service/AuthService.java
@@ -0,0 +1,86 @@
+package com.example.devSns.service;
+
+import com.example.devSns.domain.Member;
+import com.example.devSns.domain.RefreshTokens;
+import com.example.devSns.dto.GenericDataDto;
+import com.example.devSns.dto.auth.AuthResponseDto;
+import com.example.devSns.dto.auth.LoginDto;
+import com.example.devSns.exception.NotFoundException;
+import com.example.devSns.exception.UnauthorizedException;
+import com.example.devSns.repository.MemberRepository;
+import com.example.devSns.repository.RefreshTokensRepository;
+import com.example.devSns.util.JwtUtil;
+import org.springframework.security.crypto.bcrypt.BCrypt;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
+import java.time.LocalDate;
+import java.time.LocalDateTime;
+import java.util.Base64;
+
+import static java.util.Base64.getDecoder;
+
+
+@Service
+@Transactional(readOnly = true)
+public class AuthService {
+    private final JwtUtil jwtUtil;
+    private final MemberRepository memberRepository;
+    private final RefreshTokensRepository refreshTokensRepository;
+
+    public AuthService(JwtUtil jwtUtil, MemberRepository memberRepository, RefreshTokensRepository refreshTokensRepository) {
+        this.jwtUtil = jwtUtil;
+        this.memberRepository = memberRepository;
+        this.refreshTokensRepository = refreshTokensRepository;
+    }
+
+    @Transactional
+    public AuthResponseDto login(LoginDto loginDto) {
+        Member member = memberRepository.findByEmail(loginDto.email())
+                .orElseThrow(()->new NotFoundException("Invalid email or password"));
+
+        String hashedPassword = member.getPassword();
+        if (BCrypt.checkpw(loginDto.password(), hashedPassword)) {
+            String accessToken = jwtUtil.generateAccessToken(member.getId());
+            byte[] rawRefreshToken = jwtUtil.generateRefreshToken();
+            byte[] hashedRefreshToken = jwtUtil.hashToken(rawRefreshToken);
+
+            RefreshTokens refreshToken = new RefreshTokens(hashedRefreshToken,
+                    LocalDateTime.now().plusSeconds(jwtUtil.getRefreshExpiration()),
+                    member
+            );
+            refreshTokensRepository.save(refreshToken);
+
+            return new AuthResponseDto(accessToken, Base64.getEncoder().encodeToString(rawRefreshToken));
+        }
+        else throw new NotFoundException("Invalid email or password");
+    }
+
+    @Transactional
+    public void logout(String refreshToken) {
+        byte[] rawToken =  Base64.getDecoder().decode(refreshToken);
+        byte[] hashedToken = jwtUtil.hashToken(rawToken);
+        RefreshTokens refreshTokens = refreshTokensRepository.findById(hashedToken)
+                .orElseThrow(()->new IllegalStateException("Logout Failed"));
+
+        refreshTokens.disable();
+    }
+
+    public GenericDataDto<String> reAuth(String refreshToken) {
+        byte[] rawToken =  Base64.getDecoder().decode(refreshToken);
+        byte[] hashedToken = jwtUtil.hashToken(rawToken);
+
+        RefreshTokens refreshTokens = refreshTokensRepository.findById(hashedToken)
+                .orElseThrow(()->new UnauthorizedException("Unauthorized"));
+
+        if (!refreshTokens.isValidToken()) {
+            throw new UnauthorizedException("Unauthorized");
+        }
+
+        Member targetMember = refreshTokens.getMember();
+        String accessToken = jwtUtil.generateAccessToken(targetMember.getId());
+
+        return new GenericDataDto<>(accessToken);
+    }
+
+}
diff --git a/src/main/java/com/example/devSns/service/CommentService.java b/src/main/java/com/example/devSns/service/CommentService.java
index b277ac4..dd51bc2 100644
--- a/src/main/java/com/example/devSns/service/CommentService.java
+++ b/src/main/java/com/example/devSns/service/CommentService.java
@@ -7,7 +7,7 @@
 import com.example.devSns.dto.PaginatedDto;
 import com.example.devSns.dto.comment.CommentCreateDto;
 import com.example.devSns.dto.comment.CommentResponseDto;
-import com.example.devSns.dto.post.PostResponseDto;
+import com.example.devSns.exception.ForbiddenException;
 import com.example.devSns.exception.InvalidRequestException;
 import com.example.devSns.exception.NotFoundException;
 import com.example.devSns.repository.CommentRepository;
@@ -35,8 +35,9 @@ public CommentService(CommentRepository commentRepository, PostRepository postRe
     }
 
     @Transactional
-    public Long create(CommentCreateDto commentCreateDto) {
-        Member member = memberRepository.findById(commentCreateDto.memberId()).orElseThrow(() -> new NotFoundException("Member not found"));
+    public Long create(CommentCreateDto commentCreateDto, Long memberId) {
+        Member member = memberRepository.findById(memberId)
+                .orElseThrow(() -> new NotFoundException("Member not found"));
         Post post = postRepository.findById(commentCreateDto.postId())
                 .orElseThrow(()->new InvalidRequestException("Invalid Request."));
 
@@ -44,27 +45,29 @@ public Long create(CommentCreateDto commentCreateDto) {
         return commentRepository.save(comment).getId();
     }
 
-    public CommentResponseDto findOne(Long id) {
+    public CommentResponseDto findCommentById(Long id) {
         Comment comment = commentRepository.findById(id).orElseThrow(()->new NotFoundException("comment not found"));
 
         return CommentResponseDto.from(comment);
     }
 
     @Transactional
-    public void delete(Long id) {
+    public void delete(Long id, Long memberId) {
         Comment comment = commentRepository.findById(id).orElseThrow(()->new NotFoundException("comment not found"));
+        if (!comment.checkOwnership(memberId)) throw new ForbiddenException("Forbidden");
         commentRepository.delete(comment);
     }
 
     @Transactional
-    public CommentResponseDto updateContent(Long id, GenericDataDto<String> contentsDto) {
+    public CommentResponseDto updateContent(Long id, GenericDataDto<String> contentsDto, Long memberId) {
         if (contentsDto.data() == null || contentsDto.data().isEmpty())
             throw new InvalidRequestException("Invalid Request.");
 
         Comment comment = commentRepository.findById(id).orElseThrow(()->new NotFoundException("comment not found"));
+        if (!comment.checkOwnership(memberId)) throw new ForbiddenException("Forbidden");
         comment.setContent(contentsDto.data());
 
-        return findOne(id);
+        return findCommentById(id);
     }
 
     public PaginatedDto<List<CommentResponseDto>> findAsPaginated(GenericDataDto<Long> idDto, Long postId) {
diff --git a/src/main/java/com/example/devSns/service/FollowsService.java b/src/main/java/com/example/devSns/service/FollowsService.java
index bec0bf0..063e89e 100644
--- a/src/main/java/com/example/devSns/service/FollowsService.java
+++ b/src/main/java/com/example/devSns/service/FollowsService.java
@@ -4,13 +4,21 @@
 import com.example.devSns.domain.Member;
 import com.example.devSns.dto.GenericDataDto;
 import com.example.devSns.dto.follow.FollowRequestDto;
+import com.example.devSns.dto.follow.FollowsDto;
+import com.example.devSns.dto.follow.FollowsResponseDto;
+import com.example.devSns.dto.member.MemberResponseDto;
+import com.example.devSns.exception.InvalidRequestException;
 import com.example.devSns.exception.NotFoundException;
 import com.example.devSns.repository.FollowsRepository;
 import com.example.devSns.repository.MemberRepository;
+import org.springframework.data.domain.Pageable;
+import org.springframework.data.domain.Slice;
 import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
 
 
 @Service
+@Transactional(readOnly = true)
 public class FollowsService {
     private final FollowsRepository followsRepository;
     private final MemberRepository memberRepository;
@@ -20,26 +28,55 @@ public FollowsService(FollowsRepository followsRepository, MemberRepository memb
         this.memberRepository = memberRepository;
     }
 
+    public FollowsResponseDto findFollows(FollowRequestDto followRequestDto) {
+        Follows follows = followsRepository.findByFollowerIdAndFollowingId(followRequestDto.followerId(), followRequestDto.followingId())
+                .orElseThrow(()->new NotFoundException("Follows not found"));
+
+        return new FollowsResponseDto(
+                MemberResponseDto.from(follows.getFollower()),
+                MemberResponseDto.from(follows.getFollowing())
+        );
+    }
+
+    @Transactional
     public Long follow(FollowRequestDto followRequestDto) {
+        if (followRequestDto.followerId().equals(followRequestDto.followingId()))
+            throw new InvalidRequestException("You can't follow yourself");
+
         FollowsDto fd = findFollowerAndFollowing(followRequestDto);
+        boolean followExists = followsRepository.findByFollowerAndFollowing(fd.follower(), fd.following()).isPresent();
+        if (followExists) throw new InvalidRequestException("Follower already exists");
 
         Follows follows = new Follows(fd.follower(), fd.following());
         return followsRepository.save(follows).getId();
     }
 
+    @Transactional
     public void unfollow(FollowRequestDto followRequestDto) {
         FollowsDto fd = findFollowerAndFollowing(followRequestDto);
-        Follows follows = followsRepository.findByFollowerAndFollowing(fd.follower(), fd.following());
+        Follows follows = followsRepository.findByFollowerAndFollowing(fd.follower(), fd.following())
+                .orElseThrow(() -> new NotFoundException("Follower not found"));
         followsRepository.delete(follows);
     }
 
-    private record FollowsDto(Member follower, Member following) {}
+
     private FollowsDto findFollowerAndFollowing(FollowRequestDto followRequestDto) {
-        Member follower = memberRepository.findById(followRequestDto.followerId()).orElseThrow(()->new NotFoundException("Follower not found"));
-        Member following = memberRepository.findById(followRequestDto.followingId()).orElseThrow(()->new NotFoundException("Following not found"));
+        Member follower = memberRepository.findById(followRequestDto.followerId())
+                .orElseThrow(()->new NotFoundException("Follower not found"));
+        Member following = memberRepository.findById(followRequestDto.followingId())
+                .orElseThrow(()->new NotFoundException("Following not found"));
 
         return new FollowsDto(follower, following);
     }
 
+    public Slice<MemberResponseDto> findFollowers(Pageable pageable, Long memberId) {
+        return followsRepository.findFollowersOf(memberId, pageable);
+    }
+
+    public Slice<MemberResponseDto> findFollowing(Pageable pageable, Long memberId) {
+        return followsRepository.findFollowingsOf(memberId, pageable);
+    }
+
+
 
 }
diff --git a/src/main/java/com/example/devSns/service/MemberService.java b/src/main/java/com/example/devSns/service/MemberService.java
index 1eb0b6e..98e502b 100644
--- a/src/main/java/com/example/devSns/service/MemberService.java
+++ b/src/main/java/com/example/devSns/service/MemberService.java
@@ -3,10 +3,12 @@
 import com.example.devSns.domain.Member;
 import com.example.devSns.dto.member.MemberCreateDto;
 import com.example.devSns.dto.member.MemberResponseDto;
+import com.example.devSns.exception.InvalidRequestException;
 import com.example.devSns.exception.NotFoundException;
 import com.example.devSns.repository.MemberRepository;
 import org.springframework.data.domain.Pageable;
 import org.springframework.data.domain.Slice;
+import org.springframework.security.crypto.bcrypt.BCrypt;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
@@ -21,7 +23,12 @@ public MemberService(MemberRepository memberRepository) {
 
     @Transactional
     public Long create(MemberCreateDto memberCreateDto) {
-        Member member = new Member(memberCreateDto.nickname());
+        if (memberRepository.findByEmail(memberCreateDto.email()).isPresent()) {
+            throw new InvalidRequestException("Already signed up");
+        }
+
+        String passwordHash = BCrypt.hashpw(memberCreateDto.password(), BCrypt.gensalt());
+        Member member = new Member(memberCreateDto.nickname(), memberCreateDto.email(), passwordHash);
         return memberRepository.save(member).getId();
     }
 
@@ -36,13 +43,5 @@ public Slice<MemberResponseDto> findByNickname(Pageable pageable,String nickname
         return members.map(MemberResponseDto::from);
     }
 
-    public Slice<MemberResponseDto> findFollowers(Pageable pageable, Long memberId) {
-        return memberRepository.findFollowers(memberId, pageable);
-    }
-
-    public Slice<MemberResponseDto> findFollowing(Pageable pageable, Long memberId) {
-        return memberRepository.findFollowings(memberId, pageable);
-    }
-
 
 }
diff --git a/src/main/java/com/example/devSns/service/PostLikesService.java b/src/main/java/com/example/devSns/service/PostLikesService.java
index 1239bf2..a44c049 100644
--- a/src/main/java/com/example/devSns/service/PostLikesService.java
+++ b/src/main/java/com/example/devSns/service/PostLikesService.java
@@ -23,9 +23,8 @@ public class PostLikesService extends LikesService<PostLikes> {
     private final PostLikesRepository postLikesRepository;
     private final MemberRepository memberRepository;
     private final PostRepository postRepository;
-    public PostLikesService(PostLikesRepository postLikesRepository,
-                            MemberRepository memberRepository,
-                            PostRepository postRepository) {
+
+    public PostLikesService(PostLikesRepository postLikesRepository, MemberRepository memberRepository, PostRepository postRepository) {
         this.postLikesRepository = postLikesRepository;
         this.memberRepository = memberRepository;
         this.postRepository = postRepository;
diff --git a/src/main/java/com/example/devSns/service/PostService.java b/src/main/java/com/example/devSns/service/PostService.java
index edfe05d..af2abf2 100644
--- a/src/main/java/com/example/devSns/service/PostService.java
+++ b/src/main/java/com/example/devSns/service/PostService.java
@@ -5,9 +5,9 @@
 import com.example.devSns.dto.GenericDataDto;
 import com.example.devSns.dto.post.PostCreateDto;
 import com.example.devSns.dto.post.PostResponseDto;
+import com.example.devSns.exception.ForbiddenException;
 import com.example.devSns.exception.InvalidRequestException;
 import com.example.devSns.exception.NotFoundException;
-import com.example.devSns.repository.CommentRepository;
 import com.example.devSns.repository.MemberRepository;
 import com.example.devSns.repository.PostRepository;
 import org.springframework.data.domain.Pageable;
@@ -28,32 +28,35 @@ public PostService(PostRepository postRepository, MemberRepository memberReposit
     }
 
     @Transactional
-    public Long create(PostCreateDto postCreateDto) {
-        Member member = memberRepository.findById(postCreateDto.memberId()).orElseThrow(()->new NotFoundException("member not found"));
+    public Long create(PostCreateDto postCreateDto, Long memberId) {
+        Member member = memberRepository.findById(memberId)
+                .orElseThrow(()->new NotFoundException("member not found"));
         Post post = Post.create(postCreateDto.content(), member);
         return postRepository.save(post).getId();
     }
 
-    public PostResponseDto findOne(Long id) {
+    public PostResponseDto findPostById(Long id) {
         Post post = postRepository.findById(id).orElseThrow(()->new NotFoundException("post not found"));
         return PostResponseDto.from(post);
     }
 
     @Transactional
-    public void delete(Long id) {
+    public void delete(Long id, Long memberId) {
         Post post = postRepository.findById(id).orElseThrow(()->new NotFoundException("post not found"));
+        if (!post.checkOwnership(memberId)) throw new ForbiddenException("Forbidden");
         postRepository.delete(post);
     }
 
     @Transactional
-    public PostResponseDto updateContent(Long id, GenericDataDto<String> contentsDto) {
+    public PostResponseDto updateContent(Long id, GenericDataDto<String> contentsDto, Long memberId) {
         if (contentsDto.data() == null || contentsDto.data().isEmpty())
             throw new InvalidRequestException("Invalid request.");
 
         Post post = postRepository.findById(id).orElseThrow(()->new NotFoundException("post not found"));
+        if (!post.checkOwnership(memberId)) throw new ForbiddenException("Forbidden");
         post.setContent(contentsDto.data());
 
-        return findOne(id);
+        return findPostById(id);
     }
 
     public Slice<PostResponseDto> findAsSlice(Pageable pageable) {
diff --git a/src/main/java/com/example/devSns/util/JwtUtil.java b/src/main/java/com/example/devSns/util/JwtUtil.java
new file mode 100644
index 0000000..d8ca50b
--- /dev/null
+++ b/src/main/java/com/example/devSns/util/JwtUtil.java
@@ -0,0 +1,90 @@
+package com.example.devSns.util;
+
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.security.Keys;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Component;
+
+import javax.crypto.SecretKey;
+import java.nio.charset.StandardCharsets;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+import java.time.LocalDateTime;
+import java.util.Base64;
+import java.util.Date;
+
+@Component
+public class JwtUtil {
+
+    private final String SECRET;
+    private final Long EXPIRATION;
+    private final Long REFRESH_EXPIRATION;
+    private final SecureRandom secureRandom;
+
+
+    public JwtUtil(
+        @Value("${jwt.secret}") String secret,
+        @Value("${jwt.expiration}") Long expiration,
+        @Value("${jwt.refresh_expiration}") Long refresh_expiration
+    ) {
+       this.SECRET = secret;
+       this.EXPIRATION = expiration * 1000;
+       this.REFRESH_EXPIRATION = refresh_expiration ;
+       this.secureRandom = new SecureRandom();
+    }
+
+    private SecretKey getKey() {
+        return Keys.hmacShaKeyFor(SECRET.getBytes(StandardCharsets.UTF_8));
+    }
+
+    public Long getRefreshExpiration() {
+        return REFRESH_EXPIRATION;
+
+    }
+
+    public String generateAccessToken(Long userId) {
+        return Jwts.builder()
+                .subject(userId.toString())
+                .issuedAt(new Date())
+                .expiration(new Date(System.currentTimeMillis() + EXPIRATION))
+                .signWith(getKey())
+                .compact();
+    }
+
+    public byte[] generateRefreshToken() {
+        byte[] randomBytes = new byte[32];
+        secureRandom.nextBytes(randomBytes);
+        return randomBytes;
+    }
+
+    public byte[] hashToken(byte[] tokenBytes) {
+        try {
+            MessageDigest md = MessageDigest.getInstance("SHA-256");
+            return md.digest(tokenBytes); // 32바이트
+        } catch (NoSuchAlgorithmException e) {
+            throw new IllegalStateException("SHA-256 not supported", e);
+        }
+    }
+
+    public Long getUserIdFromToken(String token) {
+        return Long.valueOf(
+            Jwts.parser()
+                .verifyWith(getKey())
+                .build()
+                .parseSignedClaims(token)
+                .getPayload()
+                .getSubject()
+        );
+    }
+
+    public boolean validateToken(String token) {
+        try {
+            Jwts.parser().verifyWith(getKey()).build().parseSignedClaims(token);
+            return true;
+        } catch (Exception e) {
+            return false;
+        }
+    }
+
+}
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index b2f0ea3..c204355 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -6,4 +6,8 @@ spring.datasource.username=user
 spring.datasource.password=password
 spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
 
-spring.sql.init.mode=always
\ No newline at end of file
+spring.sql.init.mode=never
+
+jwt.secret=4bd6879e-cf49-4d59-a345-29466553cec5
+jwt.expiration=900
+jwt.refresh_expiration=86400
\ No newline at end of file
diff --git a/src/main/resources/schema.sql b/src/main/resources/schema.sql
index 841d89a..34a79cd 100644
--- a/src/main/resources/schema.sql
+++ b/src/main/resources/schema.sql
@@ -4,6 +4,7 @@ drop table if exists comments cascade;
 drop table if exists posts_likes cascade;
 drop table if exists posts cascade;
 drop table if exists member_follows cascade;
+drop table if exists refresh_tokens cascade ;
 drop table if exists members cascade;
 
 
@@ -11,11 +12,25 @@ drop table if exists members cascade;
 create table if not exists members
 (
     id         BIGINT auto_increment primary key,
-    nickname   varchar(255) not null unique,
+    email      varchar(255) not null unique,
+    password   varchar(255) not null,
+    nickname   varchar(255) not null,
     created_at TIMESTAMP not null,
     updated_at TIMESTAMP  not null,
     version BIGINT default 0
+
 );
+create index members_nickname_index on members(nickname);
+create index members_email_index on members(email);
+
+create table if not exists refresh_tokens(
+    id BINARY(32) primary key,
+    member_id BIGINT,
+    valid_until DATETIME not null,
+    valid BOOL not null default true,
+    foreign key (member_id) references members(id) on delete cascade
+);
+
 
 create table if not exists member_follows
 (
@@ -25,9 +40,12 @@ create table if not exists member_follows
     created_at TIMESTAMP  not null,
     updated_at TIMESTAMP  not null ,
     foreign key (follower_id) references members (id) on delete cascade,
-    foreign key (following_id) references members (id) on delete cascade
+    foreign key (following_id) references members (id) on delete cascade,
+    constraint u_follower_following unique (follower_id, following_id)
 );
 
+create index follower_following on member_follows (follower_id, following_id);
+
 
 create table if not exists posts
 (
diff --git a/src/main/resources/static/index.html b/src/main/resources/static/index.html
index 6a38c47..8ad85c4 100644
--- a/src/main/resources/static/index.html
+++ b/src/main/resources/static/index.html
@@ -2,12 +2,11 @@
 <html lang="ko">
 <head>
     <meta charset="utf-8" />
-    <title>devSns GUI</title>
+    <title>DevSns</title>
     <meta name="viewport" content="width=device-width,initial-scale=1" />
     <!-- TailwindCSS CDN -->
     <script src="https://cdn.tailwindcss.com"></script>
     <script>
-        // Tailwind custom config (선택)
         tailwind.config = {
             theme: {
                 extend: {
@@ -18,490 +17,695 @@
             }
         }
     </script>
+    <style>
+        ::-webkit-scrollbar { width: 6px; }
+        ::-webkit-scrollbar-track { background: #f1f5f9; }
+        ::-webkit-scrollbar-thumb { background: #cbd5e1; border-radius: 3px; }
+        ::-webkit-scrollbar-thumb:hover { background: #94a3b8; }
+        .animate-fade-in { animation: fadeIn 0.3s ease-in-out; }
+        @keyframes fadeIn { from { opacity: 0; transform: translateY(5px); } to { opacity: 1; transform: translateY(0); } }
+    </style>
 </head>
-<body class="bg-slate-50 text-slate-900">
-<!-- Header -->
-<header class="sticky top-0 z-20 bg-white/90 backdrop-blur border-b border-slate-200">
-    <div class="max-w-5xl mx-auto px-4 py-3 flex items-center gap-3">
-        <div class="h-8 w-8 rounded-lg bg-brand/10 flex items-center justify-center text-brand font-bold">SNS</div>
-        <h1 class="text-xl font-semibold">devSns</h1>
-        <div class="ml-auto">
-            <button id="refresh-feed" class="text-sm px-3 py-1.5 rounded-lg border border-slate-300 hover:bg-slate-100">새로고침</button>
+<body class="bg-slate-50 text-slate-900 font-sans">
+
+<!-- ================= AUTH SCREEN ================= -->
+<div id="auth-screen" class="fixed inset-0 z-50 bg-black/50 backdrop-blur-sm hidden flex items-center justify-center p-4">
+    <div class="bg-white p-8 rounded-2xl shadow-xl w-full max-w-md border border-slate-200 relative">
+        <button onclick="closeAuth()" class="absolute top-4 right-4 text-slate-400 hover:text-slate-600">✕</button>
+        <h1 class="text-3xl font-bold text-center mb-8 text-brand tracking-tight">DevSns</h1>
+
+        <div id="login-form" class="space-y-5">
+            <div>
+                <label class="block text-sm font-semibold text-slate-700 mb-1">이메일</label>
+                <input type="email" id="login-email" class="w-full border border-slate-300 rounded-xl px-4 py-2.5 focus:ring-2 focus:ring-brand focus:border-brand outline-none transition" placeholder="example@email.com">
+            </div>
+            <div>
+                <label class="block text-sm font-semibold text-slate-700 mb-1">비밀번호</label>
+                <input type="password" id="login-pw" class="w-full border border-slate-300 rounded-xl px-4 py-2.5 focus:ring-2 focus:ring-brand focus:border-brand outline-none transition" placeholder="******">
+            </div>
+            <button id="btn-login" class="w-full bg-brand text-white py-3 rounded-xl font-bold hover:bg-indigo-600 transition shadow-lg shadow-indigo-200">로그인</button>
+            <div class="text-center text-sm text-slate-500 mt-4">
+                계정이 없으신가요? <button class="text-brand font-semibold hover:underline" onclick="toggleAuthMode()">회원가입</button>
+            </div>
         </div>
-    </div>
-</header>
-
-<main class="max-w-5xl mx-auto px-4 py-6 space-y-6">
-    <!-- New Post -->
-    <section class="bg-white rounded-2xl border border-slate-200 shadow-sm">
-        <div class="p-4 md:p-6">
-            <h2 class="text-lg font-semibold mb-3">새 포스트</h2>
-            <div class="grid md:grid-cols-5 gap-3">
-                <input id="new-post-user" class="md:col-span-1 w-full border border-slate-300 rounded-xl px-3 py-2" placeholder="user_name" />
-                <textarea id="new-post-content" class="md:col-span-3 w-full border border-slate-300 rounded-xl px-3 py-2" rows="2" placeholder="무슨 일이 있었나요?"></textarea>
-                <button id="btn-create-post" class="md:col-span-1 w-full bg-brand text-white rounded-xl px-4 py-2 hover:bg-indigo-600">포스트</button>
+
+        <div id="signup-form" class="hidden space-y-5">
+            <div>
+                <label class="block text-sm font-semibold text-slate-700 mb-1">닉네임</label>
+                <input type="text" id="signup-nick" class="w-full border border-slate-300 rounded-xl px-4 py-2.5 focus:ring-2 focus:ring-brand focus:border-brand outline-none transition" placeholder="Display Name">
+            </div>
+            <div>
+                <label class="block text-sm font-semibold text-slate-700 mb-1">이메일</label>
+                <input type="email" id="signup-email" class="w-full border border-slate-300 rounded-xl px-4 py-2.5 focus:ring-2 focus:ring-brand focus:border-brand outline-none transition">
+            </div>
+            <div>
+                <label class="block text-sm font-semibold text-slate-700 mb-1">비밀번호 (6자 이상)</label>
+                <input type="password" id="signup-pw" class="w-full border border-slate-300 rounded-xl px-4 py-2.5 focus:ring-2 focus:ring-brand focus:border-brand outline-none transition">
+            </div>
+            <button id="btn-signup" class="w-full bg-slate-800 text-white py-3 rounded-xl font-bold hover:bg-slate-900 transition shadow-lg">가입하기</button>
+            <div class="text-center text-sm text-slate-500 mt-4">
+                이미 계정이 있으신가요? <button class="text-brand font-semibold hover:underline" onclick="toggleAuthMode()">로그인</button>
             </div>
-            <p id="post-create-msg" class="text-sm text-slate-500 mt-2"></p>
         </div>
-    </section>
-
-    <!-- Feed -->
-    <section class="bg-white rounded-2xl border border-slate-200 shadow-sm">
-        <div class="p-4 md:p-6">
-            <div class="flex items-center justify-between mb-3">
-                <h2 class="text-lg font-semibold">피드</h2>
-                <div class="text-xs text-slate-500">* 최신 15개씩 로드, 무한 스크롤/더보기</div>
+        <p id="auth-msg" class="text-center text-rose-500 text-sm mt-4 min-h-[1.25rem] font-medium"></p>
+    </div>
+</div>
+
+<!-- ================= APP SCREEN ================= -->
+<div id="app-screen" class="hidden min-h-screen pb-20">
+    <header class="sticky top-0 z-20 bg-white/80 backdrop-blur-md border-b border-slate-200">
+        <div class="max-w-2xl mx-auto px-4 py-3 flex items-center justify-between">
+            <div class="flex items-center gap-2 cursor-pointer" onclick="window.scrollTo({top:0, behavior:'smooth'})">
+                <div class="h-8 w-8 rounded-lg bg-brand text-white flex items-center justify-center font-bold shadow-md shadow-indigo-200">D</div>
+                <h1 class="text-xl font-bold tracking-tight text-slate-800">DevSns</h1>
             </div>
-            <div id="feed" class="space-y-4"></div>
-            <div id="feed-empty" class="hidden text-sm text-slate-500 text-center py-6">아직 포스트가 없어요.</div>
-            <div class="mt-4 flex justify-center">
-                <button id="btn-load-more" class="hidden px-4 py-2 rounded-xl border border-slate-300 hover:bg-slate-100">더 보기</button>
+            <div class="flex items-center gap-2">
+                <button id="btn-feed-all" class="text-xs font-medium text-slate-500 hover:text-slate-800 px-3 py-1.5 border border-slate-200 rounded-lg hover:bg-slate-50 transition">전체 피드</button>
+                <button id="btn-mypage" class="hidden text-xs font-medium text-slate-600 hover:text-slate-900 px-3 py-1.5 border border-slate-200 rounded-lg hover:bg-slate-50 transition">마이페이지</button>
+                <button id="btn-login-open" class="text-xs font-medium text-brand px-3 py-1.5 border border-indigo-100 rounded-lg hover:bg-indigo-50 transition">로그인</button>
+                <button id="btn-logout" class="hidden text-xs font-medium text-slate-500 hover:text-slate-800 px-3 py-1.5 border border-slate-200 rounded-lg hover:bg-slate-50 transition">로그아웃</button>
             </div>
         </div>
-    </section>
-</main>
-
-<!-- Post Detail / Comments Drawer -->
-<div id="drawer" class="fixed inset-0 z-30 hidden">
-    <div class="absolute inset-0 bg-black/30" id="drawer-backdrop"></div>
-    <aside class="absolute right-0 top-0 h-full w-full md:w-[560px] bg-white shadow-xl p-4 md:p-6 overflow-y-auto">
-        <div class="flex items-center justify-between">
-            <h3 class="text-lg font-semibold">포스트</h3>
-            <button id="drawer-close" class="rounded-lg px-3 py-1.5 border border-slate-300 hover:bg-slate-100">닫기</button>
+    </header>
+
+    <main class="max-w-2xl mx-auto px-4 py-6 space-y-6">
+        <!-- New Post -->
+        <section class="bg-white rounded-2xl border border-slate-200 shadow-sm p-4 transition-all focus-within:ring-2 focus-within:ring-brand/20">
+            <div class="flex gap-3">
+                <div class="h-10 w-10 rounded-full bg-slate-100 shrink-0 flex items-center justify-center text-xl shadow-inner">✍️</div>
+                <div class="flex-1 space-y-3">
+                    <textarea id="new-post-content" class="w-full border-none focus:ring-0 text-base resize-none p-2 placeholder:text-slate-400 bg-transparent" rows="2" placeholder="무슨 생각을 하고 계신가요?"></textarea>
+                    <div class="flex justify-end border-t border-slate-100 pt-3">
+                        <button id="btn-create-post" class="bg-brand text-white rounded-xl px-5 py-2 text-sm font-bold hover:bg-indigo-600 transition shadow-md shadow-indigo-100">게시하기</button>
+                    </div>
+                </div>
+            </div>
+        </section>
+
+        <!-- Feed List -->
+        <section id="feed-container" class="space-y-5"></section>
+
+        <div id="feed-loading" class="hidden text-center py-6">
+            <div class="inline-block h-8 w-8 animate-spin rounded-full border-4 border-solid border-indigo-100 border-r-brand align-[-0.125em]"></div>
         </div>
-        <article id="drawer-post" class="mt-4"></article>
+        <div id="feed-end" class="hidden text-center text-slate-400 text-sm py-8 font-medium">모든 포스트를 확인했습니다 🎉</div>
+    </main>
+</div>
 
-        <hr class="my-4">
+<!-- ================= DRAWER ================= -->
+<div id="drawer" class="fixed inset-0 z-30 hidden transition-opacity duration-300">
+    <div class="absolute inset-0 bg-black/30 backdrop-blur-sm transition-opacity" id="drawer-backdrop"></div>
+    <aside class="absolute right-0 top-0 h-full w-full md:w-[500px] bg-white shadow-2xl flex flex-col transform transition-transform duration-300 translate-x-0">
+        <div class="px-5 py-4 border-b border-slate-100 flex items-center justify-between bg-white/95 backdrop-blur z-10 sticky top-0">
+            <h3 class="font-bold text-lg text-slate-800">포스트 상세</h3>
+            <button id="drawer-close" class="text-slate-400 hover:text-slate-700 hover:bg-slate-100 rounded-full p-2 transition">
+                <svg class="w-6 h-6" fill="none" stroke="currentColor" viewBox="0 0 24 24"><path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M6 18L18 6M6 6l12 12"></path></svg>
+            </button>
+        </div>
 
-        <section>
-            <h4 class="font-semibold mb-2">댓글</h4>
-            <div id="comments" class="space-y-3"></div>
-            <div id="comments-empty" class="hidden text-sm text-slate-500 py-3">댓글이 없습니다.</div>
-            <div class="mt-3 flex justify-center">
-                <button id="btn-comments-more" class="hidden px-3 py-1.5 rounded-lg border border-slate-300 hover:bg-slate-100 text-sm">댓글 더 보기</button>
-            </div>
-        </section>
+        <div class="flex-1 overflow-y-auto p-5 space-y-6 custom-scrollbar" id="drawer-body">
+            <article id="drawer-post" class="space-y-4"></article>
+            <div class="h-px bg-slate-100 my-2"></div>
+            <section>
+                <div class="flex items-center justify-between mb-4">
+                    <h4 class="font-bold text-slate-800">댓글 <span id="drawer-comment-count" class="text-brand ml-1">0</span></h4>
+                </div>
+                <div id="comments-list" class="space-y-5"></div>
+                <button id="btn-load-more-comments" class="hidden w-full py-3 text-sm font-medium text-slate-500 hover:bg-slate-50 rounded-xl mt-2 transition">댓글 더보기</button>
+            </section>
+        </div>
 
-        <section class="mt-6">
-            <h4 class="font-semibold mb-2">댓글 쓰기</h4>
-            <div class="grid grid-cols-5 gap-2">
-                <input id="new-comment-user" class="col-span-2 border border-slate-300 rounded-xl px-3 py-2" placeholder="user_name" />
-                <input id="new-comment-content" class="col-span-3 border border-slate-300 rounded-xl px-3 py-2" placeholder="댓글 내용" />
+        <div class="p-4 border-t border-slate-100 bg-white sticky bottom-0">
+            <div class="flex gap-2 items-center bg-slate-50 rounded-xl px-4 py-2 border border-slate-200 focus-within:border-brand focus-within:ring-1 focus-within:ring-brand transition">
+                <input id="new-comment-content" class="flex-1 bg-transparent border-none focus:ring-0 text-sm py-1 placeholder:text-slate-400" placeholder="댓글을 남겨보세요..." />
+                <button id="btn-create-comment" class="text-brand font-bold text-sm px-3 py-1 hover:bg-indigo-50 rounded-lg transition disabled:opacity-50">등록</button>
             </div>
-            <div class="mt-2 flex justify-end">
-                <button id="btn-create-comment" class="bg-slate-900 text-white px-4 py-2 rounded-xl hover:bg-slate-800">등록</button>
-            </div>
-            <p id="comment-create-msg" class="text-sm text-slate-500 mt-2"></p>
-        </section>
+        </div>
     </aside>
 </div>
 
+<!-- ================= MYPAGE MODAL ================= -->
+<div id="mypage-modal" class="fixed inset-0 z-[35] hidden flex items-center justify-center p-4">
+    <div class="absolute inset-0 bg-black/40 backdrop-blur-sm" id="mypage-backdrop"></div>
+    <div class="relative bg-white rounded-2xl shadow-2xl w-full max-w-sm p-5 space-y-4 z-10">
+        <div class="flex items-center justify-between mb-2">
+            <h3 class="font-bold text-lg text-slate-900">마이페이지</h3>
+            <button id="mypage-close" class="text-slate-400 hover:text-slate-600 p-1 rounded-full hover:bg-slate-100 transition">✕</button>
+        </div>
+        <div class="border border-slate-100 rounded-xl px-4 py-3 bg-slate-50 flex items-center gap-3">
+            <div class="h-9 w-9 rounded-full bg-slate-200 flex items-center justify-center font-bold text-sm text-slate-700" id="mypage-avatar">U</div>
+            <div>
+                <div id="mypage-username" class="font-bold text-slate-900 text-sm">내 계정</div>
+                <div id="mypage-userid" class="text-[11px] text-slate-400">ID -</div>
+            </div>
+        </div>
+        <div class="space-y-2">
+            <button id="btn-my-posts" class="w-full flex items-center justify-between px-4 py-3 rounded-xl border border-slate-100 bg-white hover:bg-slate-50 transition text-sm">
+                <span>내 게시글 보기</span><span class="text-xs text-slate-400">Posts</span>
+            </button>
+            <button id="btn-my-comments" class="w-full flex items-center justify-between px-4 py-3 rounded-xl border border-slate-100 bg-white hover:bg-slate-50 transition text-sm">
+                <span>내 댓글 보기</span><span class="text-xs text-slate-400">Comments</span>
+            </button>
+            <button id="btn-my-followers" class="w-full flex items-center justify-between px-4 py-3 rounded-xl border border-slate-100 bg-white hover:bg-slate-50 transition text-sm">
+                <span>나를 팔로우하는 사람</span><span class="text-xs text-slate-400">Followers</span>
+            </button>
+            <button id="btn-my-followings" class="w-full flex items-center justify-between px-4 py-3 rounded-xl border border-slate-100 bg-white hover:bg-slate-50 transition text-sm">
+                <span>내가 팔로우하는 사람</span><span class="text-xs text-slate-400">Followings</span>
+            </button>
+        </div>
+    </div>
+</div>
+
+<!-- ================= MY COMMENTS MODAL ================= -->
+<div id="mycomments-modal" class="fixed inset-0 z-[38] hidden flex items-center justify-center p-4">
+    <div class="absolute inset-0 bg-black/40 backdrop-blur-sm" id="mycomments-backdrop"></div>
+    <div class="bg-white rounded-2xl shadow-2xl w-full max-w-lg z-50 overflow-hidden flex flex-col max-h-[80vh]">
+        <div class="px-5 py-4 border-b border-slate-100 flex justify-between items-center bg-white sticky top-0">
+            <h3 class="font-bold text-lg text-slate-800">내 댓글</h3>
+            <button id="mycomments-close" class="text-slate-400 hover:text-slate-600 p-1 rounded-full hover:bg-slate-100 transition">✕</button>
+        </div>
+        <div id="mycomments-list" class="flex-1 overflow-y-auto p-4 space-y-3 custom-scrollbar"></div>
+        <div class="p-3 border-t border-slate-100 text-center bg-white">
+            <button id="btn-mycomments-more" class="hidden text-sm text-brand font-bold py-2 w-full hover:bg-slate-50 rounded-xl transition">더 보기</button>
+        </div>
+    </div>
+</div>
+
+<!-- ================= USER LIST MODAL ================= -->
+<div id="user-modal" class="fixed inset-0 z-[40] hidden flex items-center justify-center p-4">
+    <div class="absolute inset-0 bg-black/40 backdrop-blur-sm transition-opacity" id="user-modal-backdrop"></div>
+    <div class="bg-white rounded-2xl shadow-2xl w-full max-w-sm z-50 overflow-hidden flex flex-col max-h-[70vh]">
+        <div class="px-5 py-4 border-b border-slate-100 flex justify-between items-center bg-white sticky top-0">
+            <h3 id="user-modal-title" class="font-bold text-lg text-slate-800">타이틀</h3>
+            <button id="user-modal-close" class="text-slate-400 hover:text-slate-600 p-1 rounded-full hover:bg-slate-100 transition">✕</button>
+        </div>
+        <div id="user-modal-list" class="flex-1 overflow-y-auto p-2 space-y-1 custom-scrollbar"></div>
+        <div class="p-3 border-t border-slate-100 text-center bg-white">
+            <button id="btn-user-modal-more" class="hidden text-sm text-brand font-bold py-2 w-full hover:bg-slate-50 rounded-xl transition">더 보기</button>
+        </div>
+    </div>
+</div>
+
 <!-- Toast -->
-<div id="toast" class="fixed left-1/2 -translate-x-1/2 bottom-6 z-50 hidden">
-    <div class="bg-slate-900 text-white px-4 py-2 rounded-xl shadow-lg text-sm" id="toast-msg"></div>
+<div id="toast" class="fixed top-20 left-1/2 -translate-x-1/2 bg-slate-800/90 backdrop-blur text-white px-6 py-3 rounded-full shadow-xl text-sm font-medium opacity-0 pointer-events-none transition-all duration-300 transform translate-y-4 z-[60]">
+    알림 메시지
 </div>
 
 <script>
-    // ---------- Config ----------
-    const API_BASE = ''; // 동일 오리진이면 빈 값, 프록시/도메인이 다르면 'http://localhost:8080' 등으로 지정
-
-    // ---------- Helpers ----------
-    function qs(sel) { return document.querySelector(sel); }
-    function qsa(sel) { return Array.from(document.querySelectorAll(sel)); }
-
-    function showToast(msg, ms = 1800) {
-        const wrap = qs('#toast'), box = qs('#toast-msg');
-        box.textContent = msg;
-        wrap.classList.remove('hidden', 'opacity-0');
-        setTimeout(() => wrap.classList.add('opacity-0'), ms);
-        setTimeout(() => wrap.classList.add('hidden'), ms + 200);
+    // ================= CONFIG & HELPERS =================
+    const API_BASE = '';
+    let accessToken = localStorage.getItem('accessToken') || null;
+    let currentUserId = null;
+    let currentUserProfile = null;
+
+    let feedPage = 0, feedIsLast = false, isLoadingFeed = false, feedList = [];
+    let feedFilterMemberId = null;
+    let currentPost = null, commentPage = 0, commentIsLast = false, commentList = [];
+    let userModalEndpoint = '', userModalPage = 0, userModalIsLast = false;
+    let myCommentsPage = 0, myCommentsIsLast = false;
+
+    const qs = (sel) => document.querySelector(sel);
+    function showToast(msg) {
+        const t = qs('#toast');
+        t.textContent = msg;
+        t.classList.remove('opacity-0', 'translate-y-4');
+        setTimeout(() => t.classList.add('opacity-0', 'translate-y-4'), 2500);
     }
-
-    function timeAgo(iso) {
-        try {
-            const t = new Date(iso);
-            const s = (Date.now() - t.getTime())/1000;
-            if (s < 60) return `${Math.floor(s)}초 전`;
-            if (s < 3600) return `${Math.floor(s/60)}분 전`;
-            if (s < 86400) return `${Math.floor(s/3600)}시간 전`;
-            return t.toLocaleString();
-        } catch { return iso; }
+    function timeAgo(dateString) {
+        const date = new Date(dateString);
+        const diff = (new Date() - date) / 1000;
+        if (diff < 60) return '방금 전';
+        if (diff < 3600) return `${Math.floor(diff / 60)}분 전`;
+        if (diff < 86400) return `${Math.floor(diff / 3600)}시간 전`;
+        return date.toLocaleDateString();
     }
-
-    function apiFetch(path, { method='GET', query, body, headers } = {}) {
-        const u = new URL((API_BASE + path), window.location.origin);
-        if (query && typeof query === 'object') {
-            for (const [k, v] of Object.entries(query)) {
-                if (v !== undefined && v !== null && v !== '') u.searchParams.set(k, String(v));
-            }
-        }
-        const init = { method, headers: { 'Content-Type': 'application/json', ...(headers||{}) } };
-        if (method !== 'GET' && method !== 'HEAD' && body !== undefined) {
-            init.body = typeof body === 'string' ? body : JSON.stringify(body);
-        }
-        return fetch(u.toString(), init).then(async r => {
-            const text = await r.text();
-            let json = null; try { json = text ? JSON.parse(text) : null; } catch { json = { raw: text }; }
-            if (!r.ok) {
-                const msg = (json && json.error_message) || r.statusText || 'Request failed';
-                throw new Error(`${r.status} ${msg}`);
-            }
-            return json;
-        });
+    function escapeHtml(text) {
+        if (!text) return "";
+        return text.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;").replace(/"/g, "&quot;").replace(/'/g, "&#039;");
     }
-
-    // ---------- API wrappers ----------
-    function listPosts(beforeId) {
-        return apiFetch('/posts', { query: { before: beforeId } });
+    function decodeUserIdFromToken(token) {
+        try {
+            const payload = token.split('.')[1];
+            const base64 = payload.replace(/-/g, '+').replace(/_/g, '/');
+            const json = atob(base64);
+            const obj = JSON.parse(json);
+            return obj.sub ? Number(obj.sub) : null;
+        } catch (e) { return null; }
     }
-    function getPost(id) { return apiFetch(`/posts/${id}`); }
-    function likePost(id) { return apiFetch(`/posts/${id}/likes`, { method: 'POST' }); }
-    function updatePostContent(id, content) { return apiFetch(`/posts/${id}/contents`, { method:'PATCH', body:{ data: content } }); }
-    function createPost(content, user_name) { return apiFetch('/posts', { method:'POST', body:{ content, user_name } }); }
-
-    function listComments(postId, beforeId) {
-        return apiFetch(`/posts/${postId}/comments`, { query: { before: beforeId } });
+    function openAuth() { qs('#auth-screen').classList.remove('hidden'); }
+    function closeAuth() { qs('#auth-screen').classList.add('hidden'); }
+    function requireAuth() {
+        if (!accessToken) { showToast('로그인이 필요한 기능입니다.'); openAuth(); return false; }
+        return true;
     }
-    function createComment(post_id, content, user_name) { return apiFetch('/comments', { method:'POST', body:{ post_id, content, user_name } }); }
-    function likeComment(id) { return apiFetch(`/comments/${id}/likes`, { method:'POST' }); }
-    function updateCommentContent(id, content) { return apiFetch(`/comments/${id}/contents`, { method:'PATCH', body:{ data: content } }); }
-    function deleteComment(id) { return apiFetch(`/comments/${id}`, { method:'DELETE' }); }
-
-    // ---------- State ----------
-    let feed = [];                 // 누적 posts
-    let feedNext = null;           // nextQueryCriteria(Long ID)
-    let loadingFeed = false;
-
-    let drawerPost = null;         // 현재 열려있는 포스트 dto
-    let comments = [];             // 현재 포스트의 댓글 누적
-    let commentsNext = null;       // nextQueryCriteria(Long ID) for comments
-    let loadingComments = false;
-
-    // ---------- Render ----------
-    function renderFeed() {
-        const el = qs('#feed');
-        el.innerHTML = '';
-        if (!feed.length) {
-            qs('#feed-empty').classList.remove('hidden');
-            qs('#btn-load-more').classList.add('hidden');
-            return;
-        }
-        qs('#feed-empty').classList.add('hidden');
 
-        for (const p of feed) {
-            el.insertAdjacentHTML('beforeend', postCardHTML(p));
-        }
-        // load more 버튼
-        if (feedNext) {
-            qs('#btn-load-more').classList.remove('hidden');
+    // 버튼 상태 업데이트 (팔로우/팔로잉)
+    function setFollowButtonState(btn, following) {
+        if (!btn) return;
+        if (following) {
+            btn.dataset.following = 'true'; btn.textContent = '팔로잉';
+            btn.className = 'text-[11px] font-bold bg-indigo-50 text-brand px-2 py-1 rounded-full hover:bg-indigo-100 transition btn-follow';
         } else {
-            qs('#btn-load-more').classList.add('hidden');
+            btn.dataset.following = 'false'; btn.textContent = '팔로우';
+            btn.className = 'text-[11px] font-bold bg-slate-100 text-slate-500 px-2 py-1 rounded-full hover:bg-slate-200 hover:text-slate-700 transition btn-follow';
         }
-        // 이벤트 바인딩
-        qsa('[data-like-post]').forEach(btn => btn.onclick = onLikePost);
-        qsa('[data-open-post]').forEach(btn => btn.onclick = onOpenPost);
-        qsa('[data-edit-post]').forEach(btn => btn.onclick = onEditPost);
     }
 
-    function postCardHTML(p) {
-        // 백엔드에서 내려주는 'comments'는 댓글 개수(Long)
-        const commentsCount = p.comments || 0;
-        return `
-      <article class="border border-slate-200 rounded-2xl p-4 hover:bg-slate-50">
-        <header class="flex items-center gap-2">
-          <div class="h-8 w-8 rounded-full bg-slate-200"></div>
-          <div>
-            <div class="text-sm font-semibold">@${escapeHtml(p.user_name)}</div>
-            <div class="text-xs text-slate-500">${timeAgo(p.created_at)}</div>
-          </div>
-          <div class="ml-auto text-xs text-slate-500">#${p.id}</div>
-        </header>
-        <p class="mt-3 whitespace-pre-wrap break-words">${escapeHtml(p.content)}</p>
-        <footer class="mt-3 flex items-center gap-2 text-sm">
-          <button class="px-3 py-1.5 rounded-lg border border-slate-300 hover:bg-slate-100"
-                  data-like-post="${p.id}">👍 좋아요 <span class="font-medium">${p.like_count}</span></button>
-          <button class="px-3 py-1.5 rounded-lg border border-slate-300 hover:bg-slate-100"
-                  data-open-post="${p.id}">💬 댓글 <span class="font-medium">${commentsCount}</span></button>
-          <button class="ml-auto text-xs text-slate-500 underline decoration-dotted"
-                  data-edit-post="${p.id}">내용 수정</button>
-        </footer>
-      </article>`;
+    // ================= API =================
+    async function api(endpoint, options = {}) {
+        const headers = { 'Content-Type': 'application/json' };
+        if (accessToken) headers['Authorization'] = `Bearer ${accessToken}`;
+        const config = { method: options.method || 'GET', headers: { ...headers, ...options.headers } };
+        if (options.body) config.body = JSON.stringify(options.body);
+
+        const res = await fetch(`${API_BASE}${endpoint}`, config);
+        const status = res.status;
+        if (status === 401) {
+            localStorage.removeItem('accessToken');
+            accessToken = null;
+            const err = new Error("로그인이 필요합니다."); err.status = 401; throw err;
+        }
+        if (status === 204) return null;
+        const text = await res.text();
+        const data = text ? JSON.parse(text) : {};
+        if (!res.ok) {
+            const err = new Error(data.error_message || '요청 실패'); err.status = status; throw err;
+        }
+        return data;
     }
 
-    function renderDrawerPost() {
-        const wrap = qs('#drawer-post');
-        const p = drawerPost;
-        if (!p) { wrap.innerHTML = ''; return; }
-        wrap.innerHTML = `
-        <div class="flex items-start gap-3">
-          <div class="h-10 w-10 rounded-full bg-slate-200"></div>
-          <div class="flex-1">
-            <div class="flex items-center gap-2">
-              <div class="font-semibold">@${escapeHtml(p.user_name)}</div>
-              <div class="text-xs text-slate-500">${timeAgo(p.created_at)} • #${p.id}</div>
-            </div>
-            <div class="mt-2 whitespace-pre-wrap break-words">${escapeHtml(p.content)}</div>
-            <div class="mt-3 flex items-center gap-2">
-              <button class="px-3 py-1.5 rounded-lg border border-slate-300 hover:bg-slate-100"
-                      data-like-post="${p.id}">👍 좋아요 <span class="font-medium">${p.like_count}</span></button>
-              <button class="text-xs text-slate-500 underline decoration-dotted"
-                      data-edit-post="${p.id}">내용 수정</button>
-            </div>
-          </div>
-        </div>
-      `;
-        // 이벤트
-        qsa('#drawer-post [data-like-post]').forEach(btn => btn.onclick = onLikePost);
-        qsa('#drawer-post [data-edit-post]').forEach(btn => btn.onclick = onEditPost);
+    // ================= AUTH =================
+    function toggleAuthMode() { qs('#login-form').classList.toggle('hidden'); qs('#signup-form').classList.toggle('hidden'); }
+    async function initCurrentUser() {
+        currentUserId = null; currentUserProfile = null;
+        if (!accessToken) return;
+        try {
+            const uid = decodeUserIdFromToken(accessToken);
+            if (!uid) { logout(); return; }
+            currentUserId = uid;
+            currentUserProfile = await api(`/members/${currentUserId}`);
+        } catch (e) {}
     }
-
-    function renderComments() {
-        const list = qs('#comments');
-        list.innerHTML = '';
-        if (!comments.length) {
-            qs('#comments-empty').classList.remove('hidden');
-            qs('#btn-comments-more').classList.add('hidden');
-            return;
-        }
-        qs('#comments-empty').classList.add('hidden');
-
-        for (const c of comments) {
-            list.insertAdjacentHTML('beforeend', commentItemHTML(c));
-        }
-        if (commentsNext) {
-            qs('#btn-comments-more').classList.remove('hidden');
+    function checkAuth() {
+        if (accessToken && currentUserId) {
+            qs('#btn-login-open').classList.add('hidden');
+            qs('#btn-logout').classList.remove('hidden');
+            qs('#btn-mypage').classList.remove('hidden');
+            const name = currentUserProfile?.nickname || 'User';
+            qs('#mypage-username').textContent = name;
+            qs('#mypage-avatar').textContent = name.charAt(0).toUpperCase();
+            qs('#mypage-userid').textContent = `ID ${currentUserId}`;
         } else {
-            qs('#btn-comments-more').classList.add('hidden');
+            qs('#btn-login-open').classList.remove('hidden');
+            qs('#btn-logout').classList.add('hidden');
+            qs('#btn-mypage').classList.add('hidden');
         }
-        // 이벤트
-        qsa('[data-like-comment]').forEach(btn => btn.onclick = onLikeComment);
-        qsa('[data-del-comment]').forEach(btn => btn.onclick = onDeleteComment);
-        qsa('[data-edit-comment]').forEach(btn => btn.onclick = onEditComment);
+        qs('#app-screen').classList.remove('hidden');
+        loadFeed(true);
     }
-
-    function commentItemHTML(c) {
-        return `
-      <div class="border border-slate-200 rounded-xl p-3">
-        <div class="flex items-center gap-2">
-          <div class="h-6 w-6 rounded-full bg-slate-200"></div>
-          <div class="text-sm font-semibold">@${escapeHtml(c.user_name)}</div>
-          <div class="ml-auto text-xs text-slate-500">${timeAgo(c.created_at)} • #${c.id}</div>
-        </div>
-        <div class="mt-2 text-sm whitespace-pre-wrap break-words">${escapeHtml(c.content)}</div>
-        <div class="mt-2 flex items-center gap-2 text-sm">
-          <button class="px-2 py-1 rounded-lg border border-slate-300 hover:bg-slate-100"
-                  data-like-comment="${c.id}">👍 <span class="font-medium">${c.like_count}</span></button>
-          <button class="text-xs text-slate-500 underline decoration-dotted" data-edit-comment="${c.id}">수정</button>
-          <button class="text-xs text-rose-600 underline decoration-dotted" data-del-comment="${c.id}">삭제</button>
-        </div>
-      </div>`;
+    async function login() {
+        const email = qs('#login-email').value; const password = qs('#login-pw').value;
+        if (!email || !password) return;
+        try {
+            const res = await api('/auth/login', { method: 'POST', body: { email, password } });
+            accessToken = res.data; localStorage.setItem('accessToken', accessToken);
+            qs('#login-email').value = ''; qs('#login-pw').value = '';
+            await initCurrentUser(); closeAuth(); showToast('로그인되었습니다.'); checkAuth();
+        } catch (e) { qs('#auth-msg').textContent = e.message; }
     }
-
-    function escapeHtml(s) {
-        return String(s ?? '')
-            .replaceAll('&','&amp;')
-            .replaceAll('<','&lt;')
-            .replaceAll('>','&gt;')
-            .replaceAll('"','&quot;')
-            .replaceAll("'","&#39;");
+    async function signup() {
+        const nickname = qs('#signup-nick').value; const email = qs('#signup-email').value; const password = qs('#signup-pw').value;
+        try {
+            await api('/members', { method: 'POST', body: { nickname, email, password } });
+            alert('가입 성공!'); toggleAuthMode();
+        } catch (e) { qs('#auth-msg').textContent = e.message; }
     }
-
-    // ---------- Event Handlers ----------
-    async function loadFeed(initial=false) {
-        if (loadingFeed) return;
-        loadingFeed = true;
+    async function logout() {
         try {
-            const before = initial ? null : feedNext;
-            const res = await listPosts(before);
-            const items = res?.data ?? [];
-            if (initial) feed = items;
-            else feed = feed.concat(items);
-            feedNext = res?.nextQueryCriteria ?? null;
-            renderFeed();
+            // refresh_token은 쿠키에 있으니까, 같은 도메인이라면 그냥 호출만 하면 됨
+            await fetch('/auth/logout', {
+                method: 'GET',
+                credentials: 'include', // CORS나 서브도메인 쓴다면 필수
+            });
         } catch (e) {
-            showToast(`피드 로드 실패: ${e.message}`);
+            console.error('logout error', e);
         } finally {
-            loadingFeed = false;
+            // 서버 쪽 처리와 상관없이 클라이언트 토큰은 무조건 지움
+            localStorage.removeItem('accessToken');
+            accessToken = null;
+            window.location.reload();
         }
     }
 
-    async function onLikePost(e) {
-        const id = Number(e.currentTarget.getAttribute('data-like-post'));
+
+    // ================= FEED =================
+    async function loadFeed(reset = false) {
+        if (isLoadingFeed) return;
+        if (reset) { feedPage = 0; feedIsLast = false; feedList = []; qs('#feed-container').innerHTML = ''; qs('#feed-end').classList.add('hidden'); }
+        if (feedIsLast) return;
+
+        isLoadingFeed = true;
+        qs('#feed-loading').classList.remove('hidden');
         try {
-            await likePost(id); // 204 No Content, no body
-            const updated = await getPost(id); // 최신 데이터 다시 fetch
-            // feed/ drawer 상태 동기화
-            feed = feed.map(p => p.id === id ? updated : p);
-            if (drawerPost && drawerPost.id === id) drawerPost = updated;
-            renderFeed();
-            if (!qs('#drawer').classList.contains('hidden')) renderDrawerPost();
-        } catch (e) { showToast(`좋아요 실패: ${e.message}`); }
+            let url = `/posts?page=${feedPage}&size=10`;
+            if (feedFilterMemberId) url += `&memberId=${feedFilterMemberId}`;
+            const res = await api(url);
+            const newPosts = res.content || [];
+            feedList = [...feedList, ...newPosts];
+            feedIsLast = res.last;
+            feedPage++;
+            renderFeed(newPosts);
+            if (feedIsLast) qs('#feed-end').classList.remove('hidden');
+        } catch (e) { console.error(e); showToast('피드 로드 실패'); }
+        finally { isLoadingFeed = false; qs('#feed-loading').classList.add('hidden'); }
     }
 
-    async function onOpenPost(e) {
-        const id = Number(e.currentTarget.getAttribute('data-open-post'));
-        try {
-            const p = await getPost(id);
-            drawerPost = p;
-            renderDrawerPost();
-            openDrawer();
-
-            // 댓글 목록을 별도로 로드
-            await loadComments(true);
-        } catch (e) { showToast(`포스트 열기 실패: ${e.message}`); }
+    function renderFeed(posts) {
+        const container = qs('#feed-container');
+        posts.forEach(post => {
+            const el = document.createElement('article');
+            el.className = 'bg-white rounded-2xl border border-slate-200 p-5 hover:shadow-lg transition-all duration-200';
+
+            const isMe = currentUserId && post.user_id === currentUserId;
+            const followButtonHtml = !isMe
+                ? `<button class="text-[11px] font-bold bg-slate-100 text-slate-500 px-2 py-1 rounded-full hover:bg-slate-200 hover:text-slate-700 transition btn-follow" data-uid="${post.user_id}" data-following="false">팔로우</button>`
+                : '';
+            const deleteBtnHtml = isMe
+                ? `<button class="text-slate-300 hover:text-rose-500 ml-auto transition btn-delete-post" title="삭제">✕</button>`
+                : '';
+
+            el.innerHTML = `
+                <div class="flex items-start mb-3">
+                    <div class="flex items-center gap-3">
+                        <div class="h-10 w-10 rounded-full bg-gradient-to-br from-indigo-100 to-white border border-indigo-50 flex items-center justify-center font-bold text-brand shadow-sm">
+                            ${post.user_name.charAt(0).toUpperCase()}
+                        </div>
+                        <div>
+                            <div class="flex items-center gap-2">
+                                <span class="font-bold text-slate-900">${post.user_name}</span>
+                                ${followButtonHtml}
+                            </div>
+                            <div class="text-xs text-slate-400 font-medium">${timeAgo(post.created_at)}</div>
+                        </div>
+                    </div>
+                    ${deleteBtnHtml}
+                </div>
+                <div class="text-slate-800 whitespace-pre-wrap leading-relaxed cursor-pointer post-content text-[15px] mb-4" data-id="${post.id}">${escapeHtml(post.content)}</div>
+                <div class="flex items-center gap-6 border-t border-slate-100 pt-3">
+                    <div class="flex items-center gap-1.5 group">
+                        <button class="p-1.5 -ml-2 rounded-full text-slate-400 hover:text-rose-500 hover:bg-rose-50 transition btn-like" data-id="${post.id}">
+                            <svg class="w-6 h-6" fill="none" stroke="currentColor" viewBox="0 0 24 24"><path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M4.318 6.318a4.5 4.5 0 000 6.364L12 20.364l7.682-7.682a4.5 4.5 0 00-6.364-6.364L12 7.636l-1.318-1.318a4.5 4.5 0 00-6.364 0z"></path></svg>
+                        </button>
+                        <button class="text-sm font-medium text-slate-500 hover:text-slate-800 hover:underline transition btn-view-likes" data-id="${post.id}">
+                            좋아요 <span class="like-count font-bold">${post.like_count}</span>개
+                        </button>
+                    </div>
+                    <button class="flex items-center gap-1.5 group btn-comment" data-id="${post.id}">
+                        <div class="p-1.5 rounded-full text-slate-400 group-hover:text-brand group-hover:bg-indigo-50 transition">
+                            <svg class="w-6 h-6" fill="none" stroke="currentColor" viewBox="0 0 24 24"><path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M8 12h.01M12 12h.01M16 12h.01M21 12c0 4.418-4.03 8-9 8a9.863 9.863 0 01-4.255-.949L3 20l1.395-3.72C3.512 15.042 3 13.574 3 12c0-4.418 4.03-8 9-8s9 3.582 9 8z"></path></svg>
+                        </div>
+                        <span class="text-sm font-medium text-slate-500 group-hover:text-brand transition">${post.comments}</span>
+                    </button>
+                </div>
+            `;
+            el.querySelector('.post-content').onclick = () => openDrawer(post.id);
+            el.querySelector('.btn-comment').onclick = () => openDrawer(post.id);
+            el.querySelector('.btn-like').onclick = (e) => toggleLikePost(post.id, e.currentTarget);
+            const fb = el.querySelector('.btn-follow');
+            if (fb) fb.onclick = (e) => toggleFollow(post.user_id, e.target);
+            el.querySelector('.btn-view-likes').onclick = () => openUserModal(`/posts/${post.id}/likes`, '이 포스트를 좋아하는 사람들');
+            const db = el.querySelector('.btn-delete-post');
+            if(db) db.onclick = () => deletePost(post.id, el);
+
+            container.appendChild(el);
+        });
     }
 
-    async function loadComments(initial=false) {
-        if (loadingComments || !drawerPost) return;
-        loadingComments = true;
+    // ================= ACTIONS =================
+    async function createPost() {
+        if (!requireAuth()) return;
+        const content = qs('#new-post-content').value.trim();
+        if (!content) return showToast('내용을 입력해주세요.');
         try {
-            const before = initial ? null : commentsNext;
-            const res = await listComments(drawerPost.id, before);
-            const items = res?.data ?? [];
-
-            if (initial) comments = items;
-            else comments = comments.concat(items);
-
-            commentsNext = res?.nextQueryCriteria ?? null;
-            renderComments();
-        } catch (e) {
-            showToast(`댓글 로드 실패: ${e.message}`);
-        } finally {
-            loadingComments = false;
-        }
+            await api('/posts', { method: 'POST', body: { content } });
+            qs('#new-post-content').value = ''; showToast('게시 완료 ✨'); loadFeed(true);
+        } catch (e) { showToast(e.message); }
     }
 
-    async function onEditPost(e) {
-        const id = Number(e.currentTarget.getAttribute('data-edit-post'));
-        const current = (feed.find(p => p.id === id) || drawerPost || {});
-        const content = prompt('새 내용 입력', current.content || '');
-        if (!content) return;
+    async function deletePost(id, el) {
+        if (!confirm("정말 이 게시글을 삭제하시겠습니까?")) return;
         try {
-            const updated = await updatePostContent(id, content);
-            feed = feed.map(p => p.id === id ? updated : p);
-            if (drawerPost && drawerPost.id === id) drawerPost = updated;
-            renderFeed();
-            if (!qs('#drawer').classList.contains('hidden')) renderDrawerPost();
-            showToast('수정 완료');
-        } catch (e) { showToast(`수정 실패: ${e.message}`); }
+            await api(`/posts/${id}`, { method: 'DELETE' });
+            el.remove();
+            showToast("삭제되었습니다.");
+        } catch(e) { showToast("삭제 실패 (권한이 없거나 오류 발생)"); }
     }
 
-    async function onLikeComment(e) {
-        const id = Number(e.currentTarget.getAttribute('data-like-comment'));
+    async function toggleLikePost(id, btnEl) {
+        if (!requireAuth()) return;
+        const countSpan = btnEl.parentElement.querySelector('.like-count');
+        let currentCount = parseInt(countSpan.textContent);
+        const icon = btnEl.querySelector('svg');
         try {
-            await likeComment(id); // 204 No Content
-            // 댓글 목록은 Drawer가 열려있을때만 갱신하면 되므로,
-            // 간단하게 해당 댓글의 like_count만 1 증가시켜서 렌더링.
-            const targetComment = comments.find(c => c.id === id);
-            if(targetComment) {
-                targetComment.like_count += 1;
-                renderComments();
+            try {
+                await api(`/posts/${id}/likes`, { method: 'POST' });
+                countSpan.textContent = currentCount + 1; icon.setAttribute('fill', 'currentColor'); btnEl.classList.add('text-rose-500');
+            } catch (e) {
+                await api(`/posts/${id}/likes`, { method: 'DELETE' });
+                countSpan.textContent = Math.max(0, currentCount - 1); icon.setAttribute('fill', 'none'); btnEl.classList.remove('text-rose-500');
             }
-        } catch (e) { showToast(`댓글 좋아요 실패: ${e.message}`); }
+        } catch (e) { console.error(e); }
     }
 
-    async function onDeleteComment(e) {
-        const id = Number(e.currentTarget.getAttribute('data-del-comment'));
-        if (!confirm('댓글을 삭제할까요?')) return;
+    // ★ 팔로우 토글 핵심 로직 (팔로우 ↔ 언팔로우) ★
+    async function toggleFollow(targetId, btn) {
+        if (!requireAuth()) return;
+        btn.disabled = true;
+        const isFollowing = btn.dataset.following === 'true'; // 현재 상태 확인
         try {
-            await deleteComment(id);
-            comments = comments.filter(c => c.id !== id);
-            renderComments();
-            // 댓글 수 갱신을 위해 포스트 재조회
-            if(drawerPost) {
-                const updatedPost = await getPost(drawerPost.id);
-                drawerPost = updatedPost;
-                feed = feed.map(p => p.id === drawerPost.id ? updatedPost : p);
-                renderFeed();
+            if (!isFollowing) {
+                // 팔로우 실행 (POST)
+                await api(`/members/${targetId}/follower`, { method: 'POST' });
+                setFollowButtonState(btn, true);
+                showToast('팔로우 했습니다.');
+            } else {
+                // 언팔로우 실행 (DELETE)
+                await api(`/members/${targetId}/follower`, { method: 'DELETE' });
+                setFollowButtonState(btn, false);
+                showToast('언팔로우 했습니다.');
             }
-            showToast('삭제 완료');
-        } catch (e) { showToast(`삭제 실패: ${e.message}`); }
+        } catch (e) {
+            // 409: 이미 팔로우 중임 -> UI를 팔로잉으로 변경
+            if (e.status === 409) { setFollowButtonState(btn, true); showToast('이미 팔로우 중입니다.'); }
+            // 404: 팔로우 관계가 없음 -> UI를 팔로우로 변경
+            else if (e.status === 404 && isFollowing) { setFollowButtonState(btn, false); }
+            else if (e.status === 401) { openAuth(); showToast('로그인이 필요합니다.'); }
+            else { showToast('요청 실패'); }
+        } finally { btn.disabled = false; }
     }
 
-    async function onEditComment(e) {
-        const id = Number(e.currentTarget.getAttribute('data-edit-comment'));
-        const curr = comments.find(c => c.id === id);
-        const content = prompt('새 댓글 내용', curr?.content || '');
-        if (!content) return;
-        try {
-            const updated = await updateCommentContent(id, content);
-            comments = comments.map(c => c.id === id ? updated : c);
-            renderComments();
-            showToast('수정 완료');
-        } catch (e) { showToast(`수정 실패: ${e.message}`); }
+    // ================= DRAWER =================
+    async function openDrawer(postId) {
+        qs('#drawer').classList.remove('hidden'); document.body.style.overflow = 'hidden';
+        let post = feedList.find(p => p.id === postId);
+        if (!post) { try { post = await api(`/posts/${postId}`); } catch (e) { return closeDrawer(); } }
+        currentPost = post; renderDrawerPost(post); loadComments(true);
     }
-
-    // Drawer control
-    function openDrawer() { qs('#drawer').classList.remove('hidden'); }
-    function closeDrawer() {
-        qs('#drawer').classList.add('hidden');
-        drawerPost = null;
-        comments = [];
-        commentsNext = null;
+    function closeDrawer() { qs('#drawer').classList.add('hidden'); document.body.style.overflow = ''; currentPost = null; }
+
+    function renderDrawerPost(post) {
+        const isMe = currentUserId && post.user_id === currentUserId;
+        const followBtnHtml = !isMe
+            ? `<button class="text-xs font-bold text-brand bg-indigo-50 px-3 py-1.5 rounded-lg hover:bg-indigo-100 transition btn-follow-drawer" data-uid="${post.user_id}">팔로우</button>`
+            : '';
+        const deleteBtnHtml = isMe
+            ? `<button class="text-slate-400 hover:text-rose-500 transition ml-2 btn-delete-drawer">✕</button>`
+            : '';
+
+        qs('#drawer-post').innerHTML = `
+            <div class="flex items-center justify-between">
+                <div class="flex items-center gap-3">
+                    <div class="h-10 w-10 rounded-full bg-slate-100 flex items-center justify-center font-bold text-slate-600">${post.user_name.charAt(0).toUpperCase()}</div>
+                    <div>
+                        <div class="font-bold text-slate-900">${post.user_name}</div>
+                        <div class="text-xs text-slate-500">${timeAgo(post.created_at)}</div>
+                    </div>
+                </div>
+                <div class="flex items-center">${followBtnHtml}${deleteBtnHtml}</div>
+            </div>
+            <div class="text-[16px] leading-relaxed whitespace-pre-wrap text-slate-800 mt-3">${escapeHtml(post.content)}</div>
+            <div class="text-sm font-medium mt-3">
+                <button class="text-slate-500 hover:text-slate-800 hover:underline transition" id="drawer-likes-btn">좋아요 <span class="text-slate-900 font-bold">${post.like_count}</span>개</button>
+            </div>
+        `;
+        qs('#drawer-comment-count').textContent = post.comments || 0;
+        qs('#drawer-likes-btn').onclick = () => openUserModal(`/posts/${post.id}/likes`, '이 포스트를 좋아하는 사람들');
+
+        const fb = qs('.btn-follow-drawer');
+        if (fb) { setFollowButtonState(fb, false); fb.onclick = (e) => toggleFollow(post.user_id, e.target); }
+        const db = qs('.btn-delete-drawer');
+        if (db) {
+            db.onclick = async () => {
+                if(!confirm('정말 삭제하시겠습니까?')) return;
+                try {
+                    await api(`/posts/${post.id}`, { method: 'DELETE' });
+                    closeDrawer(); showToast("삭제되었습니다."); loadFeed(true);
+                } catch(e) { showToast("삭제 실패"); }
+            };
+        }
     }
 
-    // ---------- Listeners ----------
-    qs('#refresh-feed').onclick = () => loadFeed(true);
-    qs('#btn-load-more').onclick = () => loadFeed(false);
-
-    // 새 포스트
-    qs('#btn-create-post').onclick = async () => {
-        const content = qs('#new-post-content').value.trim();
-        const user = qs('#new-post-user').value.trim();
-        if (!content || !user) { showToast('content / user_name을 입력하세요'); return; }
-        qs('#post-create-msg').textContent = '생성 중...';
+    // ================= COMMENTS =================
+    async function loadComments(reset = false) {
+        if (!currentPost) return;
+        if (reset) { commentPage = 0; commentIsLast = false; commentList = []; qs('#comments-list').innerHTML = ''; qs('#btn-load-more-comments').classList.add('hidden'); }
+        if (commentIsLast) return;
         try {
-            const res = await createPost(content, user);
-            qs('#post-create-msg').textContent = `생성됨: id=${res?.data}`;
-            qs('#new-post-content').value = '';
-            // 새로고침
-            await loadFeed(true);
-        } catch (e) {
-            qs('#post-create-msg').textContent = `실패: ${e.message}`;
-        }
-    };
-
-    // Drawer buttons
-    qs('#drawer-close').onclick = closeDrawer;
-    qs('#drawer-backdrop').onclick = closeDrawer;
-
-    // 댓글: 더 보기
-    qs('#btn-comments-more').onclick = () => loadComments(false);
-
-    // 댓글: 작성
-    qs('#btn-create-comment').onclick = async () => {
-        if (!drawerPost) return;
-        const user = qs('#new-comment-user').value.trim();
+            const res = await api(`/posts/${currentPost.id}/comments?page=${commentPage}&size=10`);
+            const newComments = res.content || [];
+            commentList = [...commentList, ...newComments];
+            commentIsLast = res.last; commentPage++;
+            newComments.forEach(c => {
+                const el = document.createElement('div');
+                el.className = 'flex gap-3 text-sm animate-fade-in';
+                const isMyComment = currentUserId && c.user_id === currentUserId;
+                const delBtnHtml = isMyComment ? `<button class="ml-auto text-rose-400 hover:text-rose-600 btn-del-comment">삭제</button>` : '';
+
+                el.innerHTML = `
+                    <div class="h-8 w-8 rounded-full bg-slate-100 shrink-0 flex items-center justify-center font-bold text-xs text-slate-500">${c.user_name.charAt(0)}</div>
+                    <div class="flex-1">
+                        <div class="bg-slate-50 p-3 rounded-2xl rounded-tl-none border border-slate-100/50">
+                            <div class="flex justify-between items-center mb-1">
+                                <span class="font-bold text-slate-900">${c.user_name}</span>
+                                <span class="text-xs text-slate-400">${timeAgo(c.created_at)}</span>
+                            </div>
+                            <p class="whitespace-pre-wrap text-slate-700 leading-relaxed">${escapeHtml(c.content)}</p>
+                        </div>
+                        <div class="mt-1.5 flex gap-3 text-xs text-slate-500 font-medium pl-1">
+                             <button class="hover:text-brand transition btn-like-comment">좋아요 ${c.like_count}</button>
+                             <button class="hover:text-slate-800 underline decoration-slate-300 btn-view-likes">보기</button>
+                             ${delBtnHtml}
+                        </div>
+                    </div>
+                `;
+                el.querySelector('.btn-like-comment').onclick = () => toggleLikeComment(c.id);
+                el.querySelector('.btn-view-likes').onclick = () => openUserModal(`/comments/${c.id}/likes`, '댓글을 좋아하는 사람들');
+                if(isMyComment) el.querySelector('.btn-del-comment').onclick = () => deleteComment(c.id, el);
+                qs('#comments-list').appendChild(el);
+            });
+            if (!commentIsLast) qs('#btn-load-more-comments').classList.remove('hidden');
+        } catch (e) { console.error(e); }
+    }
+    async function createComment() {
+        if (!requireAuth()) return;
         const content = qs('#new-comment-content').value.trim();
-        if (!user || !content) { showToast('user_name / content를 입력하세요'); return; }
-        qs('#comment-create-msg').textContent = '등록 중...';
-        try {
-            await createComment(drawerPost.id, content, user);
-            qs('#comment-create-msg').textContent = '등록 완료';
-            qs('#new-comment-content').value = '';
+        if (!content || !currentPost) return;
+        try { await api('/comments', { method: 'POST', body: { post_id: currentPost.id, content } }); qs('#new-comment-content').value = ''; loadComments(true); } catch (e) { showToast(e.message); }
+    }
+    async function toggleLikeComment(id) {
+        if (!requireAuth()) return;
+        try { try { await api(`/comments/${id}/likes`, { method: 'POST' }); showToast('댓글 좋아요'); } catch { await api(`/comments/${id}/likes`, { method: 'DELETE' }); showToast('댓글 좋아요 취소'); } loadComments(true); } catch (e) {}
+    }
+    async function deleteComment(id, el) {
+        if (!requireAuth()) return;
+        if (!confirm('정말 삭제하시겠습니까?')) return;
+        try { await api(`/comments/${id}`, { method: 'DELETE' }); el.remove(); } catch (e) { showToast('삭제 실패'); }
+    }
 
-            // 댓글 목록 새로고침
-            await loadComments(true);
+    // ================= USER MODAL =================
+    function openUserModal(endpoint, title) {
+        if (!requireAuth()) return;
+        userModalEndpoint = endpoint; userModalPage = 0; userModalIsLast = false;
+        qs('#user-modal-title').textContent = title; qs('#user-modal-list').innerHTML = '';
+        qs('#user-modal').classList.remove('hidden'); qs('#btn-user-modal-more').classList.add('hidden');
+        loadUserModalItems();
+    }
+    function closeUserModal() { qs('#user-modal').classList.add('hidden'); }
+    async function loadUserModalItems() {
+        if (userModalIsLast) return;
+        try {
+            const res = await api(`${userModalEndpoint}?page=${userModalPage}&size=10`);
+            const users = res.content || [];
+            userModalIsLast = res.last; userModalPage++;
+            const listEl = qs('#user-modal-list');
+            if (users.length === 0 && userModalPage === 1) { listEl.innerHTML = '<div class="text-center text-slate-400 py-6 text-sm">내역이 없습니다.</div>'; return; }
+
+            // "내가 팔로우하는 목록"인지 확인 (endpoint에 /following이 포함되고 내 ID가 포함됨)
+            const isMyFollowingList = userModalEndpoint.includes(`/following`) && userModalEndpoint.includes(String(currentUserId));
+
+            users.forEach(u => {
+                const row = document.createElement('div');
+                row.className = 'flex items-center justify-between p-3 hover:bg-slate-50 rounded-xl transition';
+                row.innerHTML = `
+                    <div class="flex items-center gap-3">
+                        <div class="h-9 w-9 rounded-full bg-slate-200 flex items-center justify-center font-bold text-sm text-slate-600">${u.nickname.charAt(0)}</div>
+                        <span class="font-bold text-slate-800 text-sm">${u.nickname}</span>
+                    </div>
+                    <button class="text-xs font-bold bg-slate-100 text-slate-500 px-3 py-1.5 rounded-lg hover:bg-slate-200 hover:text-slate-700 transition btn-follow" data-uid="${u.id}" data-following="false">팔로우</button>
+                `;
+                const fb = row.querySelector('.btn-follow');
+                if (currentUserId && u.id === currentUserId) fb.classList.add('hidden');
+                else {
+                    // ★ 핵심: 내 팔로잉 목록이면 버튼 상태를 '팔로잉(Following)'으로 초기화해서 바로 언팔로우 가능하게 함
+                    setFollowButtonState(fb, isMyFollowingList);
+                    fb.onclick = (e) => toggleFollow(u.id, e.target);
+                }
+                listEl.appendChild(row);
+            });
+            if (!userModalIsLast) qs('#btn-user-modal-more').classList.remove('hidden'); else qs('#btn-user-modal-more').classList.add('hidden');
+        } catch (e) { showToast('목록 로드 실패'); }
+    }
 
-            // 댓글 수 갱신을 위해 포스트 재조회
-            const updatedPost = await getPost(drawerPost.id);
-            drawerPost = updatedPost;
-            feed = feed.map(p => p.id === drawerPost.id ? updatedPost : p);
-            renderFeed();
-            renderDrawerPost();
+    // ================= MYPAGE =================
+    function openMypage() { if (!requireAuth() || !currentUserId) return; qs('#mypage-modal').classList.remove('hidden'); }
+    function closeMypage() { qs('#mypage-modal').classList.add('hidden'); }
+    function showMyPosts() { if (!currentUserId) return; feedFilterMemberId = currentUserId; closeMypage(); showToast('내 게시글만 표시합니다.'); loadFeed(true); }
+    function resetFeedFilter() { feedFilterMemberId = null; showToast('전체 피드를 표시합니다.'); loadFeed(true); }
+    function openMyCommentsModal() { if (!requireAuth() || !currentUserId) return; qs('#mycomments-modal').classList.remove('hidden'); qs('#mycomments-list').innerHTML = ''; myCommentsPage = 0; myCommentsIsLast = false; loadMyComments(); }
+    function closeMyCommentsModal() { qs('#mycomments-modal').classList.add('hidden'); }
+    async function loadMyComments() {
+        if (myCommentsIsLast || !currentUserId) return;
+        try {
+            const res = await api(`/comments?memberId=${currentUserId}&page=${myCommentsPage}&size=10`);
+            const content = res.content || [];
+            myCommentsIsLast = res.last; myCommentsPage++;
+            const listEl = qs('#mycomments-list');
+            if (content.length === 0 && myCommentsPage === 1) { listEl.innerHTML = '<div class="text-center text-slate-400 py-6 text-sm">작성한 댓글이 없습니다.</div>'; return; }
+            content.forEach(c => {
+                const item = document.createElement('div');
+                item.className = 'border border-slate-100 rounded-xl p-3 bg-slate-50';
+                item.innerHTML = `
+                    <div class="flex justify-between items-center mb-1">
+                        <span class="text-xs text-slate-400">게시글 #${c.post_id}</span>
+                        <span class="text-xs text-slate-400">${timeAgo(c.created_at)}</span>
+                    </div>
+                    <p class="text-sm text-slate-800 whitespace-pre-wrap mb-2">${escapeHtml(c.content)}</p>
+                    <button class="text-xs font-bold text-brand hover:underline">해당 글 보기</button>
+                `;
+                item.querySelector('button').onclick = () => { closeMyCommentsModal(); openDrawer(c.post_id); };
+                listEl.appendChild(item);
+            });
+            if (!myCommentsIsLast) qs('#btn-mycomments-more').classList.remove('hidden'); else qs('#btn-mycomments-more').classList.add('hidden');
+        } catch (e) { showToast('댓글 목록 로드 실패'); }
+    }
 
-        } catch (e) {
-            qs('#comment-create-msg').textContent = `실패: ${e.message}`;
-        }
-    };
-
-    // ---------- Init ----------
-    loadFeed(true);
-    // Infinite scroll (하단 200px에서 더보기)
-    window.addEventListener('scroll', () => {
-        const nearBottom = window.innerHeight + window.scrollY > document.body.offsetHeight - 200;
-        if (nearBottom && feedNext && !loadingFeed) loadFeed(false);
-    });
+    // ================= EVENTS & INIT =================
+    qs('#btn-login').onclick = login; qs('#btn-signup').onclick = signup; qs('#btn-logout').onclick = logout;
+    qs('#btn-create-post').onclick = createPost; qs('#btn-create-comment').onclick = createComment;
+    qs('#drawer-close').onclick = closeDrawer; qs('#drawer-backdrop').onclick = closeDrawer;
+    qs('#btn-load-more-comments').onclick = () => loadComments(false);
+    qs('#user-modal-close').onclick = closeUserModal; qs('#user-modal-backdrop').onclick = closeUserModal; qs('#btn-user-modal-more').onclick = loadUserModalItems;
+    qs('#btn-login-open').onclick = openAuth; qs('#btn-mypage').onclick = openMypage; qs('#btn-feed-all').onclick = resetFeedFilter;
+    qs('#mypage-close').onclick = closeMypage; qs('#mypage-backdrop').onclick = closeMypage;
+    qs('#btn-my-posts').onclick = showMyPosts; qs('#btn-my-comments').onclick = () => { closeMypage(); openMyCommentsModal(); };
+    qs('#btn-my-followers').onclick = () => { if (!currentUserId) return; closeMypage(); openUserModal(`/members/${currentUserId}/follower`, '나를 팔로우하는 사람들'); };
+    qs('#btn-my-followings').onclick = () => { if (!currentUserId) return; closeMypage(); openUserModal(`/members/${currentUserId}/following`, '내가 팔로우하는 사람들'); };
+    qs('#mycomments-close').onclick = closeMyCommentsModal; qs('#mycomments-backdrop').onclick = closeMyCommentsModal; qs('#btn-mycomments-more').onclick = loadMyComments;
+    qs('#new-post-content').onfocus = () => { if (!accessToken) { qs('#new-post-content').blur(); requireAuth(); } };
+    window.addEventListener('scroll', () => { if (!qs('#app-screen').classList.contains('hidden')) { if ((window.innerHeight + window.scrollY) >= document.body.offsetHeight - 100) loadFeed(); } });
+
+    async function initApp() { if (accessToken) await initCurrentUser(); checkAuth(); }
+    initApp();
 </script>
 </body>
 </html>
\ No newline at end of file
diff --git a/src/test/java/com/example/devSns/service/AuthServiceTests.java b/src/test/java/com/example/devSns/service/AuthServiceTests.java
new file mode 100644
index 0000000..23286a9
--- /dev/null
+++ b/src/test/java/com/example/devSns/service/AuthServiceTests.java
@@ -0,0 +1,263 @@
+package com.example.devSns.service;
+
+import com.example.devSns.domain.Member;
+import com.example.devSns.domain.RefreshTokens;
+import com.example.devSns.dto.GenericDataDto;
+import com.example.devSns.dto.auth.AuthResponseDto;
+import com.example.devSns.dto.auth.LoginDto;
+import com.example.devSns.dto.member.MemberCreateDto;
+import com.example.devSns.exception.NotFoundException;
+import com.example.devSns.exception.UnauthorizedException;
+import com.example.devSns.repository.MemberRepository;
+import com.example.devSns.repository.RefreshTokensRepository;
+import com.example.devSns.util.JwtUtil;
+import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Nested;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.mockito.ArgumentCaptor;
+import org.mockito.Captor;
+import org.mockito.InjectMocks;
+import org.mockito.Mock;
+import org.mockito.junit.jupiter.MockitoExtension;
+import org.springframework.security.crypto.bcrypt.BCrypt;
+import org.springframework.test.util.ReflectionTestUtils;
+
+import java.time.LocalDateTime;
+import java.util.Base64;
+import java.util.Optional;
+
+import static org.assertj.core.api.Assertions.*;
+import static org.mockito.Mockito.*;
+
+@ExtendWith(MockitoExtension.class)
+class AuthServiceTests {
+
+    @Mock
+    JwtUtil jwtUtil;
+
+    @Mock
+    MemberRepository memberRepository;
+
+    @Mock
+    RefreshTokensRepository refreshTokensRepository;
+
+    @InjectMocks
+    AuthService authService;
+
+    @Captor
+    ArgumentCaptor<RefreshTokens> refreshTokensCaptor;
+
+    private Member createMemberWithPassword(String rawPassword) {
+        String hash = BCrypt.hashpw(rawPassword, BCrypt.gensalt());
+        return new Member("tester", "test@example.com", hash);
+    }
+
+
+    @Nested
+    @DisplayName("login()")
+    class LoginTests {
+        @Test
+        @DisplayName("login 성공: 비밀번호가 맞으면 access, refresh 토큰을 발급하고 refreshTokens를 저장한다")
+        void login_success() {
+            // given
+            String rawPassword = "password123";
+            Member member = createMemberWithPassword(rawPassword);
+
+            ReflectionTestUtils.setField(member, "id", 1L);
+            when(memberRepository.findByEmail("test@example.com"))
+                    .thenReturn(Optional.of(member));
+
+            // access/refresh 토큰 관련 mock 세팅
+            when(jwtUtil.generateAccessToken(anyLong()))
+                    .thenReturn("mock-access-token");
+
+            byte[] rawRefreshBytes = "RAW_REFRESH_TOKEN_32BYTES_____123456".getBytes(); // 길이는 딱히 중요 X
+            byte[] hashedRefreshBytes = "HASHED_REFRESH_TOKEN_32_____123456".getBytes();
+
+            when(jwtUtil.generateRefreshToken())
+                    .thenReturn(rawRefreshBytes);
+            when(jwtUtil.hashToken(rawRefreshBytes))
+                    .thenReturn(hashedRefreshBytes);
+            when(jwtUtil.getRefreshExpiration())
+                    .thenReturn(3600L);
+
+            LoginDto dto = new LoginDto("test@example.com", rawPassword);
+
+            // when
+            AuthResponseDto result = authService.login(dto);
+
+            // then
+            assertThat(result.accessToken()).isEqualTo("mock-access-token");
+            assertThat(result.refreshToken()).isNotBlank();
+
+            // refreshToken이 Base64로 인코딩 되었는지 확인
+            byte[] decoded = Base64.getDecoder().decode(result.refreshToken());
+            assertThat(decoded).isEqualTo(rawRefreshBytes);
+
+            // RefreshTokens 엔티티가 잘 저장됐는지 확인
+            verify(refreshTokensRepository).save(refreshTokensCaptor.capture());
+            RefreshTokens saved = refreshTokensCaptor.getValue();
+
+            assertThat(saved.getTokenHash()).isEqualTo(hashedRefreshBytes);
+            assertThat(saved.getMember()).isEqualTo(member);
+            assertThat(saved.isValidToken()).isTrue();
+            assertThat(saved.getTokenHash()).isNotNull();
+        }
+
+        @Test
+        @DisplayName("login 실패: 이메일이 없으면 NotFoundException")
+        void login_emailNotFound() {
+            when(memberRepository.findByEmail("none@example.com"))
+                    .thenReturn(Optional.empty());
+
+            LoginDto dto = new LoginDto("none@example.com", "password123");
+
+            assertThatThrownBy(() -> authService.login(dto))
+                    .isInstanceOf(NotFoundException.class)
+                    .hasMessageContaining("Invalid email or password");
+        }
+
+        @Test
+        @DisplayName("login 실패: 비밀번호가 틀리면 NotFoundException")
+        void login_wrongPassword() {
+            // given
+            Member member = createMemberWithPassword("correctPassword");
+            when(memberRepository.findByEmail(member.getEmail()))
+                    .thenReturn(Optional.of(member));
+
+            LoginDto dto = new LoginDto(member.getEmail(), "wrongPassword");
+
+            // expect
+            assertThatThrownBy(() -> authService.login(dto))
+                    .isInstanceOf(NotFoundException.class)
+                    .hasMessageContaining("Invalid email or password");
+        }
+
+    }
+
+
+    @Nested
+    @DisplayName("reAuth()")
+    class ReAuthTests {
+        @Test
+        @DisplayName("reAuth 성공: 유효한 refresh 토큰이면 새로운 access 토큰을 발급한다")
+        void reAuth_success() {
+            // given
+            Member member = createMemberWithPassword("password123");
+            ReflectionTestUtils.setField(member, "id", 1L);
+            byte[] rawBytes = "RAW_REFRESH_TOKEN_32BYTES_____123456".getBytes();
+            byte[] hashedBytes = "HASHED_REFRESH_TOKEN_32_____123456".getBytes();
+
+            String encoded = Base64.getEncoder().encodeToString(rawBytes);
+
+            RefreshTokens tokenEntity = new RefreshTokens(
+                    hashedBytes,
+                    LocalDateTime.now().plusSeconds(3600),
+                    member
+            );
+
+            when(jwtUtil.hashToken(rawBytes)).thenReturn(hashedBytes);
+            when(refreshTokensRepository.findById(hashedBytes))
+                    .thenReturn(Optional.of(tokenEntity));
+            when(jwtUtil.generateAccessToken(member.getId()))
+                    .thenReturn("new-access-token");
+
+            // when
+            GenericDataDto<String> result = authService.reAuth(encoded);
+
+            // then
+            assertThat(result.data()).isEqualTo("new-access-token");
+        }
+
+        @Test
+        @DisplayName("reAuth 실패: DB에 없는 refresh 토큰이면 UnauthorizedException")
+        void reAuth_unknownToken() {
+            byte[] rawBytes = "SOME_UNKNOWN_RAW_TOKEN___________".getBytes();
+            byte[] hashedBytes = "HASHED_UNKNOWN_TOKEN____________".getBytes();
+            String encoded = Base64.getEncoder().encodeToString(rawBytes);
+
+            when(jwtUtil.hashToken(rawBytes)).thenReturn(hashedBytes);
+            when(refreshTokensRepository.findById(hashedBytes))
+                    .thenReturn(Optional.empty());
+
+            assertThatThrownBy(() -> authService.reAuth(encoded))
+                    .isInstanceOf(UnauthorizedException.class)
+                    .hasMessage("Unauthorized");
+        }
+
+        @Test
+        @DisplayName("reAuth 실패: 만료된 토큰이면 UnauthorizedException")
+        void reAuth_expiredToken() {
+            Member member = createMemberWithPassword("password123");
+
+            byte[] rawBytes = "RAW_EXPIRED_REFRESH_TOKEN________".getBytes();
+            byte[] hashedBytes = "HASHED_EXPIRED_REFRESH_TOKEN_____".getBytes();
+            String encoded = Base64.getEncoder().encodeToString(rawBytes);
+
+            RefreshTokens expired = new RefreshTokens(
+                    hashedBytes,
+                    LocalDateTime.now().minusSeconds(10),
+                    member
+            );
+
+            when(jwtUtil.hashToken(rawBytes)).thenReturn(hashedBytes);
+            when(refreshTokensRepository.findById(hashedBytes))
+                    .thenReturn(Optional.of(expired));
+
+            assertThatThrownBy(() -> authService.reAuth(encoded))
+                    .isInstanceOf(UnauthorizedException.class)
+                    .hasMessage("Unauthorized");
+        }
+
+    }
+
+    @Nested
+    @DisplayName("logout()")
+    class LogoutTests {
+        @Test
+        @DisplayName("logout: 해당 refresh 토큰의 valid 플래그를 false로 바꾼다")
+        void logout_success() {
+            Member member = createMemberWithPassword("password123");
+
+            byte[] rawBytes = "RAW_REFRESH_TOKEN_LOGOUT_________".getBytes();
+            byte[] hashedBytes = "HASHED_REFRESH_TOKEN_LOGOUT______".getBytes();
+            String encoded = Base64.getEncoder().encodeToString(rawBytes);
+
+            RefreshTokens tokenEntity = new RefreshTokens(
+                    hashedBytes,
+                    LocalDateTime.now().plusSeconds(3600),
+                    member
+            );
+
+            when(jwtUtil.hashToken(rawBytes)).thenReturn(hashedBytes);
+            when(refreshTokensRepository.findById(hashedBytes))
+                    .thenReturn(Optional.of(tokenEntity));
+
+            // when
+            authService.logout(encoded);
+
+            // then
+            assertThat(tokenEntity.isValidToken()).isFalse();
+
+        }
+
+        @Test
+        @DisplayName("logout 실패: DB에 없는 토큰이면 IllegalStateException")
+        void logout_tokenNotFound() {
+            byte[] rawBytes = "RAW_UNKNOWN_TOKEN_FOR_LOGOUT______".getBytes();
+            byte[] hashedBytes = "HASHED_UNKNOWN_TOKEN_FOR_LOGOUT__".getBytes();
+            String encoded = Base64.getEncoder().encodeToString(rawBytes);
+
+            when(jwtUtil.hashToken(rawBytes)).thenReturn(hashedBytes);
+            when(refreshTokensRepository.findById(hashedBytes))
+                    .thenReturn(Optional.empty());
+
+            assertThatThrownBy(() -> authService.logout(encoded))
+                    .isInstanceOf(IllegalStateException.class)
+                    .hasMessageContaining("Logout Failed");
+        }
+    }
+
+
+}
diff --git a/src/test/java/com/example/devSns/service/CommentLikesServiceTests.java b/src/test/java/com/example/devSns/service/CommentLikesServiceTests.java
new file mode 100644
index 0000000..b1db3cb
--- /dev/null
+++ b/src/test/java/com/example/devSns/service/CommentLikesServiceTests.java
@@ -0,0 +1,248 @@
+package com.example.devSns.service;
+
+import com.example.devSns.domain.Comment;
+import com.example.devSns.domain.CommentLikes;
+import com.example.devSns.domain.Member;
+import com.example.devSns.dto.likes.LikesRequestDto;
+import com.example.devSns.dto.member.MemberResponseDto;
+import com.example.devSns.exception.InvalidRequestException;
+import com.example.devSns.exception.NotFoundException;
+import com.example.devSns.repository.CommentLikesRepository;
+import com.example.devSns.repository.CommentRepository;
+import com.example.devSns.repository.MemberRepository;
+import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Nested;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.mockito.ArgumentCaptor;
+import org.mockito.InjectMocks;
+import org.mockito.Mock;
+import org.mockito.junit.jupiter.MockitoExtension;
+import org.springframework.data.domain.*;
+
+import java.util.List;
+import java.util.Optional;
+
+import static org.junit.jupiter.api.Assertions.*;
+import static org.mockito.ArgumentMatchers.*;
+import static org.mockito.Mockito.*;
+
+@ExtendWith(MockitoExtension.class)
+class CommentLikesServiceTests {
+
+    @Mock
+    CommentLikesRepository commentLikesRepository;
+
+    @Mock
+    MemberRepository memberRepository;
+
+    @Mock
+    CommentRepository commentRepository;
+
+    @InjectMocks
+    CommentLikesService commentLikesService;
+
+    @Nested
+    @DisplayName("like()")
+    class LikeTests {
+
+        @Test
+        @DisplayName("아직 좋아요를 누르지 않은 경우 like에 성공하고 CommentLikes를 저장한다")
+        void like_success() {
+            // given
+            Long commentId = 10L;
+            Long memberId = 1L;
+            LikesRequestDto dto = new LikesRequestDto(commentId, memberId);
+
+            Member member = mock(Member.class);
+            Comment comment = mock(Comment.class);
+
+            when(memberRepository.findById(memberId))
+                    .thenReturn(Optional.of(member));
+            when(commentRepository.findById(commentId))
+                    .thenReturn(Optional.of(comment));
+            when(commentLikesRepository.findByMemberAndComment(member, comment))
+                    .thenReturn(Optional.empty());
+
+            // when
+            commentLikesService.like(dto);
+
+            // then
+            ArgumentCaptor<CommentLikes> captor =
+                    ArgumentCaptor.forClass(CommentLikes.class);
+            verify(commentLikesRepository, times(1))
+                    .save(captor.capture());
+
+            CommentLikes saved = captor.getValue();
+            assertNotNull(saved);
+            assertEquals(member, saved.getMember());
+
+            verify(commentLikesRepository, times(1))
+                    .findByMemberAndComment(member, comment);
+        }
+
+        @Test
+        @DisplayName("이미 좋아요를 눌렀다면 InvalidRequestException 이 발생한다")
+        void like_already_liked() {
+            // given
+            Long commentId = 10L;
+            Long memberId = 1L;
+            LikesRequestDto dto = new LikesRequestDto(commentId, memberId);
+
+            Member member = mock(Member.class);
+            Comment comment = mock(Comment.class);
+            CommentLikes existing = mock(CommentLikes.class);
+
+            when(memberRepository.findById(memberId))
+                    .thenReturn(Optional.of(member));
+            when(commentRepository.findById(commentId))
+                    .thenReturn(Optional.of(comment));
+            when(commentLikesRepository.findByMemberAndComment(member, comment))
+                    .thenReturn(Optional.of(existing));
+
+            // when & then
+            assertThrows(InvalidRequestException.class,
+                    () -> commentLikesService.like(dto));
+
+            verify(commentLikesRepository, never()).save(any());
+        }
+
+        @Test
+        @DisplayName("회원이 없으면 NotFoundException 이 발생한다")
+        void like_member_not_found() {
+            Long commentId = 10L;
+            Long memberId = 1L;
+            LikesRequestDto dto = new LikesRequestDto(commentId, memberId);
+
+            when(memberRepository.findById(memberId))
+                    .thenReturn(Optional.empty());
+
+            assertThrows(NotFoundException.class,
+                    () -> commentLikesService.like(dto));
+        }
+
+        @Test
+        @DisplayName("댓글이 없으면 NotFoundException 이 발생한다")
+        void like_comment_not_found() {
+            Long commentId = 10L;
+            Long memberId = 1L;
+            LikesRequestDto dto = new LikesRequestDto(commentId, memberId);
+
+            Member member = mock(Member.class);
+            when(memberRepository.findById(memberId))
+                    .thenReturn(Optional.of(member));
+            when(commentRepository.findById(commentId))
+                    .thenReturn(Optional.empty());
+
+            assertThrows(NotFoundException.class,
+                    () -> commentLikesService.like(dto));
+        }
+    }
+
+    @Nested
+    @DisplayName("unlike()")
+    class UnlikeTests {
+
+        @Test
+        @DisplayName("좋아요가 되어 있는 경우 unlike에 성공하고 CommentLikes를 삭제한다")
+        void unlike_success() {
+            // given
+            Long commentId = 10L;
+            Long memberId = 1L;
+            LikesRequestDto dto = new LikesRequestDto(commentId, memberId);
+
+            Member member = mock(Member.class);
+            Comment comment = mock(Comment.class);
+            CommentLikes existing = mock(CommentLikes.class);
+
+            when(memberRepository.findById(memberId))
+                    .thenReturn(Optional.of(member));
+            when(commentRepository.findById(commentId))
+                    .thenReturn(Optional.of(comment));
+            when(commentLikesRepository.findByMemberAndComment(member, comment))
+                    .thenReturn(Optional.of(existing));
+
+            // when
+            commentLikesService.unlike(dto);
+
+            // then
+            verify(commentLikesRepository, times(1)).delete(existing);
+        }
+
+        @Test
+        @DisplayName("좋아요가 되어 있지 않으면 NotFoundException 이 발생한다")
+        void unlike_not_liked() {
+            // given
+            Long commentId = 10L;
+            Long memberId = 1L;
+            LikesRequestDto dto = new LikesRequestDto(commentId, memberId);
+
+            Member member = mock(Member.class);
+            Comment comment = mock(Comment.class);
+
+            when(memberRepository.findById(memberId))
+                    .thenReturn(Optional.of(member));
+            when(commentRepository.findById(commentId))
+                    .thenReturn(Optional.of(comment));
+            when(commentLikesRepository.findByMemberAndComment(member, comment))
+                    .thenReturn(Optional.empty());
+
+            // when & then
+            assertThrows(NotFoundException.class,
+                    () -> commentLikesService.unlike(dto));
+
+            verify(commentLikesRepository, never()).delete(any());
+        }
+    }
+
+    @Nested
+    @DisplayName("findWhoLiked()")
+    class FindWhoLikedTests {
+
+        @Test
+        @DisplayName("댓글이 존재하면 해당 댓글을 좋아요한 회원 목록을 슬라이스로 반환한다")
+        void findWhoLiked_success() {
+            // given
+            Long commentId = 10L;
+            Pageable pageable = PageRequest.of(0, 15);
+
+            Comment comment = mock(Comment.class);
+            when(commentRepository.findById(commentId))
+                    .thenReturn(Optional.of(comment));
+
+            MemberResponseDto dto = new MemberResponseDto(1L, "tester");
+            Slice<MemberResponseDto> slice =
+                    new SliceImpl<>(List.of(dto), pageable, false);
+
+            when(commentLikesRepository.findLikedUsersByComment(comment, pageable))
+                    .thenReturn(slice);
+
+            // when
+            Slice<MemberResponseDto> result =
+                    commentLikesService.findWhoLiked(pageable, commentId);
+
+            // then
+            assertSame(slice, result);
+            verify(commentRepository, times(1)).findById(commentId);
+            verify(commentLikesRepository, times(1))
+                    .findLikedUsersByComment(comment, pageable);
+        }
+
+        @Test
+        @DisplayName("댓글이 없으면 NotFoundException 이 발생한다")
+        void findWhoLiked_comment_not_found() {
+            // given
+            Long commentId = 10L;
+            Pageable pageable = PageRequest.of(0, 15);
+
+            when(commentRepository.findById(commentId))
+                    .thenReturn(Optional.empty());
+
+            // when & then
+            assertThrows(NotFoundException.class,
+                    () -> commentLikesService.findWhoLiked(pageable, commentId));
+            verify(commentLikesRepository, never())
+                    .findLikedUsersByComment(any(), any());
+        }
+    }
+}
diff --git a/src/test/java/com/example/devSns/service/CommentServiceTests.java b/src/test/java/com/example/devSns/service/CommentServiceTests.java
index 9e2af54..c34bf6a 100644
--- a/src/test/java/com/example/devSns/service/CommentServiceTests.java
+++ b/src/test/java/com/example/devSns/service/CommentServiceTests.java
@@ -1,225 +1,387 @@
 package com.example.devSns.service;
 
 import com.example.devSns.domain.Comment;
+import com.example.devSns.domain.CommentLikes;
+import com.example.devSns.domain.Member;
 import com.example.devSns.domain.Post;
 import com.example.devSns.dto.GenericDataDto;
 import com.example.devSns.dto.PaginatedDto;
 import com.example.devSns.dto.comment.CommentCreateDto;
 import com.example.devSns.dto.comment.CommentResponseDto;
+import com.example.devSns.exception.ForbiddenException;
 import com.example.devSns.exception.InvalidRequestException;
 import com.example.devSns.exception.NotFoundException;
 import com.example.devSns.repository.CommentRepository;
+import com.example.devSns.repository.MemberRepository;
 import com.example.devSns.repository.PostRepository;
 import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Nested;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.ExtendWith;
 import org.mockito.InjectMocks;
 import org.mockito.Mock;
 import org.mockito.junit.jupiter.MockitoExtension;
+import org.springframework.data.domain.*;
 
 import java.time.LocalDateTime;
-import java.util.Collections;
 import java.util.List;
 import java.util.Optional;
 
 import static org.junit.jupiter.api.Assertions.*;
-import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.ArgumentMatchers.*;
 import static org.mockito.Mockito.*;
 
 @ExtendWith(MockitoExtension.class)
 class CommentServiceTests {
 
     @Mock
-    private CommentRepository commentRepository;
+    CommentRepository commentRepository;
 
     @Mock
-    private PostRepository postRepository;
+    PostRepository postRepository;
 
-    @InjectMocks
-    private CommentService commentService;
-
-    @Test
-    @DisplayName("댓글 생성 성공")
-    void create_success() {
-        // given
-        Long postId = 1L;
-        Post post = createDummyPost(postId);
-        CommentCreateDto createDto = new CommentCreateDto(postId, "Test Comment", "commenter");
-        Comment comment = Comment.create("Test Comment", post, "commenter");
-        comment.setId(101L);
-
-        when(postRepository.findById(postId)).thenReturn(Optional.of(post));
-        when(commentRepository.save(any(Comment.class))).thenReturn(comment);
-
-        // when
-        Long commentId = commentService.create(createDto);
-
-        // then
-        assertNotNull(commentId);
-        assertEquals(101L, commentId);
-        verify(postRepository, times(1)).findById(postId);
-        verify(commentRepository, times(1)).save(any(Comment.class));
-    }
-
-    @Test
-    @DisplayName("존재하지 않는 게시글에 댓글 생성 시 InvalidRequestException 발생")
-    void create_throwsInvalidRequestException_whenPostNotFound() {
-        // given
-        Long postId = 99L;
-        CommentCreateDto createDto = new CommentCreateDto(postId, "Test Comment", "commenter");
-        when(postRepository.findById(postId)).thenReturn(Optional.empty());
-
-        // when & then
-        assertThrows(InvalidRequestException.class, () -> commentService.create(createDto));
-        verify(commentRepository, never()).save(any(Comment.class));
-    }
-
-    @Test
-    @DisplayName("ID로 댓글 단건 조회 성공")
-    void findOne_success() {
-        // given
-        Long commentId = 101L;
-        Post post = createDummyPost(1L);
-        Comment comment = createDummyComment(commentId, "Test Content", "user", post);
-
-        when(commentRepository.findById(commentId)).thenReturn(Optional.of(comment));
-
-        // when
-        CommentResponseDto responseDto = commentService.findOne(commentId);
-
-        // then
-        assertNotNull(responseDto);
-        assertEquals(commentId, responseDto.id());
-        assertEquals(post.getId(), responseDto.postId());
-        assertEquals("Test Content", responseDto.content());
-    }
-
-    @Test
-    @DisplayName("존재하지 않는 ID로 댓글 조회 시 NotFoundException 발생")
-    void findOne_throwsNotFoundException() {
-        // given
-        Long commentId = 999L;
-        when(commentRepository.findById(commentId)).thenReturn(Optional.empty());
-
-        // when & then
-        assertThrows(NotFoundException.class, () -> commentService.findOne(commentId));
-    }
-
-    @Test
-    @DisplayName("댓글 삭제 성공")
-    void delete_success() {
-        // given
-        Long commentId = 101L;
-        Comment comment = createDummyComment(commentId, "Content", "User", createDummyPost(1L));
-        when(commentRepository.findById(commentId)).thenReturn(Optional.of(comment));
-
-        // when
-        commentService.delete(commentId);
-
-        // then
-        verify(commentRepository, times(1)).delete(comment);
-    }
-
-    @Test
-    @DisplayName("존재하지 않는 댓글 삭제 시 NotFoundException 발생")
-    void delete_throwsNotFoundException() {
-        // given
-        Long commentId = 999L;
-        when(commentRepository.findById(commentId)).thenReturn(Optional.empty());
+    @Mock
+    MemberRepository memberRepository;
 
-        // when & then
-        assertThrows(NotFoundException.class, () -> commentService.delete(commentId));
+    @InjectMocks
+    CommentService commentService;
+
+    @Nested
+    @DisplayName("create()")
+    class CreateTests {
+
+        @Test
+        @DisplayName("회원과 게시글이 존재하면 댓글을 생성하고 ID를 반환한다")
+        void create_success() {
+            // given
+            Long memberId = 1L;
+            Long postId = 100L;
+            CommentCreateDto dto = new CommentCreateDto(postId, "comment");
+
+            Member member = mock(Member.class);
+            Post post = mock(Post.class);
+
+            when(memberRepository.findById(memberId))
+                    .thenReturn(Optional.of(member));
+            when(postRepository.findById(postId))
+                    .thenReturn(Optional.of(post));
+
+            Comment savedComment = mock(Comment.class);
+            when(savedComment.getId()).thenReturn(10L);
+            when(commentRepository.save(any(Comment.class)))
+                    .thenReturn(savedComment);
+
+            // when
+            Long id = commentService.create(dto, memberId);
+
+            // then
+            assertEquals(10L, id);
+            verify(commentRepository, times(1))
+                    .save(any(Comment.class));
+        }
+
+        @Test
+        @DisplayName("회원이 없으면 NotFoundException 발생")
+        void create_member_not_found() {
+            // given
+            Long memberId = 1L;
+            Long postId = 100L;
+            CommentCreateDto dto = new CommentCreateDto(postId, "comment");
+
+            when(memberRepository.findById(memberId))
+                    .thenReturn(Optional.empty());
+
+            // when & then
+            assertThrows(NotFoundException.class,
+                    () -> commentService.create(dto, memberId));
+            verify(commentRepository, never()).save(any());
+        }
+
+        @Test
+        @DisplayName("게시글이 없으면 InvalidRequestException 발생")
+        void create_post_not_found() {
+            // given
+            Long memberId = 1L;
+            Long postId = 100L;
+            CommentCreateDto dto = new CommentCreateDto(postId, "comment");
+
+            Member member = mock(Member.class);
+            when(memberRepository.findById(memberId))
+                    .thenReturn(Optional.of(member));
+            when(postRepository.findById(postId))
+                    .thenReturn(Optional.empty());
+
+            // when & then
+            assertThrows(InvalidRequestException.class,
+                    () -> commentService.create(dto, memberId));
+            verify(commentRepository, never()).save(any());
+        }
     }
 
-    @Test
-    @DisplayName("댓글 내용 수정 성공")
-    void updateContent_success() {
-        // given
-        Long commentId = 101L;
-        String newContent = "Updated Comment";
-        GenericDataDto<String> contentDto = new GenericDataDto<>(newContent);
-        Comment comment = createDummyComment(commentId, "Original", "User", createDummyPost(1L));
-
-        when(commentRepository.findById(commentId)).thenReturn(Optional.of(comment));
-
-        // when
-        commentService.updateContent(commentId, contentDto);
-
-        // then
-        assertEquals(newContent, comment.getContent()); // Verify side-effect
-        verify(commentRepository, times(2)).findById(commentId); // updateContent + findOne
+    @Nested
+    @DisplayName("findCommentById()")
+    class FindCommentByIdTests {
+
+        @Test
+        @DisplayName("댓글이 존재하면 CommentResponseDto 로 반환한다")
+        void find_success() {
+            // given
+            Long commentId = 1L;
+
+            Post post = mock(Post.class);
+            when(post.getId()).thenReturn(100L);
+
+            Member member = mock(Member.class);
+            when(member.getNickname()).thenReturn("tester");
+
+            Comment comment = mock(Comment.class);
+            when(comment.getId()).thenReturn(commentId);
+            when(comment.getPost()).thenReturn(post);
+            when(comment.getMember()).thenReturn(member);
+            when(comment.getContent()).thenReturn("hello");
+            when(comment.getCommentLikes()).thenReturn(
+                    List.of(mock(CommentLikes.class), mock(CommentLikes.class))
+            );
+            LocalDateTime now = LocalDateTime.now();
+            when(comment.getCreatedAt()).thenReturn(now);
+            when(comment.getUpdatedAt()).thenReturn(now);
+
+            when(commentRepository.findById(commentId))
+                    .thenReturn(Optional.of(comment));
+
+            // when
+            CommentResponseDto dto = commentService.findCommentById(commentId);
+
+            // then
+            assertEquals(commentId, dto.id());
+            assertEquals(100L, dto.postId());
+            assertEquals("hello", dto.content());
+            assertEquals("tester", dto.userName());
+            assertEquals(2L, dto.likeCount());
+        }
+
+        @Test
+        @DisplayName("댓글이 없으면 NotFoundException 발생")
+        void find_not_found() {
+            // given
+            Long commentId = 1L;
+            when(commentRepository.findById(commentId))
+                    .thenReturn(Optional.empty());
+
+            // when & then
+            assertThrows(NotFoundException.class,
+                    () -> commentService.findCommentById(commentId));
+        }
     }
 
-    @Test
-    @DisplayName("댓글 내용 수정 시 내용이 null이면 InvalidRequestException 발생")
-    void updateContent_throwsInvalidRequestException_whenContentIsNull() {
-        // given
-        Long commentId = 101L;
-        GenericDataDto<String> contentDto = new GenericDataDto<>(null);
-
-        // when & then
-        assertThrows(InvalidRequestException.class, () -> commentService.updateContent(commentId, contentDto));
+    @Nested
+    @DisplayName("delete()")
+    class DeleteTests {
+
+        @Test
+        @DisplayName("작성자이면 댓글을 삭제할 수 있다")
+        void delete_success() {
+            // given
+            Long commentId = 1L;
+            Long memberId = 1L;
+
+            Comment comment = mock(Comment.class);
+            when(comment.checkOwnership(memberId)).thenReturn(true);
+
+            when(commentRepository.findById(commentId))
+                    .thenReturn(Optional.of(comment));
+
+            // when
+            commentService.delete(commentId, memberId);
+
+            // then
+            verify(commentRepository, times(1)).delete(comment);
+        }
+
+        @Test
+        @DisplayName("작성자가 아니면 ForbiddenException 발생")
+        void delete_forbidden() {
+            // given
+            Long commentId = 1L;
+            Long memberId = 1L;
+
+            Comment comment = mock(Comment.class);
+            when(comment.checkOwnership(memberId)).thenReturn(false);
+
+            when(commentRepository.findById(commentId))
+                    .thenReturn(Optional.of(comment));
+
+            // when & then
+            assertThrows(ForbiddenException.class,
+                    () -> commentService.delete(commentId, memberId));
+            verify(commentRepository, never()).delete(any());
+        }
+
+        @Test
+        @DisplayName("댓글이 없으면 NotFoundException 발생")
+        void delete_not_found() {
+            // given
+            Long commentId = 1L;
+            Long memberId = 1L;
+
+            when(commentRepository.findById(commentId))
+                    .thenReturn(Optional.empty());
+
+            // when & then
+            assertThrows(NotFoundException.class,
+                    () -> commentService.delete(commentId, memberId));
+        }
     }
 
-    @Test
-    @DisplayName("댓글 좋아요 성공")
-    void like_success() {
-        // given
-        Long commentId = 101L;
-        Comment comment = createDummyComment(commentId, "Content", "User", createDummyPost(1L));
-        when(commentRepository.findById(commentId)).thenReturn(Optional.of(comment));
-
-        // when
-        commentService.like(commentId);
-
-        // then
-        verify(commentRepository, times(1)).incrementLikeById(commentId);
-    }
-
-    @Test
-    @DisplayName("댓글 페이지네이션 조회 - 첫 페이지")
-    void findAsPaginated_initialPage() {
-        // given
-        Long postId = 1L;
-        Post post = createDummyPost(postId);
-        List<Comment> comments = List.of(
-                createDummyComment(10L, "Comment 10", "User", post),
-                createDummyComment(9L, "Comment 9", "User", post)
-        );
-        when(commentRepository.findTop15ByCreatedAtBeforeAndPostIdOrderByCreatedAtDescPostIdDesc(any(LocalDateTime.class), eq(postId))).thenReturn(comments);
-
-        // when
-        PaginatedDto<List<CommentResponseDto>> result = commentService.findAsPaginated(new GenericDataDto<>(null), postId);
-
-        // then
-        assertEquals(2, result.data().size());
-        assertEquals(9L, result.nextQueryCriteria());
+    @Nested
+    @DisplayName("updateContent()")
+    class UpdateContentTests {
+
+        @Test
+        @DisplayName("유효한 내용 + 작성자이면 댓글 내용을 수정한다")
+        void update_success() {
+            // given
+            Long commentId = 1L;
+            Long memberId = 1L;
+            String newContent = "updated";
+
+            Post post = mock(Post.class);
+            when(post.getId()).thenReturn(100L);
+            Member member = mock(Member.class);
+            when(member.getNickname()).thenReturn("tester");
+
+            Comment comment = mock(Comment.class);
+            when(comment.checkOwnership(memberId)).thenReturn(true);
+            when(comment.getId()).thenReturn(commentId);
+            when(comment.getPost()).thenReturn(post);
+            when(comment.getMember()).thenReturn(member);
+            when(comment.getContent()).thenReturn(newContent);
+            when(comment.getCommentLikes()).thenReturn(List.of());
+            LocalDateTime now = LocalDateTime.now();
+            when(comment.getCreatedAt()).thenReturn(now);
+            when(comment.getUpdatedAt()).thenReturn(now);
+
+            when(commentRepository.findById(commentId))
+                    .thenReturn(Optional.of(comment));
+
+            GenericDataDto<String> dto = new GenericDataDto<>(newContent);
+
+            // when
+            CommentResponseDto response =
+                    commentService.updateContent(commentId, dto, memberId);
+
+            // then
+            assertEquals(newContent, response.content());
+            assertEquals("tester", response.userName());
+            verify(comment, times(1)).setContent(newContent);
+            verify(commentRepository, atLeastOnce()).findById(commentId);
+        }
+
+        @Test
+        @DisplayName("내용이 null 또는 빈 문자열이면 InvalidRequestException 발생")
+        void update_invalid_content() {
+            Long commentId = 1L;
+            Long memberId = 1L;
+
+            GenericDataDto<String> emptyDto = new GenericDataDto<>("");
+
+            assertThrows(InvalidRequestException.class,
+                    () -> commentService.updateContent(commentId, emptyDto, memberId));
+        }
+
+        @Test
+        @DisplayName("작성자가 아니면 ForbiddenException 발생")
+        void update_forbidden() {
+            // given
+            Long commentId = 1L;
+            Long memberId = 1L;
+            GenericDataDto<String> dto = new GenericDataDto<>("new");
+
+            Comment comment = mock(Comment.class);
+            when(comment.checkOwnership(memberId)).thenReturn(false);
+
+            when(commentRepository.findById(commentId))
+                    .thenReturn(Optional.of(comment));
+
+            // when & then
+            assertThrows(ForbiddenException.class,
+                    () -> commentService.updateContent(commentId, dto, memberId));
+            verify(comment, never()).setContent(anyString());
+        }
+
+        @Test
+        @DisplayName("댓글이 없으면 NotFoundException 발생")
+        void update_not_found() {
+            // given
+            Long commentId = 1L;
+            Long memberId = 1L;
+            GenericDataDto<String> dto = new GenericDataDto<>("new");
+
+            when(commentRepository.findById(commentId))
+                    .thenReturn(Optional.empty());
+
+            // when & then
+            assertThrows(NotFoundException.class,
+                    () -> commentService.updateContent(commentId, dto, memberId));
+        }
     }
 
-    @Test
-    @DisplayName("댓글 페이지네이션 조회 - 결과 없음")
-    void findAsPaginated_noResults() {
-        // given
-        Long postId = 1L;
-        when(commentRepository.findTop15ByIdBeforeAndPostIdOrderByIdDesc(anyLong(), eq(postId))).thenReturn(Collections.emptyList());
-
-        // when
-        PaginatedDto<List<CommentResponseDto>> result = commentService.findAsPaginated(new GenericDataDto<>(100L), postId);
 
-        // then
-        assertTrue(result.data().isEmpty());
-        assertNull(result.nextQueryCriteria());
-    }
-
-    private Post createDummyPost(Long id) {
-        Post post = Post.create("Post content", "postUser");
-        post.setId(id);
-        return post;
-    }
 
-    private Comment createDummyComment(Long id, String content, String userName, Post post) {
-        Comment comment = Comment.create(content, post, userName);
-        comment.setId(id);
-        return comment;
+    @Nested
+    @DisplayName("findAsSlice(), findByMemberAsSlice()")
+    class SliceTests {
+
+        @Test
+        @DisplayName("게시글별 댓글 슬라이스 조회는 Repository 에 위임한다")
+        void findAsSlice() {
+            // given
+            Pageable pageable = PageRequest.of(0, 15);
+            Long postId = 100L;
+
+            CommentResponseDto dto = new CommentResponseDto(
+                    1L, postId, "c", 1L, "tester", 0L, null, null
+            );
+            Slice<CommentResponseDto> slice =
+                    new SliceImpl<>(List.of(dto), pageable, false);
+
+            when(commentRepository.findCommentSliceByPostIdWithLikeCount(pageable, postId))
+                    .thenReturn(slice);
+
+            // when
+            Slice<CommentResponseDto> result =
+                    commentService.findAsSlice(pageable, postId);
+
+            // then
+            assertSame(slice, result);
+            verify(commentRepository, times(1))
+                    .findCommentSliceByPostIdWithLikeCount(pageable, postId);
+        }
+
+        @Test
+        @DisplayName("회원별 댓글 슬라이스 조회는 Repository 에 위임한다")
+        void findByMemberAsSlice() {
+            // given
+            Pageable pageable = PageRequest.of(0, 15);
+            Long memberId = 1L;
+
+            CommentResponseDto dto = new CommentResponseDto(
+                    1L, 100L, "c", 1L,"tester", 0L, null, null
+            );
+            Slice<CommentResponseDto> slice =
+                    new SliceImpl<>(List.of(dto), pageable, false);
+
+            when(commentRepository.findCommentSliceByMemberIdWithLikeCount(pageable, memberId))
+                    .thenReturn(slice);
+
+            // when
+            Slice<CommentResponseDto> result =
+                    commentService.findByMemberAsSlice(pageable, memberId);
+
+            // then
+            assertSame(slice, result);
+            verify(commentRepository, times(1))
+                    .findCommentSliceByMemberIdWithLikeCount(pageable, memberId);
+        }
     }
-}
\ No newline at end of file
+}
diff --git a/src/test/java/com/example/devSns/service/FollowsServiceTests.java b/src/test/java/com/example/devSns/service/FollowsServiceTests.java
new file mode 100644
index 0000000..0dab06d
--- /dev/null
+++ b/src/test/java/com/example/devSns/service/FollowsServiceTests.java
@@ -0,0 +1,364 @@
+package com.example.devSns.service;
+
+import com.example.devSns.domain.Follows;
+import com.example.devSns.domain.Member;
+import com.example.devSns.dto.follow.FollowRequestDto;
+import com.example.devSns.dto.follow.FollowsResponseDto;
+import com.example.devSns.dto.member.MemberResponseDto;
+import com.example.devSns.exception.InvalidRequestException;
+import com.example.devSns.exception.NotFoundException;
+import com.example.devSns.repository.FollowsRepository;
+import com.example.devSns.repository.MemberRepository;
+import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Nested;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.mockito.ArgumentCaptor;
+import org.mockito.InjectMocks;
+import org.mockito.Mock;
+import org.mockito.junit.jupiter.MockitoExtension;
+import org.springframework.data.domain.PageRequest;
+import org.springframework.data.domain.Pageable;
+import org.springframework.data.domain.Slice;
+import org.springframework.data.domain.SliceImpl;
+
+import java.util.List;
+import java.util.Optional;
+
+import static org.junit.jupiter.api.Assertions.*;
+import static org.mockito.Mockito.*;
+
+@ExtendWith(MockitoExtension.class)
+class FollowsServiceTests {
+
+    @Mock
+    FollowsRepository followsRepository;
+
+    @Mock
+    MemberRepository memberRepository;
+
+    @InjectMocks
+    FollowsService followsService;
+
+    @Nested
+    @DisplayName("findFollows()")
+    class FindFollowsTests {
+        @Test
+        @DisplayName("팔로우 관계가 존재하면 FollowsResponseDto를 반환한다")
+        void find_follows() {
+            // given
+            Long followerId = 1L;
+            Long followingId = 2L;
+
+            Member follower = mock(Member.class);
+            when(follower.getId()).thenReturn(followerId);
+            when(follower.getNickname()).thenReturn("follower");
+
+            Member following = mock(Member.class);
+            when(following.getId()).thenReturn(followingId);
+            when(following.getNickname()).thenReturn("following");
+
+            when(followsRepository.findByFollowerIdAndFollowingId(followerId, followingId))
+                    .thenReturn(Optional.of(new Follows(
+                            follower, following
+                    )));
+            // when
+            FollowsResponseDto follows = followsService.findFollows(new FollowRequestDto(followerId, followingId));
+
+            // then
+            assertNotNull(follows);
+            assertEquals(followerId, follows.follower().id());
+            assertEquals(followingId, follows.following().id());
+            assertEquals("follower", follows.follower().nickname());
+            assertEquals("following", follows.following().nickname());
+            verify(followsRepository, times(1)).findByFollowerIdAndFollowingId(followerId, followingId);
+        }
+
+        @Test
+        @DisplayName("팔로우 관계가 없으면 NotFoundException을 반환한다.")
+        void find_follows_not_found() {
+            // given
+            Long followerId = 1L;
+            Long followingId = 2L;
+
+            when(followsRepository.findByFollowerIdAndFollowingId(followerId, followingId))
+                    .thenReturn(Optional.empty());
+
+            // when & then
+            assertThrows(NotFoundException.class,
+                    ()->followsService.findFollows(new FollowRequestDto(followerId, followingId)));
+
+        }
+    }
+
+    @Nested
+    @DisplayName("follow()")
+    class FollowTests {
+
+        @Test
+        @DisplayName("팔로워와 팔로잉 회원이 모두 존재하고 관계가 없으면 Follows를 생성하고 ID를 반환한다")
+        void follow_success() {
+            // given
+            Long followerId = 1L;
+            Long followingId = 2L;
+            FollowRequestDto dto = new FollowRequestDto(followerId, followingId);
+
+            Member follower = mock(Member.class);
+            Member following = mock(Member.class);
+
+            when(memberRepository.findById(followerId))
+                    .thenReturn(Optional.of(follower));
+            when(memberRepository.findById(followingId))
+                    .thenReturn(Optional.of(following));
+
+            // 관계 없음
+            when(followsRepository.findByFollowerAndFollowing(follower, following))
+                    .thenReturn(Optional.empty());
+
+            Follows saved = mock(Follows.class);
+            when(saved.getId()).thenReturn(100L);
+            when(followsRepository.save(any(Follows.class))).thenReturn(saved);
+
+            // when
+            Long id = followsService.follow(dto);
+
+            // then
+            assertEquals(100L, id);
+
+            ArgumentCaptor<Follows> captor = ArgumentCaptor.forClass(Follows.class);
+            verify(followsRepository, times(1)).save(captor.capture());
+
+            Follows follows = captor.getValue();
+            assertNotNull(follows);
+        }
+
+        @Test
+        @DisplayName("팔로워가 존재하지 않으면 NotFoundException 발생")
+        void follow_follower_not_found() {
+            // given
+            Long followerId = 1L;
+            Long followingId = 2L;
+            FollowRequestDto dto = new FollowRequestDto(followerId, followingId);
+
+            when(memberRepository.findById(followerId))
+                    .thenReturn(Optional.empty());
+
+            // when & then
+            assertThrows(NotFoundException.class,
+                    () -> followsService.follow(dto));
+
+            verify(followsRepository, never()).save(any());
+        }
+
+        @Test
+        @DisplayName("팔로잉 대상이 존재하지 않으면 NotFoundException 발생")
+        void follow_following_not_found() {
+            // given
+            Long followerId = 1L;
+            Long followingId = 2L;
+            FollowRequestDto dto = new FollowRequestDto(followerId, followingId);
+
+            Member follower = mock(Member.class);
+            when(memberRepository.findById(followerId))
+                    .thenReturn(Optional.of(follower));
+            when(memberRepository.findById(followingId))
+                    .thenReturn(Optional.empty());
+
+            // when & then
+            assertThrows(NotFoundException.class,
+                    () -> followsService.follow(dto));
+
+            verify(followsRepository, never()).save(any());
+        }
+
+        @Test
+        @DisplayName("팔로잉 대상이 팔로워와 같으면 InvalidRequestException 발생")
+        void follow_following_id_same() {
+            // given
+            Long followerId = 1L;
+            Long followingId = 1L;
+            FollowRequestDto dto = new FollowRequestDto(followerId, followingId);
+
+            // when & then
+            assertThrows(InvalidRequestException.class,
+                    () -> followsService.follow(dto));
+
+            verify(followsRepository, never()).save(any());
+        }
+
+        @Test
+        @DisplayName("이미 팔로우 관계가 존재하면 InvalidRequestException 발생")
+        void follow_already_exists() {
+            // given
+            Long followerId = 1L;
+            Long followingId = 2L;
+            FollowRequestDto dto = new FollowRequestDto(followerId, followingId);
+
+            Member follower = mock(Member.class);
+            Member following = mock(Member.class);
+            Follows existing = mock(Follows.class);
+
+            when(memberRepository.findById(followerId))
+                    .thenReturn(Optional.of(follower));
+            when(memberRepository.findById(followingId))
+                    .thenReturn(Optional.of(following));
+            when(followsRepository.findByFollowerAndFollowing(follower, following))
+                    .thenReturn(Optional.of(existing));
+
+            // when & then
+            assertThrows(InvalidRequestException.class,
+                    () -> followsService.follow(dto));
+
+            verify(followsRepository, never()).save(any());
+        }
+    }
+
+    @Nested
+    @DisplayName("unfollow()")
+    class UnfollowTests {
+
+        @Test
+        @DisplayName("팔로워와 팔로잉 회원 및 관계가 존재하면 언팔로우에 성공하고 Follows를 삭제한다")
+        void unfollow_success() {
+            // given
+            Long followerId = 1L;
+            Long followingId = 2L;
+            FollowRequestDto dto = new FollowRequestDto(followerId, followingId);
+
+            Member follower = mock(Member.class);
+            Member following = mock(Member.class);
+            Follows follows = mock(Follows.class);
+
+            when(memberRepository.findById(followerId))
+                    .thenReturn(Optional.of(follower));
+            when(memberRepository.findById(followingId))
+                    .thenReturn(Optional.of(following));
+            when(followsRepository.findByFollowerAndFollowing(follower, following))
+                    .thenReturn(Optional.of(follows));
+
+            // when
+            followsService.unfollow(dto);
+
+            // then
+            verify(followsRepository, times(1)).delete(follows);
+        }
+
+        @Test
+        @DisplayName("팔로워가 존재하지 않으면 NotFoundException 발생")
+        void unfollow_follower_not_found() {
+            // given
+            Long followerId = 1L;
+            Long followingId = 2L;
+            FollowRequestDto dto = new FollowRequestDto(followerId, followingId);
+
+            when(memberRepository.findById(followerId))
+                    .thenReturn(Optional.empty());
+
+            // when & then
+            assertThrows(NotFoundException.class,
+                    () -> followsService.unfollow(dto));
+
+            verify(followsRepository, never()).delete(any());
+        }
+
+        @Test
+        @DisplayName("팔로잉 대상이 존재하지 않으면 NotFoundException 발생")
+        void unfollow_following_not_found() {
+            // given
+            Long followerId = 1L;
+            Long followingId = 2L;
+            FollowRequestDto dto = new FollowRequestDto(followerId, followingId);
+
+            Member follower = mock(Member.class);
+            when(memberRepository.findById(followerId))
+                    .thenReturn(Optional.of(follower));
+            when(memberRepository.findById(followingId))
+                    .thenReturn(Optional.empty());
+
+            // when & then
+            assertThrows(NotFoundException.class,
+                    () -> followsService.unfollow(dto));
+
+            verify(followsRepository, never()).delete(any());
+        }
+
+        @Test
+        @DisplayName("팔로우 관계가 없으면 NotFoundException 발생")
+        void unfollow_relationship_not_found() {
+            // given
+            Long followerId = 1L;
+            Long followingId = 2L;
+            FollowRequestDto dto = new FollowRequestDto(followerId, followingId);
+
+            Member follower = mock(Member.class);
+            Member following = mock(Member.class);
+
+            when(memberRepository.findById(followerId))
+                    .thenReturn(Optional.of(follower));
+            when(memberRepository.findById(followingId))
+                    .thenReturn(Optional.of(following));
+            when(followsRepository.findByFollowerAndFollowing(follower, following))
+                    .thenReturn(Optional.empty());   // 관계 없음
+
+            // when & then
+            assertThrows(NotFoundException.class,
+                    () -> followsService.unfollow(dto));
+
+            verify(followsRepository, never()).delete(any());
+        }
+    }
+
+    @Nested
+    @DisplayName("findFollowers(), findFollowing()")
+    class FollowRelationTests {
+
+        @Test
+        @DisplayName("findFollowers() 는 MemberRepository.findFollowers() 에 위임한다")
+        void findFollowers() {
+            // given
+            Long memberId = 1L;
+            Pageable pageable = PageRequest.of(0, 15);
+
+            MemberResponseDto dto = new MemberResponseDto(2L, "follower");
+            Slice<MemberResponseDto> slice =
+                    new SliceImpl<>(List.of(dto), pageable, false);
+
+            when(followsRepository.findFollowersOf(memberId, pageable))
+                    .thenReturn(slice);
+
+            // when
+            Slice<MemberResponseDto> result =
+                    followsService.findFollowers(pageable, memberId);
+
+            // then
+            assertSame(slice, result);
+            verify(followsRepository, times(1))
+                    .findFollowersOf(memberId, pageable);
+        }
+
+        @Test
+        @DisplayName("findFollowing() 는 MemberRepository.findFollowings() 에 위임한다")
+        void findFollowing() {
+            // given
+            Long memberId = 1L;
+            Pageable pageable = PageRequest.of(0, 15);
+
+            MemberResponseDto dto = new MemberResponseDto(2L, "following");
+            Slice<MemberResponseDto> slice =
+                    new SliceImpl<>(List.of(dto), pageable, false);
+
+            when(followsRepository.findFollowingsOf(memberId, pageable))
+                    .thenReturn(slice);
+
+            // when
+            Slice<MemberResponseDto> result =
+                    followsService.findFollowing(pageable, memberId);
+
+            // then
+            assertSame(slice, result);
+            verify(followsRepository, times(1))
+                    .findFollowingsOf(memberId, pageable);
+        }
+    }
+
+}
diff --git a/src/test/java/com/example/devSns/service/MemberServiceTests.java b/src/test/java/com/example/devSns/service/MemberServiceTests.java
new file mode 100644
index 0000000..4674b2a
--- /dev/null
+++ b/src/test/java/com/example/devSns/service/MemberServiceTests.java
@@ -0,0 +1,169 @@
+package com.example.devSns.service;
+
+import com.example.devSns.domain.Member;
+import com.example.devSns.dto.member.MemberCreateDto;
+import com.example.devSns.dto.member.MemberResponseDto;
+import com.example.devSns.exception.InvalidRequestException;
+import com.example.devSns.exception.NotFoundException;
+import com.example.devSns.repository.MemberRepository;
+import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Nested;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.mockito.ArgumentCaptor;
+import org.mockito.InjectMocks;
+import org.mockito.Mock;
+import org.mockito.junit.jupiter.MockitoExtension;
+import org.springframework.data.domain.*;
+
+import java.util.List;
+import java.util.Optional;
+
+import static org.junit.jupiter.api.Assertions.*;
+import static org.mockito.ArgumentMatchers.*;
+import static org.mockito.Mockito.*;
+
+@ExtendWith(MockitoExtension.class)
+class MemberServiceTests {
+
+    @Mock
+    MemberRepository memberRepository;
+
+    @InjectMocks
+    MemberService memberService;
+
+    @Nested
+    @DisplayName("create()")
+    class CreateTests {
+
+        @Test
+        @DisplayName("이메일이 중복되지 않으면 비밀번호를 해시하여 회원을 생성하고 ID를 반환한다")
+        void create_success() {
+            // given
+            String nickname = "tester";
+            String email = "test@example.com";
+            String rawPassword = "password123";
+
+            MemberCreateDto dto = new MemberCreateDto(nickname, email, rawPassword);
+
+            when(memberRepository.findByEmail(email))
+                    .thenReturn(Optional.empty());
+
+            Member saved = mock(Member.class);
+            when(saved.getId()).thenReturn(1L);
+            when(memberRepository.save(any(Member.class))).thenReturn(saved);
+
+            // when
+            Long id = memberService.create(dto);
+
+            // then
+            assertEquals(1L, id);
+
+            ArgumentCaptor<Member> captor = ArgumentCaptor.forClass(Member.class);
+            verify(memberRepository, times(1)).save(captor.capture());
+
+            Member memberToSave = captor.getValue();
+            assertEquals(nickname, memberToSave.getNickname());
+            assertEquals(email, memberToSave.getEmail());
+            // 비밀번호는 평문이 아니어야 한다 (정확한 값은 모름)
+            assertNotEquals(rawPassword, memberToSave.getPassword());
+        }
+
+        @Test
+        @DisplayName("이메일이 이미 존재하면 InvalidRequestException 발생")
+        void create_email_duplicate() {
+            // given
+            String email = "dup@example.com";
+            MemberCreateDto dto =
+                    new MemberCreateDto("tester", email, "password123");
+
+            Member existing = mock(Member.class);
+            when(memberRepository.findByEmail(email))
+                    .thenReturn(Optional.of(existing));
+
+            // when & then
+            assertThrows(InvalidRequestException.class,
+                    () -> memberService.create(dto));
+
+            verify(memberRepository, never()).save(any());
+        }
+    }
+
+    @Nested
+    @DisplayName("getOne()")
+    class GetOneTests {
+
+        @Test
+        @DisplayName("회원이 존재하면 MemberResponseDto 를 반환한다")
+        void getOne_success() {
+            // given
+            Long memberId = 1L;
+            Member member = mock(Member.class);
+            when(member.getId()).thenReturn(memberId);
+            when(member.getNickname()).thenReturn("tester");
+
+            when(memberRepository.findById(memberId))
+                    .thenReturn(Optional.of(member));
+
+            // when
+            MemberResponseDto dto = memberService.getOne(memberId);
+
+            // then
+            assertEquals(memberId, dto.id());
+            assertEquals("tester", dto.nickname());
+        }
+
+        @Test
+        @DisplayName("회원이 없으면 NotFoundException 발생")
+        void getOne_not_found() {
+            // given
+            Long memberId = 1L;
+            when(memberRepository.findById(memberId))
+                    .thenReturn(Optional.empty());
+
+            // when & then
+            assertThrows(NotFoundException.class,
+                    () -> memberService.getOne(memberId));
+        }
+    }
+
+    @Nested
+    @DisplayName("findByNickname()")
+    class FindByNicknameTests {
+
+        @Test
+        @DisplayName("닉네임으로 조회 시 Slice<Member> 를 Slice<MemberResponseDto> 로 매핑해서 반환한다")
+        void findByNickname_success() {
+            // given
+            String nickname = "tester";
+            Pageable pageable = PageRequest.of(0, 15);
+
+            Member m1 = mock(Member.class);
+            Member m2 = mock(Member.class);
+
+            when(m1.getId()).thenReturn(1L);
+            when(m1.getNickname()).thenReturn(nickname);
+
+            when(m2.getId()).thenReturn(2L);
+            when(m2.getNickname()).thenReturn(nickname + "2");
+
+            Slice<Member> slice =
+                    new SliceImpl<>(List.of(m1, m2), pageable, false);
+
+            when(memberRepository.findMembersByNickname(nickname, pageable))
+                    .thenReturn(slice);
+
+            // when
+            Slice<MemberResponseDto> result =
+                    memberService.findByNickname(pageable, nickname);
+
+            // then
+            assertEquals(2, result.getNumberOfElements());
+            assertEquals(1L, result.getContent().get(0).id());
+            assertEquals("tester", result.getContent().get(0).nickname());
+            assertEquals(2L, result.getContent().get(1).id());
+            assertEquals("tester2", result.getContent().get(1).nickname());
+        }
+    }
+
+    }
diff --git a/src/test/java/com/example/devSns/service/PostLikesServiceTests.java b/src/test/java/com/example/devSns/service/PostLikesServiceTests.java
new file mode 100644
index 0000000..9b64894
--- /dev/null
+++ b/src/test/java/com/example/devSns/service/PostLikesServiceTests.java
@@ -0,0 +1,250 @@
+package com.example.devSns.service;
+
+import com.example.devSns.domain.Member;
+import com.example.devSns.domain.Post;
+import com.example.devSns.domain.PostLikes;
+import com.example.devSns.dto.likes.LikesRequestDto;
+import com.example.devSns.dto.member.MemberResponseDto;
+import com.example.devSns.exception.InvalidRequestException;
+import com.example.devSns.exception.NotFoundException;
+import com.example.devSns.repository.MemberRepository;
+import com.example.devSns.repository.PostLikesRepository;
+import com.example.devSns.repository.PostRepository;
+import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Nested;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.mockito.ArgumentCaptor;
+import org.mockito.InjectMocks;
+import org.mockito.Mock;
+import org.mockito.junit.jupiter.MockitoExtension;
+import org.springframework.data.domain.*;
+
+import java.util.List;
+import java.util.Optional;
+
+import static org.junit.jupiter.api.Assertions.*;
+import static org.mockito.ArgumentMatchers.*;
+import static org.mockito.Mockito.*;
+
+@ExtendWith(MockitoExtension.class)
+class PostLikesServiceTests {
+
+    @Mock
+    PostLikesRepository postLikesRepository;
+
+    @Mock
+    MemberRepository memberRepository;
+
+    @Mock
+    PostRepository postRepository;
+
+    @InjectMocks
+    PostLikesService postLikesService;
+
+    @Nested
+    @DisplayName("like()")
+    class LikeTests {
+
+        @Test
+        @DisplayName("아직 좋아요를 누르지 않은 경우 like에 성공하고 PostLikes를 저장한다")
+        void like_success() {
+            // given
+            Long postId = 10L;
+            Long memberId = 1L;
+            LikesRequestDto dto = new LikesRequestDto(postId, memberId);
+
+            Member member = mock(Member.class);
+            Post post = mock(Post.class);
+
+            when(memberRepository.findById(memberId))
+                    .thenReturn(Optional.of(member));
+            when(postRepository.findById(postId))
+                    .thenReturn(Optional.of(post));
+
+            // 아직 좋아요 안 눌렀으므로 Optional.empty()
+            when(postLikesRepository.findByMemberAndPost(member, post))
+                    .thenReturn(Optional.empty());
+
+            // when
+            postLikesService.like(dto);
+
+            // then
+            ArgumentCaptor<PostLikes> captor = ArgumentCaptor.forClass(PostLikes.class);
+            verify(postLikesRepository, times(1)).save(captor.capture());
+
+            PostLikes saved = captor.getValue();
+            assertNotNull(saved);
+            assertEquals(member, saved.getMember());
+            // post는 PostLikes에 getter가 없어서 여기까지 확인해도 충분
+
+            // findByMemberAndPost는 최소 한 번 호출
+            verify(postLikesRepository, times(1))
+                    .findByMemberAndPost(member, post);
+        }
+
+        @Test
+        @DisplayName("이미 좋아요를 눌렀다면 InvalidRequestException 이 발생한다")
+        void like_already_liked() {
+            // given
+            Long postId = 10L;
+            Long memberId = 1L;
+            LikesRequestDto dto = new LikesRequestDto(postId, memberId);
+
+            Member member = mock(Member.class);
+            Post post = mock(Post.class);
+            PostLikes existing = mock(PostLikes.class);
+
+            when(memberRepository.findById(memberId))
+                    .thenReturn(Optional.of(member));
+            when(postRepository.findById(postId))
+                    .thenReturn(Optional.of(post));
+            when(postLikesRepository.findByMemberAndPost(member, post))
+                    .thenReturn(Optional.of(existing));
+
+            // when & then
+            assertThrows(InvalidRequestException.class,
+                    () -> postLikesService.like(dto));
+
+            verify(postLikesRepository, never()).save(any());
+        }
+
+        @Test
+        @DisplayName("회원이 없으면 NotFoundException 이 발생한다")
+        void like_member_not_found() {
+            Long postId = 10L;
+            Long memberId = 1L;
+            LikesRequestDto dto = new LikesRequestDto(postId, memberId);
+
+            when(memberRepository.findById(memberId))
+                    .thenReturn(Optional.empty());
+
+            assertThrows(NotFoundException.class,
+                    () -> postLikesService.like(dto));
+        }
+
+        @Test
+        @DisplayName("게시글이 없으면 NotFoundException 이 발생한다")
+        void like_post_not_found() {
+            Long postId = 10L;
+            Long memberId = 1L;
+            LikesRequestDto dto = new LikesRequestDto(postId, memberId);
+
+            Member member = mock(Member.class);
+            when(memberRepository.findById(memberId))
+                    .thenReturn(Optional.of(member));
+            when(postRepository.findById(postId))
+                    .thenReturn(Optional.empty());
+
+            assertThrows(NotFoundException.class,
+                    () -> postLikesService.like(dto));
+        }
+    }
+
+    @Nested
+    @DisplayName("unlike()")
+    class UnlikeTests {
+
+        @Test
+        @DisplayName("좋아요가 되어 있는 경우 unlike에 성공하고 PostLikes를 삭제한다")
+        void unlike_success() {
+            // given
+            Long postId = 10L;
+            Long memberId = 1L;
+            LikesRequestDto dto = new LikesRequestDto(postId, memberId);
+
+            Member member = mock(Member.class);
+            Post post = mock(Post.class);
+            PostLikes existing = mock(PostLikes.class);
+
+            when(memberRepository.findById(memberId))
+                    .thenReturn(Optional.of(member));
+            when(postRepository.findById(postId))
+                    .thenReturn(Optional.of(post));
+            when(postLikesRepository.findByMemberAndPost(member, post))
+                    .thenReturn(Optional.of(existing));
+
+            // when
+            postLikesService.unlike(dto);
+
+            // then
+            verify(postLikesRepository, times(1)).delete(existing);
+        }
+
+        @Test
+        @DisplayName("좋아요가 되어 있지 않으면 NotFoundException 이 발생한다")
+        void unlike_not_liked() {
+            // given
+            Long postId = 10L;
+            Long memberId = 1L;
+            LikesRequestDto dto = new LikesRequestDto(postId, memberId);
+
+            Member member = mock(Member.class);
+            Post post = mock(Post.class);
+
+            when(memberRepository.findById(memberId))
+                    .thenReturn(Optional.of(member));
+            when(postRepository.findById(postId))
+                    .thenReturn(Optional.of(post));
+            when(postLikesRepository.findByMemberAndPost(member, post))
+                    .thenReturn(Optional.empty());
+
+            // when & then
+            assertThrows(NotFoundException.class,
+                    () -> postLikesService.unlike(dto));
+
+            verify(postLikesRepository, never()).delete(any());
+        }
+    }
+
+    @Nested
+    @DisplayName("findWhoLiked()")
+    class FindWhoLikedTests {
+
+        @Test
+        @DisplayName("게시글이 존재하면 해당 게시글을 좋아요한 회원 목록을 슬라이스로 반환한다")
+        void findWhoLiked_success() {
+            // given
+            Long postId = 10L;
+            Pageable pageable = PageRequest.of(0, 15);
+
+            Post post = mock(Post.class);
+            when(postRepository.findById(postId))
+                    .thenReturn(Optional.of(post));
+
+            MemberResponseDto dto = new MemberResponseDto(1L, "tester");
+            Slice<MemberResponseDto> slice =
+                    new SliceImpl<>(List.of(dto), pageable, false);
+
+            when(postLikesRepository.findLikedUsersByPost(post, pageable))
+                    .thenReturn(slice);
+
+            // when
+            Slice<MemberResponseDto> result =
+                    postLikesService.findWhoLiked(pageable, postId);
+
+            // then
+            assertSame(slice, result);
+            verify(postRepository, times(1)).findById(postId);
+            verify(postLikesRepository, times(1))
+                    .findLikedUsersByPost(post, pageable);
+        }
+
+        @Test
+        @DisplayName("게시글이 없으면 NotFoundException 이 발생한다")
+        void findWhoLiked_post_not_found() {
+            // given
+            Long postId = 10L;
+            Pageable pageable = PageRequest.of(0, 15);
+
+            when(postRepository.findById(postId))
+                    .thenReturn(Optional.empty());
+
+            // when & then
+            assertThrows(NotFoundException.class,
+                    () -> postLikesService.findWhoLiked(pageable, postId));
+            verify(postLikesRepository, never())
+                    .findLikedUsersByPost(any(), any());
+        }
+    }
+}
diff --git a/src/test/java/com/example/devSns/service/PostServiceTests.java b/src/test/java/com/example/devSns/service/PostServiceTests.java
index d6fc23b..626e279 100644
--- a/src/test/java/com/example/devSns/service/PostServiceTests.java
+++ b/src/test/java/com/example/devSns/service/PostServiceTests.java
@@ -1,246 +1,324 @@
 package com.example.devSns.service;
 
+import com.example.devSns.domain.Member;
 import com.example.devSns.domain.Post;
 import com.example.devSns.dto.GenericDataDto;
-import com.example.devSns.dto.PaginatedDto;
 import com.example.devSns.dto.post.PostCreateDto;
 import com.example.devSns.dto.post.PostResponseDto;
+import com.example.devSns.exception.ForbiddenException;
 import com.example.devSns.exception.InvalidRequestException;
 import com.example.devSns.exception.NotFoundException;
-import com.example.devSns.repository.CommentRepository;
+import com.example.devSns.repository.MemberRepository;
 import com.example.devSns.repository.PostRepository;
 import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Nested;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.ExtendWith;
 import org.mockito.InjectMocks;
 import org.mockito.Mock;
 import org.mockito.junit.jupiter.MockitoExtension;
+import org.springframework.data.domain.PageRequest;
+import org.springframework.data.domain.Pageable;
+import org.springframework.data.domain.Slice;
+import org.springframework.data.domain.SliceImpl;
 
-import java.time.LocalDateTime;
-import java.util.Collections;
 import java.util.List;
 import java.util.Optional;
 
 import static org.junit.jupiter.api.Assertions.*;
-import static org.mockito.ArgumentMatchers.any;
-import static org.mockito.ArgumentMatchers.anyLong;
+import static org.mockito.ArgumentMatchers.*;
 import static org.mockito.Mockito.*;
 
 @ExtendWith(MockitoExtension.class)
 class PostServiceTests {
 
     @Mock
-    private PostRepository postRepository;
+    PostRepository postRepository;
 
     @Mock
-    private CommentRepository commentRepository;
+    MemberRepository memberRepository;
 
     @InjectMocks
-    private PostService postService;
-
-    @Test
-    @DisplayName("게시글 생성 성공")
-    void create_success() {
-        // given
-        PostCreateDto createDto = new PostCreateDto("Test Content", 1L);
-        Post post = Post.create("Test Content", "testUser");
-        post.setId(1L); // Mocking the ID set after save
-
-        when(postRepository.save(any(Post.class))).thenReturn(post);
-
-        // when
-        Long postId = postService.create(createDto);
-
-        // then
-        assertNotNull(postId);
-        assertEquals(1L, postId);
-        verify(postRepository, times(1)).save(any(Post.class));
-    }
-
-    @Test
-    @DisplayName("ID로 게시글 단건 조회 성공")
-    void findOne_success() {
-        // given
-        Long postId = 1L;
-        Post post = createDummyPost(postId, "Test Content", "testUser");
-
-        when(postRepository.findById(postId)).thenReturn(Optional.of(post));
-        when(commentRepository.countCommentsByPostId(postId)).thenReturn(5L);
-
-        // when
-        PostResponseDto responseDto = postService.findOne(postId);
-
-        // then
-        assertNotNull(responseDto);
-        assertEquals(postId, responseDto.id());
-        assertEquals("Test Content", responseDto.content());
-        assertEquals("testUser", responseDto.userName());
-        assertEquals(5L, responseDto.comments());
-    }
-
-    @Test
-    @DisplayName("존재하지 않는 ID로 게시글 조회 시 NotFoundException 발생")
-    void findOne_throwsNotFoundException() {
-        // given
-        Long postId = 99L;
-        when(postRepository.findById(postId)).thenReturn(Optional.empty());
-
-        // when & then
-        assertThrows(NotFoundException.class, () -> postService.findOne(postId));
-        verify(commentRepository, never()).countCommentsByPostId(anyLong());
-    }
-
-    @Test
-    @DisplayName("게시글 삭제 성공")
-    void delete_success() {
-        // given
-        Long postId = 1L;
-        Post post = createDummyPost(postId, "Content", "User");
-        when(postRepository.findById(postId)).thenReturn(Optional.of(post));
-
-        // when
-        postService.delete(postId);
-
-        // then
-        verify(postRepository, times(1)).findById(postId);
-        verify(postRepository, times(1)).delete(post);
-    }
-
-    @Test
-    @DisplayName("존재하지 않는 게시글 삭제 시 NotFoundException 발생")
-    void delete_throwsNotFoundException() {
-        // given
-        Long postId = 99L;
-        when(postRepository.findById(postId)).thenReturn(Optional.empty());
-
-        // when & then
-        assertThrows(NotFoundException.class, () -> postService.delete(postId));
-        verify(postRepository, never()).delete(any(Post.class));
-    }
-
-
-    @Test
-    @DisplayName("게시글 내용 수정 성공")
-    void updateContent_success() {
-        // given
-        Long postId = 1L;
-        String newContent = "Updated Content";
-        GenericDataDto<String> contentDto = new GenericDataDto<>(newContent);
-        Post post = createDummyPost(postId, "Original Content", "testUser");
-
-        when(postRepository.findById(postId)).thenReturn(Optional.of(post));
-        when(commentRepository.countCommentsByPostId(postId)).thenReturn(0L);
-
-        // when
-        PostResponseDto responseDto = postService.updateContent(postId, contentDto);
-
-        // then
-        assertEquals(newContent, post.getContent()); // Verify side-effect
-        assertEquals(newContent, responseDto.content());
-        verify(postRepository, times(2)).findById(postId); // findById is called in updateContent and findOne
+    PostService postService;
+
+    @Nested
+    @DisplayName("create()")
+    class CreateTests {
+
+        @Test
+        @DisplayName("회원이 존재하면 게시글을 생성하고 ID를 반환한다")
+        void create_success() {
+            // given
+            Long memberId = 1L;
+            PostCreateDto dto = new PostCreateDto("hello world");
+
+            Member member = mock(Member.class);
+            when(memberRepository.findById(memberId))
+                    .thenReturn(Optional.of(member));
+
+            Post savedPost = mock(Post.class);
+            when(savedPost.getId()).thenReturn(10L);
+            when(postRepository.save(any(Post.class))).thenReturn(savedPost);
+
+            // when
+            Long postId = postService.create(dto, memberId);
+
+            // then
+            assertEquals(10L, postId);
+            verify(memberRepository, times(1)).findById(memberId);
+            verify(postRepository, times(1)).save(any(Post.class));
+        }
+
+        @Test
+        @DisplayName("회원이 없으면 NotFoundException 발생")
+        void create_member_not_found() {
+            // given
+            Long memberId = 1L;
+            PostCreateDto dto = new PostCreateDto("hello world");
+
+            when(memberRepository.findById(memberId))
+                    .thenReturn(Optional.empty());
+
+            // when & then
+            assertThrows(NotFoundException.class,
+                    () -> postService.create(dto, memberId));
+            verify(postRepository, never()).save(any());
+        }
     }
 
-    @Test
-    @DisplayName("게시글 내용 수정 시 내용이 비어있으면 InvalidRequestException 발생")
-    void updateContent_throwsInvalidRequestException_whenContentIsEmpty() {
-        // given
-        Long postId = 1L;
-        GenericDataDto<String> contentDto = new GenericDataDto<>("");
-
-        // when & then
-        assertThrows(InvalidRequestException.class, () -> postService.updateContent(postId, contentDto));
+    @Nested
+    @DisplayName("findPostById()")
+    class FindPostByIdTests {
+
+        @Test
+        @DisplayName("게시글이 존재하면 PostResponseDto 로 반환한다")
+        void find_success() {
+            // given
+            Long postId = 1L;
+
+            Member member = mock(Member.class);
+            when(member.getNickname()).thenReturn("tester");
+
+            Post post = new Post("content", member);
+            // id, likes, comments가 null이어도 from()은 null 허용
+
+            when(postRepository.findById(postId))
+                    .thenReturn(Optional.of(post));
+
+            // when
+            PostResponseDto dto = postService.findPostById(postId);
+
+            // then
+            assertEquals("content", dto.content());
+            assertEquals("tester", dto.userName());
+            verify(postRepository, times(1)).findById(postId);
+        }
+
+        @Test
+        @DisplayName("게시글이 없으면 NotFoundException 발생")
+        void find_not_found() {
+            // given
+            Long postId = 1L;
+            when(postRepository.findById(postId))
+                    .thenReturn(Optional.empty());
+
+            // when & then
+            assertThrows(NotFoundException.class,
+                    () -> postService.findPostById(postId));
+        }
     }
 
-    @Test
-    @DisplayName("게시글 좋아요 성공")
-    void like_success() {
-        // given
-        Long postId = 1L;
-        Post post = createDummyPost(postId, "Content", "User");
-        when(postRepository.findById(postId)).thenReturn(Optional.of(post));
-
-        // when
-        postService.like(postId);
-
-        // then
-        verify(postRepository, times(1)).findById(postId);
-        verify(postRepository, times(1)).incrementLikeById(postId);
+    @Nested
+    @DisplayName("delete()")
+    class DeleteTests {
+
+        @Test
+        @DisplayName("작성자이면 게시글을 삭제할 수 있다")
+        void delete_success() {
+            // given
+            Long postId = 1L;
+            Long memberId = 1L;
+
+            Post post = mock(Post.class);
+            when(post.checkOwnership(memberId)).thenReturn(true);
+            when(postRepository.findById(postId))
+                    .thenReturn(Optional.of(post));
+
+            // when
+            postService.delete(postId, memberId);
+
+            // then
+            verify(postRepository, times(1)).delete(post);
+        }
+
+        @Test
+        @DisplayName("작성자가 아니면 ForbiddenException 발생")
+        void delete_forbidden() {
+            // given
+            Long postId = 1L;
+            Long memberId = 1L;
+
+            Post post = mock(Post.class);
+            when(post.checkOwnership(memberId)).thenReturn(false);
+            when(postRepository.findById(postId))
+                    .thenReturn(Optional.of(post));
+
+            // when & then
+            assertThrows(ForbiddenException.class,
+                    () -> postService.delete(postId, memberId));
+            verify(postRepository, never()).delete(any());
+        }
+
+        @Test
+        @DisplayName("게시글이 없으면 NotFoundException 발생")
+        void delete_not_found() {
+            // given
+            Long postId = 1L;
+            Long memberId = 1L;
+
+            when(postRepository.findById(postId))
+                    .thenReturn(Optional.empty());
+
+            // when & then
+            assertThrows(NotFoundException.class,
+                    () -> postService.delete(postId, memberId));
+        }
     }
 
-    @Test
-    @DisplayName("존재하지 않는 게시글에 좋아요 시 NotFoundException 발생")
-    void like_throwsNotFoundException() {
-        // given
-        Long postId = 99L;
-        when(postRepository.findById(postId)).thenReturn(Optional.empty());
-
-        // when & then
-        assertThrows(NotFoundException.class, () -> postService.like(postId));
-        verify(postRepository, never()).incrementLikeById(anyLong());
-    }
-
-    @Test
-    @DisplayName("게시글 페이지네이션 조회 - 첫 페이지")
-    void findAsPaginated_initialPage() {
-        // given
-        List<Post> posts = List.of(
-                createDummyPost(10L, "Content 10", "User"),
-                createDummyPost(9L, "Content 9", "User")
-        );
-        when(postRepository.findTop15ByCreatedAtBeforeOrderByCreatedAtDesc(any(LocalDateTime.class))).thenReturn(posts);
-        when(commentRepository.countCommentsAndGroupByPostIdIn(posts)).thenReturn(
-                List.of(new Long[]{10L, 5L}, new Long[]{9L, 2L})
-        );
-
-        // when
-        PaginatedDto<List<PostResponseDto>> result = postService.findAsPaginated(new GenericDataDto<>(null));
-
-        // then
-        assertEquals(2, result.data().size());
-        assertEquals(9L, result.nextQueryCriteria());
-        assertEquals(5L, result.data().get(0).comments());
-        assertEquals(2L, result.data().get(1).comments());
-    }
-
-    @Test
-    @DisplayName("게시글 페이지네이션 조회 - 다음 페이지")
-    void findAsPaginated_nextPage() {
-        // given
-        Long beforeId = 11L;
-        List<Post> posts = List.of(
-                createDummyPost(10L, "Content 10", "User"),
-                createDummyPost(9L, "Content 9", "User")
-        );
-        when(postRepository.findTop15ByIdBeforeOrderByIdDesc(beforeId)).thenReturn(posts);
-        when(commentRepository.countCommentsAndGroupByPostIdIn(posts)).thenReturn(
-                List.of(new Long[]{10L, 5L}, new Long[]{9L, 2L})
-        );
-
-        // when
-        PaginatedDto<List<PostResponseDto>> result = postService.findAsPaginated(new GenericDataDto<>(beforeId));
-
-        // then
-        assertEquals(2, result.data().size());
-        assertEquals(9L, result.nextQueryCriteria()); // last element id
-    }
-
-    @Test
-    @DisplayName("게시글 페이지네이션 조회 - 결과 없음")
-    void findAsPaginated_noResults() {
-        // given
-        when(postRepository.findTop15ByCreatedAtBeforeOrderByCreatedAtDesc(any(LocalDateTime.class))).thenReturn(Collections.emptyList());
-
-        // when
-        PaginatedDto<List<PostResponseDto>> result = postService.findAsPaginated(new GenericDataDto<>(null));
-
-        // then
-        assertTrue(result.data().isEmpty());
-        assertNull(result.nextQueryCriteria());
+    @Nested
+    @DisplayName("updateContent()")
+    class UpdateContentTests {
+
+        @Test
+        @DisplayName("유효한 내용 + 작성자이면 게시글 내용을 수정한다")
+        void update_success() {
+            // given
+            Long postId = 1L;
+            Long memberId = 1L;
+            String newContent = "updated content";
+
+            Member member = mock(Member.class);
+            when(member.getNickname()).thenReturn("tester");
+
+            Post post = mock(Post.class);
+            when(post.checkOwnership(memberId)).thenReturn(true);
+            when(post.getMember()).thenReturn(member);
+            when(post.getContent()).thenReturn(newContent);
+            // from() 에서 사용되는 나머지는 null/기본값으로 두거나 필요시 스텁
+
+            when(postRepository.findById(postId))
+                    .thenReturn(Optional.of(post));
+
+            GenericDataDto<String> dto = new GenericDataDto<>(newContent);
+
+            // when
+            PostResponseDto response = postService.updateContent(postId, dto, memberId);
+
+            // then
+            assertEquals(newContent, response.content());
+            assertEquals("tester", response.userName());
+            verify(post, times(1)).setContent(newContent);
+            verify(postRepository, atLeastOnce()).findById(postId);
+        }
+
+        @Test
+        @DisplayName("내용이 null 또는 빈 문자열이면 InvalidRequestException 발생")
+        void update_invalid_content() {
+            Long postId = 1L;
+            Long memberId = 1L;
+
+            GenericDataDto<String> emptyDto = new GenericDataDto<>("");
+
+            assertThrows(InvalidRequestException.class,
+                    () -> postService.updateContent(postId, emptyDto, memberId));
+        }
+
+        @Test
+        @DisplayName("작성자가 아니면 ForbiddenException 발생")
+        void update_forbidden() {
+            // given
+            Long postId = 1L;
+            Long memberId = 1L;
+            GenericDataDto<String> dto = new GenericDataDto<>("new");
+
+            Post post = mock(Post.class);
+            when(post.checkOwnership(memberId)).thenReturn(false);
+            when(postRepository.findById(postId))
+                    .thenReturn(Optional.of(post));
+
+            // when & then
+            assertThrows(ForbiddenException.class,
+                    () -> postService.updateContent(postId, dto, memberId));
+            verify(post, never()).setContent(anyString());
+        }
+
+        @Test
+        @DisplayName("게시글이 없으면 NotFoundException 발생")
+        void update_not_found() {
+            // given
+            Long postId = 1L;
+            Long memberId = 1L;
+            GenericDataDto<String> dto = new GenericDataDto<>("new");
+
+            when(postRepository.findById(postId))
+                    .thenReturn(Optional.empty());
+
+            // when & then
+            assertThrows(NotFoundException.class,
+                    () -> postService.updateContent(postId, dto, memberId));
+        }
     }
 
-    private Post createDummyPost(Long id, String content, String userName) {
-        Post post = Post.create(content, userName);
-        post.setId(id);
-        return post;
+    @Nested
+    @DisplayName("findAsSlice(), findByMemberAsSlice()")
+    class SliceTests {
+
+        @Test
+        @DisplayName("전체 게시글 슬라이스 조회는 Repository 에 위임한다")
+        void findAsSlice() {
+            // given
+            Pageable pageable = PageRequest.of(0, 15);
+            PostResponseDto dto = new PostResponseDto(
+                    1L, "content", 1L, "tester", 0L, null, null, 0L
+            );
+            Slice<PostResponseDto> slice =
+                    new SliceImpl<>(List.of(dto), pageable, false);
+
+            when(postRepository.findPostSliceWithLikeCountAndCommentCount(pageable))
+                    .thenReturn(slice);
+
+            // when
+            Slice<PostResponseDto> result = postService.findAsSlice(pageable);
+
+            // then
+            assertSame(slice, result);
+            verify(postRepository, times(1))
+                    .findPostSliceWithLikeCountAndCommentCount(pageable);
+        }
+
+        @Test
+        @DisplayName("사용자별 게시글 슬라이스 조회는 Repository 에 위임한다")
+        void findByMemberAsSlice() {
+            // given
+            Pageable pageable = PageRequest.of(0, 15);
+            Long memberId = 1L;
+
+            PostResponseDto dto = new PostResponseDto(
+                    1L, "content", 1L, "tester", 0L, null, null, 0L
+            );
+            Slice<PostResponseDto> slice =
+                    new SliceImpl<>(List.of(dto), pageable, false);
+
+            when(postRepository.findPostSliceByMemberIdWithLikeCountAndCommentCount(pageable, memberId))
+                    .thenReturn(slice);
+
+            // when
+            Slice<PostResponseDto> result = postService.findByMemberAsSlice(pageable, memberId);
+
+            // then
+            assertSame(slice, result);
+            verify(postRepository, times(1))
+                    .findPostSliceByMemberIdWithLikeCountAndCommentCount(pageable, memberId);
+        }
     }
-}
\ No newline at end of file
+}