Moongeul · rhkr8521 · Mar 29, 2026 · Mar 29, 2026
diff --git a/src/main/java/com/moongeul/backend/api/question/controller/QuestionController.java b/src/main/java/com/moongeul/backend/api/question/controller/QuestionController.java
@@ -56,7 +56,10 @@ public ResponseEntity<ApiResponse<QuestionListResponseDTO>> getQuestionList(
             @RequestParam(defaultValue = "1") Integer page,
             @RequestParam(defaultValue = "10") Integer size) {
 
-        QuestionListResponseDTO questionListResponseDTO = questionService.getQuestionList(page, size, userDetails.getUsername());
+        // 비회원인 경우 "anonymousUser", 회원인 경우 email
+        String username = (userDetails != null) ? userDetails.getUsername() : "anonymousUser";
+
+        QuestionListResponseDTO questionListResponseDTO = questionService.getQuestionList(page, size, username);
         return ApiResponse.success(SuccessStatus.GET_QUESTION_LIST_SUCCESS, questionListResponseDTO);
     }
 

diff --git a/src/main/java/com/moongeul/backend/api/question/service/QuestionService.java b/src/main/java/com/moongeul/backend/api/question/service/QuestionService.java
@@ -214,8 +214,12 @@ private QuestionDTO convertToQuestionDTO(Question question, String email) {
                 .map(Member::getProfileImage)
                 .collect(Collectors.toList());
 
-        // 내가 작성한 질문인지 확인
-        boolean isMyArticle = question.getMember().getEmail().equals(email);
+
+        boolean isMyArticle = false;
+        if(!(email == null || "anonymousUser".equals(email))){
+            // 내가 작성한 질문인지 확인
+            isMyArticle = question.getMember().getEmail().equals(email);
+        }
 
         return QuestionDTO.builder()
                 .questionId(question.getId())

diff --git a/src/main/java/com/moongeul/backend/common/config/security/SecurityConfig.java b/src/main/java/com/moongeul/backend/common/config/security/SecurityConfig.java
@@ -38,7 +38,7 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
                         .requestMatchers("/api/v2/member/google/login", "/api/v2/member/kakao/login", "/api/v2/member/reissue-token").permitAll()
                         .requestMatchers("/api/v2/reading-taste", "/api/v2/reading-taste/total-count").permitAll()
                         .requestMatchers("/api/v2/book/bestseller").permitAll()
-                        .requestMatchers(HttpMethod.GET, "/api/v2/post/**").permitAll()
+                        .requestMatchers(HttpMethod.GET, "/api/v2/post/**", "/api/v2/story/**", "/api/v2/question/list").permitAll()
                         .requestMatchers(HttpMethod.GET, "/api/v2/bookshelf/done-read", "/api/v2/bookshelf/done-read/**").permitAll()
                         .requestMatchers(HttpMethod.GET, "/api/v2/member/user-info", "/api/v2/member/post-stats", "/api/v2/member/post-stats/**", "/api/v2/member/liked-posts", "/api/v2/member/question-list").permitAll()
                         .anyRequest().authenticated()