[hotfix] SDK 소셜로그인 변경 (moduwa-aac#62)

Author: munwalk

docker-compose.yml

@@ -78,6 +78,9 @@ services:
       dockerfile: Dockerfile
     container_name: moduwa_backend
     restart: always
+    dns:
+      - 8.8.8.8
+      - 8.8.4.4
     env_file:
       - .env
     environment:
@@ -88,6 +91,7 @@ services:
       FASTAPI_URL: http://fastapi:8000
       NODE_ENV: ${NODE_ENV:-development}
       PORT: ${PORT:-3000}
+      APP_DEEP_LINK: ${APP_DEEP_LINK:-myapp}
     ports:
       - "3000:3000"
     volumes:

src/auth/controllers/guest.controller.js

@@ -2,12 +2,10 @@ import asyncHandler from '../../common/utils/asyncHandler.js';
 import * as authService from '../services/auth.service.js';
 import { verifyToken } from '../services/jwt.service.js';
 import { getRefreshToken, deleteRefreshToken, addToBlacklist } from '../services/token.service.js';
-import { AuthResponseDto, TokenRefreshResponseDto } from '../dto/response/auth.response.js';
 import { UserDetailResponseDto, ConvertAccountResponseDto } from '../dto/response/user.response.js';
 import * as createGuestDto from '../dto/request/createGuest.dto.js';
 import * as convertToSocialDto from '../dto/request/convertToSocial.dto.js';
-import * as refreshTokenDto from '../dto/request/refreshToken.dto.js';
-import { setRefreshTokenCookie, clearRefreshTokenCookie } from '../../utils/cookie.helper.js';
+import { clearRefreshTokenCookie } from '../../utils/cookie.helper.js';
 import { InvalidRefreshTokenError } from '../../errors/app.error.js';
 
 /**
@@ -18,10 +16,6 @@ export const createGuest = asyncHandler(async (req, res) => {
   const validatedData = createGuestDto.validate(req.body);
   const result = await authService.createGuestAccount(validatedData.deviceId);
 
-  // refreshToken은 httpOnly 쿠키로 설정
-  setRefreshTokenCookie(res, result.tokens.refreshToken);
-
-  // 응답에는 accessToken만 포함
   const responseDto = {
     user: {
       id: result.user.id,
@@ -30,6 +24,7 @@ export const createGuest = asyncHandler(async (req, res) => {
     },
     tokens: {
       accessToken: result.tokens.accessToken,
+      refreshToken: result.tokens.refreshToken,
       tokenType: 'Bearer',
       expiresIn: result.tokens.expiresIn
     }
@@ -63,28 +58,27 @@ export const convertToSocial = asyncHandler(async (req, res) => {
  * POST /api/auth/refresh
  */
 export const refreshToken = asyncHandler(async (req, res) => {
-  // 쿠키에서 refreshToken 읽기
-  const refreshTokenFromCookie = req.cookies.refreshToken;
+  // body 또는 쿠키에서 refreshToken 읽기 (SDK 방식은 body, 웹은 쿠키)
+  const tokenFromBody = req.body?.refreshToken;
+  const tokenFromCookie = req.cookies?.refreshToken;
+  const incomingRefreshToken = tokenFromBody || tokenFromCookie;
 
-  if (!refreshTokenFromCookie) {
+  if (!incomingRefreshToken) {
     throw new InvalidRefreshTokenError('Refresh token not found');
   }
 
-  const decoded = verifyToken(refreshTokenFromCookie);
+  const decoded = verifyToken(incomingRefreshToken);
   const storedToken = await getRefreshToken(decoded.userId);
 
-  if (!storedToken || storedToken !== refreshTokenFromCookie) {
+  if (!storedToken || storedToken !== incomingRefreshToken) {
     throw new InvalidRefreshTokenError();
   }
 
   const tokens = await authService.generateTokens(decoded.userId, decoded.accountType);
 
-  // 새로운 refreshToken을 쿠키로 설정
-  setRefreshTokenCookie(res, tokens.refreshToken);
-
-  // accessToken만 응답
   const responseDto = {
     accessToken: tokens.accessToken,
+    refreshToken: tokens.refreshToken,
     tokenType: 'Bearer',
     expiresIn: tokens.expiresIn
   };

src/auth/controllers/sdk.controller.js

@@ -0,0 +1,160 @@
+import axios from 'axios';
+import asyncHandler from '../../common/utils/asyncHandler.js';
+import * as authService from '../services/auth.service.js';
+import { savePendingSignup } from '../services/token.service.js';
+import { ValidationError } from '../../errors/app.error.js';
+
+/**
+ * 카카오 SDK 로그인
+ * POST /api/auth/kakao/sdk
+ * Body: { kakaoAccessToken }
+ */
+export const kakaoSdkLogin = asyncHandler(async (req, res) => {
+  const { kakaoAccessToken } = req.body;
+
+  if (!kakaoAccessToken) {
+    throw new ValidationError('kakaoAccessToken이 필요합니다');
+  }
+
+  // 카카오 API로 사용자 정보 조회
+  let kakaoUser;
+  try {
+    const response = await axios.get('https://kapi.kakao.com/v2/user/me', {
+      headers: { Authorization: `Bearer ${kakaoAccessToken}` }
+    });
+    kakaoUser = response.data;
+  } catch (err) {
+    throw new ValidationError('유효하지 않은 카카오 토큰입니다');
+  }
+
+  const profile = {
+    id: String(kakaoUser.id),
+    email: kakaoUser.kakao_account?.email || null,
+    nickname: kakaoUser.kakao_account?.profile?.nickname || null
+  };
+
+  const existingUser = await authService.checkExistingUser('KAKAO', profile.id);
+
+  if (existingUser) {
+    const result = await authService.loginExistingUser(existingUser);
+    return res.success({
+      user: {
+        id: result.user.id,
+        nickname: result.user.nickname,
+        accountType: result.user.accountType
+      },
+      tokens: {
+        accessToken: result.tokens.accessToken,
+        refreshToken: result.tokens.refreshToken,
+        tokenType: 'Bearer',
+        expiresIn: result.tokens.expiresIn
+      }
+    }, '카카오 로그인 성공');
+  }
+
+  // 신규 가입자 → pendingToken 발급
+  const pendingToken = await savePendingSignup('KAKAO', profile);
+  return res.status(200).success({ pendingToken, provider: 'KAKAO' }, '약관 동의가 필요합니다');
+});
+
+/**
+ * 구글 SDK 로그인
+ * POST /api/auth/google/sdk
+ * Body: { idToken }
+ */
+export const googleSdkLogin = asyncHandler(async (req, res) => {
+  const { idToken } = req.body;
+
+  if (!idToken) {
+    throw new ValidationError('idToken이 필요합니다');
+  }
+
+  // 구글 tokeninfo API로 검증
+  let googleUser;
+  try {
+    const response = await axios.get(`https://oauth2.googleapis.com/tokeninfo?id_token=${idToken}`);
+    googleUser = response.data;
+  } catch (err) {
+    throw new ValidationError('유효하지 않은 구글 토큰입니다');
+  }
+
+  const profile = {
+    id: googleUser.sub,
+    email: googleUser.email || null,
+    nickname: googleUser.name || null
+  };
+
+  const existingUser = await authService.checkExistingUser('GOOGLE', profile.id);
+
+  if (existingUser) {
+    const result = await authService.loginExistingUser(existingUser);
+    return res.success({
+      user: {
+        id: result.user.id,
+        nickname: result.user.nickname,
+        accountType: result.user.accountType
+      },
+      tokens: {
+        accessToken: result.tokens.accessToken,
+        refreshToken: result.tokens.refreshToken,
+        tokenType: 'Bearer',
+        expiresIn: result.tokens.expiresIn
+      }
+    }, '구글 로그인 성공');
+  }
+
+  const pendingToken = await savePendingSignup('GOOGLE', profile);
+  return res.status(200).success({ pendingToken, provider: 'GOOGLE' }, '약관 동의가 필요합니다');
+});
+
+/**
+ * 네이버 SDK 로그인
+ * POST /api/auth/naver/sdk
+ * Body: { naverAccessToken }
+ */
+export const naverSdkLogin = asyncHandler(async (req, res) => {
+  const { naverAccessToken } = req.body;
+
+  if (!naverAccessToken) {
+    throw new ValidationError('naverAccessToken이 필요합니다');
+  }
+
+  // 네이버 API로 사용자 정보 조회
+  let naverUser;
+  try {
+    const response = await axios.get('https://openapi.naver.com/v1/nid/me', {
+      headers: { Authorization: `Bearer ${naverAccessToken}` }
+    });
+    naverUser = response.data.response;
+  } catch (err) {
+    throw new ValidationError('유효하지 않은 네이버 토큰입니다');
+  }
+
+  const profile = {
+    id: String(naverUser.id),
+    email: naverUser.email || null,
+    nickname: naverUser.nickname || naverUser.name || null
+  };
+
+  const existingUser = await authService.checkExistingUser('NAVER', profile.id);
+
+  if (existingUser) {
+    const result = await authService.loginExistingUser(existingUser);
+    return res.success({
+      user: {
+        id: result.user.id,
+        nickname: result.user.nickname,
+        accountType: result.user.accountType
+      },
+      tokens: {
+        accessToken: result.tokens.accessToken,
+        refreshToken: result.tokens.refreshToken,
+        tokenType: 'Bearer',
+        expiresIn: result.tokens.expiresIn
+      }
+    }, '네이버 로그인 성공');
+  }
+
+  const pendingToken = await savePendingSignup('NAVER', profile);
+  return res.status(200).success({ pendingToken, provider: 'NAVER' }, '약관 동의가 필요합니다');
+});

src/auth/controllers/social.controller.js

@@ -11,10 +11,11 @@ import { setRefreshTokenCookie } from '../../utils/cookie.helper.js';
  */
 export const kakaoCallback = asyncHandler(async (req, res) => {
   passport.authenticate('kakao', { session: false }, async (err, profile) => {
+    const appDeepLink = process.env.APP_DEEP_LINK;
     try {
       if (err || !profile) {
         console.error('Kakao auth error:', err);
-        return res.redirect(`${process.env.CORS_ORIGIN}/login?error=kakao_auth_failed`);
+        return res.redirect(`${appDeepLink}://login?error=kakao_auth_failed`);
       }
 
       // 기존 회원인지 확인
@@ -28,8 +29,8 @@ export const kakaoCallback = asyncHandler(async (req, res) => {
         // refreshToken은 httpOnly 쿠키로 설정
         setRefreshTokenCookie(res, responseDto.tokens.refreshToken);
 
-        // accessToken과 userId만 URL로 전달
-        const redirectUrl = `${process.env.CORS_ORIGIN}/auth/callback?` +
+        // 앱 딥링크로 accessToken과 userId 전달
+        const redirectUrl = `${appDeepLink}://auth/callback?` +
           `accessToken=${responseDto.tokens.accessToken}&` +
           `userId=${responseDto.user.id}`;
 
@@ -39,15 +40,15 @@ export const kakaoCallback = asyncHandler(async (req, res) => {
         // 임시 토큰 생성 (5분 유효)
         const pendingToken = await savePendingSignup('KAKAO', profile);
 
-        const redirectUrl = `${process.env.CORS_ORIGIN}/terms?` +
+        const redirectUrl = `${appDeepLink}://terms?` +
           `pendingToken=${pendingToken}&` +
           `provider=KAKAO`;
 
         return res.redirect(redirectUrl);
       }
     } catch (error) {
       console.error('Kakao login error:', error);
-      return res.redirect(`${process.env.CORS_ORIGIN}/login?error=login_failed`);
+      return res.redirect(`${appDeepLink}://login?error=login_failed`);
     }
   })(req, res);
 });
@@ -57,10 +58,11 @@ export const kakaoCallback = asyncHandler(async (req, res) => {
  */
 export const googleCallback = asyncHandler(async (req, res) => {
   passport.authenticate('google', { session: false }, async (err, profile) => {
+    const appDeepLink = process.env.APP_DEEP_LINK;
     try {
       if (err || !profile) {
         console.error('Google auth error:', err);
-        return res.redirect(`${process.env.CORS_ORIGIN}/login?error=google_auth_failed`);
+        return res.redirect(`${appDeepLink}://login?error=google_auth_failed`);
       }
 
       const existingUser = await authService.checkExistingUser('GOOGLE', profile.id);
@@ -69,27 +71,25 @@ export const googleCallback = asyncHandler(async (req, res) => {
         const result = await authService.loginExistingUser(existingUser);
         const responseDto = new AuthResponseDto(result.user, result.tokens);
 
-        // refreshToken은 httpOnly 쿠키로 설정
         setRefreshTokenCookie(res, responseDto.tokens.refreshToken);
 
-        // accessToken과 userId만 URL로 전달
-        const redirectUrl = `${process.env.CORS_ORIGIN}/auth/callback?` +
+        const redirectUrl = `${appDeepLink}://auth/callback?` +
           `accessToken=${responseDto.tokens.accessToken}&` +
           `userId=${responseDto.user.id}`;
 
         return res.redirect(redirectUrl);
       } else {
         const pendingToken = await savePendingSignup('GOOGLE', profile);
 
-        const redirectUrl = `${process.env.CORS_ORIGIN}/terms?` +
+        const redirectUrl = `${appDeepLink}://terms?` +
           `pendingToken=${pendingToken}&` +
           `provider=GOOGLE`;
 
         return res.redirect(redirectUrl);
       }
     } catch (error) {
       console.error('Google login error:', error);
-      return res.redirect(`${process.env.CORS_ORIGIN}/login?error=login_failed`);
+      return res.redirect(`${appDeepLink}://login?error=login_failed`);
     }
   })(req, res);
 });
@@ -99,10 +99,11 @@ export const googleCallback = asyncHandler(async (req, res) => {
  */
 export const naverCallback = asyncHandler(async (req, res) => {
   passport.authenticate('naver', { session: false }, async (err, profile) => {
+    const appDeepLink = process.env.APP_DEEP_LINK;
     try {
       if (err || !profile) {
         console.error('Naver auth error:', err);
-        return res.redirect(`${process.env.CORS_ORIGIN}/login?error=naver_auth_failed`);
+        return res.redirect(`${appDeepLink}://login?error=naver_auth_failed`);
       }
 
       const existingUser = await authService.checkExistingUser('NAVER', profile.id);
@@ -111,27 +112,25 @@ export const naverCallback = asyncHandler(async (req, res) => {
         const result = await authService.loginExistingUser(existingUser);
         const responseDto = new AuthResponseDto(result.user, result.tokens);
 
-        // refreshToken은 httpOnly 쿠키로 설정
         setRefreshTokenCookie(res, responseDto.tokens.refreshToken);
 
-        // accessToken과 userId만 URL로 전달
-        const redirectUrl = `${process.env.CORS_ORIGIN}/auth/callback?` +
+        const redirectUrl = `${appDeepLink}://auth/callback?` +
           `accessToken=${responseDto.tokens.accessToken}&` +
           `userId=${responseDto.user.id}`;
 
         return res.redirect(redirectUrl);
       } else {
         const pendingToken = await savePendingSignup('NAVER', profile);
 
-        const redirectUrl = `${process.env.CORS_ORIGIN}/terms?` +
+        const redirectUrl = `${appDeepLink}://terms?` +
           `pendingToken=${pendingToken}&` +
           `provider=NAVER`;
 
         return res.redirect(redirectUrl);
       }
     } catch (error) {
       console.error('Naver login error:', error);
-      return res.redirect(`${process.env.CORS_ORIGIN}/login?error=login_failed`);
+      return res.redirect(`${appDeepLink}://login?error=login_failed`);
     }
   })(req, res);
 });