From 407c98a39132ad9859d44778ae08d71b9839970d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=EA=B6=8C=ED=98=81=EC=84=B1?= <shine1324@gmail.com>
Date: Wed, 28 Jan 2026 16:33:10 +0900
Subject: [PATCH] =?UTF-8?q?feat:=EC=9E=90=EB=8F=99=20=EC=9E=AC=EC=9D=B8?=
 =?UTF-8?q?=EC=A6=9D=20=EB=AF=B8=EB=93=A4=EC=9B=A8=EC=96=B4=20=EC=B6=94?=
 =?UTF-8?q?=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- AutoLoginViaRemember: 세션 만료 시 remember_token으로 자동 로그인
- HQ 소속/활성 상태 검증
- API 토큰 자동 재발급
- web 미들웨어 그룹에 등록

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---
 app/Http/Middleware/AutoLoginViaRemember.php | 82 ++++++++++++++++++++
 bootstrap/app.php                            |  4 +-
 2 files changed, 84 insertions(+), 2 deletions(-)
 create mode 100644 app/Http/Middleware/AutoLoginViaRemember.php

diff --git a/app/Http/Middleware/AutoLoginViaRemember.php b/app/Http/Middleware/AutoLoginViaRemember.php
new file mode 100644
index 00000000..f3ea54c1
--- /dev/null
+++ b/app/Http/Middleware/AutoLoginViaRemember.php
@@ -0,0 +1,82 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use App\Services\ApiTokenService;
+use Closure;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Log;
+use Symfony\Component\HttpFoundation\Response;
+
+class AutoLoginViaRemember
+{
+    public function __construct(
+        private readonly ApiTokenService $apiTokenService
+    ) {}
+
+    /**
+     * 세션 만료 시 remember_token으로 자동 로그인
+     */
+    public function handle(Request $request, Closure $next): Response
+    {
+        // 이미 인증된 경우 통과
+        if (Auth::check()) {
+            return $next($request);
+        }
+
+        // Remember Token으로 재인증 시도
+        if (Auth::viaRemember()) {
+            $user = Auth::user();
+
+            // HQ 테넌트 소속 확인
+            if (!$user->belongsToHQ()) {
+                Auth::logout();
+                Log::info('[AutoLoginViaRemember] Non-HQ user rejected', ['user_id' => $user->id]);
+                return $next($request);
+            }
+
+            // 활성 상태 확인
+            if (!$user->is_active) {
+                Auth::logout();
+                Log::info('[AutoLoginViaRemember] Inactive user rejected', ['user_id' => $user->id]);
+                return $next($request);
+            }
+
+            // HQ 테넌트를 기본 선택
+            $hqTenant = $user->getHQTenant();
+            if ($hqTenant) {
+                session(['selected_tenant_id' => $hqTenant->id]);
+
+                // API 토큰 재발급
+                $this->refreshApiToken($user->id, $hqTenant->id);
+            }
+
+            Log::info('[AutoLoginViaRemember] Auto login successful', ['user_id' => $user->id]);
+        }
+
+        return $next($request);
+    }
+
+    /**
+     * API 토큰 재발급
+     */
+    private function refreshApiToken(int $userId, int $tenantId): void
+    {
+        try {
+            $result = $this->apiTokenService->exchangeToken($userId, $tenantId);
+
+            if ($result['success']) {
+                $this->apiTokenService->storeTokenInSession(
+                    $result['data']['access_token'],
+                    $result['data']['expires_in']
+                );
+            }
+        } catch (\Exception $e) {
+            Log::warning('[AutoLoginViaRemember] API token refresh failed', [
+                'user_id' => $userId,
+                'error' => $e->getMessage(),
+            ]);
+        }
+    }
+}
\ No newline at end of file
diff --git a/bootstrap/app.php b/bootstrap/app.php
index afb18a8f..f65416b7 100644
--- a/bootstrap/app.php
+++ b/bootstrap/app.php
@@ -26,9 +26,9 @@
             'menu-sync/*',
         ]);
 
-        // auth 미들웨어 그룹에 HQ 검증 추가
+        // web 미들웨어 그룹에 자동 재인증 추가
         $middleware->appendToGroup('web', [
-            // 기본 web 미들웨어에는 추가하지 않음 (auth에서만 적용)
+            \App\Http\Middleware\AutoLoginViaRemember::class,
         ]);
     })
     ->withExceptions(function (Exceptions $exceptions): void {