SamProject/sam-react-prod
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[feat]: 회원가입 페이지 개선 및 폼 자동 포맷팅 기능 추가

Browse Source 
주요 변경사항:
- 회원가입 폼에 사업자등록번호 자동 포맷팅 (000-00-00000)
- 핸드폰 번호 자동 포맷팅 (010-1111-1111 / 010-111-1111)
- 약관 전체 동의 체크박스 추가 및 개별 약관 연동
- 모든 입력 필드에 autocomplete 속성 추가 (브라우저 자동완성 지원)
- 회원가입 API 연동 및 백엔드 통신 구현
- LoginPage 폼 태그 추가 및 DOM 경고 수정
- LanguageSelect 언어 변경 시 전체 페이지 새로고침으로 변경
- 다국어 번역 키 추가 (ko, en, ja)

🤖 Generated with Claude Code

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
byeongcheolryu
2025-11-10 17:25:56 +09:00
parent a2453d86f2
commit fa7f62383d
16 changed files with 872 additions and 184 deletions
Download Patch File Download Diff File Expand all files Collapse all files

60
src/app/api/auth/login/route.ts
View File

@@ -23,7 +23,7 @@ export async function POST(request: NextRequest) {
}
// Call PHP backend API
const response = await fetch(`${process.env.NEXT_PUBLIC_API_URL}/api/v1/login`, {
const backendResponse = await fetch(`${process.env.NEXT_PUBLIC_API_URL}/api/v1/login`, {
method: 'POST',
headers: {
'Content-Type': 'application/json',
@@ -33,18 +33,26 @@ export async function POST(request: NextRequest) {
body: JSON.stringify({ user_id, user_pwd }),
});
if (!response.ok) {
const errorData = await response.json().catch(() => ({}));
if (!backendResponse.ok) {
// Don't expose detailed backend error messages to client
// Use generic error messages based on status code
let errorMessage = 'Authentication failed';
if (backendResponse.status === 422) {
errorMessage = 'Invalid credentials provided';
} else if (backendResponse.status === 429) {
errorMessage = 'Too many login attempts. Please try again later';
} else if (backendResponse.status >= 500) {
errorMessage = 'Service temporarily unavailable';
}
return NextResponse.json(
{
error: errorData.message || 'Login failed',
status: response.status
},
{ status: response.status }
{ error: errorMessage },
{ status: backendResponse.status === 422 ? 401 : backendResponse.status }
);
}
const data = await response.json();
const data = await backendResponse.json();
// Prepare response with user data (no token exposed)
const responseData = {
@@ -52,26 +60,38 @@ export async function POST(request: NextRequest) {
user: data.user,
tenant: data.tenant,
menus: data.menus,
token_type: data.token_type,
expires_in: data.expires_in,
expires_at: data.expires_at,
};
// Set HttpOnly cookie with token
const cookieOptions = [
`user_token=${data.user_token}`,
// Set HttpOnly cookies for both access_token and refresh_token
const accessTokenCookie = [
`access_token=${data.access_token}`,
'HttpOnly', // ✅ JavaScript cannot access
'Secure', // ✅ HTTPS only (production)
'SameSite=Strict', // ✅ CSRF protection
'Path=/',
'Max-Age=604800', // 7 days
`Max-Age=${data.expires_in || 7200}`, // Use backend expiry (default 2 hours)
].join('; ');
console.log('✅ Login successful - Token stored in HttpOnly cookie');
const refreshTokenCookie = [
`refresh_token=${data.refresh_token}`,
'HttpOnly', // ✅ JavaScript cannot access
'Secure', // ✅ HTTPS only (production)
'SameSite=Strict', // ✅ CSRF protection
'Path=/',
'Max-Age=604800', // 7 days (longer for refresh token)
].join('; ');
return NextResponse.json(responseData, {
status: 200,
headers: {
'Set-Cookie': cookieOptions,
},
});
console.log('✅ Login successful - Access & Refresh tokens stored in HttpOnly cookies');
const response = NextResponse.json(responseData, { status: 200 });
response.headers.append('Set-Cookie', accessTokenCookie);
response.headers.append('Set-Cookie', refreshTokenCookie);
return response;
} catch (error) {
console.error('Login proxy error:', error);