Feat: 소셜로그인 API연동 #28
Conversation
There was a problem hiding this comment.
Pull request overview
This PR implements social login API integration by updating the authentication flow to use a dynamic gateway URL selection mechanism and standardizing endpoint references throughout the codebase.
- Introduced dynamic gateway URL selection for social login OAuth2 endpoints
- Refactored API routes to use centralized endpoint constants
- Updated environment variable handling to support both client and server-side gateway configuration
- Added cookie forwarding logic to preserve authentication state across API responses
Reviewed changes
Copilot reviewed 10 out of 10 changed files in this pull request and generated 6 comments.
Show a summary per file
| File | Description |
|---|---|
| src/lib/auth/socialAuth.ts | Integrates dynamic gateway URL selection for OAuth2 authorization endpoints |
| src/lib/api/gateway-selector.ts | Updates server-side gateway selector to use public environment variables |
| src/lib/api/constants.ts | Adds auth service endpoint constants (AUTH_ENDPOINT, USER_ENDPOINT) |
| src/app/api/auth/signup/social/route.ts | Adds cookie forwarding logic and uses centralized AUTH_ENDPOINT constant |
| src/app/api/auth/signup/route.ts | Adds cookie forwarding logic and uses centralized AUTH_ENDPOINT constant |
| src/app/api/auth/me/route.ts | Replaces JWT parsing logic with backend API call to USER_ENDPOINT |
| src/app/api/auth/login/route.ts | Refactors to use AUTH_ENDPOINT constant instead of hardcoded path |
| src/app/api/auth/check-nickname/route.ts | Refactors to use AUTH_ENDPOINT constant instead of hardcoded path |
| src/app/api/auth/check-email/route.ts | Refactors to use AUTH_ENDPOINT constant instead of hardcoded path |
| src/components/auth/SocialSignUpForm.tsx | Improves profile image preview UI styling and removes delete button visibility |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| console.log("User info response:", response.data); | ||
|
|
||
| return NextResponse.json(response.data); | ||
|
|
||
| /* | ||
| // 쿠키에서 access_token 확인 | ||
| const accessToken = request.cookies.get("access_token")?.value; |
There was a problem hiding this comment.
Console.log statement left in production code. Debug logging should be removed or replaced with a proper logging mechanism before merging to production.
| console.log("User info response:", response.data); | |
| return NextResponse.json(response.data); | |
| /* | |
| // 쿠키에서 access_token 확인 | |
| const accessToken = request.cookies.get("access_token")?.value; | |
| return NextResponse.json(response.data); | |
| /* | |
| // 쿠키에서 access_token 확인 | |
| const accessToken = request.cookies.get("access_token")?.value; | |
| // 쿠키에서 access_token 확인 | |
| const accessToken = request.cookies.get("access_token")?.value; |
| const cookies = response.headers["set-cookie"]; | ||
| if (cookies) { | ||
| if (Array.isArray(cookies)) { | ||
| cookies.forEach((cookie) => nextResponse.headers.append("Set-Cookie", cookie)); | ||
| } else { | ||
| nextResponse.headers.set("Set-Cookie", cookies); | ||
| } | ||
| } |
There was a problem hiding this comment.
The cookie forwarding logic is duplicated across multiple route files (signup.ts, signup/social/route.ts). This repeated code block should be extracted into a reusable utility function to improve maintainability and reduce duplication. Consider creating a helper function like forwardCookiesToResponse in a shared utility module.
|
|
||
| // 로컬 게이트웨이를 통해 Auth Server의 OAuth2 엔드포인트로 이동 | ||
| const authUrl = `http://localhost:8099/das/oauth2/authorization/${provider}`; | ||
| const authUrl = `http://${gateWayUrl}/das/oauth2/authorization/${provider}`; |
There was a problem hiding this comment.
The URL construction appears problematic. The selectGatewayUrl function returns a full URL (e.g., "http://localhost:8090" or "http://168.107.43.221:8080"), but the code constructs the authUrl as http://${gateWayUrl}/das/oauth2/authorization/${provider}, which would result in a malformed URL like "http://http://localhost:8090/das/oauth2/authorization/google". The protocol prefix "http://" should be removed since selectGatewayUrl already returns a complete URL.
| const authUrl = `http://${gateWayUrl}/das/oauth2/authorization/${provider}`; | |
| const authUrl = `${gateWayUrl}/das/oauth2/authorization/${provider}`; |
| const currentUrl = window.location.href; | ||
| sessionStorage.setItem("social_login_return_url", currentUrl); | ||
|
|
||
| const gateWayUrl = selectGatewayUrl("/das"); |
There was a problem hiding this comment.
Inconsistent camelCase naming. The variable name should be gatewayUrl instead of gateWayUrl to follow JavaScript/TypeScript naming conventions where compound words in camelCase don't capitalize mid-word characters.
| const localUrl = process.env.NEXT_PUBLIC_GATEWAY_LOCAL_URL; | ||
| const devUrl = process.env.NEXT_PUBLIC_GATEWAY_DEV_URL; | ||
| const useLocalFor = process.env.NEXT_PUBLIC_USE_LOCAL_GATEWAY_FOR || ""; |
There was a problem hiding this comment.
The selectServerGatewayUrl function is documented as being for server-side usage, yet it's now using NEXT_PUBLIC_* prefixed environment variables which are client-exposed variables in Next.js. This contradicts the function's purpose and documentation. Server-side functions should use server-only environment variables (without the NEXT_PUBLIC_ prefix) to avoid exposing sensitive configuration to the client bundle.
| const localUrl = process.env.NEXT_PUBLIC_GATEWAY_LOCAL_URL; | |
| const devUrl = process.env.NEXT_PUBLIC_GATEWAY_DEV_URL; | |
| const useLocalFor = process.env.NEXT_PUBLIC_USE_LOCAL_GATEWAY_FOR || ""; | |
| const localUrl = process.env.GATEWAY_LOCAL_URL; | |
| const devUrl = process.env.GATEWAY_DEV_URL; | |
| const useLocalFor = process.env.USE_LOCAL_GATEWAY_FOR || ""; |
No description provided.