[FE-Feat] 논의 id 난수화

frontend/.gitignore

@@ -11,6 +11,7 @@ node_modules
 dist
 dist-ssr
 *.local
+.env
 
 # Editor directories and files
 .vscode/*

frontend/apps/client/src/features/discussion/api/index.ts

@@ -4,13 +4,11 @@ import type {
   DiscussionCalendarRequest,
   DiscussionCalendarResponse, 
   DiscussionConfirmRequest, 
-  DiscussionParticipantResponse, 
+  DiscussionConfirmResponse,  DiscussionParticipantResponse, 
   DiscussionRankRequest, 
   DiscussionRankResponse, 
   DiscussionRequest, 
-  DiscussionResponse } from '../model';
-import {
-  DiscussionConfirmResponse, 
+  DiscussionResponse, 
 } from '../model';
 
 export const discussionApi = {
@@ -64,11 +62,11 @@ export const candidateApi = {
     { id, body }: { id: string; body: DiscussionConfirmRequest },
   ): Promise<DiscussionConfirmResponse> => {
     const response = await request.post(`/api/v1/discussion/${id}/confirm`, { body });
-    return DiscussionConfirmResponse.parse(response);
+    return response.parse(response);
   },
 
   getDiscussionConfirm: async (id: string): Promise<DiscussionConfirmResponse> => {
     const response = await request.get(`/api/v1/discussion/${id}/shared-event`);
-    return DiscussionConfirmResponse.parse(response);
+    return response.parse(response);
   },
 };

frontend/apps/client/src/features/discussion/api/invitationApi.ts

@@ -3,12 +3,12 @@ import { request } from '@utils/fetch';
 import { InvitationJoinResponseSchema, InvitationResponseSchema } from '../model/invitation';
 
 export const invitationApi = {
-  getInvitationInfo: async (discussionId: number) => {
+  getInvitationInfo: async (discussionId: string) => {
     const response = await request.get(`/api/v1/discussion/${discussionId}/invite`);
     const validData = InvitationResponseSchema.parse(response);
     return validData;
   },
-  postInviatationJoin: async (discussionId: number, password?: string) => {
+  postInviatationJoin: async (discussionId: string, password?: string) => {
     const response = await request.post(`/api/v1/discussion/${discussionId}/join`, {
       body: { password: password }, 
     });

frontend/apps/client/src/features/discussion/api/keys.ts

@@ -24,7 +24,7 @@ export const participantKeys = {
   detail: (id: string) => [...participantKeys.all, id],
 };
 
-export const invitationQueryKey = (discussionId: number) => ['invitation', discussionId];
+export const invitationQueryKey = (discussionId: string) => ['invitation', discussionId];
 
 export const sharedEventKeys = {
   all: ['sharedEvents'],

frontend/apps/client/src/features/discussion/api/mutations.ts

@@ -30,7 +30,7 @@ export const useDiscussionMutation = () => {
 export const useInvitationJoinMutation = () => {
   const { mutate } = useMutation({
     mutationFn: ({ body }: {
-      body: { discussionId: number; password?: string };
+      body: { discussionId: string; password?: string };
     }) => invitationApi.postInviatationJoin(body.discussionId, body.password),
   });
   return { mutate };

frontend/apps/client/src/features/discussion/api/queries.ts

@@ -108,5 +108,5 @@ export const useDiscussionHostQuery = (discussionId: string) => {
 
   return { isHost, isPending };
 };
-export const useInviteInfoQuery = (discussionId: number) => 
+export const useInviteInfoQuery = (discussionId: string) => 
   useQuery<InviteResponse>(invitationQueryOption(discussionId));

frontend/apps/client/src/features/discussion/api/queryOptions.ts

@@ -5,7 +5,7 @@ import { candidateApi } from '.';
 import { invitationApi } from './invitationApi';
 import { candidateKeys, invitationQueryKey } from './keys';
 
-export const invitationQueryOption = (discussionId: number) => ({
+export const invitationQueryOption = (discussionId: string) => ({
   queryKey: invitationQueryKey(discussionId),
   queryFn: () => invitationApi.getInvitationInfo(discussionId),
 });

frontend/apps/client/src/features/discussion/model/index.ts

@@ -37,7 +37,7 @@ const DiscussionRequest = z.object({
 const DiscussionConfirmRequest = SharedEventDTO.omit({ id: true });
 
 const DiscussionResponse = z.object({
-  id: z.number(),
+  id: z.string(),
   title: z.string(),
   dateRangeStart: z.string().regex(DATE_BAR),
   dateRangeEnd: z.string().regex(DATE_BAR),
@@ -77,8 +77,8 @@ const DiscussionRankResponse = z.object({
   eventsRankedOfTime: z.array(DiscussionDTO),
 });
 
-export const DiscussionConfirmResponse = z.object({
-  discussionId: z.number(),
+const DiscussionConfirmResponse = z.object({
+  discussionId: z.string(),
   title: z.string(),
   meetingMethodOrLocation: z.string().nullable(),
   sharedEventDto: SharedEventDTO.transform((event) => ({

frontend/apps/client/src/features/discussion/ui/DiscussionInviteCard/SubmitForm.tsx

@@ -11,7 +11,7 @@ import { inputStyle } from './index.css';
 import TimerButton from './TimerButton';
 
 interface SubmitFormProps {
-  discussionId: number;
+  discussionId: string;
   canJoin: boolean;
   requirePW: boolean;
   unlockDateTime: Date | null;

frontend/apps/client/src/features/discussion/ui/DiscussionInviteCard/index.tsx

@@ -12,7 +12,7 @@ import {
 import SubmitForm from './SubmitForm';
 
 export interface DiscussionInviteCardProps {
-  discussionId: number;
+  discussionId: string;
   hostName: string;
   title: string;
   canJoin: boolean;
@@ -61,7 +61,7 @@ const DiscussionInviteCardContents = (props: DiscussionInviteCardContentsProps)
 
 interface DiscussionInviteCardFooterProps {
   canJoin: boolean;
-  discussionId: number;
+  discussionId: string;
   requirePassword: boolean;
   timeUnlocked: Date | null;
 }

frontend/apps/client/src/features/shared-schedule/model/finishedSchedules.ts

@@ -3,7 +3,7 @@ import { z } from 'zod';
 import { SharedEventDtoSchema } from './SharedEventDto';
 
 const FinishedScheduleSchema = z.object({
-  discussionId: z.number(),
+  discussionId: z.string(),
   title: z.string(),
   meetingMethodOrLocation: z.union([z.string(), z.null()]),
   sharedEventDto: z.union([SharedEventDtoSchema, z.null()]),

frontend/apps/client/src/features/shared-schedule/model/ongoingSchedules.ts

@@ -2,7 +2,7 @@ import { zCoerceToDate } from '@utils/zod';
 import { z } from 'zod';
 
 const OngoingScheduleSchema = z.object({
-  discussionId: z.number(),
+  discussionId: z.string(),
   title: z.string(),
   dateRangeStart: zCoerceToDate,
   dateRangeEnd: zCoerceToDate,

frontend/apps/client/src/features/shared-schedule/model/upcomingSchedules.ts

@@ -6,7 +6,7 @@ import { ParticipantWithEventsSchema } from '@/features/timeline-schedule/model'
 import { SharedEventDtoSchema } from './SharedEventDto';
 
 export const UpcomingScheduleSchema = z.object({
-  discussionId: z.number(),
+  discussionId: z.string(),
   title: z.string(),
   meetingMethodOrLocation: z.union([z.string(), z.null()]),
   sharedEventDto: SharedEventDtoSchema,

frontend/apps/client/src/features/shared-schedule/ui/OngoingSchedules/RecommendedSchedules.tsx

@@ -55,7 +55,7 @@ const RecommendedScheduleItem = ({
   candidate, discussionId, startDTStr, endDTStr, adjustCount,
 }: {
   candidate: DiscussionDTO;
-  discussionId: number;
+  discussionId: string;
   startDTStr: string;
   endDTStr: string;
   adjustCount: number;

frontend/apps/client/src/features/shared-schedule/ui/OngoingSchedules/ScheduleDetails.tsx

@@ -20,7 +20,7 @@ import {
 } from './ScheduleDetails.css';
 
 interface ScheduleDetailsProps {
-  discussionId: number;
+  discussionId: string;
 }
 
 // TODO: Date 타입 변환 후 변경사항 적용

frontend/apps/client/src/features/timeline-schedule/model/index.ts

@@ -31,7 +31,7 @@ export const CandidateDetailRequestSchema = z.object({
 });
 
 export const CandidateDetailResponseSchema = z.object({
-  discussionId: z.number(),
+  discussionId: z.string(),
   startDateTime: zCoerceToDate,
   endDateTime: zCoerceToDate,
   participants: z.array(ParticipantWithEventsSchema), 

frontend/apps/client/src/pages/DiscussionPage/DiscussionInvitePage/index.tsx

@@ -22,7 +22,7 @@ const DiscussionInvitePage = ({ invitation }: { invitation: InviteResponse }) =>
     <DiscussionInviteCard 
       canJoin={!isFull}
       dateRange={{ start: dateRangeStart, end: dateRangeEnd }}
-      discussionId={+id}
+      discussionId={id}
       hostName={host}
       meetingDuration={duration}
       requirePassword={requirePassword}

frontend/apps/client/src/pages/MyCalendarPage/DiscussionContext.ts

@@ -3,8 +3,8 @@ import { type DateRangeReturn, useSelectDateRange } from '@hooks/useSelectDateRa
 import type { Dispatch, SetStateAction } from 'react';
 
 interface DiscussionContextProps {
-  selectedId: number | null;
-  setSelectedId: Dispatch<SetStateAction<number | null>>;
+  selectedId: string | null;
+  setSelectedId: Dispatch<SetStateAction<string | null>>;
 }
 
 export const {

frontend/apps/client/src/pages/MyCalendarPage/index.tsx

@@ -15,7 +15,7 @@ import {
 import { TableProvider } from './TableContext';
 
 const MyCalendarPage = () => {
-  const [selectedId, setSelectedId] = useState<number | null>(null);
+  const [selectedId, setSelectedId] = useState<string | null>(null);
 
   return (
     <div className={containerStyle}>

frontend/apps/client/src/routes/_main/discussion/invite/$id.tsx

@@ -19,7 +19,7 @@ const DiscussionInvite = () => {
 
 export const Route = createFileRoute('/_main/discussion/invite/$id')({
   loader: async ({ params: { id }, context }) => {
-    const invitation = await context.queryClient.fetchQuery(invitationQueryOption(Number(id)));
+    const invitation = await context.queryClient.fetchQuery(invitationQueryOption(id));
     return { invitation };
   },
   component: DiscussionInvite,

frontend/apps/client/src/utils/error/HTTPError.ts

@@ -19,6 +19,7 @@ export class HTTPError extends Error {
 
   isUnAuthorizedError = () => this.#status === 401;
   isForbiddenError = () => this.#status === 403;
+  isNotFoundError = () => this.#status === 404;
   isTooManyRequestsError = () => this.#status === 429;
 
   isInvalidRefreshTokenError = () => this.#code.startsWith('RT');

frontend/apps/client/src/utils/error/handleError.ts

@@ -22,13 +22,14 @@ export const handleError = (error: unknown) => {
     queueMicrotask(() => {
       addNoti({ type: 'error', title: error.message });
     });
-
     if (error.isUnAuthorizedError()) window.location.href = '/login';
     if (error.isForbiddenError()) window.location.href = '/landing';
+    if (error.isNotFoundError()) window.location.href = '/not-found';
     return false;
   }
 
   if (error instanceof Error) {
+
     queueMicrotask(() => {
       addNoti({ type: 'error', title: error.message });
     });

frontend/apps/server/package.json

@@ -9,12 +9,12 @@
     "start": "cross-env NODE_ENV=start tsup --watch"
   },
   "dependencies": {
-    "express": "^5.1.0"
+    "express": "^5.1.0",
+    "http-proxy-middleware": "^3.0.3"
   },
   "devDependencies": {
     "@types/express": "^5.0.2",
     "typescript": "^5.6.2",
-    "@endolphin/tsup-config": "workspace:^",
-    "@endolphin/vitest-config": "workspace:^"
+    "@endolphin/tsup-config": "workspace:^"
   }
 }

frontend/apps/server/src/envconfig.ts

@@ -0,0 +1,18 @@
+import process from 'node:process';
+import { fileURLToPath } from 'node:url';
+
+import path from 'path';
+
+import { isProduction } from './utils/isProduction';
+
+const dirname = path.dirname(fileURLToPath(import.meta.url));
+
+if (!isProduction) {
+  const dotenv = await import('dotenv');
+  dotenv.config({ path: path.resolve(dirname, '../.env') });
+}
+
+export const serverEnv = {
+  AES_GCM_KEY_OF_DISCUSSION_ID: process.env.AES_GCM_KEY_OF_DISCUSSION_ID,
+  BASE_URL: process.env.BASE_URL,
+};

frontend/apps/server/src/index.ts

@@ -7,7 +7,9 @@ import { fileURLToPath } from 'node:url';
 import express from 'express';
 import type { ViteDevServer } from 'vite';
 
-const isProduction = process.env.NODE_ENV === 'production';
+import { discussionIdTransformer, discussionIdVerifier } from './middlewares/discussionId';
+import { isProduction } from './utils/isProduction';
+
 const port = process.env.PORT || 5173;
 const base = process.env.BASE || '/';
 
@@ -69,9 +71,14 @@ const serveHTML = async () => {
 };
 
 const createServer = async () => {
+  // 응답 body를 JSON으로 파싱 (middleware 내부에서 req.body 형태로 사용)
+  app.use(express.json());
+  // discussion id를 인코딩 및 디코딩하는 모듈 적용
+  app.use('/api', discussionIdVerifier);
+  app.use('/api', discussionIdTransformer);
   await addMiddleware();
   await serveHTML();
-
+  
   if (!isProduction) {
     const httpsOptions = {
       key: fs.readFileSync(keypath),

frontend/apps/server/src/middlewares/discussionId/discussionCipher.ts

@@ -0,0 +1,36 @@
+import { Buffer } from 'node:buffer';
+
+import { serverEnv } from '../../envconfig';
+import { aesGcm } from '../../utils/cipher';
+import { base64Url } from '../../utils/stringTransformer';
+
+const aesGcmKey = serverEnv.AES_GCM_KEY_OF_DISCUSSION_ID;
+if (!aesGcmKey) {
+  throw new Error('환경 변수 AES_GCM_KEY_OF_DISCUSSION_ID가 정의되지 않았습니다.');
+}
+
+export const decodeDiscussionIdOfUrl = (path: string) => {
+  // (출력 예시) parts: ['', 'v1', 'discussion', '{encoded_discussion_id}', 'invite']
+  const parts = path.split('/'); 
+  const targetIdx = 3; // discussionId가 위치하는 index
+  if (parts.length > targetIdx) {
+    parts[targetIdx] = decryptDiscussionId(parts[targetIdx]);
+  }
+  return parts.join('/');
+};
+
+export const encryptDiscussionId = (text: string) => {
+  const key = Buffer.from(aesGcmKey, 'base64');
+  const { iv, content, tag } = aesGcm.encrypt(text, key);
+  const concat = `${iv}.${content}.${tag}`;
+  const cipherText = base64Url.encode(concat);
+  return cipherText;
+};
+
+export const decryptDiscussionId = (cipherText: string) => {
+  const key = Buffer.from(aesGcmKey, 'base64');
+  const concat = base64Url.decode(cipherText);
+  const [iv, content, tag] = concat.split('.');
+  const encryptedData = { iv, content, tag };
+  return aesGcm.decrypt(encryptedData, key);
+};

frontend/apps/server/src/middlewares/discussionId/index.ts

@@ -0,0 +1,35 @@
+import type { RequestHandler } from 'express';
+import { createProxyMiddleware } from 'http-proxy-middleware';
+
+import { serverEnv } from '../../envconfig';
+import { decodeDiscussionIdOfUrl } from './discussionCipher';
+import { 
+  DISCUSSION_CREATE_ENDPOINT,
+  handleProxyReq,
+  handleProxyRes,
+  rewriteDiscussionPath, 
+} from './proxyHandlers';
+
+export const discussionIdTransformer = createProxyMiddleware({
+  target: `${serverEnv.BASE_URL}/api`,
+  changeOrigin: true,
+  selfHandleResponse: true,
+  pathRewrite: rewriteDiscussionPath,
+  on: {
+    proxyReq: handleProxyReq,
+    proxyRes: handleProxyRes,
+  },
+});
+
+export const discussionIdVerifier: RequestHandler = (req, res, next) => {
+  if (req.path.startsWith(DISCUSSION_CREATE_ENDPOINT)) {
+    try {
+      decodeDiscussionIdOfUrl(req.path);
+      return next();
+    } catch {
+      res.status(404).json({ code: 'NOT_FOUND', message: 'Invalid discussion id' });
+      return;
+    }
+  }
+  return next();
+};