userfront로 리펙토링 완료

2026-01-28 08:28:25 +09:00
parent 6d88c81217
commit 1aaa772907
154 changed files with 339 additions and 314 deletions
--- a/userfront/lib/core/services/audit_service.dart
+++ b/userfront/lib/core/services/audit_service.dart
@@ -0,0 +1,45 @@
+import 'dart:convert';
+import 'package:http/http.dart' as http;
+import 'package:flutter_dotenv/flutter_dotenv.dart';
+
+class AuditService {
+  static String _envOrDefault(String key, String fallback) {
+    if (!dotenv.isInitialized) {
+      return fallback;
+    }
+    return dotenv.env[key] ?? fallback;
+  }
+
+  static String get _baseUrl => _envOrDefault('BACKEND_URL', 'https://sso.hmac.kr');
+
+  static Future<void> logEvent({
+    required String userId,
+    required String eventType,
+    required String status,
+    String? details,
+  }) async {
+    final url = Uri.parse('$_baseUrl/api/v1/audit');
+    
+    try {
+      final response = await http.post(
+        url,
+        headers: {'Content-Type': 'application/json'},
+        body: jsonEncode({
+          'user_id': userId,
+          'event_type': eventType,
+          'status': status,
+          'details': details,
+          'timestamp': DateTime.now().toIso8601String(),
+        }),
+      );
+
+      if (response.statusCode >= 200 && response.statusCode < 300) {
+        print("Audit log sent successfully");
+      } else {
+        print("Failed to send audit log: ${response.statusCode} ${response.body}");
+      }
+    } catch (e) {
+      print("Error sending audit log: $e");
+    }
+  }
+}
--- a/userfront/lib/core/services/auth_proxy_service.dart
+++ b/userfront/lib/core/services/auth_proxy_service.dart
@@ -0,0 +1,468 @@
+import 'dart:convert';
+import 'package:http/http.dart' as http;
+import 'package:flutter_dotenv/flutter_dotenv.dart';
+
+class AuthProxyService {
+  static String _envOrDefault(String key, String fallback) {
+    if (!dotenv.isInitialized) {
+      return fallback;
+    }
+    return dotenv.env[key] ?? fallback;
+  }
+
+  static String get _baseUrl => _envOrDefault('BACKEND_URL', 'https://sso.hmac.kr');
+
+  static Future<Map<String, dynamic>> fetchPasswordPolicy() async {
+    final url = Uri.parse('$_baseUrl/api/v1/auth/password/policy');
+    final response = await http.get(url);
+    if (response.statusCode == 200) {
+      return jsonDecode(response.body);
+    } else {
+      throw Exception('Failed to fetch password policy');
+    }
+  }
+
+  static Future<Map<String, dynamic>> initEnchantedLink(String loginId, {String? method}) async {
+    final url = Uri.parse('$_baseUrl/api/v1/auth/enchanted-link/init');
+    final userfrontUrl = _envOrDefault('USERFRONT_URL', 'http://sso.hmac.kr');
+    
+    final body = {
+      'loginId': loginId,
+      'uri': userfrontUrl,
+    };
+    if (method != null) {
+      body['method'] = method;
+    }
+    
+    final response = await http.post(
+      url,
+      headers: {'Content-Type': 'application/json'},
+      body: jsonEncode(body),
+    );
+
+    if (response.statusCode == 200) {
+      return jsonDecode(response.body);
+    } else {
+      throw Exception('Failed to init login: ${response.body}');
+    }
+  }
+
+  static Future<Map<String, dynamic>> pollEnchantedLink(String pendingRef) async {
+    final url = Uri.parse('$_baseUrl/api/v1/auth/enchanted-link/poll');
+    
+    final response = await http.post(
+      url,
+      headers: {'Content-Type': 'application/json'},
+      body: jsonEncode({
+        'pendingRef': pendingRef,
+      }),
+    );
+
+    if (response.statusCode == 200) {
+      return jsonDecode(response.body);
+    } else {
+      throw Exception('Polling failed: ${response.body}');
+    }
+  }
+
+  static Future<Map<String, dynamic>> verifyMagicLink(String token) async {
+    final url = Uri.parse('$_baseUrl/api/v1/auth/magic-link/verify');
+    
+    final response = await http.post(
+      url,
+      headers: {'Content-Type': 'application/json'},
+      body: jsonEncode({
+        'token': token,
+      }),
+    );
+
+    if (response.statusCode == 200) {
+      return jsonDecode(response.body);
+    } else {
+      throw Exception('Verification failed: ${response.body}');
+    }
+  }
+
+  static Future<Map<String, dynamic>> loginWithPassword(String loginId, String password) async {
+    final url = Uri.parse('$_baseUrl/api/v1/auth/password/login');
+    
+    final response = await http.post(
+      url,
+      headers: {'Content-Type': 'application/json'},
+      body: jsonEncode({
+        'loginId': loginId,
+        'password': password,
+      }),
+    );
+
+    if (response.statusCode == 200) {
+      return jsonDecode(response.body);
+    } else {
+      final errorBody = jsonDecode(response.body);
+      throw Exception(errorBody['error'] ?? 'Failed to login');
+    }
+  }
+
+  static Future<Map<String, dynamic>> initiatePasswordReset(String loginId) async {
+    final url = Uri.parse('$_baseUrl/api/v1/auth/password/reset/initiate');
+    final response = await http.post(
+      url,
+      headers: {'Content-Type': 'application/json'},
+      body: jsonEncode({'loginId': loginId}),
+    );
+
+    if (response.statusCode == 200) {
+      return jsonDecode(response.body);
+    } else {
+      final errorBody = jsonDecode(response.body);
+      throw Exception(errorBody['error'] ?? 'Failed to initiate password reset');
+    }
+  }
+
+  static Future<Map<String, dynamic>> completePasswordReset({
+    String? loginId,
+    String? token,
+    required String newPassword,
+  }) async {
+    final query = <String, String>{};
+    if (loginId != null && loginId.isNotEmpty) {
+      query['loginId'] = loginId;
+    }
+    if (token != null && token.isNotEmpty) {
+      query['token'] = token;
+    }
+    final url = Uri.parse('$_baseUrl/api/v1/auth/password/reset/complete').replace(queryParameters: query);
+    final response = await http.post(
+      url,
+      headers: {'Content-Type': 'application/json'},
+      body: jsonEncode({'newPassword': newPassword}),
+    );
+
+    if (response.statusCode == 200) {
+      return jsonDecode(response.body);
+    } else {
+      final errorBody = jsonDecode(response.body);
+      throw Exception(errorBody['error'] ?? 'Failed to complete password reset');
+    }
+  }
+
+  static Future<void> sendSms(String phoneNumber) async {
+    final url = Uri.parse('$_baseUrl/api/v1/auth/sms');
+    
+    final response = await http.post(
+      url,
+      headers: {'Content-Type': 'application/json'},
+      body: jsonEncode({
+        'phoneNumber': phoneNumber,
+      }),
+    );
+
+    if (response.statusCode != 200) {
+      throw Exception('Failed to send SMS: ${response.body}');
+    }
+  }
+
+  static Future<Map<String, dynamic>> verifySmsCode(String phoneNumber, String code) async {
+    final url = Uri.parse('$_baseUrl/api/v1/auth/verify-sms');
+    
+    final response = await http.post(
+      url,
+      headers: {'Content-Type': 'application/json'},
+      body: jsonEncode({
+        'phoneNumber': phoneNumber,
+        'code': code,
+      }),
+    );
+
+    if (response.statusCode == 200) {
+      return jsonDecode(response.body);
+    } else {
+      throw Exception('Failed to verify code: ${response.body}');
+    }
+  }
+
+  static Future<Map<String, dynamic>> initQrLogin() async {
+    final url = Uri.parse('$_baseUrl/api/v1/auth/qr/init');
+    final response = await http.post(
+      url,
+      headers: {'Content-Type': 'application/json'},
+    );
+
+    if (response.statusCode == 200) {
+      return jsonDecode(response.body);
+    } else {
+      throw Exception('Failed to init QR login: ${response.body}');
+    }
+  }
+
+  static Future<Map<String, dynamic>> pollQrStatus(String pendingRef) async {
+    final url = Uri.parse('$_baseUrl/api/v1/auth/qr/poll');
+    final response = await http.post(
+      url,
+      headers: {'Content-Type': 'application/json'},
+      body: jsonEncode({'pendingRef': pendingRef}),
+    );
+
+    if (response.statusCode == 200) {
+      return jsonDecode(response.body);
+    } else {
+      throw Exception('QR Polling failed: ${response.body}');
+    }
+  }
+
+  static Future<void> approveQrLogin(String pendingRef, String token) async {
+    final url = Uri.parse('$_baseUrl/api/v1/auth/qr/approve'); // Mapping to ScanQRLogin on backend
+    final response = await http.post(
+      url,
+      headers: {'Content-Type': 'application/json'},
+      body: jsonEncode({
+        'pendingRef': pendingRef,
+        'token': token,
+      }),
+    );
+
+    if (response.statusCode != 200) {
+      throw Exception('QR Approval failed: ${response.body}');
+    }
+  }
+
+  static Future<bool> checkAdminAuth(String adminPassword) async {
+    final url = Uri.parse('$_baseUrl/api/v1/admin/check');
+    try {
+      final response = await http.get(
+        url,
+        headers: {
+          'Content-Type': 'application/json',
+          'X-Admin-Password': adminPassword,
+        },
+      );
+      return response.statusCode == 200;
+    } catch (_) {
+      return false;
+    }
+  }
+
+  static Future<void> createUser({
+    required String loginId,
+    required String adminPassword,
+    String? email,
+    String? phone,
+    String? displayName,
+  }) async {
+    final url = Uri.parse('$_baseUrl/api/v1/admin/users');
+    
+    final response = await http.post(
+      url,
+      headers: {
+        'Content-Type': 'application/json',
+        'X-Admin-Password': adminPassword,
+      },
+      body: jsonEncode({
+        'loginId': loginId,
+        'email': email,
+        'phone': phone,
+        'displayName': displayName,
+      }),
+    );
+
+    if (response.statusCode != 200) {
+      throw Exception('Failed to create user: ${response.body}');
+    }
+  }
+
+  static Future<List<dynamic>> listUsers(String adminPassword, {String? query}) async {
+    var uri = Uri.parse('$_baseUrl/api/v1/admin/users');
+    if (query != null && query.isNotEmpty) {
+      uri = uri.replace(queryParameters: {'text': query});
+    }
+
+    final response = await http.get(
+      uri,
+      headers: {
+        'Content-Type': 'application/json',
+        'X-Admin-Password': adminPassword,
+      },
+    );
+
+    if (response.statusCode == 200) {
+      final data = jsonDecode(response.body);
+      return data['users'] ?? [];
+    } else {
+      throw Exception('Failed to list users: ${response.body}');
+    }
+  }
+
+  static Future<void> deleteUser(String adminPassword, String loginId) async {
+    final encodedId = Uri.encodeComponent(loginId);
+    final url = Uri.parse('$_baseUrl/api/v1/admin/users/$encodedId');
+    
+    final response = await http.delete(
+      url,
+      headers: {
+        'Content-Type': 'application/json',
+        'X-Admin-Password': adminPassword,
+      },
+    );
+
+    if (response.statusCode != 200) {
+      throw Exception('Failed to delete user: ${response.body}');
+    }
+  }
+
+  static Future<void> updateUserStatus(String adminPassword, String loginId, String status) async {
+    final encodedId = Uri.encodeComponent(loginId);
+    final url = Uri.parse('$_baseUrl/api/v1/admin/users/$encodedId/status');
+    
+    final response = await http.patch(
+      url,
+      headers: {
+        'Content-Type': 'application/json',
+        'X-Admin-Password': adminPassword,
+      },
+      body: jsonEncode({'status': status}),
+    );
+
+    if (response.statusCode != 200) {
+      throw Exception('Failed to update status: ${response.body}');
+    }
+  }
+
+  static Future<void> updateUserDetails({
+    required String adminPassword,
+    required String loginId,
+    String? email,
+    String? phone,
+    String? displayName,
+  }) async {
+    final encodedId = Uri.encodeComponent(loginId);
+    final url = Uri.parse('$_baseUrl/api/v1/admin/users/$encodedId');
+    
+    final body = <String, dynamic>{};
+    if (email != null) body['email'] = email;
+    if (phone != null) body['phone'] = phone;
+    if (displayName != null) body['displayName'] = displayName;
+
+    final response = await http.patch(
+      url,
+      headers: {
+        'Content-Type': 'application/json',
+        'X-Admin-Password': adminPassword,
+      },
+      body: jsonEncode(body),
+    );
+
+    if (response.statusCode != 200) {
+      throw Exception('Failed to update user: ${response.body}');
+    }
+  }
+
+  static Future<void> sendLog(String level, String message, {Map<String, dynamic>? data}) async {
+    final url = Uri.parse('$_baseUrl/api/v1/client-log');
+    try {
+      await http.post(
+        url,
+        headers: {'Content-Type': 'application/json'},
+        body: jsonEncode({
+          'level': level,
+          'message': message,
+          if (data != null) 'data': data,
+        }),
+      );
+    } catch (_) {
+      // Ignore logging errors to prevent loops
+    }
+  }
+
+  static Future<void> logError(String message, {dynamic error, StackTrace? stackTrace}) async {
+    final data = <String, dynamic>{};
+    if (error != null) data['error'] = error.toString();
+    if (stackTrace != null) data['stack'] = stackTrace.toString();
+    
+    await sendLog('ERROR', message, data: data);
+  }
+
+  // --- Signup Methods ---
+
+  static Future<bool> checkEmailAvailability(String email) async {
+    final url = Uri.parse('$_baseUrl/api/v1/auth/signup/check-email');
+    final response = await http.post(
+      url,
+      headers: {'Content-Type': 'application/json'},
+      body: jsonEncode({'email': email}),
+    );
+
+    if (response.statusCode == 200) {
+      final data = jsonDecode(response.body);
+      return data['available'] ?? false;
+    }
+    return false;
+  }
+
+  static Future<void> sendSignupCode(String target, String type) async {
+    final path = type == 'email' ? 'send-email-code' : 'send-sms-code';
+    final url = Uri.parse('$_baseUrl/api/v1/auth/signup/$path');
+    
+    final response = await http.post(
+      url,
+      headers: {'Content-Type': 'application/json'},
+      body: jsonEncode({'target': target}),
+    );
+
+    if (response.statusCode != 200) {
+      throw Exception('Failed to send code: ${response.body}');
+    }
+  }
+
+  static Future<bool> verifySignupCode(String target, String type, String code) async {
+    final url = Uri.parse('$_baseUrl/api/v1/auth/signup/verify-code');
+    
+    final response = await http.post(
+      url,
+      headers: {'Content-Type': 'application/json'},
+      body: jsonEncode({
+        'target': target,
+        'type': type,
+        'code': code,
+      }),
+    );
+
+    if (response.statusCode == 200) {
+      final data = jsonDecode(response.body);
+      return data['success'] ?? false;
+    }
+    return false;
+  }
+
+  static Future<void> signup({
+    required String email,
+    required String password,
+    required String name,
+    required String phone,
+    required String affiliationType,
+    String? companyCode,
+    required String department,
+    required bool termsAccepted,
+  }) async {
+    final url = Uri.parse('$_baseUrl/api/v1/auth/signup');
+    
+    final response = await http.post(
+      url,
+      headers: {'Content-Type': 'application/json'},
+      body: jsonEncode({
+        'email': email,
+        'password': password,
+        'name': name,
+        'phone': phone,
+        'affiliationType': affiliationType,
+        if (companyCode != null) 'companyCode': companyCode,
+        'department': department,
+        'termsAccepted': termsAccepted,
+      }),
+    );
+
+    if (response.statusCode != 200) {
+      final error = jsonDecode(response.body)['error'] ?? 'Signup failed';
+      throw Exception(error);
+    }
+  }
+}
--- a/userfront/lib/core/services/logger_service.dart
+++ b/userfront/lib/core/services/logger_service.dart
@@ -0,0 +1,86 @@
+import 'dart:convert';
+import 'package:flutter/foundation.dart';
+import 'package:logging/logging.dart' as std_log;
+import 'package:logger/logger.dart' as pretty_log;
+import 'auth_proxy_service.dart';
+
+/// Global Logger Service for Baron SSO Frontend
+class LoggerService {
+  static final LoggerService _instance = LoggerService._internal();
+  factory LoggerService() => _instance;
+
+  late final pretty_log.Logger _prettyLogger;
+
+  LoggerService._internal() {
+    // 1. Initialize Pretty Logger for Dev
+    _prettyLogger = pretty_log.Logger(
+      printer: pretty_log.PrettyPrinter(
+        methodCount: 0,
+        errorMethodCount: 8,
+        lineLength: 120,
+        colors: true,
+        printEmojis: true,
+        dateTimeFormat: pretty_log.DateTimeFormat.onlyTimeAndSinceStart,
+      ),
+    );
+
+    // 2. Configure Standard Logger (logging package)
+    std_log.Logger.root.level = kReleaseMode ? std_log.Level.INFO : std_log.Level.ALL;
+    
+    std_log.Logger.root.onRecord.listen((record) {
+      if (kReleaseMode) {
+        // [Production] Log as JSON
+        _logJson(record);
+      } else {
+        // [Development] Log using Pretty Printer
+        _logPretty(record);
+      }
+    });
+  }
+
+  /// Initialize the logger. Call this in main.dart
+  static void init() {
+    // Accessing the instance triggers the constructor
+    LoggerService(); 
+    std_log.Logger('BaronSSO').info('Logger initialized');
+  }
+
+  void _logPretty(std_log.LogRecord record) {
+    if (record.level >= std_log.Level.SEVERE) {
+      _prettyLogger.e(record.message, error: record.error, stackTrace: record.stackTrace);
+    } else if (record.level >= std_log.Level.WARNING) {
+      _prettyLogger.w(record.message);
+    } else if (record.level >= std_log.Level.INFO) {
+      _prettyLogger.i(record.message);
+    } else {
+      _prettyLogger.d(record.message);
+    }
+  }
+
+  void _logJson(std_log.LogRecord record) {
+    final logData = {
+      'time': record.time.toUtc().toIso8601String(), // Use UTC for consistency
+      'level': record.level.name,
+      'msg': record.message,
+      'svc': 'baron-userfront',
+      if (record.error != null) 'error': record.error.toString(),
+      if (record.stackTrace != null) 'stack': record.stackTrace.toString(),
+    };
+    
+    // 1. Print to Browser Console (F12)
+    debugPrint(jsonEncode(logData));
+
+    // 2. Relay to Backend (Docker Terminal)
+    if (record.level >= std_log.Level.INFO) {
+      AuthProxyService.sendLog(
+        record.level.name,
+        record.message,
+        data: {
+          'client_time': record.time.toUtc().toIso8601String(),
+          'logger': record.loggerName,
+          if (record.error != null) 'error': record.error.toString(),
+        },
+      );
+    }
+  }
+}
--- a/userfront/lib/core/services/web_auth_integration.dart
+++ b/userfront/lib/core/services/web_auth_integration.dart
@@ -0,0 +1,13 @@
+import 'web_auth_integration_stub.dart'
+    if (dart.library.html) 'web_auth_integration_web.dart';
+
+abstract class WebAuthIntegration {
+  static void sendLoginSuccess(String token) {
+    // Platform-specific implementation
+    implSendLoginSuccess(token);
+  }
+
+  static bool isPopup() {
+    return implIsPopup();
+  }
+}
--- a/userfront/lib/core/services/web_auth_integration_stub.dart
+++ b/userfront/lib/core/services/web_auth_integration_stub.dart
@@ -0,0 +1,8 @@
+void implSendLoginSuccess(String token) {
+  // No-op on non-web platforms
+  print("Not on web: Login Success with token: $token");
+}
+
+bool implIsPopup() {
+  return false;
+}
--- a/userfront/lib/core/services/web_auth_integration_web.dart
+++ b/userfront/lib/core/services/web_auth_integration_web.dart
@@ -0,0 +1,27 @@
+import 'dart:html' as html;
+import 'dart:async';
+
+void implSendLoginSuccess(String token) {
+  final message = {'type': 'LOGIN_SUCCESS', 'token': token};
+  
+  if (html.window.opener != null) {
+    try {
+      html.window.opener!.postMessage(message, '*');
+      print("Sent login success message to opener");
+    } catch (e) {
+      print("Failed to postMessage: $e");
+    }
+    
+    // Close the popup after a short delay to ensure message sending
+    Timer(const Duration(milliseconds: 500), () {
+      html.window.close();
+    });
+  } else {
+     // Should not happen given isPopup check, but as fallback:
+     print("No opener found during popup flow.");
+  }
+}
+
+bool implIsPopup() {
+  return html.window.opener != null;
+}