admin page add

backend/internal/handler/auth_handler.go

@@ -222,30 +222,64 @@ func (h *AuthHandler) VerifyMagicLink(c *fiber.Ctx) error {
 		return c.Status(fiber.StatusInternalServerError).JSON(fiber.Map{"error": "Descope Client not configured"})
 	}
 
-	log.Printf("[Verify] Generating embedded link for %s", loginID)
-	embeddedToken, err := h.DescopeClient.Management.User().GenerateEmbeddedLink(context.Background(), loginID, nil, 0)
+	// [Fix] Search for existing user by phone to prevent fragmentation
+	// Normalize Phone Number for Search (E.164)
+	searchPhone := loginID
+	if !strings.Contains(searchPhone, "@") {
+		// If it looks like a KR mobile number (010...), format to +8210...
+		if strings.HasPrefix(searchPhone, "010") {
+			searchPhone = "+82" + searchPhone[1:]
+		} else if strings.HasPrefix(searchPhone, "82") {
+             searchPhone = "+" + searchPhone
+        }
+	}
+
+	log.Printf("[Verify] Searching for user with phone: %s", searchPhone)
+	searchOptions := &descope.UserSearchOptions{
+		Phones: []string{searchPhone},
+		Limit:  1,
+	}
+	
+	var targetLoginID string
+	users, _, errSearch := h.DescopeClient.Management.User().SearchAll(context.Background(), searchOptions)
+	
+	if errSearch == nil && len(users) > 0 {
+		if len(users[0].LoginIDs) > 0 {
+			targetLoginID = users[0].LoginIDs[0]
+			log.Printf("[Verify] User found! Existing LoginID: %s", targetLoginID)
+		} else {
+			// Should not happen for a valid user, but fallback to UserID or searchPhone
+			log.Printf("[Verify] User found but no LoginIDs. Using UserID.")
+			targetLoginID = users[0].UserID
+		}
+	} else {
+		// Not found, or search error. Fallback to using the phone as LoginID.
+		// Use the normalized phone number to ensure consistency (+82...)
+		targetLoginID = searchPhone
+		log.Printf("[Verify] User not found by phone. Will use/create: %s", targetLoginID)
+	}
+
+	log.Printf("[Verify] Generating embedded link for %s", targetLoginID)
+	embeddedToken, err := h.DescopeClient.Management.User().GenerateEmbeddedLink(context.Background(), targetLoginID, nil, 0)
 	if err != nil {
 		if strings.Contains(err.Error(), "User not found") || strings.Contains(err.Error(), "E062108") {
-			log.Printf("[Verify] User %s not found. Creating...", loginID)
+			log.Printf("[Verify] User %s not found. Creating...", targetLoginID)
 			
-			descopeLoginID := loginID
+			// Create User with Explicit Phone Attribute
 			userObj := &descope.UserRequest{}
-			if strings.Contains(loginID, "@") {
-				userObj.Email = loginID
+			if strings.Contains(targetLoginID, "@") {
+				userObj.Email = targetLoginID
 			} else {
-				if strings.HasPrefix(loginID, "010") {
-					descopeLoginID = "+82" + loginID[1:]
-				}
-				userObj.Phone = descopeLoginID
+				userObj.Phone = targetLoginID // Must be E.164
 			}
 
-			_, errCreate := h.DescopeClient.Management.User().Create(context.Background(), descopeLoginID, userObj)
+			_, errCreate := h.DescopeClient.Management.User().Create(context.Background(), targetLoginID, userObj)
 			if errCreate != nil {
 				log.Printf("[Verify] Failed to create user: %v", errCreate)
 				return c.Status(fiber.StatusInternalServerError).JSON(fiber.Map{"error": "Failed to create new user"})
 			}
 			
-			embeddedToken, err = h.DescopeClient.Management.User().GenerateEmbeddedLink(context.Background(), descopeLoginID, nil, 0)
+			embeddedToken, err = h.DescopeClient.Management.User().GenerateEmbeddedLink(context.Background(), targetLoginID, nil, 0)
 			if err != nil {
 				log.Printf("[Verify] Failed to generate token after creation: %v", err)
 				return c.Status(fiber.StatusInternalServerError).JSON(fiber.Map{"error": "Failed to generate upstream token"})