diff --git a/.env.sample b/.env.sample index 27dd2650..783920b6 100644 --- a/.env.sample +++ b/.env.sample @@ -34,4 +34,10 @@ NAVER_CLOUD_SECRET_KEY=ncp_iam_... NAVER_CLOUD_SERVICE_ID=ncp:sms:kr:...:... NAVER_SENDER_PHONE_NUMBER=... +# --- AWS SES Configuration --- +AWS_REGION=ap-northeast-2 +AWS_ACCESS_KEY_ID=... +AWS_SECRET_ACCESS_KEY=... +AWS_SES_SENDER=no-reply@baron.co.kr + ADMIN_PASSWORD=admin \ No newline at end of file diff --git a/backend/go.mod b/backend/go.mod index 23af349f..bfcd6854 100644 --- a/backend/go.mod +++ b/backend/go.mod @@ -12,6 +12,21 @@ require ( require ( github.com/ClickHouse/ch-go v0.69.0 // indirect github.com/andybalholm/brotli v1.2.0 // indirect + github.com/aws/aws-sdk-go-v2 v1.41.1 // indirect + github.com/aws/aws-sdk-go-v2/config v1.32.7 // indirect + github.com/aws/aws-sdk-go-v2/credentials v1.19.7 // indirect + github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.17 // indirect + github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.17 // indirect + github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.17 // indirect + github.com/aws/aws-sdk-go-v2/internal/ini v1.8.4 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.4 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.17 // indirect + github.com/aws/aws-sdk-go-v2/service/ses v1.34.18 // indirect + github.com/aws/aws-sdk-go-v2/service/signin v1.0.5 // indirect + github.com/aws/aws-sdk-go-v2/service/sso v1.30.9 // indirect + github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.13 // indirect + github.com/aws/aws-sdk-go-v2/service/sts v1.41.6 // indirect + github.com/aws/smithy-go v1.24.0 // indirect github.com/bwmarrin/snowflake v0.3.0 // indirect github.com/cespare/xxhash/v2 v2.3.0 // indirect github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0 // indirect diff --git a/backend/go.sum b/backend/go.sum index f23f6c51..5b47a91c 100644 --- a/backend/go.sum +++ b/backend/go.sum @@ -4,6 +4,36 @@ github.com/ClickHouse/clickhouse-go/v2 v2.42.0 h1:MdujEfIrpXesQUH0k0AnuVtJQXk6RZ github.com/ClickHouse/clickhouse-go/v2 v2.42.0/go.mod h1:riWnuo4YMVdajYll0q6FzRBomdyCrXyFY3VXeXczA8s= github.com/andybalholm/brotli v1.2.0 h1:ukwgCxwYrmACq68yiUqwIWnGY0cTPox/M94sVwToPjQ= github.com/andybalholm/brotli v1.2.0/go.mod h1:rzTDkvFWvIrjDXZHkuS16NPggd91W3kUSvPlQ1pLaKY= +github.com/aws/aws-sdk-go-v2 v1.41.1 h1:ABlyEARCDLN034NhxlRUSZr4l71mh+T5KAeGh6cerhU= +github.com/aws/aws-sdk-go-v2 v1.41.1/go.mod h1:MayyLB8y+buD9hZqkCW3kX1AKq07Y5pXxtgB+rRFhz0= +github.com/aws/aws-sdk-go-v2/config v1.32.7 h1:vxUyWGUwmkQ2g19n7JY/9YL8MfAIl7bTesIUykECXmY= +github.com/aws/aws-sdk-go-v2/config v1.32.7/go.mod h1:2/Qm5vKUU/r7Y+zUk/Ptt2MDAEKAfUtKc1+3U1Mo3oY= +github.com/aws/aws-sdk-go-v2/credentials v1.19.7 h1:tHK47VqqtJxOymRrNtUXN5SP/zUTvZKeLx4tH6PGQc8= +github.com/aws/aws-sdk-go-v2/credentials v1.19.7/go.mod h1:qOZk8sPDrxhf+4Wf4oT2urYJrYt3RejHSzgAquYeppw= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.17 h1:I0GyV8wiYrP8XpA70g1HBcQO1JlQxCMTW9npl5UbDHY= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.17/go.mod h1:tyw7BOl5bBe/oqvoIeECFJjMdzXoa/dfVz3QQ5lgHGA= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.17 h1:xOLELNKGp2vsiteLsvLPwxC+mYmO6OZ8PYgiuPJzF8U= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.17/go.mod h1:5M5CI3D12dNOtH3/mk6minaRwI2/37ifCURZISxA/IQ= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.17 h1:WWLqlh79iO48yLkj1v3ISRNiv+3KdQoZ6JWyfcsyQik= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.17/go.mod h1:EhG22vHRrvF8oXSTYStZhJc1aUgKtnJe+aOiFEV90cM= +github.com/aws/aws-sdk-go-v2/internal/ini v1.8.4 h1:WKuaxf++XKWlHWu9ECbMlha8WOEGm0OUEZqm4K/Gcfk= +github.com/aws/aws-sdk-go-v2/internal/ini v1.8.4/go.mod h1:ZWy7j6v1vWGmPReu0iSGvRiise4YI5SkR3OHKTZ6Wuc= +github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.4 h1:0ryTNEdJbzUCEWkVXEXoqlXV72J5keC1GvILMOuD00E= +github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.4/go.mod h1:HQ4qwNZh32C3CBeO6iJLQlgtMzqeG17ziAA/3KDJFow= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.17 h1:RuNSMoozM8oXlgLG/n6WLaFGoea7/CddrCfIiSA+xdY= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.17/go.mod h1:F2xxQ9TZz5gDWsclCtPQscGpP0VUOc8RqgFM3vDENmU= +github.com/aws/aws-sdk-go-v2/service/ses v1.34.18 h1:2Lnd3ZNTyWpFJJM55y0mP0aESovm+vFuFEwLijucUL8= +github.com/aws/aws-sdk-go-v2/service/ses v1.34.18/go.mod h1:BLwHw6wdkA6NfnW/cFaVcvpwdIXHLAkpe6nsLF9BVww= +github.com/aws/aws-sdk-go-v2/service/signin v1.0.5 h1:VrhDvQib/i0lxvr3zqlUwLwJP4fpmpyD9wYG1vfSu+Y= +github.com/aws/aws-sdk-go-v2/service/signin v1.0.5/go.mod h1:k029+U8SY30/3/ras4G/Fnv/b88N4mAfliNn08Dem4M= +github.com/aws/aws-sdk-go-v2/service/sso v1.30.9 h1:v6EiMvhEYBoHABfbGB4alOYmCIrcgyPPiBE1wZAEbqk= +github.com/aws/aws-sdk-go-v2/service/sso v1.30.9/go.mod h1:yifAsgBxgJWn3ggx70A3urX2AN49Y5sJTD1UQFlfqBw= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.13 h1:gd84Omyu9JLriJVCbGApcLzVR3XtmC4ZDPcAI6Ftvds= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.13/go.mod h1:sTGThjphYE4Ohw8vJiRStAcu3rbjtXRsdNB0TvZ5wwo= +github.com/aws/aws-sdk-go-v2/service/sts v1.41.6 h1:5fFjR/ToSOzB2OQ/XqWpZBmNvmP/pJ1jOWYlFDJTjRQ= +github.com/aws/aws-sdk-go-v2/service/sts v1.41.6/go.mod h1:qgFDZQSD/Kys7nJnVqYlWKnh0SSdMjAi0uSwON4wgYQ= +github.com/aws/smithy-go v1.24.0 h1:LpilSUItNPFr1eY85RYgTIg5eIEPtvFbskaFcmmIUnk= +github.com/aws/smithy-go v1.24.0/go.mod h1:LEj2LM3rBRQJxPZTB4KuzZkaZYnZPnvgIhb4pu07mx0= github.com/bwmarrin/snowflake v0.3.0 h1:xm67bEhkKh6ij1790JB83OujPR5CzNe8QuQqAgISZN0= github.com/bwmarrin/snowflake v0.3.0/go.mod h1:NdZxfVWX+oR6y2K0o6qAYv6gIOP9rjG0/E9WsDpxqwE= github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= diff --git a/backend/internal/domain/email_models.go b/backend/internal/domain/email_models.go new file mode 100644 index 00000000..f6ec18e7 --- /dev/null +++ b/backend/internal/domain/email_models.go @@ -0,0 +1,6 @@ +package domain + +// EmailService defines the interface for sending emails. +type EmailService interface { + SendEmail(to, subject, body string) error +} diff --git a/backend/internal/handler/auth_handler.go b/backend/internal/handler/auth_handler.go index ca220a1e..5b8700d2 100644 --- a/backend/internal/handler/auth_handler.go +++ b/backend/internal/handler/auth_handler.go @@ -35,6 +35,7 @@ const ( type AuthHandler struct { ProjectID string SmsService domain.SmsService + EmailService domain.EmailService RedisService *service.RedisService DescopeClient *client.DescopeClient } @@ -71,6 +72,7 @@ func NewAuthHandler() *AuthHandler { return &AuthHandler{ ProjectID: projectID, SmsService: service.NewSmsService(), + EmailService: service.NewEmailService(), RedisService: redisService, DescopeClient: descopeClient, } @@ -143,24 +145,52 @@ func (h *AuthHandler) InitEnchantedLink(c *fiber.Ctx) error { h.RedisService.Set(prefixSession+pendingRef, fmt.Sprintf(`{"status":"%s"}`, statusPending), defaultExpiration) h.RedisService.Set(prefixToken+token, fmt.Sprintf(`{"pendingRef":"%s","loginId":"%s"}`, pendingRef, loginID), defaultExpiration) - // Send SMS + // Generate Link frontendURL := os.Getenv("FRONTEND_URL") if frontendURL == "" { frontendURL = "http://ssologin.hmac.kr" } link := fmt.Sprintf("%s/verify/%s", frontendURL, token) - content := fmt.Sprintf("[Baron SSO] 로그인 링크: %s", link) - log.Printf("[Enchanted] Sending SMS to %s via Naver Cloud", loginID) + // Route based on LoginID type + if strings.Contains(loginID, "@") { + // Send Email + if h.EmailService == nil { + log.Printf("[Enchanted] Email Service not configured") + return c.Status(fiber.StatusInternalServerError).JSON(fiber.Map{"error": "Email service not configured"}) + } - if err := h.SmsService.SendSms(loginID, content); err != nil { - log.Printf("[Enchanted] SMS Failed: %v", err) - return c.Status(fiber.StatusInternalServerError).JSON(fiber.Map{"error": "Failed to send SMS"}) + subject := "[Baron SSO] 로그인 링크" + body := fmt.Sprintf(` +
+

Baron SSO 로그인

+

안녕하세요,

+

아래 버튼을 클릭하여 로그인을 완료해 주세요. 이 링크는 5분 동안 유효합니다.

+
+ 로그인 완료하기 +
+

만약 본인이 요청하지 않았다면 이 메일을 무시하셔도 됩니다.

+
+ `, link) + + log.Printf("[Enchanted] Sending Email to %s via AWS SES", loginID) + if err := h.EmailService.SendEmail(loginID, subject, body); err != nil { + log.Printf("[Enchanted] Email Failed: %v", err) + return c.Status(fiber.StatusInternalServerError).JSON(fiber.Map{"error": "Failed to send Email"}) + } + } else { + // Send SMS + content := fmt.Sprintf("[Baron SSO] 로그인 링크: %s", link) + log.Printf("[Enchanted] Sending SMS to %s via Naver Cloud", loginID) + + if err := h.SmsService.SendSms(loginID, content); err != nil { + log.Printf("[Enchanted] SMS Failed: %v", err) + return c.Status(fiber.StatusInternalServerError).JSON(fiber.Map{"error": "Failed to send SMS"}) + } } - log.Printf("[Enchanted] SMS sent successfully to %s", loginID) return c.JSON(fiber.Map{ - "linkId": "SMS Sent", + "linkId": "Sent", "pendingRef": pendingRef, "maskedEmail": loginID, }) diff --git a/backend/internal/service/ses_service.go b/backend/internal/service/ses_service.go new file mode 100644 index 00000000..5eb11660 --- /dev/null +++ b/backend/internal/service/ses_service.go @@ -0,0 +1,79 @@ +package service + +import ( + "context" + "fmt" + "log" + "os" + + "baron-sso-backend/internal/domain" + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/config" + "github.com/aws/aws-sdk-go-v2/credentials" + "github.com/aws/aws-sdk-go-v2/service/ses" + "github.com/aws/aws-sdk-go-v2/service/ses/types" +) + +type SesServiceImpl struct { + client *ses.Client + sender string +} + +func NewEmailService() domain.EmailService { + region := os.Getenv("AWS_REGION") + accessKey := os.Getenv("AWS_ACCESS_KEY_ID") + secretKey := os.Getenv("AWS_SECRET_ACCESS_KEY") + sender := os.Getenv("AWS_SES_SENDER") + + if region == "" || accessKey == "" || secretKey == "" { + log.Println("[EmailService] AWS configuration missing, email service will not work") + return nil + } + + cfg, err := config.LoadDefaultConfig(context.TODO(), + config.WithRegion(region), + config.WithCredentialsProvider(credentials.NewStaticCredentialsProvider(accessKey, secretKey, "")), + ) + if err != nil { + log.Printf("[EmailService] Failed to load AWS config: %v", err) + return nil + } + + return &SesServiceImpl{ + client: ses.NewFromConfig(cfg), + sender: sender, + } +} + +func (s *SesServiceImpl) SendEmail(to, subject, body string) error { + if s == nil || s.client == nil { + return fmt.Errorf("email service not initialized") + } + + input := &ses.SendEmailInput{ + Destination: &types.Destination{ + ToAddresses: []string{to}, + }, + Message: &types.Message{ + Body: &types.Body{ + Html: &types.Content{ + Charset: aws.String("UTF-8"), + Data: aws.String(body), + }, + }, + Subject: &types.Content{ + Charset: aws.String("UTF-8"), + Data: aws.String(subject), + }, + }, + Source: aws.String(s.sender), + } + + _, err := s.client.SendEmail(context.TODO(), input) + if err != nil { + log.Printf("[EmailService] Failed to send email to %s: %v", to, err) + } else { + log.Printf("[EmailService] Email sent successfully to %s", to) + } + return err +} diff --git a/frontend/lib/features/auth/presentation/login_screen.dart b/frontend/lib/features/auth/presentation/login_screen.dart index 7c76a480..bd805a65 100644 --- a/frontend/lib/features/auth/presentation/login_screen.dart +++ b/frontend/lib/features/auth/presentation/login_screen.dart @@ -1,4 +1,5 @@ import 'dart:async'; +import 'dart:convert'; import 'package:flutter/material.dart'; import 'package:flutter_riverpod/flutter_riverpod.dart'; import 'package:flutter_dotenv/flutter_dotenv.dart'; @@ -23,10 +24,8 @@ class LoginScreen extends ConsumerStatefulWidget { class _LoginScreenState extends ConsumerState with SingleTickerProviderStateMixin { late TabController _tabController; - final TextEditingController _emailController = TextEditingController(); - final TextEditingController _passwordController = TextEditingController(); - final TextEditingController _phoneController = TextEditingController(); - final TextEditingController _smsCodeController = TextEditingController(); + final TextEditingController _idController = TextEditingController(); + final TextEditingController _smsCodeController = TextEditingController(); // Keep if needed for verification inputs later? Actually not used in link flow. bool _smsSent = false; String? _redirectUrl; @@ -41,7 +40,7 @@ class _LoginScreenState extends ConsumerState @override void initState() { super.initState(); - _tabController = TabController(length: 3, vsync: this, initialIndex: 1); + _tabController = TabController(length: 2, vsync: this); _tabController.addListener(_handleTabSelection); // Check for tokens (Path Parameter or Legacy Query Parameter) @@ -62,10 +61,26 @@ class _LoginScreenState extends ConsumerState }); } + // Helper to decode JWT and get loginId + String _getLoginIdFromJwt(String jwt) { + try { + final parts = jwt.split('.'); + if (parts.length != 3) return 'User'; + + final payload = utf8.decode(base64Url.decode(base64Url.normalize(parts[1]))); + final data = json.decode(payload); + // Descope tokens usually have 'name', 'email', or 'sub' + return data['name'] ?? data['email'] ?? data['sub'] ?? 'User'; + } catch (e) { + debugPrint("[JWT] Decode error: $e"); + return 'User'; + } + } + void _handleTabSelection() { - if (_tabController.index == 2 && _qrPendingRef == null) { + if (_tabController.index == 1 && _qrPendingRef == null) { _startQrFlow(); - } else if (_tabController.index != 2) { + } else if (_tabController.index != 1) { _stopQrPolling(); } } @@ -125,12 +140,13 @@ class _LoginScreenState extends ConsumerState _qrCountdownTimer?.cancel(); final jwt = res['sessionJwt']; - // Create Dummy User & Session for Descope SDK + final displayName = _getLoginIdFromJwt(jwt); + // Create User & Session for Descope SDK final dummyUser = DescopeUser( 'unknown', // userId [], // loginIds 0, // createdAt - 'User', // name + displayName, // name null, // picture (Uri?) '', // email false, // isVerifiedEmail @@ -180,9 +196,10 @@ class _LoginScreenState extends ConsumerState debugPrint("[Auth] Verification successful for token: $token"); if (jwt != null && mounted) { - // Create Dummy User & Session for Descope SDK to log in this tab + final displayName = _getLoginIdFromJwt(jwt); + // Create User & Session for Descope SDK to log in this tab final dummyUser = DescopeUser( - 'unknown', [], 0, 'User', null, '', false, '', false, {}, '', '', '', false, 'enabled', [], [], [], + 'unknown', [], 0, displayName, null, '', false, '', false, {}, '', '', '', false, 'enabled', [], [], [], ); final session = DescopeSession.fromJwt(jwt, jwt, dummyUser); Descope.sessionManager.manageSession(session); @@ -213,49 +230,29 @@ class _LoginScreenState extends ConsumerState void dispose() { _stopQrPolling(); _tabController.dispose(); - _emailController.dispose(); - _passwordController.dispose(); - _phoneController.dispose(); + _idController.dispose(); _smsCodeController.dispose(); super.dispose(); } - Future _handleEmailLogin() async { - final email = _emailController.text.trim(); - if (email.isEmpty) return; + Future _handleLogin() async { + final input = _idController.text.trim(); + if (input.isEmpty) return; - final password = _passwordController.text; - if (password.isNotEmpty) { - debugPrint("[Auth] Attempting Email/Password login for: $email"); - try { - final authResponse = await Descope.password.signIn( - loginId: email, - password: password, - ); - final session = DescopeSession.fromAuthenticationResponse(authResponse); - Descope.sessionManager.manageSession(session); - debugPrint("[Auth] Email login successful"); - if (mounted) _onLoginSuccess(session.sessionToken.jwt); - } catch (e) { - debugPrint("[Auth] Email login failed: $e"); - _showError("Email/Password Login Failed: $e"); + String loginId = input; + if (!input.contains('@')) { + // Format phone number if it's not an email + loginId = input.replaceAll(RegExp(r'[-\s]'), ''); + if (loginId.startsWith('010')) { + loginId = '+82${loginId.substring(1)}'; } - } else { - debugPrint("[Auth] Initiating Email Enchanted Link for: $email"); - _initiateDescopeLinkFlow(email, isSms: false); } + + debugPrint("[Auth] Initiating Enchanted Link for: $loginId"); + _startEnchantedFlow(loginId, isEmail: input.contains('@')); } - Future _handleSmsLogin() async { - final rawPhone = _phoneController.text.trim(); - if (rawPhone.isEmpty) return; - - String phone = rawPhone.replaceAll(RegExp(r'[-\s]'), ''); - if (phone.startsWith('010')) { - phone = '+82${phone.substring(1)}'; // Convert 010 to +8210 - } - debugPrint("[Auth] Initiating SMS Enchanted Link for: $phone"); - + Future _startEnchantedFlow(String loginId, {required bool isEmail}) async { try { if (mounted) { showDialog( @@ -265,10 +262,10 @@ class _LoginScreenState extends ConsumerState ); } - // 1. Init via Backend API - final initResponse = await AuthProxyService.initEnchantedLink(phone); + // 1. Init via Backend API (Now handles both SMS and SES Email) + final initResponse = await AuthProxyService.initEnchantedLink(loginId); final pendingRef = initResponse['pendingRef']; - debugPrint("[Auth] SMS Sent. PendingRef: $pendingRef"); + debugPrint("[Auth] Link Sent. PendingRef: $pendingRef"); if (mounted) { Navigator.of(context).pop(); // Close Loading @@ -277,11 +274,13 @@ class _LoginScreenState extends ConsumerState context: context, barrierDismissible: false, builder: (context) => AlertDialog( - title: const Text("SMS Sent"), + title: Text(isEmail ? "이메일 전송됨" : "SMS 전송됨"), content: Column( mainAxisSize: MainAxisSize.min, children: [ - const Text("Please check the link sent to your phone."), + Text(isEmail + ? "입력하신 이메일로 로그인 링크를 보냈습니다." + : "입력하신 번호로 로그인 링크를 보냈습니다."), const SizedBox(height: 16), const LinearProgressIndicator(), const SizedBox(height: 16), @@ -290,7 +289,7 @@ class _LoginScreenState extends ConsumerState debugPrint("[Auth] Polling canceled by user"); Navigator.of(context).pop(); }, - child: const Text("Cancel") + child: const Text("취소") ) ], ), @@ -301,9 +300,9 @@ class _LoginScreenState extends ConsumerState _pollForSession(pendingRef); } } catch (e) { - debugPrint("[Auth] SMS initialization failed: $e"); + debugPrint("[Auth] Initialization failed: $e"); if (mounted && Navigator.canPop(context)) Navigator.of(context).pop(); - _showError("Failed to send SMS: $e"); + _showError("전송 실패: $e"); } } @@ -324,13 +323,14 @@ class _LoginScreenState extends ConsumerState if (jwt != null) { debugPrint("[Auth] Polling SUCCESS. Token received."); + final displayName = _getLoginIdFromJwt(jwt); // Descope SDK 세션 강제 주입 // Note: DescopeUser in 0.9.11 requires 18 positional arguments. final dummyUser = DescopeUser( 'unknown', // userId [], // loginIds 0, // createdAt - 'User', // name + displayName, // name null, // picture (Uri?) '', // email false, // isVerifiedEmail @@ -368,65 +368,15 @@ class _LoginScreenState extends ConsumerState } } - Future _initiateDescopeLinkFlow(String loginId, {required bool isSms}) async { + void _showError(String message) { + if (!mounted) return; + ScaffoldMessenger.of(context).showSnackBar( + SnackBar(content: Text(message), backgroundColor: Colors.red), + ); try { - if (mounted) { - showDialog( - context: context, - barrierDismissible: false, - builder: (context) => const Center(child: CircularProgressIndicator()), - ); - } - - // 1. Init via Descope SDK - final frontendUrl = dotenv.env['FRONTEND_URL'] ?? 'http://ssologin.hmac.kr'; - final signUpOrInResponse = await Descope.enchantedLink.signUpOrIn( - loginId: loginId, - redirectUrl: "$frontendUrl/auth/callback", - ); - - if (mounted) { - Navigator.of(context).pop(); // Close Loading - - showDialog( - context: context, - barrierDismissible: false, - builder: (context) => AlertDialog( - title: Text(isSms ? "SMS Sent" : "Email Sent"), - content: Column( - mainAxisSize: MainAxisSize.min, - children: [ - Text("We sent a login link to ${isSms ? loginId.split('@')[0] : loginId}"), - const SizedBox(height: 16), - - // For SMS, we might not get a Link ID in the message if the template doesn't include it. - // But Enchanted Link always has one. - Text( - "Security Number: ${signUpOrInResponse.linkId}", - style: const TextStyle(fontSize: 24, fontWeight: FontWeight.bold, color: Colors.blue), - ), - const SizedBox(height: 8), - const Text("Click the matching number."), - const SizedBox(height: 16), - const LinearProgressIndicator(), - ], - ), - ), - ); - - // 2. Poll via Descope SDK - final authResponse = await Descope.enchantedLink.pollForSession(pendingRef: signUpOrInResponse.pendingRef); - final session = DescopeSession.fromAuthenticationResponse(authResponse); - Descope.sessionManager.manageSession(session); - - if (mounted) { - Navigator.of(context).pop(); // Close Dialog - _onLoginSuccess(session.sessionToken.jwt); - } - } + AuthProxyService.logError(message); } catch (e) { - if (mounted && Navigator.canPop(context)) Navigator.of(context).pop(); - _showError("Login Failed: $e"); + // ignore } } @@ -463,18 +413,6 @@ class _LoginScreenState extends ConsumerState } } - void _showError(String message) { - if (!mounted) return; - ScaffoldMessenger.of(context).showSnackBar( - SnackBar(content: Text(message), backgroundColor: Colors.red), - ); - try { - AuthProxyService.logError(message); - } catch (e) { - // ignore - } - } - @override Widget build(BuildContext context) { return Scaffold( @@ -504,8 +442,7 @@ class _LoginScreenState extends ConsumerState TabBar( controller: _tabController, tabs: const [ - Tab(text: "이메일"), - Tab(text: "전화번호"), + Tab(text: "로그인"), Tab(text: "QR 코드"), ], ), @@ -516,69 +453,35 @@ class _LoginScreenState extends ConsumerState child: TabBarView( controller: _tabController, children: [ - // Email Form + // Unified Login Form Padding( padding: const EdgeInsets.only(top: 16.0), child: Column( children: [ TextField( - controller: _emailController, + controller: _idController, decoration: const InputDecoration( - labelText: "이메일", + labelText: "이메일 또는 휴대폰 번호", + hintText: "", border: OutlineInputBorder(), - prefixIcon: Icon(Icons.email_outlined), - ), - ), - const SizedBox(height: 16), - TextField( - controller: _passwordController, - obscureText: true, - decoration: const InputDecoration( - labelText: "비밀번호 (선택)", - border: OutlineInputBorder(), - prefixIcon: Icon(Icons.lock_outline), + prefixIcon: Icon(Icons.person_outline), ), + onSubmitted: (_) => _handleLogin(), ), const SizedBox(height: 24), FilledButton( - onPressed: _handleEmailLogin, + onPressed: _handleLogin, style: FilledButton.styleFrom( minimumSize: const Size.fromHeight(50), ), - child: const Text("로그인 / 링크 전송"), + child: const Text("로그인 링크 전송"), + ), + const SizedBox(height: 16), + const Text( + "입력하신 정보로 로그인 링크를 전송합니다.", + style: TextStyle(color: Colors.grey, fontSize: 12), + textAlign: TextAlign.center, ), - ], - ), - ), - - // Phone Form - Padding( - padding: const EdgeInsets.only(top: 16.0), - child: Column( - children: [ - TextField( - controller: _phoneController, - decoration: const InputDecoration( - labelText: "휴대폰 번호", - hintText: "010-1234-5678", - border: OutlineInputBorder(), - prefixIcon: Icon(Icons.phone_android), - ), - ), - const SizedBox(height: 24), - FilledButton( - onPressed: _handleSmsLogin, - style: FilledButton.styleFrom( - minimumSize: const Size.fromHeight(50), - ), - child: const Text("로그인 링크 전송"), - ), - const SizedBox(height: 16), - const Text( - "입력하신 번호로 로그인 링크를 문자로 보내드립니다.", - style: TextStyle(color: Colors.grey, fontSize: 12), - textAlign: TextAlign.center, - ), ], ), ), @@ -586,11 +489,13 @@ class _LoginScreenState extends ConsumerState // QR Login View Column( mainAxisAlignment: MainAxisAlignment.center, + crossAxisAlignment: CrossAxisAlignment.center, children: [ if (_isQrLoading) const CircularProgressIndicator() else if (_qrImageBase64 != null) Column( + crossAxisAlignment: CrossAxisAlignment.center, children: [ Container( padding: const EdgeInsets.all(16), @@ -609,6 +514,7 @@ class _LoginScreenState extends ConsumerState _qrRemainingSeconds > 0 ? "남은 시간: ${_formatTime(_qrRemainingSeconds)}" : "QR 코드 만료됨", + textAlign: TextAlign.center, style: TextStyle( color: _qrRemainingSeconds > 30 ? Colors.blue : Colors.red, fontWeight: FontWeight.bold, @@ -617,6 +523,7 @@ class _LoginScreenState extends ConsumerState const SizedBox(height: 8), const Text( "모바일 앱으로 스캔하세요", + textAlign: TextAlign.center, style: TextStyle(color: Colors.grey, fontSize: 12), ), TextButton( @@ -626,7 +533,7 @@ class _LoginScreenState extends ConsumerState ], ) else - const Text("QR 코드를 불러오지 못했습니다."), + const Text("QR 코드를 불러오지 못했습니다.", textAlign: TextAlign.center), ], ), ], diff --git a/frontend/lib/features/dashboard/presentation/dashboard_screen.dart b/frontend/lib/features/dashboard/presentation/dashboard_screen.dart index e125b046..12de5b48 100644 --- a/frontend/lib/features/dashboard/presentation/dashboard_screen.dart +++ b/frontend/lib/features/dashboard/presentation/dashboard_screen.dart @@ -67,13 +67,8 @@ class DashboardScreen extends StatelessWidget { SizedBox( width: double.infinity, height: 56, - child: ElevatedButton.icon( + child: ElevatedButton( onPressed: () => _onScanQR(context), - icon: const Icon(Icons.qr_code_scanner, size: 28), - label: Text( - 'QR 스캔하기', - style: GoogleFonts.notoSans(fontSize: 18, fontWeight: FontWeight.w600), - ), style: ElevatedButton.styleFrom( backgroundColor: const Color(0xFF1A1F2C), foregroundColor: Colors.white, @@ -82,6 +77,18 @@ class DashboardScreen extends StatelessWidget { borderRadius: BorderRadius.circular(12), ), ), + child: Row( + mainAxisAlignment: MainAxisAlignment.center, + children: [ + const Icon(Icons.qr_code_scanner, size: 28), + const SizedBox(width: 12), + Text( + 'QR 스캔하기', + style: GoogleFonts.notoSans(fontSize: 18, fontWeight: FontWeight.w600), + ), + const SizedBox(width: 40), // Icon size(28) + Spacing(12) to balance the centering + ], + ), ), ), const SizedBox(height: 16),