비밀번호 변경 중간 저장2

2026-01-26 20:29:35 +09:00
parent d922de5df6
commit 739da39a61
19 changed files with 1668 additions and 164 deletions
--- a/backend/cmd/server/main.go
+++ b/backend/cmd/server/main.go
@@ -166,8 +166,21 @@ func main() {
 		AllowHeaders: "Origin, Content-Type, Accept, Authorization",
 		AllowMethods: "GET, POST, HEAD, PUT, DELETE, PATCH, OPTIONS",
 	}))
+
+	// Ensure COOKIE_SECRET is exactly 32 bytes for AES-256
+	cookieSecret := getEnv("COOKIE_SECRET", "secret-key-must-be-32-bytes-long!")
+	if len(cookieSecret) != 32 {
+		slog.Warn("COOKIE_SECRET length is not 32 bytes. Adjusting...", "original_length", len(cookieSecret))
+		if len(cookieSecret) > 32 {
+			cookieSecret = cookieSecret[:32]
+		} else {
+			// Pad with '0' if too short
+			cookieSecret = fmt.Sprintf("%-32s", cookieSecret)
+		}
+	}
+
 	app.Use(encryptcookie.New(encryptcookie.Config{
-		Key: getEnv("COOKIE_SECRET", "secret-key-must-be-32-bytes-long!"),
+		Key: cookieSecret,
 	}))

 	// Routes
@@ -228,11 +241,12 @@ func main() {
 	auth.Post("/enchanted-link/poll", authHandler.PollEnchantedLink)
 	auth.Post("/magic-link/verify", authHandler.VerifyMagicLink)
 	auth.Post("/password/login", authHandler.PasswordLogin)
-
-	// ✅ 비밀번호 재설정 (추가)
-	auth.Post("/password-reset/init", authHandler.InitPasswordReset)
-	auth.Post("/password-reset/confirm", authHandler.ConfirmPasswordReset)
-
+	auth.Post("/password/reset/initiate", authHandler.InitiatePasswordReset)
+	// [Changed] Use Interstitial Page for GET to prevent Scanner consumption
+	auth.Get("/password/reset/verify", authHandler.VerifyPasswordResetPage)
+	// [Added] Use POST for actual verification triggered by the user
+	auth.Post("/password/reset/verify", authHandler.ProcessPasswordResetToken)
+	auth.Post("/password/reset/complete", authHandler.CompletePasswordReset)
 	auth.Post("/sms", authHandler.SendSms)
 	auth.Post("/verify-sms", authHandler.VerifySms)
 	auth.Post("/qr/init", authHandler.InitQRLogin)