이메일/비밀번호 로그인 기능 구현

backend/internal/handler/auth_handler.go

@@ -667,6 +667,42 @@ func (h *AuthHandler) VerifyMagicLink(c *fiber.Ctx) error {
 	})
 }
 
+
+// PasswordLogin - Authenticate a user with login ID and password.
+func (h *AuthHandler) PasswordLogin(c *fiber.Ctx) error {
+	var req struct {
+		LoginID  string `json:"loginId"`
+		Password string `json:"password"`
+	}
+
+	if err := c.BodyParser(&req); err != nil {
+		slog.Error("[PasswordLogin] Body parse error", "error", err)
+		return c.Status(fiber.StatusBadRequest).JSON(fiber.Map{"error": "Invalid request body"})
+	}
+
+	slog.Info("[PasswordLogin] Attempting to login", "loginID", req.LoginID)
+
+	if h.DescopeClient == nil {
+		slog.Error("[PasswordLogin] Descope Client is nil!")
+		return c.Status(fiber.StatusInternalServerError).JSON(fiber.Map{"error": "Authentication service not configured"})
+	}
+
+	// Sign in using Descope
+	authInfo, err := h.DescopeClient.Auth.Password().SignIn(context.Background(), req.LoginID, req.Password, nil)
+	if err != nil {
+		slog.Warn("[PasswordLogin] Descope sign-in failed", "loginID", req.LoginID, "error", err)
+		// It's good practice to return a generic error message for security.
+		return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{"error": "Invalid credentials"})
+	}
+
+	slog.Info("[PasswordLogin] Success", "loginID", req.LoginID)
+	return c.JSON(fiber.Map{
+		"sessionJwt": authInfo.SessionToken.JWT,
+		"status":     "ok",
+	})
+}
+
+
 // InitQRLogin - Step 1: Web 패널에서 QR 로그인 세션을 생성합니다.
 func (h *AuthHandler) InitQRLogin(c *fiber.Ctx) error {
 	pendingRef := GenerateSecureToken(16)