Merge pull request '하드코딩 변수 관리' (#31) from dev/sso-from-b5aed4f into main

Reviewed-on: ai-team/baron-sso#31

backend/internal/handler/auth_handler.go

@@ -141,9 +141,11 @@ func (h *AuthHandler) InitEnchantedLink(c *fiber.Ctx) error {
 	h.RedisService.Set(prefixToken+token, fmt.Sprintf(`{"pendingRef":"%s","loginId":"%s"}`, pendingRef, loginID), defaultExpiration)
 
 	// Send SMS
-	// Frontend URL should be dynamic or env based, but restoring hardcoded/env logic
+	// Frontend URL should be dynamic or env based
-	// The frontend uses ssologin.hmac.kr
+	frontendURL := os.Getenv("FRONTEND_URL")
-	frontendURL := "http://ssologin.hmac.kr"
+	if frontendURL == "" {
+		frontendURL = "http://ssologin.hmac.kr"
+	}
 	link := fmt.Sprintf("%s/verify/%s", frontendURL, token)
 	content := fmt.Sprintf("[Baron SSO] 로그인 링크: %s", link)
 

frontend/lib/core/services/audit_service.dart

@@ -3,7 +3,7 @@ import 'package:http/http.dart' as http;
 import 'package:flutter_dotenv/flutter_dotenv.dart';
 
 class AuditService {
-  static const String _baseUrl = 'https://ssologin.hmac.kr';
+  static String get _baseUrl => dotenv.env['BACKEND_URL'] ?? 'https://ssologin.hmac.kr';
 
   static Future<void> logEvent({
     required String userId,

frontend/lib/core/services/auth_proxy_service.dart

@@ -3,8 +3,7 @@ import 'package:http/http.dart' as http;
 import 'package:flutter_dotenv/flutter_dotenv.dart';
 
 class AuthProxyService {
-  // HARDCODED URL
+  static String get _baseUrl => dotenv.env['BACKEND_URL'] ?? 'https://ssologin.hmac.kr';
-  static const String _baseUrl = 'https://ssologin.hmac.kr';
 
   static Future<Map<String, dynamic>> initEnchantedLink(String loginId, {String? method}) async {
     final url = Uri.parse('$_baseUrl/api/v1/auth/enchanted-link/init');

frontend/lib/features/auth/presentation/login_screen.dart

@@ -222,9 +222,10 @@ class _LoginScreenState extends ConsumerState<LoginScreen>
       }
 
       // 1. Init via Descope SDK
+      final frontendUrl = dotenv.env['FRONTEND_URL'] ?? 'http://ssologin.hmac.kr';
       final signUpOrInResponse = await Descope.enchantedLink.signUpOrIn(
         loginId: loginId,
-        redirectUrl: "http://ssologin.hmac.kr/auth/callback",
+        redirectUrl: "$frontendUrl/auth/callback",
       );
 
       if (mounted) {