feat: i18n 개선 및 userfront 로그인/로케일 보완

2026-02-12 21:25:26 +09:00
parent b6d3b69cda
commit dfa2fc2406
60 changed files with 5724 additions and 1734 deletions
--- a/backend/internal/handler/auth_handler.go
+++ b/backend/internal/handler/auth_handler.go
@@ -454,7 +454,8 @@ func (h *AuthHandler) Signup(c *fiber.Ctx) error {

 	slog.Info("[Signup] New user registered", "email", req.Email, "type", req.AffiliationType, "provider", h.IdpProvider.Name(), "subject", providerID)

-	// [New] Local DB Sync
+	// [SoT Policy] Kratos가 SoT이므로 로컬 DB 저장은 비동기 Read-Model 동기화로 처리합니다.
+	// 로컬 DB 저장이 실패하더라도 회원가입 프로세스는 성공으로 간주합니다.
 	localUser := &domain.User{
 		ID:              providerID, // Match IDP Subject
 		Email:           req.Email,
@@ -470,9 +471,17 @@ func (h *AuthHandler) Signup(c *fiber.Ctx) error {
 	}

 	if h.UserRepo != nil {
-		if err := h.UserRepo.Create(c.Context(), localUser); err != nil {
-			slog.Error("[Signup] Failed to sync user to local DB", "email", req.Email, "error", err)
-		}
+		go func(u *domain.User) {
+			// 요청 Context가 취소될 수 있으므로 Background Context 사용
+			ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
+			defer cancel()
+
+			if err := h.UserRepo.Create(ctx, u); err != nil {
+				slog.Error("[Signup] Failed to sync user to Read-Model (Local DB)", "email", u.Email, "error", err)
+			} else {
+				slog.Debug("[Signup] Synced user to Read-Model", "email", u.Email)
+			}
+		}(localUser)
 	}

 	// [Keto] Sync user-tenant relationship
--- a/backend/internal/handler/auth_handler_async_test.go
+++ b/backend/internal/handler/auth_handler_async_test.go
@@ -0,0 +1,251 @@
+package handler
+
+import (
+	"baron-sso-backend/internal/domain"
+	"baron-sso-backend/internal/service"
+	"bytes"
+	"context"
+	"encoding/json"
+	"errors"
+	"net/http"
+	"net/http/httptest"
+	"testing"
+	"time"
+
+	"github.com/gofiber/fiber/v2"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/mock"
+)
+
+// --- Async Test Mocks ---
+
+type AsyncMockIdpProvider struct {
+	mock.Mock
+}
+
+func (m *AsyncMockIdpProvider) Name() string { return "mock-idp" }
+func (m *AsyncMockIdpProvider) GetMetadata() (*domain.IDPMetadata, error) {
+	return &domain.IDPMetadata{}, nil
+}
+func (m *AsyncMockIdpProvider) UserExists(loginID string) (bool, error) {
+	args := m.Called(loginID)
+	return args.Bool(0), args.Error(1)
+}
+func (m *AsyncMockIdpProvider) CreateUser(user *domain.BrokerUser, password string) (string, error) {
+	args := m.Called(user, password)
+	return args.String(0), args.Error(1)
+}
+func (m *AsyncMockIdpProvider) SignIn(loginID, password string) (*domain.AuthInfo, error) {
+	return nil, nil
+}
+func (m *AsyncMockIdpProvider) IssueSession(loginID string) (*domain.AuthInfo, error) { return nil, nil }
+func (m *AsyncMockIdpProvider) InitiateLinkLogin(loginID, returnTo string) (*domain.LinkLoginInit, error) {
+	return nil, nil
+}
+func (m *AsyncMockIdpProvider) VerifyLoginCode(loginID, flowID, code string) (*domain.AuthInfo, error) {
+	return nil, nil
+}
+func (m *AsyncMockIdpProvider) GetPasswordPolicy() (*domain.PasswordPolicy, error) {
+	return &domain.PasswordPolicy{MinLength: 12}, nil
+}
+func (m *AsyncMockIdpProvider) InitiatePasswordReset(loginID, redirectUrl string) error { return nil }
+func (m *AsyncMockIdpProvider) VerifyPasswordResetToken(token string) (*domain.AuthInfo, error) {
+	return nil, nil
+}
+func (m *AsyncMockIdpProvider) UpdateUserPassword(loginID, newPassword string, r *http.Request) error {
+	return nil
+}
+
+type AsyncMockUserRepo struct {
+	mock.Mock
+	createCalled chan bool
+}
+
+func (m *AsyncMockUserRepo) Create(ctx context.Context, user *domain.User) error {
+	// Simulate DB latency
+	time.Sleep(50 * time.Millisecond)
+	args := m.Called(ctx, user)
+	if m.createCalled != nil {
+		m.createCalled <- true
+	}
+	return args.Error(0)
+}
+func (m *AsyncMockUserRepo) Update(ctx context.Context, user *domain.User) error { return nil }
+func (m *AsyncMockUserRepo) FindByEmail(ctx context.Context, email string) (*domain.User, error) {
+	return nil, nil
+}
+func (m *AsyncMockUserRepo) FindByID(ctx context.Context, id string) (*domain.User, error) {
+	return nil, nil
+}
+func (m *AsyncMockUserRepo) FindByIDs(ctx context.Context, ids []string) ([]domain.User, error) {
+	return nil, nil
+}
+func (m *AsyncMockUserRepo) ListByTenant(ctx context.Context, tenantID string) ([]domain.User, error) {
+	return nil, nil
+}
+func (m *AsyncMockUserRepo) List(ctx context.Context, offset, limit int, search string) ([]domain.User, int64, error) {
+	return nil, 0, nil
+}
+
+type AsyncMockRedisRepo struct {
+	mock.Mock
+}
+
+func (m *AsyncMockRedisRepo) Set(key string, value string, expiration time.Duration) error {
+	args := m.Called(key, value, expiration)
+	return args.Error(0)
+}
+func (m *AsyncMockRedisRepo) Get(key string) (string, error) {
+	args := m.Called(key)
+	return args.String(0), args.Error(1)
+}
+func (m *AsyncMockRedisRepo) Delete(key string) error {
+	args := m.Called(key)
+	return args.Error(0)
+}
+func (m *AsyncMockRedisRepo) StoreVerificationCode(phone, code string) error   { return nil }
+func (m *AsyncMockRedisRepo) GetVerificationCode(phone string) (string, error) { return "", nil }
+func (m *AsyncMockRedisRepo) DeleteVerificationCode(phone string) error        { return nil }
+
+type AsyncMockTenantService struct {
+	mock.Mock
+}
+
+func (m *AsyncMockTenantService) RegisterTenant(ctx context.Context, name, slug, description string, domains []string) (*domain.Tenant, error) {
+	return nil, nil
+}
+func (m *AsyncMockTenantService) RequestRegistration(ctx context.Context, name, slug, description string, domainName string, adminEmail string) (*domain.Tenant, error) {
+	return nil, nil
+}
+func (m *AsyncMockTenantService) GetTenantByDomain(ctx context.Context, emailDomain string) (*domain.Tenant, error) {
+	args := m.Called(ctx, emailDomain)
+	if args.Get(0) == nil {
+		return nil, args.Error(1)
+	}
+	return args.Get(0).(*domain.Tenant), args.Error(1)
+}
+func (m *AsyncMockTenantService) GetTenantBySlug(ctx context.Context, slug string) (*domain.Tenant, error) {
+	return nil, nil
+}
+func (m *AsyncMockTenantService) GetTenant(ctx context.Context, id string) (*domain.Tenant, error) {
+	return nil, nil
+}
+func (m *AsyncMockTenantService) ListManageableTenants(ctx context.Context, userID string) ([]domain.Tenant, error) {
+	return nil, nil
+}
+func (m *AsyncMockTenantService) ApproveTenant(ctx context.Context, id string) error { return nil }
+func (m *AsyncMockTenantService) SetKetoService(keto service.KetoService)           {}
+func (m *AsyncMockTenantService) AddTenantAdmin(ctx context.Context, tenantID, userID string) error {
+	return nil
+}
+func (m *AsyncMockTenantService) RemoveTenantAdmin(ctx context.Context, tenantID, userID string) error {
+	return nil
+}
+func (m *AsyncMockTenantService) ListTenantAdmins(ctx context.Context, tenantID string) ([]string, error) {
+	return nil, nil
+}
+
+type AsyncMockKetoService struct {
+	mock.Mock
+}
+
+func (m *AsyncMockKetoService) CreateRelation(ctx context.Context, namespace, object, relation, subject string) error {
+	args := m.Called(ctx, namespace, object, relation, subject)
+	return args.Error(0)
+}
+func (m *AsyncMockKetoService) DeleteRelation(ctx context.Context, namespace, object, relation, subject string) error {
+	return nil
+}
+func (m *AsyncMockKetoService) CheckPermission(ctx context.Context, namespace, object, relation, subject string) (bool, error) {
+	return false, nil
+}
+func (m *AsyncMockKetoService) ListObjects(ctx context.Context, namespace, relation, subject string) ([]string, error) {
+	return nil, nil
+}
+func (m *AsyncMockKetoService) ListRelations(ctx context.Context, namespace, object, relation, subject string) ([]service.RelationTuple, error) {
+	return nil, nil
+}
+
+// --- Tests ---
+
+func TestSignup_AsyncDB_Isolation(t *testing.T) {
+	mockIdp := new(AsyncMockIdpProvider)
+	mockUserRepo := new(AsyncMockUserRepo)
+	mockRedis := new(AsyncMockRedisRepo)
+	mockTenant := new(AsyncMockTenantService)
+	mockKeto := new(AsyncMockKetoService)
+
+	h := &AuthHandler{
+		IdpProvider:   mockIdp,
+		UserRepo:      mockUserRepo,
+		RedisService:  mockRedis,
+		TenantService: mockTenant,
+		KetoService:   mockKeto,
+	}
+
+	app := fiber.New()
+	app.Post("/signup", h.Signup)
+
+	t.Run("SoT_DB_Failure_Ignored_And_Async", func(t *testing.T) {
+		email := "test@example.com"
+		phone := "010-1234-5678"
+		emailKey := "signup:email:" + email
+		phoneKey := "signup:phone:" + "01012345678"
+
+		// Redis Mocks
+		mockRedis.On("Get", emailKey).Return(`{"verified": true, "expires_at": 9999999999}`, nil)
+		mockRedis.On("Get", phoneKey).Return(`{"verified": true, "expires_at": 9999999999}`, nil)
+		mockRedis.On("Delete", emailKey).Return(nil)
+		mockRedis.On("Delete", phoneKey).Return(nil)
+
+		// Tenant Mocks
+		mockTenant.On("GetTenantByDomain", mock.Anything, "example.com").Return(nil, errors.New("not found"))
+
+		// Kratos Mocks (Success)
+		mockIdp.On("CreateUser", mock.Anything, "Password123!").Return("new-user-uuid", nil)
+
+		// UserRepo Mocks (Async & Failure)
+		mockUserRepo.createCalled = make(chan bool, 1)
+		mockUserRepo.On("Create", mock.Anything, mock.MatchedBy(func(u *domain.User) bool {
+			return u.Email == email
+		})).Return(errors.New("db connection error"))
+
+		// Keto Mocks (Optional, since it's also async)
+		// We won't block on this either
+
+		body, _ := json.Marshal(domain.SignupRequest{
+			Email:         email,
+			Password:      "Password123!",
+			Name:          "Test User",
+			Phone:         phone,
+			TermsAccepted: true,
+		})
+		req := httptest.NewRequest("POST", "/signup", bytes.NewReader(body))
+		req.Header.Set("Content-Type", "application/json")
+
+		start := time.Now()
+		resp, err := app.Test(req, 5000)
+		elapsed := time.Since(start)
+
+		if err != nil {
+			t.Fatalf("Request failed: %v", err)
+		}
+
+		assert.Equal(t, 200, resp.StatusCode)
+
+		// Ensure API responded faster than DB latency (50ms)
+		assert.Less(t, int64(elapsed), int64(60*time.Millisecond), "API should return before DB timeout")
+
+		// Wait for async execution
+		select {
+		case <-mockUserRepo.createCalled:
+			// Pass
+		case <-time.After(2 * time.Second):
+			t.Fatal("UserRepo.Create was not called asynchronously")
+		}
+
+		mockRedis.AssertExpectations(t)
+		mockIdp.AssertExpectations(t)
+		mockUserRepo.AssertExpectations(t)
+	})
+}
--- a/backend/internal/handler/user_handler.go
+++ b/backend/internal/handler/user_handler.go
@@ -304,10 +304,15 @@ func (h *UserHandler) CreateUser(c *fiber.Ctx) error {
 		localUser.TenantID = &tenantID
 	}

+	// [SoT Policy] Kratos가 SoT이므로 로컬 DB 저장은 비동기 Read-Model 동기화로 처리합니다.
 	if h.UserRepo != nil {
-		if err := h.UserRepo.Create(c.Context(), localUser); err != nil {
-			slog.Error("[UserHandler] Failed to sync user to local DB", "email", email, "error", err)
-		}
+		go func(u *domain.User) {
+			ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
+			defer cancel()
+			if err := h.UserRepo.Create(ctx, u); err != nil {
+				slog.Error("[UserHandler] Failed to sync user to local DB", "email", u.Email, "error", err)
+			}
+		}(localUser)
 	}

 	// [Keto] Sync relations
@@ -483,27 +488,32 @@ func (h *UserHandler) UpdateUser(c *fiber.Ctx) error {
 				localUser.Metadata = req.Metadata
 			}

-			if err := h.UserRepo.Update(c.Context(), localUser); err == nil {
-				// [Keto Sync on Role Change]
-				if h.KetoService != nil && req.Role != nil && *req.Role != oldRole {
-					go func(uID, oldR, newR, tID string) {
-						ctx := context.Background()
-						if oldR == domain.RoleSuperAdmin {
+			// [SoT Policy] Kratos가 SoT이므로 로컬 DB 저장은 비동기 Read-Model 동기화로 처리합니다.
+			go func(u *domain.User, rRole *string, oRole string, oTenantID string) {
+				ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
+				defer cancel()
+
+				if err := h.UserRepo.Update(ctx, u); err == nil {
+					// [Keto Sync on Role Change]
+					if h.KetoService != nil && rRole != nil && *rRole != oRole {
+						uID := u.ID
+						newR := *rRole
+						if oRole == domain.RoleSuperAdmin {
 							_ = h.KetoService.DeleteRelation(ctx, "System", "global", "super_admins", uID)
-						} else if oldR == domain.RoleTenantAdmin && tID != "" {
-							_ = h.KetoService.DeleteRelation(ctx, "Tenant", tID, "admins", uID)
+						} else if oRole == domain.RoleTenantAdmin && oTenantID != "" {
+							_ = h.KetoService.DeleteRelation(ctx, "Tenant", oTenantID, "admins", uID)
 						}

 						if newR == domain.RoleSuperAdmin {
 							_ = h.KetoService.CreateRelation(ctx, "System", "global", "super_admins", uID)
-						} else if newR == domain.RoleTenantAdmin && tID != "" {
-							_ = h.KetoService.CreateRelation(ctx, "Tenant", tID, "admins", uID)
+						} else if newR == domain.RoleTenantAdmin && u.TenantID != nil {
+							_ = h.KetoService.CreateRelation(ctx, "Tenant", *u.TenantID, "admins", uID)
 						}
-					}(userID, oldRole, *req.Role, oldTenantID)
+					}
+				} else {
+					slog.Error("[UserHandler] Failed to sync user update to local DB", "userID", u.ID, "error", err)
 				}
-			} else {
-				slog.Error("[UserHandler] Failed to sync user update to local DB", "userID", userID, "error", err)
-			}
+			}(localUser, req.Role, oldRole, oldTenantID)
 		}
 	}