Skip to content

[Fix/#53] 로그인 상태 확인 로직 수정 #154

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
hyesngy merged 2 commits into from
Dec 26, 2025
Merged

[Fix/#53] 로그인 상태 확인 로직 수정 #154

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
1a9ebf4
fix: 로그인 상태 확인 check-login 으로 수정
hyesngy Dec 26, 2025
d5de7c6
fix: 코드리뷰 반영
hyesngy Dec 26, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
26 changes: 26 additions & 0 deletions src/apis/auth.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
import axiosInstance from "@/apis/config/instance";
import { apiPost } from "@/lib/api";
import { API_ENDPOINTS } from "./config/endpoints";

Expand All @@ -8,6 +9,31 @@ interface LogoutResponse {
data: string;
}

export interface CheckLoginResponse {
success: boolean;
code: number;
message: string;
data: {
validUser: boolean;
invalidToken: boolean;
owner: boolean;
};
}

export const logout = async (): Promise<LogoutResponse> => {
return apiPost<LogoutResponse>(API_ENDPOINTS.AUTH.LOGOUT);
};

export const checkLogin = async (
shareUri: string
): Promise<CheckLoginResponse> => {
const response = await axiosInstance.post<CheckLoginResponse>(
API_ENDPOINTS.AUTH.CHECK_LOGIN,
null,
{
params: { shareUri },
headers: { skipAuthRedirect: "true" },
}
);
return response.data;
};
Comment on lines +27 to +39
Copy link

@coderabbitai coderabbitai bot Dec 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Search for skipAuthRedirect header usage and context
echo "=== Searching for skipAuthRedirect usage ==="
rg -n "skipAuthRedirect" -C 3

echo ""
echo "=== Searching for axios interceptor implementation ==="
rg -n "interceptor" -i -C 2

echo ""
echo "=== Searching for API_ENDPOINTS.AUTH ==="
rg -n "API_ENDPOINTS\.AUTH" -C 2

Repository: First-Note-of-this-Year/Frontend

Length of output: 3667

🏁 Script executed:

#!/bin/bash
# Find API_ENDPOINTS definition
echo "=== Finding API_ENDPOINTS definition ==="
rg -n "API_ENDPOINTS" -A 15 | head -80

echo ""
echo "=== Looking for CHECK_LOGIN specifically ==="
rg -n "CHECK_LOGIN" -B 2 -A 2

echo ""
echo "=== Checking other read-only operations in auth ==="
rg -n "export const" src/apis/auth.ts

Repository: First-Note-of-this-Year/Frontend

Length of output: 4354

🏁 Script executed:

#!/bin/bash
# Search for comments around checkLogin definition
echo "=== Full checkLogin function with context ==="
cat -n src/apis/auth.ts | sed -n '20,42p'

echo ""
echo "=== Searching for TODO or comments about HTTP methods ==="
rg -n "TODO|FIXME|NOTE" src/apis/auth.ts

echo ""
echo "=== Looking for backend API documentation or comments ==="
rg -n "/auth/check-login" -B 5 -A 5

Repository: First-Note-of-this-Year/Frontend

Length of output: 1332

POST 메서드 사용 확인 필요

읽기 전용 로그인 상태 확인에 POST 메서드를 사용하는 것은 일반적이지 않습니다. skipAuthRedirect 헤더는 응답 인터셉터에서 401 에러 시 리다이렉트를 방지하도록 올바르게 구현되어 있으나, POST 메서드를 선택한 이유를 백엔드 API 명세에서 확인하세요.

현재 코드베이스의 다른 읽기 전용 작업들은 GET 메서드를 사용하고 있으므로, 이 엔드포인트가 특별히 POST를 요구하는지, 또는 GET으로 변경 가능한지 검토하시기 바랍니다.

🤖 Prompt for AI Agents 
In src/apis/auth.ts around lines 27 to 39, the checkLogin function currently
uses axios.post for a read-only check which is inconsistent with other GET read
operations; verify the backend API spec to confirm whether this endpoint
requires POST, and if it does not, change the call to
axiosInstance.get<CheckLoginResponse>(API_ENDPOINTS.AUTH.CHECK_LOGIN, { params:
{ shareUri }, headers: { skipAuthRedirect: "true" } }) so parameters are sent as
query string and behavior stays identical; if the backend truly needs POST, add
a comment explaining why POST is required and keep the current implementation
but ensure params/body match the API contract.

1 change: 1 addition & 0 deletions src/apis/config/endpoints.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ export const API_ENDPOINTS = {
AUTH: {
REISSUE: "/auth/reissue",
LOGOUT: "/auth/logout",
CHECK_LOGIN: "/auth/check-login",
},

// 시간 관련
Expand Down
19 changes: 16 additions & 3 deletions src/components/ui/sidebar.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@ export function Sidebar({
isCheckingAuth,
hasFetchedAuth,
checkAuth,
checkAuthForSharedBoard,
reset: resetAuth,
} = useAuthStore();

Expand All @@ -44,11 +45,23 @@ export function Sidebar({
const isSharedBoard = Boolean(shareUri);

useEffect(() => {
// 공유 보드가 아닌 경우에만 인증 체크
if (!isSharedBoard && !hasFetchedAuth && !isCheckingAuth) {
if (hasFetchedAuth || isCheckingAuth) return;

if (isSharedBoard && shareUri) {
// 공유 보드
void checkAuthForSharedBoard(shareUri);
} else {
// 내 보드
void checkAuth();
}
}, [isSharedBoard, checkAuth, hasFetchedAuth, isCheckingAuth]);
}, [
isSharedBoard,
shareUri,
checkAuth,
checkAuthForSharedBoard,
hasFetchedAuth,
isCheckingAuth,
]);

const handleLogoutClick = () => {
setShowLogoutAlert(true);
Expand Down
34 changes: 34 additions & 0 deletions src/stores/useAuthStore.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
import { create } from "zustand";
import { checkLogin, type CheckLoginResponse } from "@/apis/auth";
import { getBoardShareForAuth } from "@/apis/board";
import type { GetBoardShareResponse } from "@/types/board";

Expand All @@ -10,6 +11,9 @@ interface AuthState {
checkAuth: (options?: {
force?: boolean;
}) => Promise<GetBoardShareResponse["data"] | null>;
checkAuthForSharedBoard: (
shareUri: string
) => Promise<CheckLoginResponse["data"] | null>;
setLoggedIn: (
value: boolean,
options?: { boardShare?: GetBoardShareResponse["data"] | null }
Expand Down Expand Up @@ -55,6 +59,36 @@ export const useAuthStore = create<AuthState>((set, get) => ({
}
},

checkAuthForSharedBoard: async (shareUri: string) => {
const { hasFetchedAuth } = get();

if (hasFetchedAuth) {
return null;
}

set({ isCheckingAuth: true });

try {
const response = await checkLogin(shareUri);

set({
isLoggedIn: response.data.validUser,
isCheckingAuth: false,
hasFetchedAuth: true,
});

return response.data;
} catch {
set({
isLoggedIn: false,
isCheckingAuth: false,
hasFetchedAuth: true,
});

return null;
}
},

setLoggedIn: (value: boolean, options) => {
set({
isLoggedIn: value,
Expand Down
Loading