Merge pull request #5 from ProjectVG/feature/auth

Feature/auth

Author: ImGdevel

.dockerignore

@@ -1,30 +1,82 @@
-**/.classpath
-**/.dockerignore
-**/.env
-**/.git
-**/.gitignore
-**/.project
-**/.settings
-**/.toolstarget
-**/.vs
-**/.vscode
-**/*.*proj.user
-**/*.dbmdl
-**/*.jfm
-**/azds.yaml
-**/bin
-**/charts
-**/docker-compose*
-**/Dockerfile*
-**/node_modules
-**/npm-debug.log
-**/obj
-**/secrets.dev.yaml
-**/values.dev.yaml
-LICENSE
-README.md
-!**/.gitignore
-!.git/HEAD
-!.git/config
-!.git/packed-refs
-!.git/refs/heads/**
+# Git 관련
+.git
+.gitignore
+.gitattributes
+
+# IDE 관련
+.vs/
+.vscode/
+*.user
+*.suo
+*.userosscache
+*.sln.docstates
+
+# Build 결과물
+bin/
+obj/
+[Dd]ebug/
+[Rr]elease/
+x64/
+x86/
+[Aa][Rr][Mm]/
+[Aa][Rr][Mm]64/
+bld/
+[Bb]in/
+[Oo]bj/
+[Ll]og/
+[Ll]ogs/
+
+# NuGet 관련
+*.nupkg
+*.snupkg
+**/[Pp]ackages/*
+!**/[Pp]ackages/build/
+*.nuget.props
+*.nuget.targets
+
+# 테스트 관련
+**/*[Tt]ests/
+**/*[Tt]est/
+**/*.Tests/
+**/*.Test/
+coverage/
+*.coverage
+*.coveragexml
+
+# 문서
+docs/
+*.md
+README*
+
+# 스크립트
+scripts/
+*.ps1
+*.sh
+
+# Docker 관련
+Dockerfile*
+docker-compose*
+.dockerignore
+
+# 환경 변수
+.env
+.env.local
+.env.development
+.env.production
+
+# 임시 파일
+*.tmp
+*.temp
+*.log
+*.bak
+*.swp
+*.swo
+*~
+
+# OS 관련
+.DS_Store
+Thumbs.db
+
+# 프로젝트 특정
+test-clients/
+mssql_data/

.gitignore

@@ -123,6 +123,15 @@ publish/
 # VS auto-generated
 Generated_Code/
 
+# Claude AI related files
+CLAUDE.md
+claude.md
+*CLAUDE.md
+*claude.md
+.claude/
+claude-*
+*claude*
+
 # Secrets (if using secrets.json for config)
 secrets.json
 

ProjectVG.Api/ApiServiceCollectionExtensions.cs

@@ -2,6 +2,8 @@
 using ProjectVG.Api.Services;
 using ProjectVG.Api.Filters;
 using Microsoft.AspNetCore.Authentication.Negotiate;
+using Microsoft.AspNetCore.Authentication.Cookies;
+using Microsoft.IdentityModel.Tokens;
 
 namespace ProjectVG.Api
 {
@@ -45,14 +47,30 @@ public static IServiceCollection AddApiAuthentication(this IServiceCollection se
             return services;
         }
 
+        /// <summary>
+        /// OAuth2 인증 서비스 (선택적)
+        /// </summary>
+        public static IServiceCollection AddOAuth2Authentication(this IServiceCollection services)
+        {
+            // OAuth2는 별도 컨트롤러에서 처리하므로 기본 인증만 설정
+            services.AddAuthentication(options =>
+            {
+                options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
+            })
+            .AddCookie();
+
+            return services;
+        }
+
         /// <summary>
         /// 개발용 CORS 정책
         /// </summary>
         public static IServiceCollection AddDevelopmentCors(this IServiceCollection services)
         {
             services.AddCors(options => {
                 options.AddPolicy("AllowAll",
-                    policy => policy.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader());
+                    policy => policy.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader()
+                        .WithExposedHeaders("X-Access-Token", "X-Refresh-Token", "X-Expires-In", "X-UID"));
             });
 
             return services;

ProjectVG.Api/Controllers/AuthController.cs

@@ -1,80 +1,67 @@
 using Microsoft.AspNetCore.Mvc;
-using ProjectVG.Application.Services.User;
-using ProjectVG.Application.Models.User;
-using ProjectVG.Api.Models.Auth.Request;
-using ProjectVG.Api.Models.Auth.Response;
+using ProjectVG.Application.Services.Auth;
 
 namespace ProjectVG.Api.Controllers
 {
     [ApiController]
     [Route("api/v1/[controller]")]
     public class AuthController : ControllerBase
     {
-        private readonly IUserService _userService;
-        private readonly ILogger<AuthController> _logger;
+        private readonly IAuthService _authService;
 
-        public AuthController(IUserService userService, ILogger<AuthController> logger)
+        public AuthController(IAuthService authService)
         {
-            _userService = userService;
-            _logger = logger;
+            _authService = authService;
         }
 
-        [HttpPost("register")]
-        public async Task<ActionResult<AuthResponse>> Register([FromBody] RegisterRequest request)
+        [HttpPost("refresh")]
+        public async Task<IActionResult> RefreshToken()
         {
-            var userDto = request.ToUserDto();
-            var createdUser = await _userService.CreateUserAsync(userDto);
+            var refreshToken = GetRefreshTokenFromHeader();
+            var result = await _authService.RefreshTokenAsync(refreshToken);
 
-            var response = new AuthResponse
+            return Ok(new
             {
-                Success = true,
-                Message = "회원가입이 완료되었습니다.",
-                UserId = createdUser.Id,
-                Username = createdUser.Username,
-                Email = createdUser.Email
-            };
-
-            _logger.LogInformation("새 사용자 회원가입 완료: {Username}", createdUser.Username);
-            return Ok(response);
+                success = true,
+                tokens = result.Tokens,
+                user = result.User
+            });
         }
 
-        [HttpPost("login")]
-        public async Task<ActionResult<AuthResponse>> Login([FromBody] LoginRequest request)
+        [HttpPost("logout")]
+        public async Task<IActionResult> Logout()
         {
-            var user = await _userService.GetUserByUsernameAsync(request.Username);
-            var response = new AuthResponse
+            var refreshToken = GetRefreshTokenFromHeader();
+            var success = await _authService.LogoutAsync(refreshToken);
+            
+            return Ok(new
             {
-                Success = true,
-                Message = "로그인이 완료되었습니다.",
-                UserId = user.Id,
-                Username = user.Username,
-                Email = user.Email
-            };
-
-            _logger.LogInformation("사용자 로그인 완료: {Username}", user.Username);
-            return Ok(response);
+                success = success,
+                message = success ? "Logout successful" : "Logout failed"
+            });
         }
 
-        [HttpGet("check-username/{username}")]
-        public async Task<ActionResult<CheckResponse>> CheckUsername(string username)
+        [HttpPost("guest-login")]
+        public async Task<IActionResult> GuestLogin([FromBody] string guestId)
         {
-            var exists = await _userService.UsernameExistsAsync(username);
-            return Ok(new CheckResponse
+            if (string.IsNullOrEmpty(guestId))
             {
-                Exists = exists,
-                Message = exists ? "이미 사용 중인 사용자명입니다." : "사용 가능한 사용자명입니다."
+                throw new ValidationException(ErrorCode.GUEST_ID_INVALID);
+            }
+
+            var result = await _authService.LoginWithOAuthAsync("guest", guestId);
+            
+            return Ok(new
+            {
+                success = true,
+                tokens = result.Tokens,
+                user = result.User
             });
         }
 
-        [HttpGet("check-email/{email}")]
-        public async Task<ActionResult<CheckResponse>> CheckEmail(string email)
+        private string GetRefreshTokenFromHeader()
         {
-            var exists = await _userService.EmailExistsAsync(email);
-            return Ok(new CheckResponse
-            {
-                Exists = exists,
-                Message = exists ? "이미 사용 중인 이메일입니다." : "사용 가능한 이메일입니다."
-            });
+            return Request.Headers["X-Refresh-Token"].FirstOrDefault() ?? string.Empty;
         }
     }
 } 

ProjectVG.Api/Controllers/ChatController.cs

@@ -1,41 +1,43 @@
-using ProjectVG.Application.Models.API.Request;
-using ProjectVG.Application.Services.Chat;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Authorization;
+using ProjectVG.Application.Models.Chat;
+using ProjectVG.Application.Models.API.Request;
+using ProjectVG.Application.Services.Chat;
+using System.Security.Claims;
 
 namespace ProjectVG.Api.Controllers
 {
     [ApiController]
     [Route("api/v1/chat")]
-    [AllowAnonymous]
     public class ChatController : ControllerBase
     {
         private readonly IChatService _chatService;
-        private readonly IServiceScopeFactory _scopeFactory;
-        private readonly ILogger<ChatController> _logger;
 
-        public ChatController(IChatService chatService, IServiceScopeFactory scopeFactory, ILogger<ChatController> logger)
+        public ChatController(IChatService chatService)
         {
             _chatService = chatService;
-            _scopeFactory = scopeFactory;
-            _logger = logger;
         }
 
         [HttpPost]
+        [JwtAuthentication]
         public async Task<IActionResult> ProcessChat([FromBody] ChatRequest request)
         {
-            var command = request.ToProcessChatCommand();
-            var requestResponse = await _chatService.EnqueueChatRequestAsync(command);
+            var userId = User.FindFirst(ClaimTypes.NameIdentifier)?.Value;
+            if (string.IsNullOrEmpty(userId) || !Guid.TryParse(userId, out var userGuid))
+            {
+                throw new ValidationException(ErrorCode.AUTHENTICATION_FAILED);
+            }
+
+            var command = new ProcessChatCommand
+            {
+                UserId = userGuid,
+                Message = request.Message,
+                CharacterId = request.CharacterId
+            };
 
-            return Ok(new { 
-                success = true, 
-                status = requestResponse.Status,
-                message = requestResponse.Message,
-                sessionId = requestResponse.SessionId,
-                userId = requestResponse.UserId,
-                characterId = requestResponse.CharacterId,
-                requestedAt = requestResponse.RequestedAt
-            });
+            var result = await _chatService.EnqueueChatRequestAsync(command);
+            
+            return Ok(result);
         }
     }
 }