Feature: Auth 인증/인가

[ImGdevel]

Summary by CodeRabbit

• 신기능
  • OAuth2 로그인 플로우 추가: 지원 제공자 조회, 인가 URL(PKCE S256) 발급, 콜백 처리, 토큰 조회. 토큰을 응답 헤더(X-Access-Token 등)로 제공.
  • 사용자 UID 필드 도입 및 16자 확장. 대화 결과 및 메모리 자동 저장.
• 개선
  • 토큰 발급/갱신/폐기 로직 안정화, WebSocket 세션 기록 및 미연결 전송 경고, 오류 응답 표준화.
• 버그 수정
  • 활성 사용자만 조회, 삭제 시 존재하지 않는 사용자 오류 반환, 사용자 생성 시 UID 충돌 방지.
• 마이그레이션
  • Users.UID 추가/확장 및 기본 데이터 시드.
• 문서
  • 공개 API 주석 전반 보강.

[coderabbitai]

Caution

Review failed

The pull request is closed.

Walkthrough

OAuth2 authentication flow is implemented with new controller endpoints and service logic. Chat and user subsystems gain new helpers and behavioral tweaks (cost tracking via reflection, result persistence, UID generation, repository filters). Token issuance/refresh/revocation is completed. EF Core model configuration and seed data are expanded. Numerous XML docs were added.

Changes

Cohort / File(s)	Summary
API Controllers (OAuth/Auth/Chat) ProjectVG.Api/Controllers/OAuthController.cs, ProjectVG.Api/Controllers/AuthController.cs, ProjectVG.Api/Controllers/ChatController.cs	OAuthController adds constructor param and endpoints: providers list, authorize (PKCE checks), callback (redirect), token retrieval (writes headers). Auth/Chat controllers receive XML docs only.
API Config and Middleware ProjectVG.Api/ApiServiceCollectionExtensions.cs, ProjectVG.Api/Filters/JwtAuthenticationFilter.cs, ProjectVG.Api/Middleware/GlobalExceptionHandler.cs, ProjectVG.Api/Middleware/WebSocketMiddleware.cs	XML docs added to service registration and filters. GlobalExceptionHandler introduces centralized dispatch with new handlers (NotFound, Authentication, ProjectVG). WebSocketMiddleware gains documentation.
Auth Services and Providers ProjectVG.Application/Services/Auth/OAuth2Service.cs, .../Services/Auth/IOAuth2Service.cs, .../Services/Auth/OAuth2ProviderFactory.cs, .../Services/Auth/IOAuth2Provider.cs, .../Services/Auth/AuthService.cs, .../Services/Auth/IAuthService.cs, .../Services/Auth/Providers/GoogleOAuth2Provider.cs, .../Services/Auth/Providers/AppleOAuth2Provider.cs	OAuth2Service adds HandleOAuth2CallbackAsync. Google provider adds ParseUserInfo. Extensive XML docs across interfaces/factory/providers/services; no other signature changes.
Token/JWT and Refresh Storage ProjectVG.Infrastructure/Auth/TokenService.cs, .../Auth/ITokenService.cs, .../Auth/JwtProvider.cs, .../Auth/JwtService.cs, .../Auth/IRefreshTokenStorage.cs, .../Auth/InMemoryRefreshTokenStorage.cs, .../Auth/RedisRefreshTokenStorage.cs	TokenService now issues/refreshes/revokes/validates tokens with storage integration; signatures unchanged. JWT provider/service and storage interfaces/impls get XML docs.
Chat Models and Context ProjectVG.Application/Models/Chat/ChatMessageSegment.cs, .../Models/Chat/ChatProcessContext.cs, .../Models/Chat/ProcessChatCommand.cs, .../Models/Chat/UserInputAnalysis.cs	New APIs: ChatMessageSegment.CreateTextOnly/SetAudioData; ChatProcessContext new ctor, SetResponse, AddCost; UserInputAnalysis.CreateValid and private ctor. ProcessChatCommand gains docs only.
Chat Processing Pipeline ProjectVG.Application/Services/Chat/ChatService.cs, .../Services/Chat/Processors/ChatLLMProcessor.cs, .../Services/Chat/Processors/ChatResultProcessor.cs, .../Services/Chat/Processors/ChatTTSProcessor.cs, .../Services/Chat/Preprocessors/UserInputAnalysisProcessor.cs, .../Services/Chat/Preprocessors/MemoryContextPreprocessor.cs, .../Services/Chat/Handlers/ChatFailureHandler.cs	Documentation across pipeline. ChatResultProcessor constructor now includes IMemoryClient; persists conversation and inserts memory; sends results. Other processors/preprocessors documented; logic largely unchanged.
Cost Tracking and Metrics ProjectVG.Application/Services/Chat/CostTracking/CostTrackingDecorator.cs, .../CostTracking/CostTrackingDecoratorFactory.cs, .../CostTracking/ChatMetricsService.cs, .../CostTracking/IChatMetricsService.cs, .../CostTracking/ICostTrackingDecorator.cs	CostTrackingDecorator refactored to reflection-based invocation and dynamic cost extraction; error handling updates. Metrics service/interfaces/docs added; factory documented.
LLM Format Utilities ProjectVG.Application/Services/Chat/Factories/ChatLLMFormat.cs, .../Factories/ILLMFormat.cs, .../Factories/UserInputAnalysisLLMFormat.cs	New public methods: ChatLLMFormat.Parse/CalculateCost; UserInputAnalysisLLMFormat.CalculateCost and a default-response helper. Interfaces documented.
User Services and Repositories ProjectVG.Application/Services/User/UserService.cs, ProjectVG.Application/Services/User/IUserService.cs, ProjectVG.Infrastructure/Persistence/Repositories/User/SqlServerUserRepository.cs, .../Repositories/User/IUserRepository.cs, ProjectVG.Application/Models/User/UserDto.cs	UserService enforces UID uniqueness on create and NotFound on delete. Repository filters GetAll by Active, initializes defaults on create, throws on update/delete when missing, soft-deletes. Interfaces and DTO docs added.
EF Core DbContext and Migrations ProjectVG.Infrastructure/Persistence/EfCore/Data/ProjectVGDbContext.cs, .../Migrations/*	DbContext OnModelCreating expanded with constraints, indexes, relationships, SeedData. Multiple migration files updated (UID column changes, seed timestamps); documentation and BOM cleanups.
WebSocket Layer ProjectVG.Application/Services/WebSocket/WebSocketManager.cs, .../Services/WebSocket/IWebSocketManager.cs, ProjectVG.Infrastructure/Realtime/WebSocketConnection/WebSocketClientConnection.cs, ProjectVG.Application/Services/Session/ConnectionRegistry.cs, .../Services/Session/IConnectionRegistry.cs, ProjectVG.Infrastructure/Persistence/Session/InMemorySessionStorage.cs	WebSocketManager now persists session on connect and warns on missing connections in SendText; other components gain XML docs; session storage docs added.
API and Infrastructure DI Docs ProjectVG.Application/ApplicationServiceCollectionExtensions.cs, ProjectVG.Infrastructure/InfrastructureServiceCollectionExtensions.cs	Added XML documentation to DI extension methods; no logic changes.
Common Constants, Exceptions, Utils ProjectVG.Common/Constants/ErrorCodes.cs, .../Constants/LLMModelInfo.cs, .../Constants/TTSCostInfo.cs, .../Exceptions/AuthenticationException.cs, .../Exceptions/ValidationException.cs, .../Utils/UidGenerator.cs	New TTSCostInfo methods: GetTTSCostPerSecond, CalculateTTSCost. Extensive docs for pricing helpers, error codes, exceptions, UID generator.
Integrations Clients ProjectVG.Infrastructure/Integrations/LLMClient/LLMClient.cs, .../Integrations/MemoryClient/IMemoryClient.cs, .../Integrations/MemoryClient/VectorMemoryClient.cs	LLM client documented. Memory client interface and implementation fully documented; no logic changes.
Test Client test-clients/start-oauth2-client.py	Added function docstrings; runtime unchanged.
API Models ProjectVG.Api/Models/Auth/Request/RegisterRequest.cs	Added XML doc to ToUserDto; no logic change.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  participant Client
  participant OAuthController
  participant OAuth2Service
  participant Provider as OAuth2 Provider
  participant AuthService
  participant TokenStore as RefreshTokenStorage

  rect rgb(245,248,255)
    note over Client,OAuthController: Authorization (PKCE)
    Client->>OAuthController: GET /auth/oauth2/authorize?provider&state&code_challenge&code_challenge_method=S256
    OAuthController->>OAuth2Service: BuildAuthorizationUrlAsync(...)
    OAuth2Service-->>OAuthController: auth_url
    OAuthController-->>Client: { auth_url }
  end

  rect rgb(245,255,245)
    note over Client,Provider: User authorizes
    Client->>Provider: Open auth_url
    Provider-->>OAuthController: GET /auth/oauth2/callback?code&state
    OAuthController->>OAuth2Service: HandleOAuth2CallbackAsync(code,state)
    OAuth2Service->>Provider: ExchangeAuthorizationCodeAsync
    Provider-->>OAuth2Service: tokens
    OAuth2Service->>Provider: GetUserInfoAsync
    Provider-->>OAuth2Service: user info
    OAuth2Service->>AuthService: LoginWithOAuthAsync(...)
    AuthService-->>OAuth2Service: AuthResult (access/refresh)
    OAuth2Service->>TokenStore: StoreTokenDataAsync(state, tokens)
    OAuth2Service-->>OAuthController: RedirectUrl
    OAuthController-->>Client: 302 Redirect
  end

  rect rgb(255,249,243)
    note over Client,OAuthController: Token retrieval
    Client->>OAuthController: GET /auth/oauth2/token?state
    OAuthController->>OAuth2Service: GetTokenDataAsync(state)
    OAuth2Service-->>OAuthController: tokens
    OAuthController->>OAuth2Service: DeleteTokenDataAsync(state)
    OAuthController-->>Client: 200 + headers (X-Access-Token, X-Refresh-Token,...)
  end

Loading

sequenceDiagram
  autonumber
  participant Caller as ChatComponent
  participant Decorator as CostTrackingDecorator<T>
  participant Inner as Wrapped Service
  participant Metrics as ChatMetricsService

  rect rgb(245,248,255)
    note over Decorator,Inner: Reflection-based delegation
    Caller->>Decorator: ProcessAsync(context)
    Decorator->>Metrics: StartProcessMetrics(processName)
    Decorator->>Inner: Invoke via reflection (ProcessAsync)
    Inner-->>Decorator: Task completes
    Decorator->>Decorator: ExtractCost(context/result)
    Decorator->>Metrics: EndProcessMetrics(cost)
    Decorator-->>Caller: return
  end

  alt Error
    Decorator->>Metrics: EndProcessMetrics(cost=0, errorMessage)
    Decorator-->>Caller: rethrow
  end

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~75 minutes

Possibly related PRs

• Feature: 채팅 결과 처리 #4 — Overlaps the chat pipeline: adds ChatProcessContext/ChatMessageSegment helpers, TTS cost utilities, and cost-tracking decorators/metrics similar to the current changes.

Poem

귀가 팔랑, 코드 숲을 달려가며
OAuth 달을 한 입, 토큰 별을 두 입 ⭐
대화는 흐르고, 비용은 조심조심 📈
토끼는 씨익, UID를 꽉 쥐고
씨앗(시드) 심고, 봄바람에 빌드 완! 🥕

Tip

🔌 Remote MCP (Model Context Protocol) integration is now available!

Pro plan users can now connect to remote MCP servers from the Integrations page. Connect with popular remote MCPs such as Notion and Linear to add more context to your reviews and chats.

✨ Finishing Touches

• 📝 Generate Docstrings

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feature/auth

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbit in a new review comment at the desired location with your query.
• PR comments: Tag @coderabbit in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbit gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbit read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbit help to get the list of available commands.

Other keywords and placeholders

• Add @coderabbit ignore or @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbit summary or @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbit or @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Status, Documentation and Community

• Visit our Status Page to check the current availability of CodeRabbit.
• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.