Conversation
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Organization UI Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (1)
🚧 Files skipped from review as they are similar to previous changes (1)
📝 WalkthroughWalkthrough기존 Apple OAuth 콜백 라우트 삭제, 클라이언트에서 Apple 인증 시작 핸들러 추가, 새 서버 라우트 Changes
Sequence Diagram(s)sequenceDiagram
participant User as 사용자
participant Browser as 브라우저
participant LoginClient as LoginPageClient
participant AppleAuth as Apple /auth/authorize
participant OAuthRoute as 서버 /apple/oauth
participant Proxy as proxy 미들웨어
participant App as 앱 리다이렉트 대상
User->>Browser: Apple 로그인 버튼 클릭
Browser->>LoginClient: onAppleLogin 실행
LoginClient->>AppleAuth: 브라우저 리다이렉트 (client_id, redirect_uri)
AppleAuth->>OAuthRoute: 콜백 요청 (/apple/oauth?...)
OAuthRoute->>Proxy: 요청 통과(퍼블릭 패스스루)
OAuthRoute->>OAuthRoute: 쿼리 검사(error/registered/name), 쿠키 설정
OAuthRoute->>App: 리다이렉트 (/hub 또는 /login?terms=true)
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~20 분 Possibly related PRs
Suggested reviewers
시
🚥 Pre-merge checks | ✅ 2 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (2 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
🤖 Claude 테스트 제안
변경된 컴포넌트에 대해 Claude가 생성한 테스트 코드입니다. 검토 후 적합한 부분만 사용하세요.
|
PR 테스트 결과✅ Jest: 통과 🎉 모든 테스트를 통과했습니다! |
PR 검증 결과✅ TypeScript: 통과 |
|
구현한 기능 Preview: https://weeth-3jzqesrag-weethsite-4975s-projects.vercel.app |
woneeeee
left a comment
woneeeee
left a comment
There was a problem hiding this comment.
수고하셨습니다!! env 파일도 한 번 업데이트 부탁드립니당!!
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 6
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (1)
src/components/auth/LoginCard.tsx (1)
15-40:⚠️ Potential issue | 🟡 MinorCI 포맷 검사(Prettier) 실패를 해소해주세요.
Line 15-40 변경 구간 포함 이 파일도
Prettier --check경고가 발생 중입니다. 포맷 정리 후 다시 올리는 것이 좋겠습니다.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@src/components/auth/LoginCard.tsx` around lines 15 - 40, Prettier is flagging formatting in the LoginCard component; run the project's Prettier config over src/components/auth/LoginCard.tsx (the LoginCard function and its JSX return) and fix spacing/indentation and any trailing commas or missing semicolons so the JSX elements (the left cover div, right social/login conditional, Loading block, and SocialLoginButtons) are consistently formatted; you can run `npx prettier --write` or your project's format script, then re-run Prettier --check to ensure the function LoginCard, its props signature, and the JSX fragments conform to the project's lint/format rules before committing.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@src/app/`(public)/apple/oauth/route.ts:
- Around line 11-22: Do not trust request.nextUrl.searchParams.get('registered')
or get('name') directly in this public route; instead verify them against a
server-side trusted source (e.g., validate a signed token, session id, or
server-set cookie) before deciding redirectUrl or setting the userName cookie.
Update the logic around the registered/name handling in this route (the block
that computes redirectUrl and mutates redirectResponse.cookies) to
fetch/validate a server-side proof (session lookup or verify a signature) and
only use the verified values to choose between '/hub' vs '/login?terms=true' and
to set the 'userName' cookie on redirectResponse.
In `@src/components/auth/LoginPageClient.tsx`:
- Line 66: Prettier reports formatting failures in
src/components/auth/LoginPageClient.tsx (the JSX line rendering <LoginCard ...
/>); run Prettier or your editor’s format command on that file (or run npx
prettier --write src/components/auth/LoginPageClient.tsx) to fix
spacing/linebreaks around the JSX props (isLoading, onKakaoLogin, onAppleLogin)
and save the file, then re-run Prettier --check to verify the CI formatting
issue is resolved.
- Around line 30-43: handleAppleLoginStart is missing a state parameter and does
not validate required env vars, which can lose context and cause failed
redirects; update handleAppleLoginStart to (1) require/validate
NEXT_PUBLIC_APPLE_CLIENT_ID and NEXT_PUBLIC_APPLE_REDIRECT_URI before setting
isLoading or navigating and early-return with setIsLoading(false) on missing
values, and (2) build and include a URL-safe state string (e.g., serializing
intent/clubId/code/redirectPath or reusing the same state creation used for
Kakao) in the URLSearchParams so the app retains context after Apple redirects;
ensure you still call setIsLoading(true) only when valid envs are present.
In `@src/components/auth/SocialLoginButtons.tsx`:
- Line 10: The file fails Prettier formatting check around the
SocialLoginButtons component declaration; run Prettier (e.g., via your project's
formatter script or npx prettier --write) on
src/components/auth/SocialLoginButtons.tsx and reformat the function signature
and remaining file to satisfy Prettier --check, then stage and re-push the
updated file so CI no longer flags SocialLoginButtons (and any other changed
exports/props) for formatting issues.
In `@src/proxy.ts`:
- Around line 50-53: The unconditional allowance of any path under '/apple/' is
too broad; update the PUBLIC_PATHS/allowlist logic that currently uses
pathname.startsWith('/apple/') to only permit the explicit Apple routes your app
needs (e.g., the precise endpoints such as '/apple/callback', '/apple/auth' or
other named routes) by replacing the generic startsWith('/apple/') check with
explicit pathname equality or a whitelist of exact '/apple/...' strings; modify
the condition near PUBLIC_PATHS and the pathname checks so only those specific
Apple paths are treated as public.
- Around line 7-18: Restore the pre-launch blocking by reintroducing a
PRE_LAUNCH flag controlled via an environment variable and re-enable the
redirect logic inside the proxy(request: NextRequest) function: recreate a
boolean PRE_LAUNCH (e.g., derived from process.env.PRE_LAUNCH or similar) and,
when true, check the request.nextUrl.pathname and redirect non-'/landing'
requests to '/landing' using NextResponse.redirect; ensure you rebuild the url
via request.nextUrl.clone(), set url.pathname = '/landing' and
url.searchParams.set('blocked','true') before returning the redirect so the
behavior is gated by the env flag rather than being always enabled or commented
out.
---
Outside diff comments:
In `@src/components/auth/LoginCard.tsx`:
- Around line 15-40: Prettier is flagging formatting in the LoginCard component;
run the project's Prettier config over src/components/auth/LoginCard.tsx (the
LoginCard function and its JSX return) and fix spacing/indentation and any
trailing commas or missing semicolons so the JSX elements (the left cover div,
right social/login conditional, Loading block, and SocialLoginButtons) are
consistently formatted; you can run `npx prettier --write` or your project's
format script, then re-run Prettier --check to ensure the function LoginCard,
its props signature, and the JSX fragments conform to the project's lint/format
rules before committing.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: 3c5e1dc3-e016-444c-9d0d-a992b383d2a2
📒 Files selected for processing (6)
src/app/(public)/(auth)/callback/apple/route.tssrc/app/(public)/apple/oauth/route.tssrc/components/auth/LoginCard.tsxsrc/components/auth/LoginPageClient.tsxsrc/components/auth/SocialLoginButtons.tsxsrc/proxy.ts
💤 Files with no reviewable changes (1)
- src/app/(public)/(auth)/callback/apple/route.ts
src/proxy.ts
Outdated
| // const PRE_LAUNCH = true; | ||
|
|
||
| export function proxy(request: NextRequest) { | ||
| const { pathname } = request.nextUrl; | ||
|
|
||
| // 런칭 전: /landing 외 모든 경로 차단 | ||
| if (PRE_LAUNCH && pathname !== '/landing') { | ||
| const url = request.nextUrl.clone(); | ||
| url.pathname = '/landing'; | ||
| url.searchParams.set('blocked', 'true'); | ||
| return NextResponse.redirect(url); | ||
| } | ||
| // // 런칭 전: /landing 외 모든 경로 차단 | ||
| // if (PRE_LAUNCH && pathname !== '/landing') { | ||
| // const url = request.nextUrl.clone(); | ||
| // url.pathname = '/landing'; | ||
| // url.searchParams.set('blocked', 'true'); | ||
| // return NextResponse.redirect(url); | ||
| // } |
There was a problem hiding this comment.
PRE_LAUNCH 차단 분기가 현재 완전히 비활성화되어 있습니다.
Line 7, Line 12-18에서 런칭 전 접근 차단 로직이 주석 처리되어 /landing 외 경로 제한이 사라졌습니다. 테스트용 변경이라도 머지 전에는 환경변수 플래그 기반으로 반드시 복구하는 편이 안전합니다.
🔧 제안 수정
-// const PRE_LAUNCH = true;
+const PRE_LAUNCH = process.env.PRE_LAUNCH === 'true';
- // // 런칭 전: /landing 외 모든 경로 차단
- // if (PRE_LAUNCH && pathname !== '/landing') {
- // const url = request.nextUrl.clone();
- // url.pathname = '/landing';
- // url.searchParams.set('blocked', 'true');
- // return NextResponse.redirect(url);
- // }
+ // 런칭 전: /landing 외 모든 경로 차단
+ if (PRE_LAUNCH && pathname !== '/landing') {
+ const url = request.nextUrl.clone();
+ url.pathname = '/landing';
+ url.searchParams.set('blocked', 'true');
+ return NextResponse.redirect(url);
+ }📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| // const PRE_LAUNCH = true; | |
| export function proxy(request: NextRequest) { | |
| const { pathname } = request.nextUrl; | |
| // 런칭 전: /landing 외 모든 경로 차단 | |
| if (PRE_LAUNCH && pathname !== '/landing') { | |
| const url = request.nextUrl.clone(); | |
| url.pathname = '/landing'; | |
| url.searchParams.set('blocked', 'true'); | |
| return NextResponse.redirect(url); | |
| } | |
| // // 런칭 전: /landing 외 모든 경로 차단 | |
| // if (PRE_LAUNCH && pathname !== '/landing') { | |
| // const url = request.nextUrl.clone(); | |
| // url.pathname = '/landing'; | |
| // url.searchParams.set('blocked', 'true'); | |
| // return NextResponse.redirect(url); | |
| // } | |
| const PRE_LAUNCH = process.env.PRE_LAUNCH === 'true'; | |
| export function proxy(request: NextRequest) { | |
| const { pathname } = request.nextUrl; | |
| // 런칭 전: /landing 외 모든 경로 차단 | |
| if (PRE_LAUNCH && pathname !== '/landing') { | |
| const url = request.nextUrl.clone(); | |
| url.pathname = '/landing'; | |
| url.searchParams.set('blocked', 'true'); | |
| return NextResponse.redirect(url); | |
| } |
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@src/proxy.ts` around lines 7 - 18, Restore the pre-launch blocking by
reintroducing a PRE_LAUNCH flag controlled via an environment variable and
re-enable the redirect logic inside the proxy(request: NextRequest) function:
recreate a boolean PRE_LAUNCH (e.g., derived from process.env.PRE_LAUNCH or
similar) and, when true, check the request.nextUrl.pathname and redirect
non-'/landing' requests to '/landing' using NextResponse.redirect; ensure you
rebuild the url via request.nextUrl.clone(), set url.pathname = '/landing' and
url.searchParams.set('blocked','true') before returning the redirect so the
behavior is gated by the env flag rather than being always enabled or commented
out.
🤖 Claude 테스트 제안
변경된 컴포넌트에 대해 Claude가 생성한 테스트 코드입니다. 검토 후 적합한 부분만 사용하세요.
|
PR 테스트 결과✅ Jest: 통과 🎉 모든 테스트를 통과했습니다! |
PR 검증 결과✅ TypeScript: 통과 🎉 모든 검증을 통과했습니다! |
|
구현한 기능 Preview: https://weeth-5vcxssl73-weethsite-4975s-projects.vercel.app |
nabbang6
left a comment
nabbang6
left a comment
There was a problem hiding this comment.
확인했습니다~~! 👍
애플 로그인 form_post 방식으로 구현된 건 처음 보는데 신기하네용,,, 넘 최고,,,
src/components/auth/LoginCard.tsx
Outdated
There was a problem hiding this comment.
요기 import { SocialLoginButtons } from '@/components/auth/SocialLoginButtons';로 barrel import하게 수정해주면 좋을 것 같아요!
같은 폴더 내 파일끼리는 직접 경로로 import하게 해주면 관련 없는 모듈은 확인할 필요가 없어지기 때문에 좋다고 하네용 ..
There was a problem hiding this comment.
요 모달은 조건부로 로딩되는 모달이니까... 초기 번들에서 분리해두면 로그인 페이지 로드가 조금 더 빨라질 수 잇을 것 같아요!
import dynamic from 'next/dynamic';
const TermsAgreementModal = dynamic(() =>
import('./TermsAgreementModal').then((m) => m.TermsAgreementModal),
);
요런 느낌으로 수정해주면 조을 것 같습니당
🤖 Claude 테스트 제안
변경된 컴포넌트에 대해 Claude가 생성한 테스트 코드입니다. 검토 후 적합한 부분만 사용하세요.
|
PR 테스트 결과✅ Jest: 통과 🎉 모든 테스트를 통과했습니다! |
PR 검증 결과✅ TypeScript: 통과 🎉 모든 검증을 통과했습니다! |
|
구현한 기능 Preview: https://weeth-hc3i37wvt-weethsite-4975s-projects.vercel.app |
🤖 Claude 테스트 제안
변경된 컴포넌트에 대해 Claude가 생성한 테스트 코드입니다. 검토 후 적합한 부분만 사용하세요.
|
PR 테스트 결과✅ Jest: 통과 🎉 모든 테스트를 통과했습니다! |
PR 검증 결과✅ TypeScript: 통과 🎉 모든 검증을 통과했습니다! |
|
구현한 기능 Preview: https://weeth-ghns0jwwl-weethsite-4975s-projects.vercel.app |
4 participants
✅ PR 유형
어떤 변경 사항이 있었나요?
📌 관련 이슈번호
✅ Key Changes
Apple 로그인 플로우 (카카오와 다른 점)
Apple은 form_post 방식으로 백엔드 서버에 직접 콜백을 전송합니다.
프론트 → Apple 인가 (redirect_uri = 백엔드 URL)
Apple → 백엔드 POST (id_token, code)
백엔드 → Set-Cookie + 302 리다이렉트 → /apple/oauth
/apple/oauth → registered 여부에 따라 분기
📸 스크린샷 or 실행영상
영상 크기가 커서 슬랙에 첨부하겠습니당
🎸 기타 사항 or 추가 코멘트
애플 로그인 후 개발 서버로 리다이렉트되는데, 지금 랜딩페이지만 접속하도록 막혀 있어서 허브 페이지 접근이 어려운 것 같습니다..!!
페이지 확인 때문에
proxy.ts에서 랜딩 이외에 경로 차단하는거 잠깐 주석 처리해놨는데 머지하기 전에 주석 다시 해제해두겠습니당..환경 변수 노션에 업데이트 해뒀습니다!!
Summary by CodeRabbit
새로운 기능
기타