[Feat] #77 - 인증 흐름 및 프론트 구조 정리

[sebeeeen]

변경 사항

• Google 로그인 후 People API에서 이름, 소속, 역할 정보를 조회해 백엔드 로그인 요청에 포함했습니다.
• 인증 경계를 src/api/auth, src/lib/auth, src/screens/login으로 정리해 route 파일은 얇게 유지했습니다.
• 역할을 판별할 수 없는 Google 프로필은 학생으로 기본 처리하지 않고 로그인 실패로 다룹니다.
• 로그인 중간 실패 시 Firebase 세션이 남지 않도록 정리했습니다.
• Firebase Hosting /api/** rewrite와 로컬/배포 환경 변수 흐름을 정리했습니다.
• dashboard 대신 home 라우트로 이동하도록 정리했습니다.
• Storybook hook 오류, modal lint 이슈, Vite 잔여 자산, favicon 404, lockfile 불일치를 정리했습니다.

검증

• CI=true pnpm install --frozen-lockfile
• pnpm lint
• pnpm exec tsc --noEmit
• pnpm build
• pnpm exec storybook build --quiet
• /login/, /home/, /favicon.ico 정적 응답 200 및 Chrome headless 화면 확인

참고

• .env.production은 기존 추적 파일이며 이번 커밋에는 env 변경이 없습니다.
• 실제 OAuth 팝업 로그인은 백엔드 DB 기본값 이슈 해결 후 재확인이 필요합니다.

Summary by CodeRabbit

• New Features

  • Added login page with support for student/professor and company authentication modes.
  • Integrated Google Sign-In for student and professor accounts.
  • Implemented backend authentication system with API integration.
  • Added authenticated user home page.

• Documentation

  • Updated project architecture guidelines in contributing documentation.

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR restructures the frontend codebase from a feature-based architecture (views/widgets/features/entities) to a screen-centric layering model with dedicated API and business-logic layers. It adds backend authentication integration with Google OAuth profile fetching, creates new route modules for login and home pages, updates environment configuration for production Firebase Hosting with API rewrites, and refactors shared UI components and Storybook stories throughout.

Changes

Cohort / File(s)	Summary
Environment & Configuration .env, .env.example, .env.production, .gitignore	Removes local Firebase credentials from .env, adds .env.example with required Firebase and backend API variables, introduces production .env.production with real Firebase config and empty backend URL (relying on rewrites), and extends .gitignore to exclude env files and TypeScript build metadata.
Firebase & Hosting Config firebase.json	Adds Firebase Hosting rewrites routing all /api/** requests to backend service aim-be-prod in us-central1.
Documentation docs/CONTRIBUTING.md	Updates architecture guidance from views/widgets/features/entities to new screens/api/lib layering model; defines layer responsibilities (screens for UI, api for network requests, lib for orchestration) and enforces import dependency constraints preventing src/api from importing screens or lib.
TypeScript & Build Config tsconfig.json, tsconfig.app.json	Replaces deprecated @views/*, @widgets/*, @features/*, @entities/* path aliases with new @screens/*, @api/*, @lib/* aliases pointing to respective src/ directories.
New API Layer src/api/auth/auth-api.ts, src/api/auth/google-profile-api.ts, src/api/auth/index.ts	Introduces backend authentication API client with loginWithBackend() function, Google People API profile fetching with role inference via fetchGoogleProfile(), typed request/response shapes, and custom error classes for backend and profile lookup failures.
New Auth Business Logic src/lib/auth/auth-service.ts, src/lib/auth/auth-error-message.ts, src/lib/auth/index.ts	Adds authentication service orchestrating Firebase + backend login flows (Google sign-in and email/password), unified error message translation via getAuthErrorMessage() for Firebase, backend, and Google profile errors, and barrel export of auth APIs/services.
New Screens Layer src/screens/login/index.tsx, src/screens/login/student-login-panel.tsx, src/screens/login/company-login-form.tsx, src/screens/home/home.tsx, src/screens/home/home.stories.tsx	Creates new login page with tabbed student/company modes, Google OAuth integration, email/password form validation, and error display; adds home page confirmation screen; includes Storybook story definitions.
Removed Old Views/Widgets/Features src/views/login/index.tsx, src/views/login/, src/views/home/home.tsx, src/views/home/home.stories.tsx, src/features/auth/index.ts, src/features/index.ts, src/entities/user/index.ts, src/entities/index.ts, src/widgets/index.ts	Deletes deprecated layer modules including old login/home pages (156 and 66 lines respectively), empty feature/entity/widget barrel files, and associated stories; clears related re-exports.
New App Routes src/app/(auth)/login/page.tsx, src/app/home/page.tsx	Adds Next.js App Router page modules; login route now imports from @/screens instead of @/views; new home route wraps HomePage screen component.
Root Layout & Icons src/app/layout.tsx	Extends metadata with icons configuration defining favicon and SVG assets with sizes/types for shortcut and Apple devices.
Shared UI Input Refactor src/shared/ui/input/index.ts, src/shared/ui/input/input.stories.tsx, src/shared/ui/index.ts	Creates src/shared/ui/input/index.ts barrel exporting Input, Select, Textarea components and prop types; removes redundant Input export from input/index.tsx; updates parent src/shared/ui/index.ts to re-export input cohort; updates Storybook title and import paths.
Storybook Stories & Metadata src/shared/ui/avatars/avatars.stories.tsx, src/shared/ui/checkbox/checkbox.stories.tsx, src/shared/ui/file-uploader/file-uploader.stories.tsx, src/shared/ui/lists/lists.stories.tsx, src/shared/ui/form/form.stories.tsx, src/shared/ui/modal/modal.stories.tsx	Tightens Storybook metadata typing to reference specific components (Meta<typeof Component>), adds explicit component declarations, updates checkbox story to use React useState instead of Storybook useArgs, updates modal stories to import from new @/shared/ui/input module, refactors form/modal import paths.
Modal Component Refactor src/shared/ui/modal/modal.tsx	Removes isMounted state tracking; simplifies mount/Escape-handler side-effect to early-return on !isOpen or missing document, reducing effect dependency list to [isOpen, onClose].
Cleanup src/App.css, src/screens/index.ts	Deletes unused src/App.css containing only comments; updates comment in src/screens/index.ts from "Pages" to "Screen".

Sequence Diagram

sequenceDiagram
    participant User
    participant Browser as Browser/React
    participant Firebase as Firebase Auth
    participant GoogleAPI as Google People API
    participant Backend as Backend API

    User->>Browser: Click "Sign in with Google"
    activate Browser
    Browser->>Firebase: signInWithPopup(GoogleAuthProvider)
    activate Firebase
    Firebase->>GoogleAPI: OAuth flow
    GoogleAPI-->>Firebase: accessToken + credential
    Firefox-->>Browser: credential.accessToken
    deactivate Firebase

    Browser->>GoogleAPI: fetchGoogleProfile(accessToken)
    activate GoogleAPI
    GoogleAPI-->>Browser: name, organization, metadata
    deactivate GoogleAPI
    
    Note over Browser: Infer role from org text<br/>("Student" / "Professor" / error)

    Browser->>Firebase: getIdToken(user)
    activate Firebase
    Firebase-->>Browser: idToken
    deactivate Firebase

    Browser->>Backend: loginWithBackend(idToken, profile)
    activate Backend
    Backend-->>Browser: BackendUser {uid, role, ...}
    deactivate Backend

    Note over Browser: Session created<br/>Redirect to /home
    Browser-->>User: Logged in
    deactivate Browser

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

Possibly related PRs

• [Chore] #79 - Next.js 전환 구조 정리 및 Vite 제거 #89 — Overlaps on Next.js App Router migration, Firebase environment configuration, firebase.json rewrites, login route structure, and TypeScript path alias updates.
• [Docs] #40 - 신규 팀원 온보딩 가이드 문서 작성 #41 — Updates docs/CONTRIBUTING.md architectural guidance defining the new screen/api/lib layering model and import constraints referenced in this PR.
• [Feat] #42 - 로그인 페이지 UI 구현 및 피그마 스타일 반영 #75 — Modifies login UI components and shared input surfaces, directly overlapping with new LoginPage, form components, and input module refactoring.

Suggested labels

enhancement

Suggested reviewers

• kimsman06
• jaeu5325
• kwqnyewest

Poem

🐰 Hops through layers new and grand,
Screens and APIs, oh what a plan!
Firebase meets backend in graceful dance,
Login forms shimmer, users can prance,
From views to screens, the code takes flight—
Architecture blooms, refactored just right! ✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The PR title clearly summarizes the main change: authentication flow restructuring and frontend architecture organization, which is the primary objective of this PR.
Description check	✅ Passed	The PR description covers the key changes with specific implementation details (Google People API integration, auth layer restructuring, error handling, environment setup), but is missing explicit checklist confirmation.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feat/auth-flow-frontend-cleanup

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Review rate limit: 0/1 reviews remaining, refill in 60 minutes.}

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 3

🧹 Nitpick comments (1)

.env.production (1)

3-8: ⚡ Quick win

Prefer placeholders for production Firebase values in tracked env files.

Line 3–Line 8 currently commit concrete production identifiers/API key. Even for NEXT_PUBLIC_*, keeping live values in VCS weakens rotation hygiene and increases blast radius if project restrictions drift.

Please confirm this key is locked down in Google Cloud (HTTP referrer restrictions + API allowlist), and consider injecting real values via CI/CD secrets instead of committing them.

Suggested change

-NEXT_PUBLIC_FIREBASE_API_KEY=AIzaSyABxF3nO6fVtgk-RQEwE5eYK5GKEt8diEI
-NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN=ajou-project-cafd9.firebaseapp.com
-NEXT_PUBLIC_FIREBASE_PROJECT_ID=ajou-project-cafd9
-NEXT_PUBLIC_FIREBASE_STORAGE_BUCKET=ajou-project-cafd9.firebasestorage.app
-NEXT_PUBLIC_FIREBASE_MESSAGING_SENDER_ID=926871086070
-NEXT_PUBLIC_FIREBASE_APP_ID=1:926871086070:web:9a01bad8170cb172f15dd7
+NEXT_PUBLIC_FIREBASE_API_KEY=
+NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN=
+NEXT_PUBLIC_FIREBASE_PROJECT_ID=
+NEXT_PUBLIC_FIREBASE_STORAGE_BUCKET=
+NEXT_PUBLIC_FIREBASE_MESSAGING_SENDER_ID=
+NEXT_PUBLIC_FIREBASE_APP_ID=

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.env.production around lines 3 - 8, Replace the concrete Firebase production
values in the tracked .env.production with placeholder entries (e.g.
NEXT_PUBLIC_FIREBASE_API_KEY=__FIREBASE_API_KEY__) and remove any committed real
secrets; specifically update NEXT_PUBLIC_FIREBASE_API_KEY,
NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN, NEXT_PUBLIC_FIREBASE_PROJECT_ID,
NEXT_PUBLIC_FIREBASE_STORAGE_BUCKET, NEXT_PUBLIC_FIREBASE_MESSAGING_SENDER_ID,
and NEXT_PUBLIC_FIREBASE_APP_ID to placeholder strings and configure your CI/CD
pipeline to inject the real values from secret store at deploy time; after
replacing, ensure the real API key is rotated/locked down (HTTP referrers + API
allowlist) outside the repo and add a README note or comment indicating CI
secret injection for these NEXT_PUBLIC_* variables.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@docs/CONTRIBUTING.md`:
- Around line 165-167: The fenced code block containing the path string "app →
screens → lib → api → shared" lacks a language tag; update the opening fence
from ``` to ```text so the block reads ```text followed by the path and the
closing ``` to satisfy markdown lint (MD040).

In `@src/lib/auth/auth-service.ts`:
- Around line 74-82: After a successful signInWithEmailAndPassword in the
authService email login path, failures during credential.user.getIdToken or
createSession can leave the Firebase auth session active while backend session
creation fails; update the flow in the function that calls
signInWithEmailAndPassword / credential.user.getIdToken / createSession to catch
errors from getIdToken or createSession and perform cleanup by calling
signOut(auth) (or otherwise clearing the Firebase client session) before
rethrowing the error so no orphaned Firebase session remains; reference the
symbols signInWithEmailAndPassword, credential.user.getIdToken, createSession
and signOut to locate where to add the try/catch and cleanup logic.

In `@src/screens/login/company-login-form.tsx`:
- Around line 67-72: The CTA anchor currently uses href="#signup" which points
to a non-existent in-page anchor; update the element that contains the text "기업
계정이 없으신가요? 회원가입으로 이동하세요." to instead navigate to the real signup flow—either
replace href="#signup" with the correct signup route (e.g., "/signup") or
convert the anchor into a client-side navigation (e.g., using your router's Link
component or onClick handler like navigateToSignup) so the link actually opens
the signup page; ensure you update the <a ... href="#signup"> instance
accordingly.

---

Nitpick comments:
In @.env.production:
- Around line 3-8: Replace the concrete Firebase production values in the
tracked .env.production with placeholder entries (e.g.
NEXT_PUBLIC_FIREBASE_API_KEY=__FIREBASE_API_KEY__) and remove any committed real
secrets; specifically update NEXT_PUBLIC_FIREBASE_API_KEY,
NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN, NEXT_PUBLIC_FIREBASE_PROJECT_ID,
NEXT_PUBLIC_FIREBASE_STORAGE_BUCKET, NEXT_PUBLIC_FIREBASE_MESSAGING_SENDER_ID,
and NEXT_PUBLIC_FIREBASE_APP_ID to placeholder strings and configure your CI/CD
pipeline to inject the real values from secret store at deploy time; after
replacing, ensure the real API key is rotated/locked down (HTTP referrers + API
allowlist) outside the repo and add a README note or comment indicating CI
secret injection for these NEXT_PUBLIC_* variables.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: cea9d84d-b291-4b12-81fa-aca36b546a86

📥 Commits

Reviewing files that changed from the base of the PR and between c342616 and 17c82f0.

⛔ Files ignored due to path filters (4)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml
• public/favicon.ico is excluded by !**/*.ico
• public/vite.svg is excluded by !**/*.svg
• src/assets/react.svg is excluded by !**/*.svg

📒 Files selected for processing (48)

• .env
• .env.example
• .env.production
• .gitignore
• docs/CONTRIBUTING.md
• firebase.json
• src/App.css
• src/api/auth/auth-api.ts
• src/api/auth/google-profile-api.ts
• src/api/auth/index.ts
• src/app/(auth)/login/page.tsx
• src/app/home/page.tsx
• src/app/layout.tsx
• src/entities/index.ts
• src/entities/user/index.ts
• src/features/auth/index.ts
• src/features/index.ts
• src/lib/auth/auth-error-message.ts
• src/lib/auth/auth-service.ts
• src/lib/auth/index.ts
• src/screens/home/home.stories.tsx
• src/screens/home/home.tsx
• src/screens/home/index.ts
• src/screens/index.ts
• src/screens/login/company-login-form.tsx
• src/screens/login/index.tsx
• src/screens/login/login.module.css
• src/screens/login/student-login-panel.tsx
• src/shared/ui/avatars/avatars.stories.tsx
• src/shared/ui/checkbox/checkbox.stories.tsx
• src/shared/ui/empty-states/empty-states.stories.tsx
• src/shared/ui/empty-states/empty-states.tsx
• src/shared/ui/file-uploader/file-uploader.stories.tsx
• src/shared/ui/form/form.stories.tsx
• src/shared/ui/index.ts
• src/shared/ui/input/index.ts
• src/shared/ui/input/index.tsx
• src/shared/ui/input/input.stories.tsx
• src/shared/ui/input/input.tsx
• src/shared/ui/lists/lists.stories.tsx
• src/shared/ui/modal/modal.stories.tsx
• src/shared/ui/modal/modal.tsx
• src/views/home/home.stories.tsx
• src/views/home/home.tsx
• src/views/login/index.tsx
• src/widgets/index.ts
• tsconfig.app.json
• tsconfig.json

💤 Files with no reviewable changes (11)

• src/widgets/index.ts
• src/features/index.ts
• src/App.css
• src/entities/index.ts
• src/shared/ui/input/index.tsx
• .env
• src/features/auth/index.ts
• src/entities/user/index.ts
• src/views/home/home.tsx
• src/views/home/home.stories.tsx
• src/views/login/index.tsx

[coderabbitai]

⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Add a language to the fenced code block to satisfy markdown lint.

The fence at Line 165 should declare a language (e.g., text) to avoid MD040 warnings.

Suggested fix

-```
+```text
 app → screens → lib → api → shared

</details>

<details>
<summary>🧰 Tools</summary>

<details>
<summary>🪛 markdownlint-cli2 (0.22.1)</summary>

[warning] 165-165: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

</details>

</details>

<details>
<summary>🤖 Prompt for AI Agents</summary>

Verify each finding against the current code and only fix it if needed.

In @docs/CONTRIBUTING.md around lines 165 - 167, The fenced code block
containing the path string "app → screens → lib → api → shared" lacks a language
tag; update the opening fence from totext so the block reads text followed by the path and the closing to satisfy markdown lint (MD040).

</details>

<!-- fingerprinting:phantom:poseidon:hawk:6cf36a1a-0c8b-4fc2-93ba-4e43bb0f31d4 -->

<!-- d98c2f50 -->

<!-- This is an auto-generated comment by CodeRabbit -->

[coderabbitai]

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Email login path misses cleanup on post-signin intermediate failure.

If Line 75 fails after Firebase auth succeeds, the Firebase session may remain while backend session creation never completes.

Proposed fix

 export const signInWithEmail = async (
   email: string,
   password: string,
 ): Promise<SessionResponse> => {
-  const credential = await signInWithEmailAndPassword(auth, email, password);
-  const idToken = await credential.user.getIdToken();
-
-  return createSession(idToken, {
-    role: "COMPANY",
-    name: credential.user.displayName ?? credential.user.email ?? email,
-    department: "",
-  });
+  const credential = await signInWithEmailAndPassword(auth, email, password);
+
+  try {
+    const idToken = await credential.user.getIdToken();
+    return await createSession(idToken, {
+      role: "COMPANY",
+      name: credential.user.displayName ?? credential.user.email ?? email,
+      department: "",
+    });
+  } catch (error) {
+    await firebaseSignOut(auth).catch(() => undefined);
+    throw error;
+  }
 };

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/lib/auth/auth-service.ts` around lines 74 - 82, After a successful
signInWithEmailAndPassword in the authService email login path, failures during
credential.user.getIdToken or createSession can leave the Firebase auth session
active while backend session creation fails; update the flow in the function
that calls signInWithEmailAndPassword / credential.user.getIdToken /
createSession to catch errors from getIdToken or createSession and perform
cleanup by calling signOut(auth) (or otherwise clearing the Firebase client
session) before rethrowing the error so no orphaned Firebase session remains;
reference the symbols signInWithEmailAndPassword, credential.user.getIdToken,
createSession and signOut to locate where to add the try/catch and cleanup
logic.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Signup CTA points to a dead in-page anchor.

Line 68 uses href="#signup", but this login screen does not render a matching id="signup" target, so the CTA won’t take users to signup flow.

Proposed fix

-    <a
-      href="#signup"
+    <a
+      href="/signup"
       className="mt-3 text-center text-[16px] font-medium leading-[150%] tracking-[-0.025em] text-[`#000000`] hover:text-[var(--color-primary-800)]"
     >
       기업 계정이 없으신가요? 회원가입으로 이동하세요.
     </a>

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	<a
	href="#signup"
	className="mt-3 text-center text-[16px] font-medium leading-[150%] tracking-[-0.025em] text-[#000000] hover:text-[var(--color-primary-800)]"
	>
	기업 계정이 없으신가요? 회원가입으로 이동하세요.
	</a>
	<a
	href="/signup"
	className="mt-3 text-center text-[16px] font-medium leading-[150%] tracking-[-0.025em] text-[`#000000`] hover:text-[var(--color-primary-800)]"
	>
	기업 계정이 없으신가요? 회원가입으로 이동하세요.
	</a>

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/screens/login/company-login-form.tsx` around lines 67 - 72, The CTA
anchor currently uses href="#signup" which points to a non-existent in-page
anchor; update the element that contains the text "기업 계정이 없으신가요? 회원가입으로 이동하세요."
to instead navigate to the real signup flow—either replace href="#signup" with
the correct signup route (e.g., "/signup") or convert the anchor into a
client-side navigation (e.g., using your router's Link component or onClick
handler like navigateToSignup) so the link actually opens the signup page;
ensure you update the <a ... href="#signup"> instance accordingly.