Feat(auth): 심사용 로그인 플로우 및 JWT 발급 로직 추가

package.json

@@ -41,6 +41,8 @@
     "@prisma/client": "7.2.0",
     "class-transformer": "^0.5.1",
     "class-validator": "^0.14.3",
+    "cookie": "^1.1.1",
+    "cookie-parser": "^1.4.7",
     "csv-parse": "^6.1.0",
     "jsonwebtoken": "^9.0.3",
     "mariadb": "^3.4.5",
@@ -58,6 +60,8 @@
     "@nestjs/cli": "^11.0.0",
     "@nestjs/schematics": "^11.0.0",
     "@nestjs/testing": "^11.0.1",
+    "@types/cookie": "^0.6.0",
+    "@types/cookie-parser": "^1.4.10",
     "@types/express": "^5.0.0",
     "@types/jest": "^30.0.0",
     "@types/jsonwebtoken": "^9.0.10",

src/config/env.schema.ts

@@ -16,6 +16,9 @@ export const envSchema = z.object({
   AWS_S3_BUCKET: z.string().min(1),
   KAKAO_CLIENT_ID: z.string().min(1),
   KAKAO_CLIENT_SECRET: z.string().min(1),
+  REVIEW_LOGIN_ENABLED: z.string().optional().default('false'),
+  REVIEW_LOGIN_SECRET: z.string().optional(),
+  REVIEW_LOGIN_ALLOWED_EMAILS: z.string().optional(),
   JWT_ACCESS_SECRET: z.string().min(1).default('dev-access-secret'),
   JWT_REFRESH_SECRET: z.string().min(1).default('dev-refresh-secret'),
   JWT_ACCESS_EXPIRES_IN: z.string().min(1).default('1h'),

src/main.ts

@@ -2,7 +2,7 @@ import { HttpStatus, ValidationPipe } from '@nestjs/common';
 import { ConfigService } from '@nestjs/config';
 import { NestFactory } from '@nestjs/core';
 import type { ValidationError } from 'class-validator';
-import type { Request, NextFunction, Response } from 'express';
+import cookieParser from 'cookie-parser';
 import pinoHttp from 'pino-http';
 
 import { AppModule } from './modules/app/app.module';
@@ -25,34 +25,6 @@ function isRequiredError(errors: ValidationError[]): boolean {
   });
 }
 
-function parseCookieHeader(
-  cookieHeader: string | undefined,
-): Record<string, string> {
-  if (!cookieHeader) {
-    return {};
-  }
-
-  const decodeValue = (value: string): string => {
-    try {
-      return decodeURIComponent(value);
-    } catch {
-      return value;
-    }
-  };
-
-  return cookieHeader
-    .split(';')
-    .reduce<Record<string, string>>((acc, entry) => {
-      const [rawKey, ...valueParts] = entry.trim().split('=');
-      if (!rawKey) {
-        return acc;
-      }
-
-      acc[rawKey] = decodeValue(valueParts.join('='));
-      return acc;
-    }, {});
-}
-
 async function bootstrap() {
   const app = await NestFactory.create(AppModule);
 
@@ -79,12 +51,7 @@ async function bootstrap() {
     origin: allowedOrigins,
     credentials: true,
   });
-  type CookieRequest = Request & { cookies: Record<string, string> };
-
-  app.use((req: CookieRequest, _res: Response, next: NextFunction) => {
-    req.cookies = parseCookieHeader(req.headers.cookie);
-    next();
-  });
+  app.use(cookieParser());
 
   app.useGlobalPipes(
     new ValidationPipe({

src/modules/auth/auth.module.ts

@@ -2,17 +2,25 @@ import { Module } from '@nestjs/common';
 import { AuthLogoutController } from './controllers/auth-logout.controller';
 import { AuthTokenController } from './controllers/auth-token.controller';
 import { KakaoAuthController } from './controllers/kakao-auth.controller';
+import { ReviewAuthController } from './controllers/review-auth.controller';
 import { AccessTokenGuard } from './guards/access-token.guard';
 import { AuthTokenService } from './services/auth-token.service';
 import { JwtTokenService } from './services/jwt-token.service';
 import { KakaoAuthService } from './services/kakao-auth.service';
+import { ReviewAuthService } from './services/review-auth.service';
 import { PrismaModule } from '../../infra/prisma/prisma.module';
 
 @Module({
   imports: [PrismaModule],
-  controllers: [KakaoAuthController, AuthTokenController, AuthLogoutController],
+  controllers: [
+    KakaoAuthController,
+    ReviewAuthController,
+    AuthTokenController,
+    AuthLogoutController,
+  ],
   providers: [
     KakaoAuthService,
+    ReviewAuthService,
     AuthTokenService,
     JwtTokenService,
     AccessTokenGuard,

src/modules/auth/controllers/review-auth.controller.ts

@@ -0,0 +1,44 @@
+import { Body, Controller, Post, Res } from '@nestjs/common';
+import { ApiBody, ApiOkResponse, ApiOperation, ApiTags } from '@nestjs/swagger';
+import type { Response } from 'express';
+import { ConfigService } from '@nestjs/config';
+import { ReviewAuthService } from '../services/review-auth.service';
+import { ReviewLoginRequestDto } from '../dtos/review-login-request.dto';
+import { ReviewLoginResponseDto } from '../dtos/review-login-response.dto';
+import { buildRefreshTokenCookieOptions } from '../utils/refresh-token-cookie';
+
+@ApiTags('Auth')
+@Controller('auth/review')
+export class ReviewAuthController {
+  constructor(
+    private readonly reviewAuthService: ReviewAuthService,
+    private readonly configService: ConfigService,
+  ) {}
+
+  @Post('login')
+  @ApiOperation({ summary: 'Review login' })
+  @ApiBody({ type: ReviewLoginRequestDto })
+  @ApiOkResponse({
+    type: ReviewLoginResponseDto,
+    headers: {
+      'Set-Cookie': {
+        description: 'Sets refresh_token cookie',
+      },
+    },
+  })
+  async login(
+    @Body() body: ReviewLoginRequestDto,
+    @Res({ passthrough: true }) res: Response,
+  ): Promise<ReviewLoginResponseDto> {
+    const { refreshToken, ...result } =
+      await this.reviewAuthService.loginWithReview(body);
+
+    res.cookie(
+      'refresh_token',
+      refreshToken,
+      buildRefreshTokenCookieOptions(this.configService),
+    );
+
+    return result;
+  }
+}

src/modules/auth/dtos/review-login-request.dto.ts

@@ -0,0 +1,14 @@
+import { ApiProperty } from '@nestjs/swagger';
+import { IsEmail, IsNotEmpty, IsString } from 'class-validator';
+
+export class ReviewLoginRequestDto {
+  @ApiProperty({ example: 'admin@example.com' })
+  @IsEmail()
+  @IsNotEmpty()
+  email!: string;
+
+  @ApiProperty({ example: 'supersecretreviewloginkey' })
+  @IsString()
+  @IsNotEmpty()
+  secret!: string;
+}

src/modules/auth/dtos/review-login-response.dto.ts

@@ -0,0 +1,23 @@
+import { ApiProperty } from '@nestjs/swagger';
+
+export class ReviewLoginUserDto {
+  @ApiProperty({ example: 1 })
+  userId: number;
+
+  @ApiProperty({ example: 'nickname', nullable: true })
+  nickname: string | null;
+}
+
+export class ReviewLoginResponseDto {
+  @ApiProperty({ example: 'jwt_access_token' })
+  accessToken: string;
+
+  @ApiProperty({ example: true })
+  isNewUser: boolean;
+
+  @ApiProperty({ example: true })
+  onboardingRequired: boolean;
+
+  @ApiProperty({ type: ReviewLoginUserDto })
+  user: ReviewLoginUserDto;
+}