diff options
| author | joonhoekim <26rote@gmail.com> | 2025-10-15 21:38:21 +0900 |
|---|---|---|
| committer | joonhoekim <26rote@gmail.com> | 2025-10-15 21:38:21 +0900 |
| commit | a070f833d132e6370311c0bbdad03beb51d595df (patch) | |
| tree | 9184292e4c2631ee0c7a7247f9728fc26de790f1 /app/api/auth/[...nextauth]/route.ts | |
| parent | 280a2628df810dc157357e0e4d2ed8076d020a2c (diff) | |
(김준회) 이메일 화이트리스트 (SMS 우회) 기능 추가 및 기존 로그인 과정 통합
Diffstat (limited to 'app/api/auth/[...nextauth]/route.ts')
| -rw-r--r-- | app/api/auth/[...nextauth]/route.ts | 25 |
1 files changed, 18 insertions, 7 deletions
diff --git a/app/api/auth/[...nextauth]/route.ts b/app/api/auth/[...nextauth]/route.ts index 5896fb90..3b0f8c61 100644 --- a/app/api/auth/[...nextauth]/route.ts +++ b/app/api/auth/[...nextauth]/route.ts @@ -11,7 +11,7 @@ import { getUserByEmail, getUserById } from '@/lib/users/repository' import { authenticateWithSGips, verifyExternalCredentials } from '@/lib/users/auth/verifyCredentails' import { verifyOtpTemp } from '@/lib/users/verifyOtp' import { getSecuritySettings } from '@/lib/password-policy/service' -import { verifySmsToken } from '@/lib/users/auth/passwordUtil' +import { verifySmsToken, verifyEmailToken } from '@/lib/users/auth/passwordUtil' import { SessionRepository } from '@/lib/users/session/repository' import { getUserRoles } from '@/lib/users/service' @@ -161,14 +161,15 @@ export const authOptions: NextAuthOptions = { }, }), - // ✅ MFA 완료 후 최종 인증 - roles 정보 추가 + // ✅ MFA 완료 후 최종 인증 - roles 정보 추가 (SMS/Email OTP 지원) CredentialsProvider({ id: 'credentials-mfa', name: 'MFA Verification', credentials: { userId: { label: 'User ID', type: 'text' }, - smsToken: { label: 'SMS Token', type: 'text' }, + smsToken: { label: 'SMS Token', type: 'text' }, // SMS 또는 Email OTP 토큰 tempAuthKey: { label: 'Temp Auth Key', type: 'text' }, + mfaType: { label: 'MFA Type', type: 'text' }, // 'sms' 또는 'email' }, async authorize(credentials, req) { if (!credentials?.userId || !credentials?.smsToken || !credentials?.tempAuthKey) { @@ -191,10 +192,20 @@ export const authOptions: NextAuthOptions = { return null } - // SMS 토큰 검증 - const smsVerificationResult = await verifySmsToken(user.id, credentials.smsToken) - if (!smsVerificationResult || !smsVerificationResult.success) { - console.error('SMS token verification failed') + // MFA 타입에 따라 SMS 또는 Email OTP 검증 + const mfaType = credentials.mfaType || 'sms'; // 기본값은 SMS + let verificationResult; + + if (mfaType === 'email') { + verificationResult = await verifyEmailToken(user.id, credentials.smsToken) + console.log(`Email OTP verification for user ${user.email}:`, verificationResult.success) + } else { + verificationResult = await verifySmsToken(user.id, credentials.smsToken) + console.log(`SMS OTP verification for user ${user.email}:`, verificationResult.success) + } + + if (!verificationResult || !verificationResult.success) { + console.error(`${mfaType.toUpperCase()} token verification failed`) return null } |