20250915 #4 기능추가 인증 bff 로그인 api 연동 및 jwt 기반 authorization 처리

[Chuseok22]

Summary by CodeRabbit

• 버그 수정
  • 로그인 실패 시 HTTP 상태 코드를 401(Unauthorized)로 수정하여 인증 오류를 명확히 전달합니다. 클라이언트는 400 기반 처리 로직을 401 기준으로 업데이트하세요.
• 리팩터링
  • 내부 API 라우트의 비동기 일관성 개선 및 경로 파싱 안정성 향상. 기능적 변경 없이 신뢰성을 높였습니다.
• 작업(Chores)
  • CI가 main 브랜치 대상 PR에도 실행되도록 트리거 범위를 확장했습니다.

[coderabbitai]

Caution

Review failed

The pull request is closed.

Walkthrough

• CI workflow PR trigger now includes main and test.
• API route handlers (GET/POST/PUT/PATCH/DELETE/OPTIONS) changed to async.
• ProxyContext.params type changed to Promise, requiring await.
• Proxy path extraction updated to await params and join when array.
• LOGIN_FAILED error status changed from 400 to 401.

Changes

Cohort / File(s)	Summary
CI Workflow trigger \.github/workflows/RomRom-ADMIN-CI.yml	PR 트리거 대상 브랜치에 main 추가 (test외). 다른 로직 변화 없음.
API 라우트 핸들러 async 전환 src/app/api/[...path]/route.ts	GET/POST/PUT/PATCH/DELETE/OPTIONS를 동기 export에서 async export로 변경. 본문은 proxy(req, ctx) 반환 유지. 시그니처는 Promise<Response> 유지.
BFF 컨텍스트 params 비동기화 src/lib/bff/types.ts	ProxyContext.params 타입을 { path: string[] }에서 Promise<{ path: string[] }>로 변경.
BFF 프록시 경로 추출 업데이트 src/lib/bff/proxy.ts	ctx.params를 await하여 { path: segs }를 얻고, 배열일 때만 join('/'). import 순서 사소한 정렬.
에러 코드 수정 src/lib/error/error-code.ts	LOGIN_FAILED 상태 코드를 400에서 401로 변경. 메시지는 동일.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  participant C as Client
  participant R as Next.js Route (api/[...path])
  participant P as BFF Proxy
  participant B as Backend

  C->>R: HTTP Request (GET/POST/...)
  activate R
  R->>P: proxy(req, ctx)
  activate P
  Note over P: await ctx.params<br/>const { path } = await ctx.params
  P->>P: path = Array.isArray(path) ? path.join('/') : ''
  P->>B: Forward request with derived path
  B-->>P: Response
  deactivate P
  P-->>R: Response
  Note over R: Handlers are async (await Promise)
  R-->>C: HTTP Response

  rect rgba(255, 246, 214, 0.6)
  Note over R,P: 변경점: Route 핸들러 async화 + ctx.params 비동기 접근
  end

Loading

sequenceDiagram
  participant C as Client
  participant Auth as Auth Logic
  participant R as Error Codes

  C->>Auth: Login attempt
  alt 실패
    Auth->>R: Lookup LOGIN_FAILED
    R-->>Auth: status 401, message
    Auth-->>C: 401 Unauthorized
  else 성공
    Auth-->>C: 200 OK
  end

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• 20250915 #4 기능추가 인증 bff 로그인 api 연동 및 jwt 기반 authorization 처리 #5: src/lib/error/error-code.ts에 LOGIN_FAILED를 400으로 추가하고 src/app/api/[...path]/route.ts도 수정했던 PR로, 이번 PR의 401로의 변경 및 라우트 핸들러 업데이트와 직접적으로 연관.

Poem

작은 발로 탁탁, 메인에도 뛰어든다
라우트는 async, 길은 기다림으로 난다
프록시는 살짝, 경로를 모아 붙이고
로그인 실패는 이제 401로 말하고
깡총! 깡총! 코드의 숲에 새벽이 온다 🐇✨

✨ Finishing touches

• 📝 Generate Docstrings

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch 20250915_#4_기능추가_인증_BFF_로그인_API_연동_및_JWT_기반_Authorization_처리

---

📜 Recent review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 9d226b8 and 6130448.

📒 Files selected for processing (5)

• .github/workflows/RomRom-ADMIN-CI.yml (1 hunks)
• src/app/api/[...path]/route.ts (1 hunks)
• src/lib/bff/proxy.ts (2 hunks)
• src/lib/bff/types.ts (1 hunks)
• src/lib/error/error-code.ts (1 hunks)

Tip

👮 Agentic pre-merge checks are now available in preview!

Pro plan users can now enable pre-merge checks in their settings to enforce checklists before merging PRs.

• Built-in checks – Quickly apply ready-made checks to enforce title conventions, require pull request descriptions that follow templates, validate linked issues for compliance, and more.
• Custom agentic checks – Define your own rules using CodeRabbit’s advanced agentic capabilities to enforce organization-specific policies and workflows. For example, you can instruct CodeRabbit’s agent to verify that API documentation is updated whenever API schema files are modified in a PR. Note: Upto 5 custom checks are currently allowed during the preview period. Pricing for this feature will be announced in a few weeks.

Please see the documentation for more information.

Example:

reviews:
  pre_merge_checks:
    custom_checks:
      - name: "Undocumented Breaking Changes"
        mode: "warning"
        instructions: |
          Pass/fail criteria: All breaking changes to public APIs, CLI flags, environment variables, configuration keys, database schemas, or HTTP/GraphQL endpoints must be documented in the "Breaking Change" section of the PR description and in CHANGELOG.md. Exclude purely internal or private changes (e.g., code not exported from package entry points or explicitly marked as internal).

Please share your feedback with us on this Discord post.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}