import os import requests from flask import Blueprint, redirect, request, session, url_for, render_template, flash from supabase import create_client from dotenv import load_dotenv # 환경 변수 로드 load_dotenv() SUPABASE_URL = os.getenv('SUPABASE_URL') SUPABASE_KEY = os.getenv('SUPABASE_KEY') supabase = create_client(SUPABASE_URL, SUPABASE_KEY) bp = Blueprint('auth', __name__, url_prefix='/auth') DISCORD_CLIENT_ID = os.getenv('DISCORD_CLIENT_ID') DISCORD_CLIENT_SECRET = os.getenv('DISCORD_CLIENT_SECRET') DISCORD_REDIRECT_URI = os.getenv('DISCORD_REDIRECT_URI') DISCORD_GUILD_ID = os.getenv('DISCORD_GUILD_ID') @bp.route('/login') def login(): """로그인 페이지""" return render_template('login.html') @bp.route('/discord-login') def discord_login(): """Discord OAuth2 로그인""" discord_auth_url = ( f"https://discord.com/api/oauth2/authorize" f"?client_id={DISCORD_CLIENT_ID}" f"&redirect_uri={DISCORD_REDIRECT_URI}" f"&response_type=code" f"&scope=identify email guilds.members.read" ) return redirect(discord_auth_url) @bp.route('/callback') def callback(): """Discord OAuth2 콜백 처리""" code = request.args.get('code') if not code: flash("Discord 인증 실패!", "danger") return redirect(url_for('auth.login')) # Discord API로 인증 코드 교환 token_url = "https://discord.com/api/oauth2/token" data = { "client_id": DISCORD_CLIENT_ID, "client_secret": DISCORD_CLIENT_SECRET, "grant_type": "authorization_code", "code": code, "redirect_uri": DISCORD_REDIRECT_URI } headers = {"Content-Type": "application/x-www-form-urlencoded"} token_response = requests.post(token_url, data=data, headers=headers) if token_response.status_code != 200: flash("Discord 토큰 교환 실패!", "danger") return redirect(url_for('auth.login')) access_token = token_response.json().get("access_token") # 사용자 정보 가져오기 user_url = "https://discord.com/api/users/@me" headers = {"Authorization": f"Bearer {access_token}"} user_response = requests.get(user_url, headers=headers) if user_response.status_code != 200: flash("Discord 사용자 정보 가져오기 실패!", "danger") return redirect(url_for('auth.login')) user_data = user_response.json() discord_id = user_data['id'] username = user_data['username'] email = user_data.get('email', '') avatar = user_data['avatar'] # Discord 서버 멤버 확인 bot_token = os.getenv('DISCORD_BOT_TOKEN') # 봇 토큰 사용 guild_id = DISCORD_GUILD_ID guild_member_url = f"https://discord.com/api/guilds/{guild_id}/members/{discord_id}" guild_headers = {"Authorization": f"Bot {bot_token}"} guild_member_response = requests.get(guild_member_url, headers=guild_headers) if guild_member_response.status_code != 200: error_details = guild_member_response.json() if guild_member_response.content else 'No details available' flash(f"Discord 서버 멤버 확인 실패: {error_details}", "danger") return redirect(url_for('auth.login')) # Supabase에서 유저 정보 확인 db_response = supabase.table('users').select('role').eq('discord_id', discord_id).execute() if db_response.data: # 유저가 이미 등록된 경우 role = db_response.data[0]['role'] else: # 유저가 없으면 기본값 'user'로 등록 insert_response = supabase.table('users').insert({ 'discord_id': discord_id, 'username': username, 'email': email, 'role': 'user' # 기본값 }).execute() if insert_response.data is None or len(insert_response.data) == 0: flash("유저 등록 실패! 서버에 문제가 발생했습니다.", "danger") return redirect(url_for('auth.login')) role = 'user' # 세션에 사용자 정보 저장 session['user'] = { "id": discord_id, "username": username, "email": email, "avatar": avatar, "role": role } flash("로그인 성공!", "success") return redirect(url_for('dashboard.dashboard')) @bp.route('/logout') def logout(): """로그아웃""" session.clear() flash("로그아웃 되었습니다.", "info") return redirect(url_for('auth.login')) @bp.route('/') def root(): """기본 경로 처리.""" if 'user' in session: # 로그인된 상태에서는 대시보드로 리디렉션 return redirect(url_for('dashboard.dashboard')) else: # 비로그인 상태에서는 로그인 페이지로 이동 return redirect(url_for('auth.login'))