암호 키가 등록된 클라이언트에서 로그인을 수행하는 방식을 변경된 API에 맞게 변경

우선 이메일과 비밀번호를 이용해 로그인을 수행한 후, Token Upgrade를 수행하도록 변경했습니다.

src/routes/(fullscreen)/auth/login/+page.svelte

@@ -5,8 +5,8 @@
   import { TitleDiv, BottomDiv } from "$lib/components/divs";
   import { TextInput } from "$lib/components/inputs";
   import { refreshToken } from "$lib/hooks/callAPI";
-  import { keyPairStore } from "$lib/stores";
-  import { requestLogin } from "./service";
+  import { keyPairsStore } from "$lib/stores";
+  import { requestLogin, requestTokenUpgrade } from "./service";
 
   let { data } = $props();
 
@@ -16,14 +16,23 @@
   const login = async () => {
     // TODO: Validation
 
-    if (await requestLogin(email, password, $keyPairStore)) {
+    try {
+      if (!(await requestLogin(email, password))) throw new Error("Failed to login");
+
+      if (
+        $keyPairsStore &&
+        !(await requestTokenUpgrade($keyPairsStore.encKeyPair, $keyPairsStore.sigKeyPair))
+      )
+        throw new Error("Failed to upgrade token");
+
       await goto(
-        $keyPairStore
+        $keyPairsStore
           ? data.redirectPath
           : "/key/generate?redirect=" + encodeURIComponent(data.redirectPath),
       );
-    } else {
+    } catch (e) {
       // TODO: Alert
+      throw e;
     }
   };
 

src/routes/(fullscreen)/auth/login/service.ts

@@ -1,48 +1,46 @@
-import { encodeToBase64, exportRSAKey } from "$lib/modules/crypto";
-import { requestPubKeyRegistration } from "../../key/export/service";
+import { exportRSAKeyToBase64 } from "$lib/modules/crypto";
+import { requestTokenUpgrade as requestTokenUpgradeInternal } from "$lib/services/auth";
+import { requestClientRegistration } from "$lib/services/key";
 
-const callLoginAPI = async (email: string, password: string, pubKeyBase64?: string) => {
-  return await fetch("/api/auth/login", {
+export const requestLogin = async (email: string, password: string) => {
+  const res = await fetch("/api/auth/login", {
     method: "POST",
     headers: {
       "Content-Type": "application/json",
     },
-    body: JSON.stringify({
-      email,
-      password,
-      pubKey: pubKeyBase64,
-    }),
+    body: JSON.stringify({ email, password }),
   });
+  return res.ok;
 };
 
-export const requestLogin = async (
-  email: string,
-  password: string,
-  keyPair: CryptoKeyPair | null,
-  registerPubKey = true,
-): Promise<boolean> => {
-  const pubKeyBase64 = keyPair
-    ? encodeToBase64((await exportRSAKey(keyPair.publicKey, "public")).key)
-    : undefined;
-  let loginRes = await callLoginAPI(email, password, pubKeyBase64);
-  if (loginRes.ok) {
+export const requestTokenUpgrade = async (encKeyPair: CryptoKeyPair, sigKeyPair: CryptoKeyPair) => {
+  const encPubKeyBase64 = await exportRSAKeyToBase64(encKeyPair.publicKey, "public");
+  const sigPubKeyBase64 = await exportRSAKeyToBase64(sigKeyPair.publicKey, "public");
+  if (
+    await requestTokenUpgradeInternal(
+      encPubKeyBase64,
+      encKeyPair.privateKey,
+      sigPubKeyBase64,
+      sigKeyPair.privateKey,
+    )
+  ) {
     return true;
-  } else if (loginRes.status !== 401 || !keyPair || !registerPubKey) {
-    return false;
   }
 
-  const { message } = await loginRes.json();
-  if (message !== "Unregistered public key") {
-    return false;
-  }
-
-  loginRes = await callLoginAPI(email, password);
-  if (!loginRes.ok) {
-    return false;
-  }
-
-  if (await requestPubKeyRegistration(pubKeyBase64!, keyPair.privateKey)) {
-    return requestLogin(email, password, keyPair, false);
+  if (
+    await requestClientRegistration(
+      encPubKeyBase64,
+      encKeyPair.privateKey,
+      sigPubKeyBase64,
+      sigKeyPair.privateKey,
+    )
+  ) {
+    return await requestTokenUpgradeInternal(
+      encPubKeyBase64,
+      encKeyPair.privateKey,
+      sigPubKeyBase64,
+      sigKeyPair.privateKey,
+    );
   } else {
     return false;
   }