update

auth_prj/settings.py

@@ -30,13 +30,14 @@ else:
 # See https://docs.djangoproject.com/en/4.2/howto/deployment/checklist/
 
 # SECURITY WARNING: keep the secret key used in production secret!
-SECRET_KEY = 'django-insecure-*kh6e0376o-0m5n*xz^2a2t^fa^77c1=))f$3egn7!w7axaj-l'
+SECRET_KEY = os.environ.get('SECRET_KEY', 'django-insecure-ec9me^z%x7-2vwee5#qq(kvn@^cs!!22_*f-im(320_k5-=0j5')
 
 # SECURITY WARNING: don't run with debug turned on in production!
 DEBUG = int(os.environ.get('DEBUG', 1))
 
-ALLOWED_HOSTS = ["*"]
+AUTH_VERIFY_URL = os.environ.get('AUTH_VERIFY_URL', 'NONE')
 
+ALLOWED_HOSTS = ["*"]
 
 # Application definition
 
@@ -75,6 +76,8 @@ CORS_ALLOWED_ORIGINS = [
     "http://127.0.0.1:3000",
     "http://192.168.0.100:3000",
     "https://demo.test",
+    "http://demo.test",
+    "https://sample.test",
     "http://sample.test",
 ]
 

requirementes.txt

@@ -0,0 +1,26 @@
+asgiref==3.8.1
+certifi==2025.1.31
+charset-normalizer==3.4.1
+coreapi==2.3.3
+coreschema==0.0.4
+Django==4.2.14
+django-cors-headers==4.7.0
+djangorestframework==3.16.0
+djangorestframework_simplejwt==5.5.0
+drf-yasg==1.21.10
+idna==3.10
+inflection==0.5.1
+itypes==1.2.0
+Jinja2==3.1.6
+MarkupSafe==3.0.2
+mysqlclient==2.2.7
+packaging==25.0
+PyJWT==2.9.0
+python-dotenv==1.0.1
+pytz==2025.2
+PyYAML==6.0.2
+requests==2.32.3
+sqlparse==0.5.3
+typing_extensions==4.13.2
+uritemplate==4.1.1
+urllib3==2.4.0

users/serializers.py

@@ -1,6 +1,6 @@
 from rest_framework import serializers
 from .models import CustomUser
-
+from rest_framework_simplejwt.serializers import TokenObtainPairSerializer
 
 class RegisterSerializer(serializers.ModelSerializer):
     password = serializers.CharField(write_only=True)
@@ -15,3 +15,20 @@ class RegisterSerializer(serializers.ModelSerializer):
         user.set_password(password)
         user.save()
         return user
+
+
+class CustomTokenObtainPairSerializer(TokenObtainPairSerializer):
+    @classmethod
+    def get_token(cls, user):
+        token = super().get_token(user)
+
+        # ✅ JWT payload에 커스텀 정보 추가
+        token["name"] = user.name
+        token["grade"] = user.grade
+        token["email"] = user.email  # 선택적으로 추가 가능
+
+        return token
+    # def validate(self, attrs):
+    #     data = super().validate(attrs)
+    #     data['name'] = self.user.name  # ✅ 여기에 토큰 응답 추가 정보 삽입
+    #     return data

users/urls.py

@@ -1,10 +1,12 @@
 from django.urls import path
-from .views import RegisterView, MeView
+from .views import RegisterView, MeView, CustomTokenObtainPairView
-from rest_framework_simplejwt.views import TokenObtainPairView, TokenRefreshView
+from rest_framework_simplejwt.views import TokenObtainPairView, TokenRefreshView, TokenVerifyView
 
 urlpatterns = [
     path('register/', RegisterView.as_view(), name='register'),
-    path('login/', TokenObtainPairView.as_view(), name='token_obtain_pair'),
+    # path('login/', TokenObtainPairView.as_view(), name='token_obtain_pair'),
+    path('login/', CustomTokenObtainPairView.as_view(), name='token_obtain_pair'),
     path('refresh/', TokenRefreshView.as_view(), name='token_refresh'),
+    path('verify/', TokenVerifyView.as_view(), name='token_verify'),
     path('me/', MeView.as_view(), name='me'),
 ]

users/views.py

@@ -1,9 +1,9 @@
 from rest_framework.views import APIView
 from rest_framework.response import Response
 from rest_framework import status
-from .serializers import RegisterSerializer
+from .serializers import RegisterSerializer, CustomTokenObtainPairSerializer
 from rest_framework.permissions import IsAuthenticated
-
+from rest_framework_simplejwt.views import TokenObtainPairView
 
 class RegisterView(APIView):
     def post(self, request):
@@ -21,3 +21,6 @@ class MeView(APIView):
         user = request.user
         serializer = RegisterSerializer(user)
         return Response(serializer.data)
+    
+class CustomTokenObtainPairView(TokenObtainPairView):
+    serializer_class = CustomTokenObtainPairSerializer