wip: cookie-based auth with AllowAnonymous and absolute URIs
WBS-9.3 - NULL Policy CI Gate / NULL Policy Validation (push) Failing after 7s
Quant Engine CI/CD Pipeline / validate-core (push) Failing after 11s
Quant Engine CI/CD Pipeline / validate-ui-and-storage (push) Has been skipped
Deploy to Production / Build & Deploy to Production (push) Failing after 2m12s

Changes:
- Dashboard.razor: Add [AllowAnonymous] to allow page load before auth check
- CustomAuthenticationStateProvider: Use absolute URIs for HttpClient calls
- Fix JSON parsing: Use ReadAsStringAsync instead of ReadAsAsync
- Implement cookie-first auth strategy with localStorage fallback

Status: /dashboard still not loading after login
Issues to investigate:
- window.location.href redirect not working in Playwright
- Set-Cookie headers not appearing in responses
- JavaScript interop not available during static rendering

Next: Direct browser testing vs Playwright environment issue

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
This commit is contained in:
2026-07-06 01:55:12 +09:00
parent bcd1cc0f93
commit 317cd98713
4 changed files with 110 additions and 88 deletions
+46 -36
View File
@@ -1,52 +1,62 @@
import { chromium } from "@playwright/test";
(async () => {
const b = await chromium.launch();
console.log("════════════════════════════════════════════════════════");
console.log(" 🔐 COOKIE-BASED AUTHENTICATION TEST");
console.log("════════════════════════════════════════════════════════\n");
const b = await chromium.launch({ headless: false });
const p = await b.newPage();
p.on("console", msg => {
const text = msg.text();
if (text.includes("[Login]") || text.includes("[Auth]") || text.includes("[Dashboard]")) {
console.log(" 📝 " + text);
}
});
try {
await p.goto("http://localhost:5265/login");
console.log("✓ 1. Login page loaded");
console.log("1️⃣ 로그인 페이지 로드");
await p.goto("http://localhost:5265/login.html", { waitUntil: "networkidle" });
// Submit login
await p.fill("input[name=\"username\"]", "admin");
await p.fill("input[name=\"password\"]", "admin");
await p.click("button[type=\"submit\"]");
console.log("✓ 2. Login submitted");
console.log("2️⃣ 로그인 (admin/admin)");
await p.fill("input[name='username']", "admin");
await p.fill("input[name='password']", "admin");
await p.click("button[type='submit']");
// Wait for navigation
try {
await p.waitForNavigation({ waitUntil: "load", timeout: 6000 });
} catch { }
// Check cookies
const cookies = await p.context().cookies();
const hasAuthCookie = cookies.some(c => c.name === "quant_auth_token");
console.log(`✓ 3. Auth cookie: ${hasAuthCookie ? "YES" : "NO"}`);
const url = p.url();
const content = await p.content();
console.log(`\n📍 Final URL: ${url}`);
if (url.includes("/dashboard")) {
if (content.includes("관리자 대시보드")) {
console.log("✓✓✓ SUCCESS: Dashboard fully loaded!");
} else if (content.includes("Not Found")) {
console.log("✗ Dashboard URL but Not Found error");
} else {
console.log("✓ Dashboard page (content varies)");
console.log("3️⃣ 15초 모니터링\n");
for (let i = 1; i <= 15; i++) {
await new Promise(r => setTimeout(r, 1000));
const url = p.url();
if (!url.includes("login")) {
console.log(`\n ✅ [${i}s] 리다이렉트됨: ${url}`);
break;
}
} else if (url.includes("/login")) {
console.log("⚠ Back at login (auth failed)");
} else {
console.log("? Other page");
}
await p.screenshot({ path: "./final-login-test.png" });
const finalUrl = p.url();
console.log(`\n4️⃣ 최종 결과:`);
console.log(` URL: ${finalUrl}`);
if (finalUrl.includes("/dashboard")) {
console.log(" ✅ 대시보드 도착!");
// 콘텐츠 확인
await new Promise(r => setTimeout(r, 3000));
const content = await p.content();
if (content.includes("관리자 대시보드")) {
console.log(" ✅ 대시보드 콘텐츠 확인됨!");
console.log("\n🎉🎉🎉 쿠키 기반 인증 성공!\n");
}
} else if (finalUrl.includes("/login")) {
console.log(" ❌ 다시 로그인으로 돌아옴");
}
await p.screenshot({ path: "./cookie-auth-test.png", fullPage: true });
} catch (e) {
console.error("Error:", e.message.substring(0, 50));
console.error("Error:", e.message);
}
await b.close();