4 Commits

Author SHA1 Message Date
kjh2064 e4290ef3c6 feat(ui): 모든 중요 페이지에 [Authorize] 인가 가드 적용하여 보안 강화 2026-07-01 11:27:50 +09:00
kjh2064 4de9339163 feat(ui): Blazor WebAssembly 마이그레이션 및 API-First 로그인 구현 2026-07-01 11:22:09 +09:00
kjh2064 bdb9262f4e feat(auth): QuantEngine 관리자 로그인 페이지 및 세션 인증 체계 구현 (WBS-AUTH) 2026-07-01 11:12:20 +09:00
kjh2064 24c1cce542 docs(cloud): 클라우드 서버 도메인 기반 가상 호스트(HTTPS) 설정 지침 최신화 및 Nginx 백업 추가 (WBS-CLOUD-5)
WBS-9.3 - NULL Policy CI Gate / NULL Policy Validation (pull_request) Failing after 4s
Quant Engine CI/CD Pipeline / validate-core (pull_request) Failing after 7s
Quant Engine CI/CD Pipeline / validate-ui-and-storage (pull_request) Has been skipped
2026-07-01 10:39:11 +09:00
28 changed files with 797 additions and 123 deletions
+79
View File
@@ -0,0 +1,79 @@
# HTTP 80 ➜ HTTPS 443 Redirect
server {
listen 80;
listen [::]:80;
server_name taxbaik.com www.taxbaik.com gitea.taxbaik.com quant.taxbaik.com;
return 301 https://$host$request_uri;
}
# TaxBaik 홈페이지 (통합 앱)
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name taxbaik.com www.taxbaik.com;
ssl_certificate /etc/letsencrypt/live/taxbaik.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/taxbaik.com/privkey.pem;
client_max_body_size 512M;
location / {
proxy_pass http://127.0.0.1:5001/taxbaik/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
# Gitea (코드 저장소)
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name gitea.taxbaik.com;
ssl_certificate /etc/letsencrypt/live/taxbaik.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/taxbaik.com/privkey.pem;
client_max_body_size 512M;
location / {
proxy_pass http://127.0.0.1:3000;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 300;
proxy_connect_timeout 300;
proxy_send_timeout 300;
}
}
# QuantEngine (Blazor Admin)
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name quant.taxbaik.com;
ssl_certificate /etc/letsencrypt/live/taxbaik.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/taxbaik.com/privkey.pem;
client_max_body_size 512M;
location / {
proxy_pass http://127.0.0.1:5000/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
+56 -53
View File
@@ -16,8 +16,8 @@
| 3.2 | [Python 가상 환경](#32-python-가상-환경) | `~/.venv`, `python3` 사용 규칙 |
| 3.3 | [주요 Python 패키지](#33-주요-python-패키지-시스템) | 시스템/venv 패키지 구분 |
| 4 | [서비스 아키텍처](#4-서비스-아키텍처) | 포트 맵, Nginx 리버스 프록시 |
| 4.1 | [포트 맵](#41-포트-맵) | 22, 80, 2222, 3000, 5000, 5432 |
| 4.2 | [Nginx 리버스 프록시](#42-nginx-리버스-프록시) | `/` → Gitea, `/quant/` → Blazor |
| 4.1 | [포트 맵](#41-포트-맵) | 22, 80, 443, 2222, 3000, 5000, 5001, 5432 |
| 4.2 | [Nginx 리버스 프록시](#42-nginx-리버스-프록시) | 도메인 가상 호스트 기반 분기 |
| 5 | [Gitea](#5-gitea) | Docker Compose 설정, 시크릿, 데이터 경로 |
| 5.1 | [Docker Compose](#51-docker-compose) | `gitea:1.26.4`, PG 연동 |
| 5.2 | [시크릿 관리](#52-시크릿-관리) | `/opt/stacks/gitea/.env` |
@@ -117,55 +117,30 @@ boto3, cryptography, Jinja2, jsonschema, fail2ban 등 시스템 레벨로 설치
| 포트 | 서비스 | 바인드 | 비고 |
|---|---|---|---|
| **22** | SSH | `0.0.0.0` | 공개키 전용 |
| **80** | Nginx (리버스 프록시) | `0.0.0.0` | 외부 진입점 |
| **80** | Nginx (HTTP) | `0.0.0.0` | 443 HTTPS로 리다이렉트 |
| **443** | Nginx (HTTPS) | `0.0.0.0` | SSL 가상 호스트 진입점 |
| **2222** | Gitea SSH | `0.0.0.0` | Git SSH 접속 |
| **3000** | Gitea Web | `127.0.0.1` | Nginx 프록시 경유 |
| **5000** | QuantEngine Blazor | `127.0.0.1` | Nginx `/quant/` 경유 |
| **3000** | Gitea Web | `127.0.0.1` | Nginx 프록시 경유 (`gitea.taxbaik.com`) |
| **5000** | QuantEngine Blazor | `127.0.0.1` | Nginx 프록시 경유 (`quant.taxbaik.com`) |
| **5001** | TaxBaik 홈페이지 | `127.0.0.1` | Nginx 프록시 경유 (`taxbaik.com` / `www.taxbaik.com`) |
| **5432** | PostgreSQL | `127.0.0.1` + `172.17.0.1` | 로컬 + Docker 네트워크 |
### 4.2. Nginx 리버스 프록시
```nginx
# /etc/nginx/sites-enabled/gitea-ip.conf
도메인 기반 가상 호스트(Virtual Host) 방식을 사용하여 각 도메인 요청을 내부 서비스로 연결하고, SSL(HTTPS)을 필수로 적용합니다. HTTP(80) 포트 요청은 자동으로 HTTPS(443)로 리다이렉트됩니다.
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
client_max_body_size 512M;
상세 Nginx 설정 백업은 `deploy/nginx-taxbaik-domains.conf`에 위치합니다.
# QuantEngine Blazor Web App
location /quant/ {
proxy_pass http://127.0.0.1:5000/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
# Gitea (기본)
location / {
proxy_pass http://127.0.0.1:3000;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 300;
proxy_connect_timeout 300;
proxy_send_timeout 300;
}
}
```
#### 가상 호스트 설정 개요
- **TaxBaik 홈페이지** (`https://taxbaik.com`, `https://www.taxbaik.com`) ➜ `http://127.0.0.1:5001/taxbaik/`
- **Gitea (코드 저장소)** (`https://gitea.taxbaik.com`) ➜ `http://127.0.0.1:3000`
- **QuantEngine (Blazor Admin)** (`https://quant.taxbaik.com`) ➜ `http://127.0.0.1:5000/`
**라우팅 요약**:
- `http://178.104.200.7/` → Gitea Web UI
- `http://178.104.200.7/quant/` → QuantEngine Blazor Admin
- `ssh://178.104.200.7:2222` → Gitea Git SSH
- `https://taxbaik.com` & `https://www.taxbaik.com` ➜ TaxBaik 홈페이지 (통합 앱)
- `https://gitea.taxbaik.com` ➜ Gitea Web UI
- `https://quant.taxbaik.com` ➜ QuantEngine Blazor Admin
- `ssh://git@gitea.taxbaik.com:2222` ➜ Gitea Git SSH
## 5. Gitea
@@ -335,8 +310,8 @@ ClientAliveCountMax 2
- **상태**: `ENABLED=yes` (`/etc/ufw/ufw.conf`)
- **로그 레벨**: `low`
- **외부 개방 포트**: 22 (SSH), 80 (HTTP/Nginx), 2222 (Gitea SSH)
- **내부 전용**: 3000 (Gitea Web), 5000 (QuantEngine), 5432 (PostgreSQL)
- **외부 개방 포트**: 22 (SSH), 80 (HTTP), 443 (HTTPS), 2222 (Gitea SSH)
- **내부 전용**: 3000 (Gitea Web), 5000 (QuantEngine), 5001 (TaxBaik Web), 5432 (PostgreSQL)
> 상세 규칙 확인: `sudo ufw status numbered` (TTY + sudo 비밀번호 필요)
@@ -349,8 +324,9 @@ ClientAliveCountMax 2
- Gitea Web: `127.0.0.1:3000` (로컬 전용)
- QuantEngine: `127.0.0.1:5000` (로컬 전용)
- TaxBaik Web: `127.0.0.1:5001` (로컬 전용)
- PostgreSQL: `127.0.0.1` + Docker bridge (`172.17.0.1`)
- 외부 노출: SSH(22), HTTP(80), Gitea SSH(2222)만 개방
- 외부 노출: SSH(22), HTTP(80), HTTPS(443), Gitea SSH(2222)만 개방
## 10. 디렉토리 맵
@@ -390,7 +366,7 @@ ClientAliveCountMax 2
| **CI Runner** | Synology Act Runner | 6× `act_runner:latest` (Docker) |
| **DB** | SQLite (파일 기반) | PostgreSQL 18 + SQLite (하이브리드) |
| **웹 Admin** | 없음 | QuantEngine Blazor (.NET 10, MudBlazor) |
| **리버스 프록시** | Synology 내장 | Nginx (`/` → Gitea, `/quant/` → Blazor) |
| **리버스 프록시** | Synology 내장 | Nginx 도메인 가상 호스트 및 SSL (HTTPS) 적용 (`deploy/nginx-taxbaik-domains.conf`) |
| **보안** | DSM 방화벽 | fail2ban + SSH 공개키 + 서비스 로컬바인드 |
| **시크릿 관리** | `.secrets/kis_real.env` | `/opt/stacks/gitea/.env` |
| **OS** | Synology DSM 7.x | Ubuntu 26.04 LTS |
@@ -452,14 +428,20 @@ docker run -d \
gitea/act_runner:latest
```
### SSH 접속
### SSH 접속 및 Git 원격 설정
```bash
# Windows 로컬에서
# Windows 로컬에서 서버 SSH 접속
ssh kjh2064@178.104.200.7
# Gitea Git 접속
git remote set-url origin ssh://git@178.104.200.7:2222/kjh2064/QuantEngineByItz.git
# 로컬 프로젝트의 Git Remote URL 변경 (Gitea 도메인 기반 HTTPS 적용)
# 1) 현재 설정된 remote url 확인
git remote -v
# 2) 새로운 도메인 주소로 원격 URL 변경
git remote set-url origin https://gitea.taxbaik.com/kjh2064/QuantEngineByItz.git
# Gitea Git SSH 접속 (기존 2222 포트 유지)
git remote set-url origin ssh://git@gitea.taxbaik.com:2222/kjh2064/QuantEngineByItz.git
```
## 13. 검증 하네스
@@ -514,6 +496,27 @@ ssh -T -p 2222 git@178.104.200.7 2>&1 | head -1
---
> **수집 일시**: 2026-06-26 09:55 KST
> **수집 방법**: `ssh kjh2064@178.104.200.7` 라이브 명령 실행
> **provenance**: 모든 값은 서버 실시간 명령 출력에서 추출. 임의 값 없음.
## 14. 트러블슈팅 (Troubleshooting)
### 14.1. Certbot / APT 패키지 설치 시 Microsoft 리포지토리 404 오류
- **증상**: `sudo apt-get update` 실행 시 Microsoft 패키지 저장소에서 `404 Not Found` 에러가 발생하며 패키지 목록 갱신이 중단되고, 이로 인해 `certbot` 설치가 `sudo: certbot: command not found` 에러로 실패하는 현상.
- **원인**: Ubuntu 26.04 (Resolute) 환경에서 Microsoft의 잘못된 리포지토리(26.04 경로에 focal/20.04 릴리스가 설정된 상태)를 참조하여 발생.
- **해결 방안**:
1. 문제가 되는 Microsoft apt 소스 설정 파일을 삭제하거나 비활성화합니다.
```bash
sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list
```
2. APT 패키지 목록을 다시 업데이트하고 Certbot 및 Nginx 플러그인을 설치합니다.
```bash
sudo apt-get update && sudo apt-get install -y certbot python3-certbot-nginx
```
3. 인증서 발급 및 설정을 적용합니다.
```bash
sudo certbot --nginx -d taxbaik.com -d www.taxbaik.com -d gitea.taxbaik.com -d quant.taxbaik.com --register-unsafely-without-email --agree-tos --non-interactive
```
---
> **수집 일시**: 2026-06-26 09:55 KST (추가 업데이트: 2026-07-01)
> **수집 방법**: `ssh kjh2064@178.104.200.7` 라이브 명령 및 트러블슈팅 사례 수집
> **provenance**: 모든 값은 서버 실시간 명령 출력 및 실제 오류 대처 조치 로그에서 추출. 임의 값 없음.
@@ -0,0 +1,63 @@
using System.Security.Claims;
using Microsoft.AspNetCore.Components.Authorization;
using QuantEngine.Web.Client.Services;
namespace QuantEngine.Web.Client.Infrastructure
{
public class CustomAuthenticationStateProvider : AuthenticationStateProvider
{
private readonly LocalStorageService _localStorage;
private readonly ClaimsPrincipal _anonymous = new ClaimsPrincipal(new ClaimsIdentity());
private const string StorageKey = "quant_admin_session";
public CustomAuthenticationStateProvider(LocalStorageService localStorage)
{
_localStorage = localStorage;
}
public override async Task<AuthenticationState> GetAuthenticationStateAsync()
{
try
{
var username = await _localStorage.GetAsync<string>(StorageKey);
if (!string.IsNullOrEmpty(username))
{
var identity = new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.Name, username),
new Claim(ClaimTypes.Role, "Admin")
}, "QuantAdminAuth");
var user = new ClaimsPrincipal(identity);
return new AuthenticationState(user);
}
}
catch
{
// Return anonymous if localStorage isn't ready
}
return new AuthenticationState(_anonymous);
}
public async Task MarkUserAsAuthenticatedAsync(string username)
{
await _localStorage.SetAsync(StorageKey, username);
var identity = new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.Name, username),
new Claim(ClaimTypes.Role, "Admin")
}, "QuantAdminAuth");
var user = new ClaimsPrincipal(identity);
NotifyAuthenticationStateChanged(Task.FromResult(new AuthenticationState(user)));
}
public async Task MarkUserAsLoggedOutAsync()
{
await _localStorage.DeleteAsync(StorageKey);
NotifyAuthenticationStateChanged(Task.FromResult(new AuthenticationState(_anonymous)));
}
}
}
@@ -1,8 +1,10 @@
@inherits LayoutComponentBase
@inject Microsoft.AspNetCore.Hosting.IWebHostEnvironment WebHostEnvironment
@using System.IO
@using System.Text.Json
@inject HttpClient Http
@inject AuthenticationStateProvider AuthStateProvider
@inject NavigationManager NavigationManager
@using System.Net.Http.Json
@using Microsoft.FluentUI.AspNetCore.Components
@using QuantEngine.Web.Client.Infrastructure
<FluentStack Orientation="Orientation.Vertical" Class="h-100 w-100">
<!-- Header -->
@@ -15,6 +17,16 @@
</FluentButton>
<h1 style="margin: 0; font-size: 20px; font-weight: 600;">QuantEngine v@appVersion</h1>
<AuthorizeView>
<Authorized>
<div style="margin-left: auto; display: flex; align-items: center; gap: 12px;">
<span style="font-size: 13px; color: var(--neutral-foreground-hint);">관리자 (@context.User.Identity?.Name)</span>
<FluentButton OnClick="HandleLogoutAsync" Style="color: #ff5252; background: transparent; border: 1px solid rgba(255, 82, 82, 0.2); cursor: pointer; padding: 4px 12px; border-radius: 4px;">
로그아웃
</FluentButton>
</div>
</Authorized>
</AuthorizeView>
</FluentStack>
</FluentHeader>
@@ -64,25 +76,15 @@
private string appVersion = "Local Debug";
private string buildTime = "N/A";
protected override void OnInitialized()
protected override async Task OnInitializedAsync()
{
try
{
var versionFilePath = Path.Combine(WebHostEnvironment.WebRootPath, "version.json");
if (File.Exists(versionFilePath))
var versionInfo = await Http.GetFromJsonAsync<VersionInfo>("version.json");
if (versionInfo != null)
{
var jsonContent = File.ReadAllText(versionFilePath);
using var doc = System.Text.Json.JsonDocument.Parse(jsonContent);
var root = doc.RootElement;
if (root.TryGetProperty("version", out var versionProp))
{
appVersion = versionProp.GetString() ?? "Local Debug";
}
if (root.TryGetProperty("built", out var builtProp))
{
buildTime = builtProp.GetString() ?? "N/A";
}
appVersion = versionInfo.Version ?? "Local Debug";
buildTime = versionInfo.Built ?? "N/A";
}
}
catch
@@ -90,5 +92,18 @@
// Fail-safe default fallback values
}
}
private async Task HandleLogoutAsync()
{
var customProvider = (CustomAuthenticationStateProvider)AuthStateProvider;
await customProvider.MarkUserAsLoggedOutAsync();
NavigationManager.NavigateTo("login");
}
private class VersionInfo
{
public string? Version { get; set; }
public string? Built { get; set; }
}
}
@@ -1,5 +1,6 @@
@page "/collection"
@using QuantEngine.Web.Services
@attribute [Authorize]
@using QuantEngine.Web.Client.Services
@inject ApiClient ApiClient
@inject ILogger<Collection> Logger
@@ -1,6 +1,7 @@
@page "/"
@attribute [Authorize]
@using QuantEngine.Core.Infrastructure
@inject IWebHostEnvironment Environment
@inject HttpClient Http
<PageTitle>Quant Engine - Dashboard</PageTitle>
@@ -96,15 +97,26 @@
private string RawFeedLabel = "DISCONNECTED";
private string ReportPath = "n/a";
protected override void OnInitialized()
protected override async Task OnInitializedAsync()
{
ReportPath = Path.GetFullPath(Path.Combine(Environment.ContentRootPath, "..", "..", "..", "Temp", "operational_report.json"));
var report = OperationalReportLoader.Load(ReportPath);
Sections.AddRange(report.Sections);
SectionCountLabel = report.SectionCount.ToString();
GeneratedAtLabel = report.GeneratedAt;
SourceLabel = report.SourceJson;
ReportStateLabel = Sections.Count > 0 ? "READY" : "DATA_MISSING";
ReportChipLabel = Sections.Count > 0 ? "READY" : "DATA_MISSING";
try
{
var report = await Http.GetFromJsonAsync<OperationalReportData>("api/operational-report");
if (report != null)
{
Sections.Clear();
Sections.AddRange(report.Sections);
SectionCountLabel = report.SectionCount.ToString();
GeneratedAtLabel = report.GeneratedAt;
SourceLabel = report.SourceJson;
ReportStateLabel = Sections.Count > 0 ? "READY" : "DATA_MISSING";
ReportChipLabel = Sections.Count > 0 ? "READY" : "DATA_MISSING";
}
}
catch
{
ReportStateLabel = "DATA_MISSING";
ReportChipLabel = "DATA_MISSING";
}
}
}
@@ -0,0 +1,308 @@
@page "/login"
@attribute [AllowAnonymous]
@inject AuthenticationStateProvider AuthStateProvider
@inject NavigationManager NavigationManager
@inject HttpClient Http
<PageTitle>로그인 - QuantEngine</PageTitle>
<div class="auth-container">
<div class="auth-card">
<div class="brand-section">
<img src="images/quant_engine_logo.jpg" alt="QuantEngine Logo" class="brand-logo" />
<h1 class="brand-title">QuantEngine</h1>
<p class="brand-subtitle">은퇴자산포트폴리오 투자 관리 시스템</p>
</div>
<form @onsubmit="HandleLoginAsync" class="auth-form">
<div class="form-group">
<label for="username">관리자 아이디</label>
<input type="text" id="username" class="form-control" @bind="Username" placeholder="아이디를 입력하세요" autocomplete="username" />
</div>
<div class="form-group">
<label for="password">비밀번호</label>
<input type="password" id="password" class="form-control" @bind="Password" placeholder="비밀번호를 입력하세요" autocomplete="current-password" />
</div>
@if (!string.IsNullOrEmpty(ErrorMessage))
{
<div class="error-message">
<svg class="error-icon" fill="none" viewBox="0 0 24 24" stroke="currentColor">
<path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M12 9v2m0 4h.01m-6.938 4h13.856c1.54 0 2.502-1.667 1.732-3L13.732 4c-.77-1.333-2.694-1.333-3.464 0L3.34 16c-.77 1.333.192 3 1.732 3z" />
</svg>
<span>@ErrorMessage</span>
</div>
}
<button type="submit" class="btn-submit" disabled="@IsSubmitting">
@if (IsSubmitting)
{
<span class="spinner"></span>
<span>인증 중...</span>
}
else
{
<span>로그인</span>
}
</button>
</form>
</div>
</div>
<style>
.auth-container {
display: flex;
align-items: center;
justify-content: center;
min-height: 100vh;
width: 100vw;
background: linear-gradient(135deg, #090a15 0%, #12142d 100%);
font-family: 'Roboto', 'Inter', sans-serif;
color: #ffffff;
position: fixed;
top: 0;
left: 0;
z-index: 9999;
overflow: hidden;
}
/* Ambient background glow */
.auth-container::before {
content: "";
position: absolute;
width: 600px;
height: 600px;
background: radial-gradient(circle, rgba(0, 242, 254, 0.08) 0%, rgba(79, 172, 254, 0) 70%);
top: -10%;
left: -10%;
pointer-events: none;
}
.auth-container::after {
content: "";
position: absolute;
width: 600px;
height: 600px;
background: radial-gradient(circle, rgba(79, 172, 254, 0.08) 0%, rgba(0, 242, 254, 0) 70%);
bottom: -10%;
right: -10%;
pointer-events: none;
}
.auth-card {
background: rgba(255, 255, 255, 0.02);
backdrop-filter: blur(25px);
-webkit-backdrop-filter: blur(25px);
border: 1px solid rgba(255, 255, 255, 0.06);
border-radius: 20px;
padding: 48px;
width: 440px;
box-shadow: 0 20px 50px rgba(0, 0, 0, 0.4);
display: flex;
flex-direction: column;
align-items: center;
z-index: 10;
animation: fadeIn 0.8s cubic-bezier(0.16, 1, 0.3, 1);
}
.brand-section {
text-align: center;
margin-bottom: 36px;
display: flex;
flex-direction: column;
align-items: center;
}
.brand-logo {
width: 80px;
height: 80px;
border-radius: 50%;
object-fit: cover;
border: 2px solid rgba(0, 242, 254, 0.3);
box-shadow: 0 0 20px rgba(0, 242, 254, 0.15);
margin-bottom: 16px;
transition: transform 0.3s ease;
}
.brand-logo:hover {
transform: rotate(5deg) scale(1.05);
}
.brand-title {
font-size: 26px;
font-weight: 700;
margin: 0;
background: linear-gradient(90deg, #00f2fe 0%, #4facfe 100%);
-webkit-background-clip: text;
-webkit-text-fill-color: transparent;
letter-spacing: 0.5px;
}
.brand-subtitle {
font-size: 13px;
color: rgba(255, 255, 255, 0.5);
margin: 6px 0 0 0;
font-weight: 300;
}
.auth-form {
width: 100%;
display: flex;
flex-direction: column;
gap: 20px;
}
.form-group {
display: flex;
flex-direction: column;
gap: 8px;
}
.form-group label {
font-size: 13px;
font-weight: 500;
color: rgba(255, 255, 255, 0.8);
padding-left: 2px;
}
.form-control {
background: rgba(255, 255, 255, 0.04);
border: 1px solid rgba(255, 255, 255, 0.1);
border-radius: 10px;
padding: 14px 16px;
color: #ffffff;
font-size: 14px;
transition: all 0.3s ease;
outline: none;
}
.form-control:focus {
border-color: rgba(0, 242, 254, 0.6);
background: rgba(255, 255, 255, 0.08);
box-shadow: 0 0 12px rgba(0, 242, 254, 0.15);
}
.form-control::placeholder {
color: rgba(255, 255, 255, 0.25);
}
.error-message {
display: flex;
align-items: center;
gap: 10px;
background: rgba(239, 68, 68, 0.08);
border: 1px solid rgba(239, 68, 68, 0.2);
border-radius: 10px;
padding: 12px 16px;
color: #f87171;
font-size: 13px;
}
.error-icon {
width: 18px;
height: 18px;
flex-shrink: 0;
}
.btn-submit {
background: linear-gradient(90deg, #00f2fe 0%, #4facfe 100%);
border: none;
border-radius: 10px;
padding: 14px;
color: #0b0c15;
font-size: 15px;
font-weight: 700;
cursor: pointer;
display: flex;
align-items: center;
justify-content: center;
gap: 10px;
transition: all 0.3s ease;
box-shadow: 0 4px 15px rgba(0, 242, 254, 0.2);
}
.btn-submit:hover:not(:disabled) {
transform: translateY(-2px);
box-shadow: 0 6px 20px rgba(0, 242, 254, 0.35);
}
.btn-submit:active:not(:disabled) {
transform: translateY(0);
}
.btn-submit:disabled {
opacity: 0.6;
cursor: not-allowed;
box-shadow: none;
}
.spinner {
width: 16px;
height: 16px;
border: 2px solid rgba(11, 12, 21, 0.25);
border-top-color: #0b0c15;
border-radius: 50%;
animation: spin 0.8s linear infinite;
}
@@keyframes spin {
to { transform: rotate(360deg); }
}
@@keyframes fadeIn {
from {
opacity: 0;
transform: translateY(20px);
}
to {
opacity: 1;
transform: translateY(0);
}
}
</style>
@code {
private string Username { get; set; } = string.Empty;
private string Password { get; set; } = string.Empty;
private string ErrorMessage { get; set; } = string.Empty;
private bool IsSubmitting { get; set; } = false;
private async Task HandleLoginAsync()
{
ErrorMessage = string.Empty;
if (string.IsNullOrWhiteSpace(Username) || string.IsNullOrWhiteSpace(Password))
{
ErrorMessage = "아이디와 비밀번호를 모두 입력해 주세요.";
return;
}
IsSubmitting = true;
try
{
var response = await Http.PostAsJsonAsync("api/auth/login", new { Username, Password });
if (response.IsSuccessStatusCode)
{
var customProvider = (CustomAuthenticationStateProvider)AuthStateProvider;
await customProvider.MarkUserAsAuthenticatedAsync(Username);
// Redirect back to home dashboard
NavigationManager.NavigateTo("");
}
else
{
ErrorMessage = "아이디 또는 비밀번호가 올바르지 않습니다.";
}
}
catch (Exception ex)
{
ErrorMessage = $"로그인 중 오류가 발생했습니다: {ex.Message}";
}
finally
{
IsSubmitting = false;
}
}
}
@@ -1,6 +1,7 @@
@page "/operations"
@attribute [Authorize]
@using QuantEngine.Core.Infrastructure
@inject IWebHostEnvironment Environment
@inject HttpClient Http
<PageTitle>Quant Engine - Operations</PageTitle>
@@ -97,19 +98,29 @@
protected override async Task OnInitializedAsync()
{
ReportPath = Path.GetFullPath(Path.Combine(Environment.ContentRootPath, "..", "..", "..", "Temp", "operational_report.json"));
try
{
var report = await Http.GetFromJsonAsync<OperationalReportData>("api/operational-report");
if (report != null)
{
SchemaVersion = report.SchemaVersion;
SourceJson = report.SourceJson;
GeneratedAt = report.GeneratedAt;
Sections.Clear();
Sections.AddRange(report.Sections);
var report = OperationalReportLoader.Load(ReportPath);
SchemaVersion = report.SchemaVersion;
SourceJson = report.SourceJson;
GeneratedAt = report.GeneratedAt;
Sections.AddRange(report.Sections);
HighlightSections.Clear();
HighlightSections.AddRange(Sections.Take(4));
HighlightSections.Clear();
HighlightSections.AddRange(Sections.Take(4));
SectionCountLabel = report.SectionCount.ToString();
RenderedSectionCountLabel = Sections.Count.ToString();
HealthLabel = Sections.Count > 0 ? "PASS" : "DATA_MISSING";
SectionCountLabel = report.SectionCount.ToString();
RenderedSectionCountLabel = Sections.Count.ToString();
HealthLabel = Sections.Count > 0 ? "PASS" : "DATA_MISSING";
}
}
catch
{
HealthLabel = "DATA_MISSING";
}
}
}
@@ -0,0 +1,23 @@
using Microsoft.AspNetCore.Components.WebAssembly.Hosting;
using Microsoft.FluentUI.AspNetCore.Components;
using Microsoft.AspNetCore.Components.Authorization;
using QuantEngine.Web.Client.Services;
using QuantEngine.Web.Client.Infrastructure;
var builder = WebAssemblyHostBuilder.CreateDefault(args);
// Register Fluent UI
builder.Services.AddFluentUIComponents();
// Register LocalStorage for cross-platform session persistence
builder.Services.AddScoped<LocalStorageService>();
// Authentication setup in WebAssembly client
builder.Services.AddAuthorizationCore();
builder.Services.AddCascadingAuthenticationState();
builder.Services.AddScoped<AuthenticationStateProvider, CustomAuthenticationStateProvider>();
// HttpClient register (API-First standard)
builder.Services.AddScoped(sp => new HttpClient { BaseAddress = new Uri(builder.HostEnvironment.BaseAddress) });
await builder.Build().RunAsync();
@@ -0,0 +1,23 @@
<Project Sdk="Microsoft.NET.Sdk.BlazorWebAssembly">
<PropertyGroup>
<TargetFramework>net10.0</TargetFramework>
<ImplicitUsings>enable</ImplicitUsings>
<Nullable>enable</Nullable>
<NoDefaultLaunchSettingsFile>true</NoDefaultLaunchSettingsFile>
<StaticWebAssetProjectMode>Default</StaticWebAssetProjectMode>
</PropertyGroup>
<ItemGroup>
<ProjectReference Include="..\..\QuantEngine.Core\QuantEngine.Core.csproj" />
<ProjectReference Include="..\..\QuantEngine.Application\QuantEngine.Application.csproj" />
</ItemGroup>
<ItemGroup>
<PackageReference Include="Microsoft.AspNetCore.Components.WebAssembly" Version="10.0.0-preview.2.25120.18" />
<PackageReference Include="Microsoft.AspNetCore.Components.Authorization" Version="10.0.0-preview.2.25120.18" />
<PackageReference Include="Microsoft.FluentUI.AspNetCore.Components" Version="5.0.0-rc.4-26177.1" />
<PackageReference Include="Microsoft.FluentUI.AspNetCore.Components.Icons" Version="5.0.0-rc.4-26177.1" />
</ItemGroup>
</Project>
@@ -0,0 +1,8 @@
@inject NavigationManager NavigationManager
@code {
protected override void OnInitialized()
{
NavigationManager.NavigateTo("login");
}
}
@@ -2,19 +2,16 @@ using System.Net.Http.Json;
using System.Text.Json.Serialization;
using QuantEngine.Core.Interfaces;
namespace QuantEngine.Web.Services;
namespace QuantEngine.Web.Client.Services;
public class ApiClient
{
private readonly HttpClient _http;
private readonly ILogger<ApiClient> _logger;
private string BaseUrl { get; set; }
public ApiClient(HttpClient http, ILogger<ApiClient> logger)
{
_http = http;
_logger = logger;
BaseUrl = "http://localhost:5001"; // Default for Blazor Server
}
// Collection API Methods
@@ -23,7 +20,7 @@ public class ApiClient
{
try
{
return await _http.GetFromJsonAsync<CollectionDashboardStateDto>($"{BaseUrl}/api/collection/state");
return await _http.GetFromJsonAsync<CollectionDashboardStateDto>("api/collection/state");
}
catch (Exception ex)
{
@@ -36,7 +33,7 @@ public class ApiClient
{
try
{
return await _http.GetFromJsonAsync<CollectionRunsResponse>($"{BaseUrl}/api/collection/runs?limit={limit}");
return await _http.GetFromJsonAsync<CollectionRunsResponse>($"api/collection/runs?limit={limit}");
}
catch (Exception ex)
{
@@ -49,7 +46,7 @@ public class ApiClient
{
try
{
return await _http.GetFromJsonAsync<CollectionRunSnapshotsResponse>($"{BaseUrl}/api/collection/runs/{runId}/snapshots");
return await _http.GetFromJsonAsync<CollectionRunSnapshotsResponse>($"api/collection/runs/{runId}/snapshots");
}
catch (Exception ex)
{
@@ -62,7 +59,7 @@ public class ApiClient
{
try
{
return await _http.GetFromJsonAsync<CollectionRunErrorsResponse>($"{BaseUrl}/api/collection/runs/{runId}/errors?limit={limit}");
return await _http.GetFromJsonAsync<CollectionRunErrorsResponse>($"api/collection/runs/{runId}/errors?limit={limit}");
}
catch (Exception ex)
{
@@ -75,7 +72,7 @@ public class ApiClient
{
try
{
var response = await _http.PostAsJsonAsync($"{BaseUrl}/api/collection/run", new { });
var response = await _http.PostAsJsonAsync("api/collection/run", new { });
if (response.IsSuccessStatusCode)
{
return await response.Content.ReadFromJsonAsync<CollectionRunStartResponse>();
@@ -0,0 +1,43 @@
using Microsoft.JSInterop;
using System.Text.Json;
namespace QuantEngine.Web.Client.Services
{
public class LocalStorageService
{
private readonly IJSRuntime _js;
public LocalStorageService(IJSRuntime js)
{
_js = js;
}
public async Task SetAsync<T>(string key, T value)
{
var json = JsonSerializer.Serialize(value);
await _js.InvokeVoidAsync("localStorage.setItem", key, json);
}
public async Task<T?> GetAsync<T>(string key)
{
try
{
var json = await _js.InvokeAsync<string?>("localStorage.getItem", key);
if (string.IsNullOrEmpty(json))
{
return default;
}
return JsonSerializer.Deserialize<T>(json);
}
catch
{
return default;
}
}
public async Task DeleteAsync(string key)
{
await _js.InvokeVoidAsync("localStorage.removeItem", key);
}
}
}
@@ -8,7 +8,10 @@
@using Microsoft.JSInterop
@using Microsoft.FluentUI.AspNetCore.Components
@using Microsoft.FluentUI.AspNetCore.Components.Icons
@using QuantEngine.Web
@using QuantEngine.Web.Components
@using QuantEngine.Web.Components.Layout
@using QuantEngine.Web.Services
@using QuantEngine.Web.Client
@using QuantEngine.Web.Client.Pages
@using QuantEngine.Web.Client.Layout
@using QuantEngine.Web.Client.Infrastructure
@using QuantEngine.Web.Client.Services
@using Microsoft.AspNetCore.Components.Authorization
@using Microsoft.AspNetCore.Authorization
@@ -13,12 +13,12 @@
<link rel="stylesheet" href="@Assets["QuantEngine.Web.styles.css"]" />
<ImportMap />
<link rel="icon" type="image/png" href="favicon.png" />
<HeadOutlet />
<HeadOutlet @rendermode="InteractiveWebAssembly" />
</head>
<body>
<FluentDesignSystemProvider>
<Routes />
<Routes @rendermode="InteractiveWebAssembly" />
<ReconnectModal />
</FluentDesignSystemProvider>
@@ -1,6 +1,16 @@
<Router AppAssembly="typeof(Program).Assembly" NotFoundPage="typeof(Pages.NotFound)">
<Found Context="routeData">
<RouteView RouteData="routeData" DefaultLayout="typeof(Layout.MainLayout)" />
<FocusOnNavigate RouteData="routeData" Selector="h1" />
</Found>
</Router>
@using QuantEngine.Web.Client
@using QuantEngine.Web.Client.Pages
@using QuantEngine.Web.Client.Layout
<CascadingAuthenticationState>
<Router AppAssembly="typeof(Dashboard).Assembly" NotFoundPage="typeof(NotFound)">
<Found Context="routeData">
<AuthorizeRouteView RouteData="routeData" DefaultLayout="typeof(MainLayout)">
<NotAuthorized>
<RedirectToLogin />
</NotAuthorized>
</AuthorizeRouteView>
<FocusOnNavigate RouteData="routeData" Selector="h1" />
</Found>
</Router>
</CascadingAuthenticationState>
@@ -1,4 +1,4 @@
@using System.Net.Http
@using System.Net.Http
@using System.Net.Http.Json
@using Microsoft.AspNetCore.Components.Forms
@using Microsoft.AspNetCore.Components.Routing
@@ -11,3 +11,6 @@
@using QuantEngine.Web
@using QuantEngine.Web.Components
@using QuantEngine.Web.Components.Layout
@using Microsoft.AspNetCore.Components.Authorization
@using Microsoft.AspNetCore.Authorization
@using QuantEngine.Web.Infrastructure
@@ -118,7 +118,7 @@ public static class CollectionEndpoints
var runId = Guid.NewGuid().ToString("N");
var now = DateTime.UtcNow.ToString("o");
var body = await request.ReadAsAsync<CollectionRunRequest>();
var body = await request.ReadFromJsonAsync<CollectionRunRequest>();
var account = body?.Account ?? "real";
var tickers = body?.Tickers ?? new List<string> { "005930", "000660" };
+45 -4
View File
@@ -1,6 +1,7 @@
using QuantEngine.Web.Components;
using QuantEngine.Web.Services;
using QuantEngine.Infrastructure.Data;
using Microsoft.AspNetCore.Components.Authorization;
using QuantEngine.Web.Infrastructure;
using QuantEngine.Infrastructure.Repositories;
using QuantEngine.Infrastructure.Services;
using QuantEngine.Core.Interfaces;
@@ -9,7 +10,8 @@ using System.Text.Json;
using static QuantEngine.Application.Services.DataCollectionService;
using Microsoft.FluentUI.AspNetCore.Components;
using Serilog;
using QuantEngine.Web.Infrastructure;
using QuantEngine.Web.Client.Infrastructure;
using QuantEngine.Web.Client.Services;
using QuantEngine.Web.Endpoints;
// Serilog Configuration with Telegram Sink
@@ -24,7 +26,13 @@ builder.Host.UseSerilog();
// Add services to the container.
builder.Services.AddRazorComponents()
.AddInteractiveServerComponents();
.AddInteractiveWebAssemblyComponents();
// Authentication and Custom State Provider (Shared client components)
builder.Services.AddCascadingAuthenticationState();
builder.Services.AddScoped<LocalStorageService>();
builder.Services.AddScoped<AuthenticationStateProvider, CustomAuthenticationStateProvider>();
builder.Services.AddAuthorizationCore();
// Fluent UI Services
builder.Services.AddFluentUIComponents();
@@ -94,6 +102,32 @@ app.MapStaticAssets();
// Collection API Endpoints (must be before MapRazorComponents)
app.MapCollectionEndpoints();
// Login API (API-First for Blazor WASM client authentication)
app.MapPost("/api/auth/login", (LoginRequest request, IConfiguration config) =>
{
var expectedUser = config["AdminSettings:Username"] ?? "admin";
var expectedPass = config["AdminSettings:Password"] ?? "quant123!";
if (request.Username == expectedUser && request.Password == expectedPass)
{
return Results.Ok(new { success = true, username = request.Username });
}
return Results.Json(new { success = false, error = "invalid_credentials" }, statusCode: 401);
});
// Operational Report serving API (WASM safe file loading substitute)
app.MapGet("/api/operational-report", async (IWebHostEnvironment env) =>
{
var path = Path.GetFullPath(Path.Combine(env.ContentRootPath, "..", "..", "..", "Temp", "operational_report.json"));
if (!File.Exists(path))
{
return Results.NotFound(new { gate = "FAIL", error = "operational_report_missing" });
}
var json = await File.ReadAllTextAsync(path);
using var doc = JsonDocument.Parse(json);
return Results.Ok(doc.RootElement);
});
app.MapGet("/api/history/{domain}", async (string domain, int? limit, IPostgresqlHistorySnapshotReader reader) =>
{
var rows = await reader.ReadAsync(domain, limit ?? 500);
@@ -138,7 +172,14 @@ app.MapPost("/api/history/{domain}", async (string domain, JsonElement payload,
});
app.MapRazorComponents<App>()
.AddInteractiveServerRenderMode();
.AddInteractiveWebAssemblyRenderMode()
.AddAdditionalAssemblies(typeof(QuantEngine.Web.Client._Imports).Assembly);
app.Run();
public class LoginRequest
{
public string Username { get; set; } = "";
public string Password { get; set; } = "";
}
@@ -4,12 +4,22 @@
<ProjectReference Include="..\QuantEngine.Infrastructure\QuantEngine.Infrastructure.csproj" />
<ProjectReference Include="..\QuantEngine.Application\QuantEngine.Application.csproj" />
<ProjectReference Include="..\QuantEngine.Core\QuantEngine.Core.csproj" />
<ProjectReference Include="Client\QuantEngine.Web.Client.csproj" />
</ItemGroup>
<ItemGroup>
<PackageReference Include="Microsoft.FluentUI.AspNetCore.Components" Version="5.0.0-rc.4-26177.1" />
<PackageReference Include="Microsoft.FluentUI.AspNetCore.Components.Icons" Version="5.0.0-rc.4-26177.1" />
<PackageReference Include="Serilog.AspNetCore" Version="10.0.0" />
<PackageReference Include="Microsoft.AspNetCore.Components.WebAssembly.Server" Version="10.0.0-preview.2.25120.18" />
</ItemGroup>
<ItemGroup>
<!-- Exclude client project files from server build to avoid duplicate compilations -->
<Compile Remove="Client\**" />
<Content Remove="Client\**" />
<EmbeddedResource Remove="Client\**" />
<None Remove="Client\**" />
</ItemGroup>
<PropertyGroup>
@@ -8,5 +8,9 @@
"AllowedHosts": "*",
"ConnectionStrings": {
"DefaultConnection": "Host=127.0.0.1;Database=giteadb;Username=gitea;Password=;Search Path=quantengine;"
},
"AdminSettings": {
"Username": "admin",
"Password": "quant123!"
}
}
Binary file not shown.

After

Width:  |  Height:  |  Size: 679 KiB

+17 -1
View File
@@ -1,4 +1,4 @@
Microsoft Visual Studio Solution File, Format Version 12.00
# Visual Studio Version 17
VisualStudioVersion = 17.0.31903.59
@@ -15,6 +15,9 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "QuantEngine.Core.Tests", "Q
EndProject
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "QuantEngine.Tools", "QuantEngine.Tools\QuantEngine.Tools.csproj", "{E2B1A0A1-7B13-4A4D-9B31-9C7F4F27A6A1}"
EndProject
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "QuantEngine.Web.Client", "QuantEngine.Web\Client\QuantEngine.Web.Client.csproj", "{C5F2F3BD-1258-40FC-803A-EE7EEC928107}"
EndProject
Global
GlobalSection(SolutionConfigurationPlatforms) = preSolution
Debug|Any CPU = Debug|Any CPU
@@ -97,8 +100,21 @@ Global
{E2B1A0A1-7B13-4A4D-9B31-9C7F4F27A6A1}.Release|x64.Build.0 = Release|Any CPU
{E2B1A0A1-7B13-4A4D-9B31-9C7F4F27A6A1}.Release|x86.ActiveCfg = Release|Any CPU
{E2B1A0A1-7B13-4A4D-9B31-9C7F4F27A6A1}.Release|x86.Build.0 = Release|Any CPU
{C5F2F3BD-1258-40FC-803A-EE7EEC928107}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
{C5F2F3BD-1258-40FC-803A-EE7EEC928107}.Debug|Any CPU.Build.0 = Debug|Any CPU
{C5F2F3BD-1258-40FC-803A-EE7EEC928107}.Debug|x64.ActiveCfg = Debug|Any CPU
{C5F2F3BD-1258-40FC-803A-EE7EEC928107}.Debug|x64.Build.0 = Debug|Any CPU
{C5F2F3BD-1258-40FC-803A-EE7EEC928107}.Debug|x86.ActiveCfg = Debug|Any CPU
{C5F2F3BD-1258-40FC-803A-EE7EEC928107}.Debug|x86.Build.0 = Debug|Any CPU
{C5F2F3BD-1258-40FC-803A-EE7EEC928107}.Release|Any CPU.ActiveCfg = Release|Any CPU
{C5F2F3BD-1258-40FC-803A-EE7EEC928107}.Release|Any CPU.Build.0 = Release|Any CPU
{C5F2F3BD-1258-40FC-803A-EE7EEC928107}.Release|x64.ActiveCfg = Release|Any CPU
{C5F2F3BD-1258-40FC-803A-EE7EEC928107}.Release|x64.Build.0 = Release|Any CPU
{C5F2F3BD-1258-40FC-803A-EE7EEC928107}.Release|x86.ActiveCfg = Release|Any CPU
{C5F2F3BD-1258-40FC-803A-EE7EEC928107}.Release|x86.Build.0 = Release|Any CPU
EndGlobalSection
GlobalSection(SolutionProperties) = preSolution
HideSolutionNode = FALSE
EndGlobalSection
EndGlobal
+1
View File
@@ -29,6 +29,7 @@ def _request_json(url: str, token: str, method: str = "GET", body: dict[str, Any
headers = {
"Authorization": f"token {token}",
"Accept": "application/json",
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36",
}
if body is not None:
headers["Content-Type"] = "application/json"