From d5028c21a50603d97f7309559694dbc3477355d7 Mon Sep 17 00:00:00 2001
From: happybell80 <happybell80@naver.com>
Date: Tue, 19 Aug 2025 09:12:35 +0900
Subject: [PATCH] =?UTF-8?q?=EC=95=84=EC=9D=B4=ED=85=9C=20=EC=9E=A5?=
 =?UTF-8?q?=EC=B0=A9=20=ED=94=8C=EB=A1=9C=EC=9A=B0=EC=97=90=20auth-server?=
 =?UTF-8?q?=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- JWT 토큰 검증 단계 명확화
- 사용자 인증 실패 분기 추가
- gmail_tokens 소유권 확인 단계 추가
- Gateway → auth-server → Monitor 흐름 정리
---
 .../250819_gmail_item_implementation_plan.md  | 33 ++++++++++++-------
 1 file changed, 21 insertions(+), 12 deletions(-)

diff --git a/plans/250819_gmail_item_implementation_plan.md b/plans/250819_gmail_item_implementation_plan.md
index cbe9d0a..ae4d90b 100644
--- a/plans/250819_gmail_item_implementation_plan.md
+++ b/plans/250819_gmail_item_implementation_plan.md
@@ -110,6 +110,7 @@ PostgreSQL (gmail_tokens 테이블)
 sequenceDiagram
     participant User as 사용자
     participant Front as 프론트엔드
+    participant Auth as auth-server(9000)
     participant Gateway as Gateway(8100)
     participant Monitor as robeing-monitor(9024)
     participant RB as rb8001
@@ -117,18 +118,26 @@ sequenceDiagram
 
     User->>Front: Gmail 아이템 장착 클릭
     Front->>Gateway: POST /api/items/gmail/:userId/equip
-    Gateway->>Gateway: JWT 토큰 검증
-    Gateway->>Monitor: 장착 요청 전달
-    Monitor->>DB: robeing_stats 조회 (레벨 체크)
-    DB-->>Monitor: 레벨 정보
-    alt 레벨 < 5
-        Monitor-->>Front: INSUFFICIENT_LEVEL
-    else 레벨 >= 5
-        Monitor->>DB: gmail_tokens 업데이트
-        Note over DB: is_equipped=true<br/>equipped_to=robeing_id
-        Monitor->>DB: gmail_audit_logs 기록
-        Monitor-->>RB: 장착 완료 알림
-        Monitor-->>Front: 장착 성공
+    Gateway->>Auth: JWT 토큰 검증
+    Auth-->>Gateway: 사용자 정보 확인
+    
+    alt 인증 실패
+        Gateway-->>Front: UNAUTHORIZED
+    else 인증 성공
+        Gateway->>Monitor: 장착 요청 전달
+        Monitor->>DB: gmail_tokens 소유권 확인
+        Monitor->>DB: robeing_stats 조회 (레벨 체크)
+        DB-->>Monitor: 레벨 정보
+        
+        alt 레벨 < 5
+            Monitor-->>Front: INSUFFICIENT_LEVEL
+        else 레벨 >= 5
+            Monitor->>DB: gmail_tokens 업데이트
+            Note over DB: is_equipped=true<br/>equipped_to=robeing_id
+            Monitor->>DB: gmail_audit_logs 기록
+            Monitor-->>RB: 장착 완료 알림
+            Monitor-->>Front: 장착 성공
+        end
     end
 ```