feat: 견적서 자동화, 마케팅 에셋, 전체 카피 강화

- 관리자 견적서 CRUD (WBS/항목/향후관리/특이사항 5탭 편집기)
- 고객용 공개 견적서 페이지 (optional 항목 선택 + 실시간 총액 + 수락)
- 마케팅 SVG 에셋 6종 (썸네일 5개 + 배너 1개) + 관리자 에셋 페이지
- 전체 카피 강화: 크레덴셜 제거 → URL증거/환불보장/계약서/납기패널티 중심

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

app/api/admin/quotes/[id]/route.ts

@@ -0,0 +1,47 @@
+import { NextResponse } from 'next/server';
+import { createAdminClient } from '@/lib/supabase/admin';
+import { verifyAdminTokenNode } from '@/lib/admin-auth';
+import { cookies } from 'next/headers';
+
+export const runtime = 'nodejs';
+
+async function checkAuth() {
+  const cookieStore = await cookies();
+  const token = cookieStore.get('admin_token')?.value;
+  return token && verifyAdminTokenNode(token);
+}
+
+export async function GET(_req: Request, { params }: { params: Promise<{ id: string }> }) {
+  if (!(await checkAuth())) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
+  const { id } = await params;
+  const supabase = createAdminClient();
+  const { data, error } = await supabase.from('quotes').select('*').eq('id', id).single();
+  if (error) return NextResponse.json({ error: error.message }, { status: 404 });
+  return NextResponse.json({ quote: data });
+}
+
+export async function PUT(request: Request, { params }: { params: Promise<{ id: string }> }) {
+  if (!(await checkAuth())) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
+  const { id } = await params;
+  const body = await request.json();
+  const supabase = createAdminClient();
+
+  const { data, error } = await supabase
+    .from('quotes')
+    .update({ ...body, updated_at: new Date().toISOString() })
+    .eq('id', id)
+    .select()
+    .single();
+
+  if (error) return NextResponse.json({ error: error.message }, { status: 500 });
+  return NextResponse.json({ quote: data });
+}
+
+export async function DELETE(_req: Request, { params }: { params: Promise<{ id: string }> }) {
+  if (!(await checkAuth())) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
+  const { id } = await params;
+  const supabase = createAdminClient();
+  const { error } = await supabase.from('quotes').delete().eq('id', id);
+  if (error) return NextResponse.json({ error: error.message }, { status: 500 });
+  return NextResponse.json({ success: true });
+}

app/api/admin/quotes/route.ts

@@ -0,0 +1,55 @@
+import { NextResponse } from 'next/server';
+import { createAdminClient } from '@/lib/supabase/admin';
+import { verifyAdminTokenNode } from '@/lib/admin-auth';
+import { cookies } from 'next/headers';
+
+export const runtime = 'nodejs';
+
+async function checkAuth() {
+  const cookieStore = await cookies();
+  const token = cookieStore.get('admin_token')?.value;
+  return token && verifyAdminTokenNode(token);
+}
+
+export async function GET() {
+  if (!(await checkAuth())) {
+    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
+  }
+
+  const supabase = createAdminClient();
+  const { data, error } = await supabase
+    .from('quotes')
+    .select('id, title, client_name, client_email, status, valid_until, public_token, items, created_at')
+    .order('created_at', { ascending: false });
+
+  if (error) return NextResponse.json({ error: error.message }, { status: 500 });
+  return NextResponse.json({ quotes: data ?? [] });
+}
+
+export async function POST(request: Request) {
+  if (!(await checkAuth())) {
+    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
+  }
+
+  const body = await request.json();
+  const supabase = createAdminClient();
+
+  const { data, error } = await supabase
+    .from('quotes')
+    .insert({
+      title: body.title || '새 견적서',
+      client_name: body.client_name || '',
+      client_email: body.client_email || '',
+      valid_until: body.valid_until || null,
+      wbs: body.wbs || [],
+      items: body.items || [],
+      maintenance: body.maintenance || [],
+      notes: body.notes || '',
+      status: 'draft',
+    })
+    .select()
+    .single();
+
+  if (error) return NextResponse.json({ error: error.message }, { status: 500 });
+  return NextResponse.json({ quote: data }, { status: 201 });
+}

app/api/quote/[token]/route.ts

@@ -0,0 +1,48 @@
+import { NextResponse } from 'next/server';
+import { createAdminClient } from '@/lib/supabase/admin';
+
+export const runtime = 'nodejs';
+
+// 고객용 공개 견적서 조회 (토큰 기반)
+export async function GET(_req: Request, { params }: { params: Promise<{ token: string }> }) {
+  const { token } = await params;
+  const supabase = createAdminClient();
+
+  const { data, error } = await supabase
+    .from('quotes')
+    .select('id, title, client_name, valid_until, status, wbs, items, maintenance, notes, created_at')
+    .eq('public_token', token)
+    .single();
+
+  if (error || !data) return NextResponse.json({ error: 'Not found' }, { status: 404 });
+  return NextResponse.json({ quote: data });
+}
+
+// 고객이 견적 수락
+export async function POST(request: Request, { params }: { params: Promise<{ token: string }> }) {
+  const { token } = await params;
+  const body = await request.json(); // { selectedItems, selectedMaintenance }
+  const supabase = createAdminClient();
+
+  const { data: quote, error: findErr } = await supabase
+    .from('quotes')
+    .select('id, title, client_name, client_email')
+    .eq('public_token', token)
+    .single();
+
+  if (findErr || !quote) return NextResponse.json({ error: 'Not found' }, { status: 404 });
+
+  // 상태를 accepted로 변경
+  await supabase
+    .from('quotes')
+    .update({
+      status: 'accepted',
+      accepted_items: body.selectedItems,
+      accepted_maintenance: body.selectedMaintenance,
+      accepted_total: body.total,
+      updated_at: new Date().toISOString(),
+    })
+    .eq('id', quote.id);
+
+  return NextResponse.json({ success: true });
+}