feat: 로또 추천 API, 텔레그램 봇 연동, 관리자 페이지 추가

- 로또 번호 추천 구독자 전용 페이지 (/services/lotto/recommend) - NAS 몬테카를로 API 연동 + 클라이언트 사이드 폴백 - 무료 미리보기 1개 + 구독자용 프리미엄 번호 추천 - 구독 플랜 변경: 골드(900원)/플래티넘(2,900원)/다이아(9,900원) - 텔레그램 봇 연동: 연결/해제, 웹훅, /start 명령 처리 - 마이페이지 텔레그램 연결 UI + 가이드 모달 - 관리자 페이지 (/admin): 대시보드, 회원, 서비스, 문의 관리 - Supabase 마이그레이션: profiles 텔레그램 컬럼, 신규 상품 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-16 02:12:17 +09:00
parent 2469063979
commit a95715ec6b
32 changed files with 3060 additions and 35 deletions
--- a/app/api/admin/contacts/route.ts
+++ b/app/api/admin/contacts/route.ts
@@ -0,0 +1,52 @@
+import { NextResponse } from 'next/server';
+import { createAdminClient } from '@/lib/supabase/admin';
+import { verifyAdminTokenNode } from '@/lib/admin-auth';
+import { cookies } from 'next/headers';
+
+export const runtime = 'nodejs';
+
+async function checkAuth() {
+  const cookieStore = await cookies();
+  const token = cookieStore.get('admin_token')?.value;
+  return token && verifyAdminTokenNode(token);
+}
+
+export async function GET() {
+  if (!(await checkAuth())) {
+    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
+  }
+
+  const supabase = createAdminClient();
+
+  const { data, error } = await supabase
+    .from('contact_requests')
+    .select('*')
+    .order('created_at', { ascending: false })
+    .limit(100);
+
+  if (error) {
+    return NextResponse.json({ error: error.message }, { status: 500 });
+  }
+
+  return NextResponse.json({ contacts: data ?? [] });
+}
+
+export async function PATCH(request: Request) {
+  if (!(await checkAuth())) {
+    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
+  }
+
+  const { id, status } = await request.json();
+  const supabase = createAdminClient();
+
+  const { error } = await supabase
+    .from('contact_requests')
+    .update({ status })
+    .eq('id', id);
+
+  if (error) {
+    return NextResponse.json({ error: error.message }, { status: 500 });
+  }
+
+  return NextResponse.json({ success: true });
+}
--- a/app/api/admin/login/route.ts
+++ b/app/api/admin/login/route.ts
@@ -0,0 +1,29 @@
+import { NextResponse } from 'next/server';
+import { createAdminToken, checkAdminCredentials } from '@/lib/admin-auth';
+
+export const runtime = 'nodejs';
+
+export async function POST(request: Request) {
+  try {
+    const { id, password } = await request.json();
+
+    if (!checkAdminCredentials(id, password)) {
+      return NextResponse.json({ error: '아이디 또는 비밀번호가 올바르지 않습니다.' }, { status: 401 });
+    }
+
+    const token = createAdminToken();
+
+    const response = NextResponse.json({ success: true });
+    response.cookies.set('admin_token', token, {
+      httpOnly: true,
+      secure: process.env.NODE_ENV === 'production',
+      sameSite: 'lax',
+      maxAge: 60 * 60 * 24, // 24시간
+      path: '/',
+    });
+
+    return response;
+  } catch {
+    return NextResponse.json({ error: '서버 오류가 발생했습니다.' }, { status: 500 });
+  }
+}
--- a/app/api/admin/logout/route.ts
+++ b/app/api/admin/logout/route.ts
@@ -0,0 +1,11 @@
+import { NextResponse } from 'next/server';
+
+export async function POST() {
+  const response = NextResponse.json({ success: true });
+  response.cookies.set('admin_token', '', {
+    httpOnly: true,
+    maxAge: 0,
+    path: '/',
+  });
+  return response;
+}
--- a/app/api/admin/members/route.ts
+++ b/app/api/admin/members/route.ts
@@ -0,0 +1,40 @@
+import { NextResponse } from 'next/server';
+import { createAdminClient } from '@/lib/supabase/admin';
+import { verifyAdminTokenNode } from '@/lib/admin-auth';
+import { cookies } from 'next/headers';
+
+export const runtime = 'nodejs';
+
+export async function GET() {
+  const cookieStore = await cookies();
+  const token = cookieStore.get('admin_token')?.value;
+  if (!token || !verifyAdminTokenNode(token)) {
+    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
+  }
+
+  const supabase = createAdminClient();
+
+  const { data: profiles, error } = await supabase
+    .from('profiles')
+    .select('id, email, full_name, created_at')
+    .order('created_at', { ascending: false })
+    .limit(100);
+
+  if (error) {
+    return NextResponse.json({ error: error.message }, { status: 500 });
+  }
+
+  // 각 회원의 주문 수 + 결제 금액 집계
+  const enriched = await Promise.all(
+    (profiles ?? []).map(async (p: { id: string; email: string; full_name: string; created_at: string }) => {
+      const [ordersRes, paymentsRes] = await Promise.all([
+        supabase.from('orders').select('id', { count: 'exact', head: true }).eq('user_id', p.id).eq('status', 'paid'),
+        supabase.from('payments').select('amount').eq('user_id', p.id).eq('status', 'paid'),
+      ]);
+      const totalPaid = (paymentsRes.data ?? []).reduce((s: number, x: { amount: number }) => s + x.amount, 0);
+      return { ...p, orderCount: ordersRes.count ?? 0, totalPaid };
+    })
+  );
+
+  return NextResponse.json({ members: enriched });
+}
--- a/app/api/admin/services/route.ts
+++ b/app/api/admin/services/route.ts
@@ -0,0 +1,60 @@
+import { NextResponse } from 'next/server';
+import { createAdminClient } from '@/lib/supabase/admin';
+import { verifyAdminTokenNode } from '@/lib/admin-auth';
+import { cookies } from 'next/headers';
+
+export const runtime = 'nodejs';
+
+async function checkAuth() {
+  const cookieStore = await cookies();
+  const token = cookieStore.get('admin_token')?.value;
+  return token && verifyAdminTokenNode(token);
+}
+
+export async function GET() {
+  if (!(await checkAuth())) {
+    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
+  }
+
+  const supabase = createAdminClient();
+
+  const { data, error } = await supabase
+    .from('service_settings')
+    .select('*')
+    .order('order_index');
+
+  if (error) {
+    // 테이블이 없으면 기본값 반환
+    return NextResponse.json({ services: DEFAULT_SERVICES });
+  }
+
+  return NextResponse.json({ services: data?.length ? data : DEFAULT_SERVICES });
+}
+
+export async function PATCH(request: Request) {
+  if (!(await checkAuth())) {
+    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
+  }
+
+  const { id, is_active } = await request.json();
+  const supabase = createAdminClient();
+
+  const { error } = await supabase
+    .from('service_settings')
+    .upsert({ id, is_active, updated_at: new Date().toISOString() });
+
+  if (error) {
+    return NextResponse.json({ error: error.message }, { status: 500 });
+  }
+
+  return NextResponse.json({ success: true });
+}
+
+const DEFAULT_SERVICES = [
+  { id: 'saju', name: 'AI 사주 분석', description: '사주 입력 및 AI 해석 서비스', is_active: true, order_index: 1 },
+  { id: 'lotto', name: '로또 번호 추천', description: '빅데이터 기반 로또 번호 분석', is_active: true, order_index: 2 },
+  { id: 'stock', name: '주식 자동매매', description: '텔레그램 연동 자동매매 프로그램', is_active: true, order_index: 3 },
+  { id: 'automation', name: '업무 자동화 RPA', description: '반복 업무 자동화 개발', is_active: true, order_index: 4 },
+  { id: 'prompt', name: '프롬프트 엔지니어링', description: 'AI 프롬프트 설계 서비스', is_active: true, order_index: 5 },
+  { id: 'freelance', name: '외주 개발', description: '맞춤형 소프트웨어 개발', is_active: true, order_index: 6 },
+];
--- a/app/api/admin/stats/route.ts
+++ b/app/api/admin/stats/route.ts
@@ -0,0 +1,51 @@
+import { NextResponse } from 'next/server';
+import { createAdminClient } from '@/lib/supabase/admin';
+import { verifyAdminTokenNode } from '@/lib/admin-auth';
+import { cookies } from 'next/headers';
+
+export const runtime = 'nodejs';
+
+export async function GET() {
+  const cookieStore = await cookies();
+  const token = cookieStore.get('admin_token')?.value;
+  if (!token || !verifyAdminTokenNode(token)) {
+    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
+  }
+
+  const supabase = createAdminClient();
+
+  // 병렬 쿼리
+  const [profilesRes, ordersRes, paymentsRes, contactsRes, monthlyRes] = await Promise.all([
+    supabase.from('profiles').select('id', { count: 'exact', head: true }),
+    supabase.from('orders').select('id', { count: 'exact', head: true }).eq('status', 'paid'),
+    supabase.from('payments').select('amount').eq('status', 'paid'),
+    supabase.from('contact_requests').select('id', { count: 'exact', head: true }).eq('status', 'pending'),
+    supabase.from('payments').select('amount, created_at').eq('status', 'paid').order('created_at', { ascending: true }),
+  ]);
+
+  const totalMembers = profilesRes.count ?? 0;
+  const totalOrders = ordersRes.count ?? 0;
+  const totalRevenue = (paymentsRes.data ?? []).reduce((sum: number, p: { amount: number }) => sum + p.amount, 0);
+  const pendingContacts = contactsRes.count ?? 0;
+
+  // 최근 6개월 월별 수익 집계
+  const monthly: Record<string, number> = {};
+  const now = new Date();
+  for (let i = 5; i >= 0; i--) {
+    const d = new Date(now.getFullYear(), now.getMonth() - i, 1);
+    const key = `${d.getFullYear()}-${String(d.getMonth() + 1).padStart(2, '0')}`;
+    monthly[key] = 0;
+  }
+
+  for (const p of (monthlyRes.data ?? []) as Array<{ amount: number; created_at: string }>) {
+    const d = new Date(p.created_at);
+    const key = `${d.getFullYear()}-${String(d.getMonth() + 1).padStart(2, '0')}`;
+    if (key in monthly) {
+      monthly[key] += p.amount;
+    }
+  }
+
+  const monthlyChart = Object.entries(monthly).map(([month, revenue]) => ({ month, revenue }));
+
+  return NextResponse.json({ totalMembers, totalOrders, totalRevenue, pendingContacts, monthlyChart });
+}