From 5a29d5075229ebf5fdf18890ff3ca6889a6cbcbf Mon Sep 17 00:00:00 2001
From: hayato5246 <hayato5246@gmail.com>
Date: Mon, 6 Apr 2026 20:11:24 +0900
Subject: [PATCH] =?UTF-8?q?=EB=A1=9C=EA=B7=B8=EC=9D=B8=20=EC=83=81?=
 =?UTF-8?q?=ED=83=9C=EC=97=90=20=EB=94=B0=EB=A5=B8=20=EB=84=A4=EB=B9=84?=
 =?UTF-8?q?=EA=B2=8C=EC=9D=B4=EC=85=98=20=EB=B0=8F=20=ED=8E=98=EC=9D=B4?=
 =?UTF-8?q?=EC=A7=80=20=EB=B3=B4=ED=98=B8=20=EB=A1=9C=EC=A7=81=20=EC=B6=94?=
 =?UTF-8?q?=EA=B0=80:=20-=20`+layout.svelte`=EC=97=90=EC=84=9C=20=EB=A1=9C?=
 =?UTF-8?q?=EA=B7=B8=EC=9D=B8=20=EC=83=81=ED=83=9C=EC=97=90=20=EB=94=B0?=
 =?UTF-8?q?=EB=9D=BC=20=EA=B3=B5=EA=B0=9C/=EB=B3=B4=ED=98=B8=20=EB=84=A4?=
 =?UTF-8?q?=EB=B9=84=EA=B2=8C=EC=9D=B4=EC=85=98=20=ED=95=AD=EB=AA=A9=20?=
 =?UTF-8?q?=EB=B6=84=EB=A6=AC=20=EB=B0=8F=20=ED=91=9C=EC=8B=9C.=20-=20?=
 =?UTF-8?q?=EB=A1=9C=EA=B7=B8=EC=9D=B8=20=EC=97=AC=EB=B6=80=20=ED=99=95?=
 =?UTF-8?q?=EC=9D=B8=20=EB=A1=9C=EC=A7=81=20`+layout.ts`=EB=A1=9C=20?=
 =?UTF-8?q?=EC=9D=B4=EC=A0=84=20(`fetch`=20=EA=B2=B0=EA=B3=BC=EC=97=90=20?=
 =?UTF-8?q?=EB=94=B0=EB=9D=BC=20`loggedIn`=20=EA=B0=92=20=EB=B0=98?=
 =?UTF-8?q?=ED=99=98).=20-=20=EB=B3=B4=ED=98=B8=20=ED=8E=98=EC=9D=B4?=
 =?UTF-8?q?=EC=A7=80(`autotrade`,=20`asset`)=EB=8A=94=20=EB=AF=B8=EB=A1=9C?=
 =?UTF-8?q?=EA=B7=B8=EC=9D=B8=20=EC=8B=9C=20`/login`=20=EB=A6=AC=EB=8B=A4?=
 =?UTF-8?q?=EC=9D=B4=EB=A0=89=ED=8A=B8=20(`next`=20=ED=8C=8C=EB=9D=BC?=
 =?UTF-8?q?=EB=AF=B8=ED=84=B0=20=ED=8F=AC=ED=95=A8).=20-=20=EC=9D=B8?=
 =?UTF-8?q?=EC=A6=9D=20=EC=98=88=EC=99=B8=20=EA=B2=BD=EB=A1=9C=20`/api/wat?=
 =?UTF-8?q?chlist`=EC=97=90=20=EC=B6=94=EA=B0=80.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 frontend/src/routes/(app)/+layout.svelte     | 47 +++++++++++++++-----
 frontend/src/routes/(app)/+layout.ts         | 12 ++---
 frontend/src/routes/(app)/asset/+page.ts     |  7 +++
 frontend/src/routes/(app)/autotrade/+page.ts |  7 +++
 middleware/auth.go                           |  1 +
 5 files changed, 56 insertions(+), 18 deletions(-)
 create mode 100644 frontend/src/routes/(app)/asset/+page.ts
 create mode 100644 frontend/src/routes/(app)/autotrade/+page.ts

diff --git a/frontend/src/routes/(app)/+layout.svelte b/frontend/src/routes/(app)/+layout.svelte
index 3f3165a..aeaa256 100644
--- a/frontend/src/routes/(app)/+layout.svelte
+++ b/frontend/src/routes/(app)/+layout.svelte
@@ -2,16 +2,21 @@
   import { page } from '$app/state'
   import { goto } from '$app/navigation'
 
-  let { children } = $props()
+  let { children, data } = $props()
 
-  const navItems = [
+  const publicNav = [
     { href: '/', label: '시세' },
     { href: '/theme', label: '테마' },
     { href: '/kospi200', label: '코스피200' },
+  ]
+
+  const protectedNav = [
     { href: '/asset', label: '자산' },
     { href: '/autotrade', label: '자동매매' },
   ]
 
+  let loggedIn = $derived(data.loggedIn)
+
   async function logout() {
     await fetch('/logout', { method: 'POST', credentials: 'include' })
     goto('/login')
@@ -33,7 +38,7 @@
 
         <!-- 네비 링크 -->
         <nav class="flex items-center gap-1 flex-1">
-          {#each navItems as item}
+          {#each publicNav as item}
             <a
               href={item.href}
               class="px-3 py-1.5 rounded-md text-sm font-medium transition-colors
@@ -44,15 +49,37 @@
               {item.label}
             </a>
           {/each}
+          {#if loggedIn}
+            {#each protectedNav as item}
+              <a
+                href={item.href}
+                class="px-3 py-1.5 rounded-md text-sm font-medium transition-colors
+                  {isActive(item.href)
+                    ? 'bg-blue-600 text-white'
+                    : 'text-gray-300 hover:text-white hover:bg-gray-700'}"
+              >
+                {item.label}
+              </a>
+            {/each}
+          {/if}
         </nav>
 
-        <!-- 로그아웃 -->
-        <button
-          onclick={logout}
-          class="text-xs text-gray-400 hover:text-white transition-colors shrink-0"
-        >
-          로그아웃
-        </button>
+        <!-- 로그인/로그아웃 -->
+        {#if loggedIn}
+          <button
+            onclick={logout}
+            class="text-xs text-gray-400 hover:text-white transition-colors shrink-0"
+          >
+            로그아웃
+          </button>
+        {:else}
+          <a
+            href="/login"
+            class="text-xs text-gray-400 hover:text-white transition-colors shrink-0"
+          >
+            로그인
+          </a>
+        {/if}
       </div>
     </div>
   </header>
diff --git a/frontend/src/routes/(app)/+layout.ts b/frontend/src/routes/(app)/+layout.ts
index 6044c91..351aa0a 100644
--- a/frontend/src/routes/(app)/+layout.ts
+++ b/frontend/src/routes/(app)/+layout.ts
@@ -1,13 +1,9 @@
-import { redirect } from '@sveltejs/kit'
-
-// 인증 가드: 세션 유효하지 않으면 /login으로 리다이렉트
+// 로그인 상태 확인 (리다이렉트하지 않음 — 공개 페이지도 접근 가능)
 export async function load({ fetch }) {
   try {
     const res = await fetch('/api/auth/check', { credentials: 'include' })
-    if (!res.ok) throw redirect(302, '/login')
-  } catch (e) {
-    // redirect 재throw
-    if (e && typeof e === 'object' && 'status' in e) throw e
-    throw redirect(302, '/login')
+    return { loggedIn: res.ok }
+  } catch {
+    return { loggedIn: false }
   }
 }
diff --git a/frontend/src/routes/(app)/asset/+page.ts b/frontend/src/routes/(app)/asset/+page.ts
new file mode 100644
index 0000000..7ecc6f8
--- /dev/null
+++ b/frontend/src/routes/(app)/asset/+page.ts
@@ -0,0 +1,7 @@
+import { redirect } from '@sveltejs/kit'
+
+// 자산 페이지: 로그인 필요
+export async function load({ parent }) {
+  const { loggedIn } = await parent()
+  if (!loggedIn) throw redirect(302, '/login?next=/asset')
+}
diff --git a/frontend/src/routes/(app)/autotrade/+page.ts b/frontend/src/routes/(app)/autotrade/+page.ts
new file mode 100644
index 0000000..44d4051
--- /dev/null
+++ b/frontend/src/routes/(app)/autotrade/+page.ts
@@ -0,0 +1,7 @@
+import { redirect } from '@sveltejs/kit'
+
+// 자동매매 페이지: 로그인 필요
+export async function load({ parent }) {
+  const { loggedIn } = await parent()
+  if (!loggedIn) throw redirect(302, '/login?next=/autotrade')
+}
diff --git a/middleware/auth.go b/middleware/auth.go
index b735c93..22802ee 100644
--- a/middleware/auth.go
+++ b/middleware/auth.go
@@ -42,6 +42,7 @@ var publicPaths = []string{
 	"/api/news",
 	"/api/disclosure",
 	"/api/auth/check",
+	"/api/watchlist",
 	"/ws",
 }