hotfix : 결제 신청시 customerKey 형식 오류

[seong-jin-jo]

🌱 연관된 이슈

ZTO-190

☘️ 작업 내용

토스 결제 위젯 연동시 특수문자를 요구했는데 현재는 memberId 가 쌩으로 들어가서 오류남.
접두사 member- 붙여서 해결

🍀 참고사항

스크린샷 (선택)

Summary by CodeRabbit

• 버그 수정
  • 결제 처리 시 고객 식별 정보 검증 로직을 강화하여 결제 안정성을 개선했습니다.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
study-platform-client-dev	Ready	Preview, Comment	Feb 23, 2026 6:46pm

[coderabbitai]

Warning

Rate limit exceeded

@seong-jin-jo has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 1 minutes and 4 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

📥 Commits

Reviewing files that changed from the base of the PR and between 16ace9d and 15fcd49.

📒 Files selected for processing (4)

• .github/memberMap.json
• .github/workflows/notify-pr-author-on-review.yml
• .github/workflows/notify-slack-on-pr-opened.yml
• src/components/payment/paymentActionClient.tsx

📝 Walkthrough

워크스루

토스 페이먼츠 결제 처리에서 고객 키 생성 로직을 개선하여 회원 ID 기반의 member-${study.memberId} 형식으로 산염화된 customerKey를 생성하고, 길이 검증(2-50자)을 추가하였습니다.

변경사항

코호트 / 파일	요약
토스 페이먼츠 고객 키 검증 src/components/payment/paymentActionClient.tsx	회원 ID로부터 sanitized customerKey 생성 로직 추가. 정규식을 통한 무효 문자 제거, 2-50자 범위 길이 검증 로직 구현. 검증 실패 시 에러 발생. 기존 customerKey 사용 부분을 새로운 검증된 키로 교체.

예상 코드 리뷰 난이도

🎯 2 (Simple) | ⏱️ ~10분

시

토스의 길을 닦는 토끼네,
멤버 ID를 다듬어서,
깔끔한 키로 탈바꿈,
검증 규칙도 든든하게,
결제의 길이 평탄해지네! 🐰💳

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	PR 제목이 변경 사항의 핵심을 명확하게 설명하고 있습니다. customerKey 형식 오류 수정이라는 주요 변경 내용을 잘 반영하고 있습니다.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch hotfix/payment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@src/components/payment/paymentActionClient.tsx`:
- Around line 127-131: The customerKey validation currently throws an Error
inside the block guarded by customerKey length check (the customerKey validation
in paymentActionClient.tsx) which only gets console.error'd in the surrounding
catch (the catch near the existing payment assignment) leaving payment as null
and causing onPay (the onPay handler) to show a misleading "loading module"
message; change the flow so that validation failures do not throw a generic
Error but instead set a clear, user-facing error state (e.g., setPaymentError or
setPayment with an object describing validation error) and log a redacted
message (no raw customerKey) in the console; update the catch to rethrow or
propagate unexpected errors but handle validation-specific results so onPay can
display a specific "invalid customer ID" UI instead of the generic loading
message.
- Line 122: The lint failure is caused by an unnecessary escape inside the
character class of the regex /[^a-zA-Z0-9\-_=\.@]/g; update that regex to remove
the useless backslash before the dot (i.e., change \. to .) so the pattern
becomes /[^a-zA-Z0-9\-_=.@]/g wherever this regex literal is used (search for
the regex /[^a-zA-Z0-9\-_=\.@]/g in paymentActionClient.tsx and replace it).

---

ℹ️ Review info

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b51190e and 16ace9d.

📒 Files selected for processing (1)

• src/components/payment/paymentActionClient.tsx

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

customerKey 유효성 검사 실패 시 사용자에게 오해를 줄 수 있는 에러 처리

유효성 검사에서 throw new Error를 하더라도 해당 에러는 137번 줄의 catch 블록에서 console.error만 호출하고 payment 상태는 null로 유지됩니다. 이후 사용자가 결제하기 버튼을 클릭하면 onPay 내부(40번 줄)에서 "결제 모듈을 불러오는 중입니다. 잠시 후 다시 시도해주세요."라는 오해의 소지가 있는 메시지가 표시됩니다. 실제 원인(customerKey 형식 오류)과 전혀 다른 메시지를 보게 됩니다.

또한, 에러 메시지에 customerKey 값(= memberId 기반)이 그대로 포함되어 console.error로 출력될 수 있습니다.

🛡️ 수정 제안: 유효성 검사 실패 시 사용자에게 명확한 피드백 제공

         // Toss 에서 2자이상 50자이하 문자열을 요구함
         if (customerKey.length < 2 || customerKey.length > 50) {
+          console.error(`customerKey가 유효하지 않습니다 (길이: ${customerKey.length})`);
+          alert('결제 정보를 불러오는 데 문제가 발생했습니다. 고객센터에 문의해주세요.');
+          return;
-          throw new Error(
-            `customerKey가 유효하지 않습니다: ${customerKey} (길이: ${customerKey.length})`,
-          );
         }

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	if (customerKey.length < 2 || customerKey.length > 50) {
	throw new Error(
	`customerKey가 유효하지 않습니다: ${customerKey} (길이: ${customerKey.length})`,
	);
	}
	if (customerKey.length < 2 || customerKey.length > 50) {
	console.error(`customerKey가 유효하지 않습니다 (길이: ${customerKey.length})`);
	alert('결제 정보를 불러오는 데 문제가 발생했습니다. 고객센터에 문의해주세요.');
	return;
	}

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/components/payment/paymentActionClient.tsx` around lines 127 - 131, The
customerKey validation currently throws an Error inside the block guarded by
customerKey length check (the customerKey validation in paymentActionClient.tsx)
which only gets console.error'd in the surrounding catch (the catch near the
existing payment assignment) leaving payment as null and causing onPay (the
onPay handler) to show a misleading "loading module" message; change the flow so
that validation failures do not throw a generic Error but instead set a clear,
user-facing error state (e.g., setPaymentError or setPayment with an object
describing validation error) and log a redacted message (no raw customerKey) in
the console; update the catch to rethrow or propagate unexpected errors but
handle validation-specific results so onPay can display a specific "invalid
customer ID" UI instead of the generic loading message.

[seong-jin-jo]

@claude 너도 대안을 제시해봐

[coderabbitai]

Seems like the humans are having a chat. I'll hop back into my burrow for now. If you need me again, just tag @coderabbitai in a new comment, and I'll come hopping out!