feat: CONAI Phase 1 MVP 초기 구현

소형 건설업체(100억 미만)를 위한 AI 기반 토목공사 통합관리 플랫폼

Backend (FastAPI):
- SQLAlchemy 모델 13개 (users, projects, wbs, tasks, daily_reports, reports, inspections, quality, weather, permits, rag, settings)
- API 라우터 11개 (auth, projects, tasks, daily_reports, reports, inspections, weather, rag, kakao, permits, settings)
- Services: Claude AI 래퍼, CPM Gantt 계산, 기상청 API, RAG(pgvector), 카카오 Skill API
- Alembic 마이그레이션 (pgvector 포함)
- pytest 테스트 (CPM, 날씨 경보)

Frontend (Next.js 15):
- 11개 페이지 (대시보드, 프로젝트, Gantt, 일보, 검측, 품질, 날씨, 인허가, RAG, 설정)
- TanStack Query + Zustand + Tailwind CSS

인프라:
- Docker Compose (PostgreSQL pgvector + backend + frontend)
- 한국어 README 및 설치 가이드

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

backend/app/core/database.py

@@ -0,0 +1,32 @@
+from sqlalchemy.ext.asyncio import create_async_engine, AsyncSession, async_sessionmaker
+from sqlalchemy.orm import DeclarativeBase
+from app.config import settings
+
+
+engine = create_async_engine(
+    settings.DATABASE_URL,
+    echo=settings.DEBUG,
+    pool_pre_ping=True,
+    pool_size=10,
+    max_overflow=20,
+)
+
+AsyncSessionLocal = async_sessionmaker(
+    engine,
+    class_=AsyncSession,
+    expire_on_commit=False,
+    autocommit=False,
+    autoflush=False,
+)
+
+
+class Base(DeclarativeBase):
+    pass
+
+
+async def get_db() -> AsyncSession:
+    async with AsyncSessionLocal() as session:
+        try:
+            yield session
+        finally:
+            await session.close()

backend/app/core/security.py

@@ -0,0 +1,38 @@
+from datetime import datetime, timedelta, timezone
+from typing import Optional, Any
+from jose import JWTError, jwt
+from passlib.context import CryptContext
+from app.config import settings
+
+pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
+
+
+def verify_password(plain_password: str, hashed_password: str) -> bool:
+    return pwd_context.verify(plain_password, hashed_password)
+
+
+def get_password_hash(password: str) -> str:
+    return pwd_context.hash(password)
+
+
+def create_access_token(subject: Any, expires_delta: Optional[timedelta] = None) -> str:
+    if expires_delta:
+        expire = datetime.now(timezone.utc) + expires_delta
+    else:
+        expire = datetime.now(timezone.utc) + timedelta(minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES)
+    to_encode = {"exp": expire, "sub": str(subject), "type": "access"}
+    return jwt.encode(to_encode, settings.SECRET_KEY, algorithm=settings.ALGORITHM)
+
+
+def create_refresh_token(subject: Any) -> str:
+    expire = datetime.now(timezone.utc) + timedelta(days=settings.REFRESH_TOKEN_EXPIRE_DAYS)
+    to_encode = {"exp": expire, "sub": str(subject), "type": "refresh"}
+    return jwt.encode(to_encode, settings.SECRET_KEY, algorithm=settings.ALGORITHM)
+
+
+def decode_token(token: str) -> dict:
+    try:
+        payload = jwt.decode(token, settings.SECRET_KEY, algorithms=[settings.ALGORITHM])
+        return payload
+    except JWTError:
+        return {}

backend/app/core/storage.py

@@ -0,0 +1,44 @@
+import uuid
+from pathlib import Path
+from typing import Optional
+from supabase import create_client, Client
+from app.config import settings
+
+
+def get_supabase() -> Client:
+    return create_client(settings.SUPABASE_URL, settings.SUPABASE_SERVICE_KEY)
+
+
+def upload_file(
+    file_bytes: bytes,
+    project_id: str,
+    file_type: str,
+    filename: str,
+    content_type: str = "application/octet-stream",
+) -> str:
+    """Upload file to Supabase Storage. Returns storage path (s3_key)."""
+    client = get_supabase()
+    ext = Path(filename).suffix
+    unique_name = f"{uuid.uuid4()}{ext}"
+    path = f"{project_id}/{file_type}/{unique_name}"
+
+    client.storage.from_(settings.SUPABASE_STORAGE_BUCKET).upload(
+        path,
+        file_bytes,
+        file_options={"content-type": content_type},
+    )
+    return path
+
+
+def get_download_url(s3_key: str, expires_in: int = 3600) -> str:
+    """Get a presigned download URL."""
+    client = get_supabase()
+    response = client.storage.from_(settings.SUPABASE_STORAGE_BUCKET).create_signed_url(
+        s3_key, expires_in
+    )
+    return response["signedURL"]
+
+
+def delete_file(s3_key: str) -> None:
+    client = get_supabase()
+    client.storage.from_(settings.SUPABASE_STORAGE_BUCKET).remove([s3_key])