getCookie 제거

2026-01-10 21:59:11 +09:00
parent ef7914d5c6
commit 1b8cd8577e
30 changed files with 195 additions and 145 deletions
--- a/backend/api/admin/bulk-register.post.ts
+++ b/backend/api/admin/bulk-register.post.ts
@@ -1,6 +1,5 @@
 import { query, execute, queryOne } from '../../utils/db'
-
-const ADMIN_EMAIL = 'coziny@gmail.com'
+import { requireAdmin } from '../../utils/session'

 interface TaskInput {
  description: string
@@ -31,22 +30,15 @@ interface ReportInput {
 */
 export default defineEventHandler(async (event) => {
  // 관리자 권한 체크
-  const userId = getCookie(event, 'user_id')
-  if (!userId) {
-    throw createError({ statusCode: 401, message: '로그인이 필요합니다.' })
-  }
+  const userId = await requireAdmin(event)
  
  const clientIp = getHeader(event, 'x-forwarded-for') || 'unknown'
  
-  const currentUser = await query<any>(`
+  // 관리자 이메일 조회
+  const currentUser = await queryOne<any>(`
    SELECT employee_email FROM wr_employee_info WHERE employee_id = $1
  `, [userId])
-  
-  if (!currentUser[0] || currentUser[0].employee_email !== ADMIN_EMAIL) {
-    throw createError({ statusCode: 403, message: '관리자만 사용할 수 있습니다.' })
-  }
-  
-  const adminEmail = currentUser[0].employee_email
+  const adminEmail = currentUser?.employee_email || ''
  
  const body = await readBody<{
    reportYear: number