getCookie 제거

2026-01-10 21:59:11 +09:00
parent ef7914d5c6
commit 1b8cd8577e
30 changed files with 195 additions and 145 deletions
--- a/backend/api/report/summary/[id]/review.put.ts
+++ b/backend/api/report/summary/[id]/review.put.ts
@@ -1,4 +1,5 @@
 import { execute, queryOne } from '../../../../utils/db'
+import { requireAuth } from '../../../../utils/session'

 interface ReviewBody {
  reviewerComment?: string
@@ -9,10 +10,7 @@ interface ReviewBody {
 * PUT /api/report/summary/[id]/review
 */
 export default defineEventHandler(async (event) => {
-  const userId = getCookie(event, 'user_id')
-  if (!userId) {
-    throw createError({ statusCode: 401, message: '로그인이 필요합니다.' })
-  }
+  const userId = await requireAuth(event)
  
  const summaryId = getRouterParam(event, 'id')
  const body = await readBody<ReviewBody>(event)
@@ -33,7 +31,7 @@ export default defineEventHandler(async (event) => {
      summary_status = 'REVIEWED',
      updated_at = NOW()
    WHERE summary_id = $3
-  `, [parseInt(userId), body.reviewerComment || null, summaryId])
+  `, [userId, body.reviewerComment || null, summaryId])
  
  return { success: true }
 })
--- a/backend/api/report/summary/aggregate.post.ts
+++ b/backend/api/report/summary/aggregate.post.ts
@@ -1,7 +1,8 @@
-import { defineEventHandler, readBody, createError, getCookie } from 'h3'
+import { defineEventHandler, readBody, createError } from 'h3'
 import { query, queryOne, execute, insertReturning } from '../../../utils/db'
 import { getClientIp } from '../../../utils/ip'
 import { getCurrentUserEmail } from '../../../utils/user'
+import { requireAuth } from '../../../utils/session'
 import OpenAI from 'openai'

 interface AggregateBody {
@@ -19,10 +20,7 @@ const openai = new OpenAI({
 * POST /api/report/summary/aggregate
 */
 export default defineEventHandler(async (event) => {
-  const userId = getCookie(event, 'user_id')
-  if (!userId) {
-    throw createError({ statusCode: 401, message: '로그인이 필요합니다.' })
-  }
+  const userId = await requireAuth(event)
  
  const body = await readBody<AggregateBody>(event)
  const clientIp = getClientIp(event)
--- a/backend/api/report/summary/available-projects.get.ts
+++ b/backend/api/report/summary/available-projects.get.ts
@@ -1,12 +1,9 @@
-import { defineEventHandler, getQuery, createError, getCookie } from 'h3'
+import { defineEventHandler, getQuery, createError } from 'h3'
 import { query } from '../../../utils/db'
+import { requireAuth } from '../../../utils/session'

 export default defineEventHandler(async (event) => {
-  const userId = getCookie(event, 'user_id')
-  
-  if (!userId) {
-    throw createError({ statusCode: 401, message: '로그인이 필요합니다.' })
-  }
+  const userId = await requireAuth(event)
  
  const { year, week } = getQuery(event)
  
--- a/backend/api/report/summary/regenerate-ai.post.ts
+++ b/backend/api/report/summary/regenerate-ai.post.ts
@@ -1,5 +1,6 @@
-import { defineEventHandler, createError, getCookie } from 'h3'
+import { defineEventHandler, createError } from 'h3'
 import { query, queryOne, execute } from '../../../utils/db'
+import { requireAuth } from '../../../utils/session'
 import OpenAI from 'openai'

 const openai = new OpenAI({
@@ -11,10 +12,7 @@ const openai = new OpenAI({
 * POST /api/report/summary/regenerate-ai
 */
 export default defineEventHandler(async (event) => {
-  const userId = getCookie(event, 'user_id')
-  if (!userId) {
-    throw createError({ statusCode: 401, message: '로그인이 필요합니다.' })
-  }
+  const userId = await requireAuth(event)
  
  // AI 요약이 없는 취합 보고서 조회
  const summaries = await query<any>(`
--- a/backend/api/report/weekly/[id]/delete.delete.ts
+++ b/backend/api/report/weekly/[id]/delete.delete.ts
@@ -1,4 +1,5 @@
 import { query, execute } from '../../../../utils/db'
+import { requireAuth } from '../../../../utils/session'

 const ADMIN_EMAIL = 'coziny@gmail.com'

@@ -7,10 +8,7 @@ const ADMIN_EMAIL = 'coziny@gmail.com'
 * DELETE /api/report/weekly/[id]/delete
 */
 export default defineEventHandler(async (event) => {
-  const userId = getCookie(event, 'user_id')
-  if (!userId) {
-    throw createError({ statusCode: 401, message: '로그인이 필요합니다.' })
-  }
+  const userId = await requireAuth(event)
  
  const reportId = getRouterParam(event, 'id')
  if (!reportId) {
@@ -33,7 +31,7 @@ export default defineEventHandler(async (event) => {
  }
  
  // 권한 체크: 본인 또는 관리자만 삭제 가능
-  if (report[0].author_id !== parseInt(userId) && !isAdmin) {
+  if (report[0].author_id !== userId && !isAdmin) {
    throw createError({ statusCode: 403, message: '삭제 권한이 없습니다.' })
  }
  
--- a/backend/api/report/weekly/[id]/detail.get.ts
+++ b/backend/api/report/weekly/[id]/detail.get.ts
@@ -1,14 +1,12 @@
 import { query, queryOne } from '../../../../utils/db'
+import { requireAuth } from '../../../../utils/session'

 /**
 * 주간보고 상세 조회
 * GET /api/report/weekly/[id]/detail
 */
 export default defineEventHandler(async (event) => {
-  const userId = getCookie(event, 'user_id')
-  if (!userId) {
-    throw createError({ statusCode: 401, message: '로그인이 필요합니다.' })
-  }
+  const userId = await requireAuth(event)
  
  const reportId = getRouterParam(event, 'id')
  
--- a/backend/api/report/weekly/[id]/submit.post.ts
+++ b/backend/api/report/weekly/[id]/submit.post.ts
@@ -1,16 +1,14 @@
 import { execute, queryOne } from '../../../../utils/db'
 import { getClientIp } from '../../../../utils/ip'
 import { getCurrentUserEmail } from '../../../../utils/user'
+import { requireAuth } from '../../../../utils/session'

 /**
 * 주간보고 제출
 * POST /api/report/weekly/[id]/submit
 */
 export default defineEventHandler(async (event) => {
-  const userId = getCookie(event, 'user_id')
-  if (!userId) {
-    throw createError({ statusCode: 401, message: '로그인이 필요합니다.' })
-  }
+  const userId = await requireAuth(event)
  
  const reportId = getRouterParam(event, 'id')
  const clientIp = getClientIp(event)
@@ -25,7 +23,7 @@ export default defineEventHandler(async (event) => {
    throw createError({ statusCode: 404, message: '보고서를 찾을 수 없습니다.' })
  }
  
-  if (report.author_id !== parseInt(userId)) {
+  if (report.author_id !== userId) {
    throw createError({ statusCode: 403, message: '본인의 보고서만 제출할 수 있습니다.' })
  }
  
--- a/backend/api/report/weekly/[id]/update.put.ts
+++ b/backend/api/report/weekly/[id]/update.put.ts
@@ -1,4 +1,5 @@
 import { query, execute, queryOne } from '../../../../utils/db'
+import { requireAuth } from '../../../../utils/session'

 const ADMIN_EMAIL = 'coziny@gmail.com'

@@ -7,10 +8,7 @@ const ADMIN_EMAIL = 'coziny@gmail.com'
 * PUT /api/report/weekly/[id]/update
 */
 export default defineEventHandler(async (event) => {
-  const userId = getCookie(event, 'user_id')
-  if (!userId) {
-    throw createError({ statusCode: 401, message: '로그인이 필요합니다.' })
-  }
+  const userId = await requireAuth(event)
  
  const reportId = getRouterParam(event, 'id')
  const clientIp = getHeader(event, 'x-forwarded-for') || 'unknown'
@@ -28,7 +26,7 @@ export default defineEventHandler(async (event) => {
  }
  
  // 관리자가 아니면 본인 보고서만 수정 가능
-  if (!isAdmin && report.author_id !== parseInt(userId)) {
+  if (!isAdmin && report.author_id !== userId) {
    throw createError({ statusCode: 403, message: '본인의 보고서만 수정할 수 있습니다.' })
  }
  
--- a/backend/api/report/weekly/create.post.ts
+++ b/backend/api/report/weekly/create.post.ts
@@ -1,14 +1,13 @@
 import { query, execute, queryOne } from '../../../utils/db'
+import { requireAuth } from '../../../utils/session'

 /**
 * 주간보고 작성
 * POST /api/report/weekly/create
 */
 export default defineEventHandler(async (event) => {
-  const userId = getCookie(event, 'user_id')
-  if (!userId) {
-    throw createError({ statusCode: 401, message: '로그인이 필요합니다.' })
-  }
+  // 세션 기반 인증 사용 (레거시 쿠키 대신)
+  const userId = await requireAuth(event)
  
  const clientIp = getHeader(event, 'x-forwarded-for') || 'unknown'
  const user = await queryOne<any>(`SELECT employee_email FROM wr_employee_info WHERE employee_id = $1`, [userId])
--- a/backend/api/report/weekly/current-week.get.ts
+++ b/backend/api/report/weekly/current-week.get.ts
@@ -1,15 +1,13 @@
 import { query } from '../../../utils/db'
 import { getWeekInfo, formatWeekString } from '../../../utils/week-calc'
+import { requireAuth } from '../../../utils/session'

 /**
 * 이번 주 보고서 현황 조회
 * GET /api/report/weekly/current-week
 */
 export default defineEventHandler(async (event) => {
-  const userId = getCookie(event, 'user_id')
-  if (!userId) {
-    throw createError({ statusCode: 401, message: '로그인이 필요합니다.' })
-  }
+  const userId = await requireAuth(event)
  
  const weekInfo = getWeekInfo()
  
@@ -20,7 +18,7 @@ export default defineEventHandler(async (event) => {
    JOIN wr_project_info p ON r.project_id = p.project_id
    WHERE r.author_id = $1 AND r.report_year = $2 AND r.report_week = $3
    ORDER BY p.project_name
-  `, [parseInt(userId), weekInfo.year, weekInfo.week])
+  `, [userId, weekInfo.year, weekInfo.week])
  
  return {
    weekInfo: {
--- a/backend/api/report/weekly/list.get.ts
+++ b/backend/api/report/weekly/list.get.ts
@@ -1,4 +1,5 @@
 import { query } from '../../../utils/db'
+import { requireAuth } from '../../../utils/session'

 const ADMIN_EMAIL = 'coziny@gmail.com'

@@ -19,10 +20,8 @@ const ADMIN_EMAIL = 'coziny@gmail.com'
 * - limit: 조회 개수 (기본 100)
 */
 export default defineEventHandler(async (event) => {
-  const userId = getCookie(event, 'user_id')
-  if (!userId) {
-    throw createError({ statusCode: 401, message: '로그인이 필요합니다.' })
-  }
+  // 세션 기반 인증 사용
+  const userId = await requireAuth(event)
  
  // 현재 사용자 정보 조회 (관리자 여부 확인)
  const currentUser = await query<any>(`