getCookie 제거

2026-01-10 21:59:11 +09:00
parent ef7914d5c6
commit 1b8cd8577e
30 changed files with 195 additions and 145 deletions
--- a/backend/api/report/weekly/[id]/delete.delete.ts
+++ b/backend/api/report/weekly/[id]/delete.delete.ts
@@ -1,4 +1,5 @@
 import { query, execute } from '../../../../utils/db'
+import { requireAuth } from '../../../../utils/session'

 const ADMIN_EMAIL = 'coziny@gmail.com'

@@ -7,10 +8,7 @@ const ADMIN_EMAIL = 'coziny@gmail.com'
 * DELETE /api/report/weekly/[id]/delete
 */
 export default defineEventHandler(async (event) => {
-  const userId = getCookie(event, 'user_id')
-  if (!userId) {
-    throw createError({ statusCode: 401, message: '로그인이 필요합니다.' })
-  }
+  const userId = await requireAuth(event)
  
  const reportId = getRouterParam(event, 'id')
  if (!reportId) {
@@ -33,7 +31,7 @@ export default defineEventHandler(async (event) => {
  }
  
  // 권한 체크: 본인 또는 관리자만 삭제 가능
-  if (report[0].author_id !== parseInt(userId) && !isAdmin) {
+  if (report[0].author_id !== userId && !isAdmin) {
    throw createError({ statusCode: 403, message: '삭제 권한이 없습니다.' })
  }
  
--- a/backend/api/report/weekly/[id]/detail.get.ts
+++ b/backend/api/report/weekly/[id]/detail.get.ts
@@ -1,14 +1,12 @@
 import { query, queryOne } from '../../../../utils/db'
+import { requireAuth } from '../../../../utils/session'

 /**
 * 주간보고 상세 조회
 * GET /api/report/weekly/[id]/detail
 */
 export default defineEventHandler(async (event) => {
-  const userId = getCookie(event, 'user_id')
-  if (!userId) {
-    throw createError({ statusCode: 401, message: '로그인이 필요합니다.' })
-  }
+  const userId = await requireAuth(event)
  
  const reportId = getRouterParam(event, 'id')
  
--- a/backend/api/report/weekly/[id]/submit.post.ts
+++ b/backend/api/report/weekly/[id]/submit.post.ts
@@ -1,16 +1,14 @@
 import { execute, queryOne } from '../../../../utils/db'
 import { getClientIp } from '../../../../utils/ip'
 import { getCurrentUserEmail } from '../../../../utils/user'
+import { requireAuth } from '../../../../utils/session'

 /**
 * 주간보고 제출
 * POST /api/report/weekly/[id]/submit
 */
 export default defineEventHandler(async (event) => {
-  const userId = getCookie(event, 'user_id')
-  if (!userId) {
-    throw createError({ statusCode: 401, message: '로그인이 필요합니다.' })
-  }
+  const userId = await requireAuth(event)
  
  const reportId = getRouterParam(event, 'id')
  const clientIp = getClientIp(event)
@@ -25,7 +23,7 @@ export default defineEventHandler(async (event) => {
    throw createError({ statusCode: 404, message: '보고서를 찾을 수 없습니다.' })
  }
  
-  if (report.author_id !== parseInt(userId)) {
+  if (report.author_id !== userId) {
    throw createError({ statusCode: 403, message: '본인의 보고서만 제출할 수 있습니다.' })
  }
  
--- a/backend/api/report/weekly/[id]/update.put.ts
+++ b/backend/api/report/weekly/[id]/update.put.ts
@@ -1,4 +1,5 @@
 import { query, execute, queryOne } from '../../../../utils/db'
+import { requireAuth } from '../../../../utils/session'

 const ADMIN_EMAIL = 'coziny@gmail.com'

@@ -7,10 +8,7 @@ const ADMIN_EMAIL = 'coziny@gmail.com'
 * PUT /api/report/weekly/[id]/update
 */
 export default defineEventHandler(async (event) => {
-  const userId = getCookie(event, 'user_id')
-  if (!userId) {
-    throw createError({ statusCode: 401, message: '로그인이 필요합니다.' })
-  }
+  const userId = await requireAuth(event)
  
  const reportId = getRouterParam(event, 'id')
  const clientIp = getHeader(event, 'x-forwarded-for') || 'unknown'
@@ -28,7 +26,7 @@ export default defineEventHandler(async (event) => {
  }
  
  // 관리자가 아니면 본인 보고서만 수정 가능
-  if (!isAdmin && report.author_id !== parseInt(userId)) {
+  if (!isAdmin && report.author_id !== userId) {
    throw createError({ statusCode: 403, message: '본인의 보고서만 수정할 수 있습니다.' })
  }