osolit-research/weeklyreport
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

기능검증 중

Browse Source
This commit is contained in:
Hyoseong Jo
2026-01-11 12:59:21 +09:00
parent d4620dc1fa
commit 1f9745fdfc
14 changed files with 2000 additions and 88 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
backend/api/auth/change-password.post.ts
View File

@@ -1,6 +1,6 @@
import { query, execute } from '../../utils/db'
import { query, queryOne, execute } from '../../utils/db'
import { getClientIp } from '../../utils/ip'
import { getCurrentUser } from '../../utils/session'
import { requireAuth } from '../../utils/session'
import { hashPassword, verifyPassword } from '../../utils/password'
interface ChangePasswordBody {
@@ -14,10 +14,7 @@ interface ChangePasswordBody {
* POST /api/auth/change-password
*/
export default defineEventHandler(async (event) => {
const user = await getCurrentUser(event)
if (!user) {
throw createError({ statusCode: 401, message: '로그인이 필요합니다.' })
}
const employeeId = await requireAuth(event)
const body = await readBody<ChangePasswordBody>(event)
const clientIp = getClientIp(event)
@@ -35,14 +32,16 @@ export default defineEventHandler(async (event) => {
}
// 현재 직원 정보 조회
const employees = await query<any>(`
SELECT password_hash FROM wr_employee_info WHERE employee_id = $1
`, [user.employeeId])
const employee = await queryOne<any>(`
SELECT password_hash, employee_email FROM wr_employee_info WHERE employee_id = $1
`, [employeeId])
const employee = employees[0]
if (!employee) {
throw createError({ statusCode: 404, message: '사용자를 찾을 수 없습니다.' })
}
// 기존 비밀번호가 있으면 현재 비밀번호 검증
if (employee?.password_hash) {
if (employee.password_hash) {
if (!body.currentPassword) {
throw createError({ statusCode: 400, message: '현재 비밀번호를 입력해주세요.' })
}
@@ -60,7 +59,7 @@ export default defineEventHandler(async (event) => {
UPDATE wr_employee_info
SET password_hash = $1, updated_at = NOW(), updated_ip = $2, updated_email = $3
WHERE employee_id = $4
`, [newHash, clientIp, user.employeeEmail, user.employeeId])
`, [newHash, clientIp, employee.employee_email, employeeId])
return { success: true, message: '비밀번호가 변경되었습니다.' }
})