feat: 비밀번호 찾기 휴대폰 번호 필수 입력으로 변경

- 휴대폰 번호 선택 → 필수 입력으로 변경 - 이메일: 양쪽 모두 소문자로 비교 - 핸드폰: 양쪽 모두 숫자만 추출하여 비교 (하이픈, 공백 등 제거)
2026-01-11 22:05:46 +09:00
parent 12e2f18655
commit 4022ccf7e7
2 changed files with 18 additions and 17 deletions
--- a/frontend/forgot-password.vue
+++ b/frontend/forgot-password.vue
@@ -19,8 +19,8 @@
              <input type="text" class="form-control" v-model="name" placeholder="홍길동" required />
            </div>
            <div class="mb-3">
-              <label class="form-label">휴대폰 번호 <small class="text-muted">(선택)</small></label>
+              <label class="form-label">휴대폰 번호</label>
-              <input type="tel" class="form-control" v-model="phone" placeholder="010-1234-5678" />
+              <input type="tel" class="form-control" v-model="phone" placeholder="010-1234-5678" required />
            </div>
            <button type="submit" class="btn btn-warning w-100" :disabled="isSubmitting">
              <span v-if="isSubmitting"><span class="spinner-border spinner-border-sm me-2"></span>처리 중...</span>
@@ -64,13 +64,13 @@ const isComplete = ref(false)
 const resultMessage = ref('')
 async function handleSubmit() {
-  if (!email.value || !name.value) return
+  if (!email.value || !name.value || !phone.value) return
  isSubmitting.value = true
  errorMessage.value = ''
  try {
    const res = await $fetch<{ message: string }>('/api/auth/reset-password', {
      method: 'POST',
-      body: { email: email.value, name: name.value, phone: phone.value || undefined }
+      body: { email: email.value, name: name.value, phone: phone.value }
    })
    resultMessage.value = res.message
    isComplete.value = true
--- a/server/api/auth/reset-password.post.ts
+++ b/server/api/auth/reset-password.post.ts
@@ -6,7 +6,7 @@ import { getClientIp } from '../../utils/ip'
 interface ResetPasswordBody {
  email: string
  name: string
-  phone?: string
+  phone: string
 }
 /**
@@ -17,23 +17,24 @@ export default defineEventHandler(async (event) => {
  const body = await readBody<ResetPasswordBody>(event)
  const clientIp = getClientIp(event)
-  if (!body.email || !body.name) {
+  if (!body.email || !body.name || !body.phone) {
-    throw createError({ statusCode: 400, message: '이메일과 이름을 입력해주세요.' })
+    throw createError({ statusCode: 400, message: '이메일, 이름, 휴대폰 번호를 입력해주세요.' })
  }
  const emailLower = body.email.toLowerCase()
  const nameTrimmed = body.name.trim()
-  // 사용자 조회 (이메일 + 이름)
+  // 사용자 조회 (이메일 + 이름 + 핸드폰)
-  let sql = `SELECT * FROM wr_employee_info WHERE employee_email = $1 AND employee_name = $2`
+  // 이메일: 양쪽 모두 소문자로 비교
-  const params: any[] = [emailLower, nameTrimmed]
+  // 핸드폰: 양쪽 모두 숫자만 추출해서 비교
-  
+  const sql = `
-  // 핸드폰 번호도 제공된 경우 추가 검증
+    SELECT * FROM wr_employee_info 
-  if (body.phone) {
+    WHERE LOWER(employee_email) = $1 
      AND employee_name = $2
      AND REGEXP_REPLACE(employee_phone, '[^0-9]', '', 'g') = $3
  `
  const phoneClean = body.phone.replace(/[^0-9]/g, '')
-    sql += ` AND REPLACE(employee_phone, '-', '') = $3`
+  const params: any[] = [emailLower, nameTrimmed, phoneClean]
    params.push(phoneClean)
  }
  const employees = await query<any>(sql, params)