기능구현중

server/api/admin/user/reset-password.post.ts

@@ -0,0 +1,58 @@
+import { query, execute } from '../../../utils/db'
+import { hashPassword, generateTempPassword } from '../../../utils/password'
+import { getClientIp } from '../../../utils/ip'
+import { requireAuth } from '../../../utils/session'
+
+interface AdminResetPasswordBody {
+  employeeId: number
+}
+
+/**
+ * 관리자 비밀번호 초기화
+ * POST /api/admin/user/reset-password
+ */
+export default defineEventHandler(async (event) => {
+  const currentUserId = await requireAuth(event)
+  
+  // TODO: 관리자 권한 체크 (현재는 모든 로그인 사용자 허용)
+  
+  const body = await readBody<AdminResetPasswordBody>(event)
+  const clientIp = getClientIp(event)
+  
+  if (!body.employeeId) {
+    throw createError({ statusCode: 400, message: '사용자 ID가 필요합니다.' })
+  }
+  
+  // 대상 사용자 조회
+  const employees = await query<any>(`
+    SELECT employee_id, employee_name, employee_email 
+    FROM wr_employee_info 
+    WHERE employee_id = $1
+  `, [body.employeeId])
+  
+  if (employees.length === 0) {
+    throw createError({ statusCode: 404, message: '사용자를 찾을 수 없습니다.' })
+  }
+  
+  const employee = employees[0]
+  
+  // 임시 비밀번호 생성
+  const tempPassword = generateTempPassword()
+  const hash = await hashPassword(tempPassword)
+  
+  // 비밀번호 업데이트
+  await execute(`
+    UPDATE wr_employee_info 
+    SET password_hash = $1, 
+        updated_at = NOW(), 
+        updated_ip = $2
+    WHERE employee_id = $3
+  `, [hash, clientIp, body.employeeId])
+  
+  return {
+    success: true,
+    message: '비밀번호가 초기화되었습니다.',
+    tempPassword,
+    employeeName: employee.employee_name
+  }
+})