기능구현중

2026-01-11 17:01:01 +09:00
parent 375d5bf91a
commit 954ba21211
148 changed files with 2276 additions and 0 deletions
--- a/server/api/auth/login-password.post.ts
+++ b/server/api/auth/login-password.post.ts
@@ -0,0 +1,82 @@
+import { query, execute, insertReturning } from '../../utils/db'
+import { getClientIp } from '../../utils/ip'
+import { createSession, setSessionCookie } from '../../utils/session'
+import { verifyPassword } from '../../utils/password'
+
+interface LoginBody {
+  email: string
+  password: string
+}
+
+/**
+ * 비밀번호 로그인
+ * POST /api/auth/login-password
+ */
+export default defineEventHandler(async (event) => {
+  const body = await readBody<LoginBody>(event)
+  const clientIp = getClientIp(event)
+  const userAgent = getHeader(event, 'user-agent') || null
+  
+  if (!body.email || !body.password) {
+    throw createError({ statusCode: 400, message: '이메일과 비밀번호를 입력해주세요.' })
+  }
+  
+  const emailLower = body.email.toLowerCase()
+  
+  // 직원 조회
+  const employees = await query<any>(`
+    SELECT * FROM wr_employee_info WHERE employee_email = $1 AND is_active = true
+  `, [emailLower])
+  
+  if (employees.length === 0) {
+    throw createError({ statusCode: 401, message: '이메일 또는 비밀번호가 올바르지 않습니다.' })
+  }
+  
+  const employee = employees[0]
+  
+  // 비밀번호 미설정
+  if (!employee.password_hash) {
+    throw createError({ statusCode: 401, message: '비밀번호가 설정되지 않았습니다. 관리자에게 문의하세요.' })
+  }
+  
+  // 비밀번호 검증
+  const isValid = await verifyPassword(body.password, employee.password_hash)
+  if (!isValid) {
+    throw createError({ statusCode: 401, message: '이메일 또는 비밀번호가 올바르지 않습니다.' })
+  }
+  
+  // 마지막 로그인 시간 업데이트
+  await execute(`
+    UPDATE wr_employee_info 
+    SET last_login_at = NOW(), last_login_ip = $1, updated_at = NOW()
+    WHERE employee_id = $2
+  `, [clientIp, employee.employee_id])
+  
+  // 로그인 이력 추가
+  const loginHistory = await insertReturning(`
+    INSERT INTO wr_login_history (employee_id, login_ip, login_email, login_type) 
+    VALUES ($1, $2, $3, 'PASSWORD')
+    RETURNING history_id
+  `, [employee.employee_id, clientIp, emailLower])
+  
+  // 세션 생성
+  const sessionId = await createSession(
+    employee.employee_id,
+    loginHistory.history_id,
+    clientIp,
+    userAgent
+  )
+  
+  setSessionCookie(event, sessionId)
+  
+  return {
+    success: true,
+    user: {
+      employeeId: employee.employee_id,
+      employeeName: employee.employee_name,
+      employeeEmail: employee.employee_email,
+      employeePosition: employee.employee_position,
+      company: employee.company
+    }
+  }
+})