import { query, execute, insertReturning } from '../../utils/db' import { getClientIp } from '../../utils/ip' import { createSession, setSessionCookie } from '../../utils/session' import { verifyPassword } from '../../utils/password' interface LoginBody { email: string password: string } /** * 비밀번호 로그인 * POST /api/auth/login-password */ export default defineEventHandler(async (event) => { const body = await readBody(event) const clientIp = getClientIp(event) const userAgent = getHeader(event, 'user-agent') || null if (!body.email || !body.password) { throw createError({ statusCode: 400, message: '이메일과 비밀번호를 입력해주세요.' }) } const emailLower = body.email.toLowerCase() // 직원 조회 const employees = await query(` SELECT * FROM wr_employee_info WHERE employee_email = $1 AND is_active = true `, [emailLower]) if (employees.length === 0) { throw createError({ statusCode: 401, message: '이메일 또는 비밀번호가 올바르지 않습니다.' }) } const employee = employees[0] // 비밀번호 미설정 if (!employee.password_hash) { throw createError({ statusCode: 401, message: '비밀번호가 설정되지 않았습니다. 관리자에게 문의하세요.' }) } // 비밀번호 검증 const isValid = await verifyPassword(body.password, employee.password_hash) if (!isValid) { throw createError({ statusCode: 401, message: '이메일 또는 비밀번호가 올바르지 않습니다.' }) } // 마지막 로그인 시간 업데이트 await execute(` UPDATE wr_employee_info SET last_login_at = NOW(), last_login_ip = $1, updated_at = NOW() WHERE employee_id = $2 `, [clientIp, employee.employee_id]) // 로그인 이력 추가 const loginHistory = await insertReturning(` INSERT INTO wr_login_history (employee_id, login_ip, login_email, login_type) VALUES ($1, $2, $3, 'PASSWORD') RETURNING history_id `, [employee.employee_id, clientIp, emailLower]) // 세션 생성 const sessionId = await createSession( employee.employee_id, loginHistory.history_id, clientIp, userAgent ) setSessionCookie(event, sessionId) return { success: true, user: { employeeId: employee.employee_id, employeeName: employee.employee_name, employeeEmail: employee.employee_email, employeePosition: employee.employee_position, company: employee.company } } })