osolit-research/weeklyreport
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d4620dc1fab779203e20d00c25be477dca8bcec9
weeklyreport/backend/api/auth/login-password.post.ts

83 lines
2.5 KiB
TypeScript
Raw Blame History

import { query, execute, insertReturning } from '../../utils/db'
import { getClientIp } from '../../utils/ip'
import { createSession, setSessionCookie } from '../../utils/session'
import { verifyPassword } from '../../utils/password'
interface LoginBody {
email: string
password: string
}
/**
* 비밀번호 로그인
* POST /api/auth/login-password
*/
export default defineEventHandler(async (event) => {
const body = await readBody<LoginBody>(event)
const clientIp = getClientIp(event)
const userAgent = getHeader(event, 'user-agent') || null
if (!body.email || !body.password) {
throw createError({ statusCode: 400, message: '이메일과 비밀번호를 입력해주세요.' })
}
const emailLower = body.email.toLowerCase()
// 직원 조회
const employees = await query<any>(`
SELECT * FROM wr_employee_info WHERE employee_email = $1 AND is_active = true
`, [emailLower])
if (employees.length === 0) {
throw createError({ statusCode: 401, message: '이메일 또는 비밀번호가 올바르지 않습니다.' })
}
const employee = employees[0]
// 비밀번호 미설정
if (!employee.password_hash) {
throw createError({ statusCode: 401, message: '비밀번호가 설정되지 않았습니다. 관리자에게 문의하세요.' })
}
// 비밀번호 검증
const isValid = await verifyPassword(body.password, employee.password_hash)
if (!isValid) {
throw createError({ statusCode: 401, message: '이메일 또는 비밀번호가 올바르지 않습니다.' })
}
// 마지막 로그인 시간 업데이트
await execute(`
UPDATE wr_employee_info
SET last_login_at = NOW(), last_login_ip = $1, updated_at = NOW()
WHERE employee_id = $2
`, [clientIp, employee.employee_id])
// 로그인 이력 추가
const loginHistory = await insertReturning(`
INSERT INTO wr_login_history (employee_id, login_ip, login_email, login_type)
VALUES ($1, $2, $3, 'PASSWORD')
RETURNING history_id
`, [employee.employee_id, clientIp, emailLower])
// 세션 생성
const sessionId = await createSession(
employee.employee_id,
loginHistory.history_id,
clientIp,
userAgent
)
setSessionCookie(event, sessionId)
return {
success: true,
user: {
employeeId: employee.employee_id,
employeeName: employee.employee_name,
employeeEmail: employee.employee_email,
employeePosition: employee.employee_position,
company: employee.company
}
}
})
Reference in New Issue View Git Blame Copy Permalink