관리자 멤버 상세와 추가 화면 구현

2026-05-13 11:18:06 +09:00
parent b4f3fdb77d
commit fb0dadb7b9
16 changed files with 778 additions and 36 deletions
--- a/server/routes/admin/api/members.post.js
+++ b/server/routes/admin/api/members.post.js
@@ -0,0 +1,59 @@
+import { randomBytes } from 'node:crypto'
+import bcrypt from 'bcrypt'
+import { createError, readBody } from 'h3'
+import { z } from 'zod'
+import { requireAdminSession } from '../../../utils/admin-auth'
+import { createMemberByAdmin, isEmailTaken, isUsernameTaken } from '../../../repositories/member-repository'
+
+const memberInputSchema = z.object({
+  username: z.string().trim().min(1).max(60),
+  email: z.string().trim().email().max(254),
+  avatarUrl: z.string().trim().max(500).optional().default(''),
+  labels: z.array(z.string().trim().min(1).max(40)).max(20).optional().default([]),
+  note: z.string().max(500).optional().default('')
+})
+
+/**
+ * 관리자 회원 생성 API
+ * @param {import('h3').H3Event} event - 요청 이벤트
+ * @returns {Promise<Object>} 생성된 회원
+ */
+export default defineEventHandler(async (event) => {
+  requireAdminSession(event)
+  const parsedBody = memberInputSchema.safeParse(await readBody(event))
+
+  if (!parsedBody.success) {
+    throw createError({
+      statusCode: 400,
+      message: '회원 생성 요청 형식이 올바르지 않습니다.'
+    })
+  }
+
+  const body = parsedBody.data
+  const email = body.email.toLowerCase()
+
+  if (await isUsernameTaken({ username: body.username })) {
+    throw createError({
+      statusCode: 409,
+      message: '이미 사용 중인 이름입니다.'
+    })
+  }
+
+  if (await isEmailTaken({ email })) {
+    throw createError({
+      statusCode: 409,
+      message: '이미 사용 중인 이메일입니다.'
+    })
+  }
+
+  const passwordHash = await bcrypt.hash(randomBytes(32).toString('hex'), 12)
+
+  return createMemberByAdmin({
+    username: body.username,
+    email,
+    passwordHash,
+    avatarUrl: body.avatarUrl,
+    labels: [...new Set(body.labels)],
+    note: body.note
+  })
+})
--- a/server/routes/admin/api/members/[id].get.js
+++ b/server/routes/admin/api/members/[id].get.js
@@ -0,0 +1,30 @@
+import { createError, getRouterParam } from 'h3'
+import { requireAdminSession } from '../../../../utils/admin-auth'
+import { getMemberForAdmin } from '../../../../repositories/member-repository'
+
+/**
+ * 관리자 회원 상세 조회 API
+ * @param {import('h3').H3Event} event - 요청 이벤트
+ * @returns {Promise<Object>} 회원 상세
+ */
+export default defineEventHandler(async (event) => {
+  requireAdminSession(event)
+  const memberId = String(getRouterParam(event, 'id') || '')
+
+  if (!memberId) {
+    throw createError({
+      statusCode: 400,
+      message: '회원 ID가 필요합니다.'
+    })
+  }
+
+  const member = await getMemberForAdmin(memberId)
+  if (!member) {
+    throw createError({
+      statusCode: 404,
+      message: '회원을 찾을 수 없습니다.'
+    })
+  }
+
+  return member
+})
--- a/server/routes/admin/api/members/[id].put.js
+++ b/server/routes/admin/api/members/[id].put.js
@@ -0,0 +1,80 @@
+import { createError, getRouterParam, readBody } from 'h3'
+import { z } from 'zod'
+import { requireAdminSession } from '../../../../utils/admin-auth'
+import { getMemberForAdmin, isEmailTaken, isUsernameTaken, updateMemberByAdmin } from '../../../../repositories/member-repository'
+
+const memberInputSchema = z.object({
+  username: z.string().trim().min(1).max(60),
+  email: z.string().trim().email().max(254),
+  avatarUrl: z.string().trim().max(500).optional().default(''),
+  labels: z.array(z.string().trim().min(1).max(40)).max(20).optional().default([]),
+  note: z.string().max(500).optional().default('')
+})
+
+/**
+ * 관리자 회원 기본 정보 수정 API
+ * @param {import('h3').H3Event} event - 요청 이벤트
+ * @returns {Promise<Object>} 수정된 회원
+ */
+export default defineEventHandler(async (event) => {
+  requireAdminSession(event)
+  const memberId = String(getRouterParam(event, 'id') || '')
+  const parsedBody = memberInputSchema.safeParse(await readBody(event))
+
+  if (!memberId) {
+    throw createError({
+      statusCode: 400,
+      message: '회원 ID가 필요합니다.'
+    })
+  }
+
+  if (!parsedBody.success) {
+    throw createError({
+      statusCode: 400,
+      message: '회원 수정 요청 형식이 올바르지 않습니다.'
+    })
+  }
+
+  const existing = await getMemberForAdmin(memberId)
+  if (!existing) {
+    throw createError({
+      statusCode: 404,
+      message: '회원을 찾을 수 없습니다.'
+    })
+  }
+
+  const body = parsedBody.data
+  const email = body.email.toLowerCase()
+
+  if (await isUsernameTaken({ username: body.username, excludeUserId: memberId })) {
+    throw createError({
+      statusCode: 409,
+      message: '이미 사용 중인 이름입니다.'
+    })
+  }
+
+  if (await isEmailTaken({ email, excludeUserId: memberId })) {
+    throw createError({
+      statusCode: 409,
+      message: '이미 사용 중인 이메일입니다.'
+    })
+  }
+
+  const updated = await updateMemberByAdmin({
+    memberId,
+    username: body.username,
+    email,
+    avatarUrl: body.avatarUrl,
+    labels: [...new Set(body.labels)],
+    note: body.note
+  })
+
+  if (!updated) {
+    throw createError({
+      statusCode: 500,
+      message: '회원 수정에 실패했습니다.'
+    })
+  }
+
+  return updated
+})