61 lines
1.6 KiB
JavaScript
61 lines
1.6 KiB
JavaScript
import { z } from 'zod'
|
|
import { createError, getRequestIP, readBody } from 'h3'
|
|
import bcrypt from 'bcrypt'
|
|
import { setAdminSession } from '../../../../utils/admin-auth'
|
|
import { getAdminUserByEmail, touchUserActivity } from '../../../../repositories/member-repository'
|
|
import { setMemberSession } from '../../../../utils/member-auth'
|
|
|
|
const loginSchema = z.object({
|
|
email: z.string().email(),
|
|
password: z.string().min(1)
|
|
})
|
|
|
|
/**
|
|
* 관리자 로그인 API
|
|
* @param {import('h3').H3Event} event - 요청 이벤트
|
|
* @returns {Promise<{ email: string }>} 관리자 세션 정보
|
|
*/
|
|
export default defineEventHandler(async (event) => {
|
|
const parsedBody = loginSchema.safeParse(await readBody(event))
|
|
|
|
if (!parsedBody.success) {
|
|
throw createError({
|
|
statusCode: 400,
|
|
message: '로그인 요청 형식이 올바르지 않습니다.'
|
|
})
|
|
}
|
|
|
|
const body = parsedBody.data
|
|
|
|
const adminUser = await getAdminUserByEmail(body.email)
|
|
const passwordMatched = adminUser
|
|
? await bcrypt.compare(body.password, adminUser.passwordHash)
|
|
: false
|
|
|
|
if (!adminUser || !passwordMatched) {
|
|
throw createError({
|
|
statusCode: 401,
|
|
message: '이메일 또는 비밀번호가 올바르지 않습니다.'
|
|
})
|
|
}
|
|
|
|
setAdminSession(event, {
|
|
userId: adminUser.id,
|
|
email: adminUser.email
|
|
})
|
|
setMemberSession(event, {
|
|
userId: adminUser.id,
|
|
email: adminUser.email
|
|
})
|
|
await touchUserActivity({
|
|
userId: adminUser.id,
|
|
ip: String(getRequestIP(event) || '')
|
|
})
|
|
|
|
return {
|
|
userId: adminUser.id,
|
|
email: adminUser.email,
|
|
username: adminUser.username
|
|
}
|
|
})
|