fix: api route 권한 처리 로직 수정

- api 결과값과 서버 세션에 저장되는 데이터가 달라 생기는 권한 문제 해결
2025-07-25 09:13:08 +09:00 · 2025-07-25 09:13:08 +09:00 · 0cfcf5cece
commit 0cfcf5cece
parent a4a46d1a13
1 changed files with 11 additions and 7 deletions
--- a/src/app/api/auth/route.ts
+++ b/src/app/api/auth/route.ts
@ -125,17 +125,21 @@ export async function POST(request: Request) {
    }

    if (result.data.data.userId === 'T01') {
-      resultForSession.ROLE = 'T01'
+      session.role = 'T01'
    } else if (result.data.data.groupId === '60000') {
-      resultForSession.ROLE = 'Admin'
-    } else if (result.data.data.groupId === '70000' && result.data.data.builderNo === null) {
-      resultForSession.ROLE = 'Admin_Sub'
-    } else if (result.data.data.groupId === '70000' && result.data.data.builderNo !== null) {
-      resultForSession.ROLE = 'Builder'
+      session.role = 'Admin'
+    } else if (result.data.data.groupId === '70000' && result.data.data.builderNo === null && result.data.data.userAuthCd !== 'B') {
+      session.role = 'Admin_Sub'
+    } else if (
+      (result.data.data.groupId === '70000' && result.data.data.builderNo !== null) ||
+      (result.data.data.groupId === '70000' && result.data.data.builderNo === null && result.data.data.userAuthCd === 'B')
+    ) {
+      session.role = 'Builder'
    } else {
-      resultForSession.ROLE = 'User'
+      session.role = 'User'
    }

+
    finalResult = {
      code: 200,
      message: 'Login is Succecss!!',