로그인, 로그아웃 추격

This commit is contained in:
yscha 2026-04-03 17:33:09 +09:00
parent 1f06772716
commit c9f1a4102f
5 changed files with 44 additions and 22 deletions

View File

@ -2,9 +2,39 @@ import type { SessionData } from '@/types/Auth'
import { cookies } from 'next/headers' import { cookies } from 'next/headers'
import { NextResponse } from 'next/server' import { NextResponse } from 'next/server'
import { getIronSession } from 'iron-session' import { getIronSession } from 'iron-session'
import { axiosInstance } from '@/libs/axios'
import { sessionOptions } from '@/libs/session' import { sessionOptions } from '@/libs/session'
import { tracking } from '@/libs/tracking' import { tracking } from '@/libs/tracking'
export async function POST(request: Request) {
const cookieStore = await cookies()
const session = await getIronSession<SessionData>(cookieStore, sessionOptions)
const headers: Record<string, string> = {
referer: process.env.NEXT_PUBLIC_QSP_API_REFERER || '',
}
try {
const result = await axiosInstance(`${process.env.NEXT_PUBLIC_QSP_API_URL}`, headers).post(`/api/user/logout`, {
loginId: session.userId,
accsSiteCd: 'QREAD',
actLog: 'LOGOUT',
requestId: session.sessionId,
})
console.log('🚀 ~ logout ~ result:', result.data)
} catch (e) {
console.error('🚀 ~ logout ~ error:', e)
}
tracking({
url: '/api/auth/logout',
data: JSON.stringify({ loginId: session.userId }),
})
session.destroy()
return NextResponse.json({ code: 200, message: 'Logout successful' })
}
export async function GET(request: Request) { export async function GET(request: Request) {
const cookieStore = await cookies() const cookieStore = await cookies()
const session = await getIronSession<SessionData>(cookieStore, sessionOptions) const session = await getIronSession<SessionData>(cookieStore, sessionOptions)
@ -16,7 +46,6 @@ export async function GET(request: Request) {
}), }),
}) })
session.destroy() session.destroy()
// return redirect('/login')
return NextResponse.json({ code: 200, message: 'Logout successful' }) return NextResponse.json({ code: 200, message: 'Logout successful' })
} }

View File

@ -9,6 +9,8 @@ import { tracking } from '@/libs/tracking'
export async function POST(request: Request) { export async function POST(request: Request) {
const { loginId, pwd } = await request.json() const { loginId, pwd } = await request.json()
const sessionId = crypto.randomUUID()
const headers: Record<string, string> = { const headers: Record<string, string> = {
referer: process.env.NEXT_PUBLIC_QSP_API_REFERER || '', referer: process.env.NEXT_PUBLIC_QSP_API_REFERER || '',
} }
@ -16,6 +18,9 @@ export async function POST(request: Request) {
const result = await axiosInstance(`${process.env.NEXT_PUBLIC_QSP_API_URL}`, headers).post(`/api/user/login`, { const result = await axiosInstance(`${process.env.NEXT_PUBLIC_QSP_API_URL}`, headers).post(`/api/user/login`, {
loginId, loginId,
pwd, pwd,
accsSiteCd: 'QREAD',
actLog: 'LOGIN',
requestId: sessionId,
}) })
console.log('🚀 ~ result ~ result:', result.data) console.log('🚀 ~ result ~ result:', result.data)
@ -24,10 +29,7 @@ export async function POST(request: Request) {
if (result.data.result.resultCode === 'S') { if (result.data.result.resultCode === 'S') {
tracking({ tracking({
url: `/api/auth/login`, url: `/api/auth/login`,
data: JSON.stringify({ data: JSON.stringify({ loginId }),
loginId,
pwd,
}),
}) })
const cookieStore = await cookies() const cookieStore = await cookies()
const session = await getIronSession<SessionData>(cookieStore, sessionOptions) const session = await getIronSession<SessionData>(cookieStore, sessionOptions)
@ -65,6 +67,7 @@ export async function POST(request: Request) {
session.builderNm = result.data.data.builderNm session.builderNm = result.data.data.builderNm
session.isLoggedIn = true session.isLoggedIn = true
session.custNm = result.data.data.custNm session.custNm = result.data.data.custNm
session.sessionId = sessionId
/** /**
* - Admin_Sub: 2차 / (groupId: 70000 (Musubi), builderNo: null, userAuthCd: B가 ) * - Admin_Sub: 2차 / (groupId: 70000 (Musubi), builderNo: null, userAuthCd: B가 )
@ -122,25 +125,10 @@ export async function POST(request: Request) {
BUILDER_NO: result.data.data.builderNo, BUILDER_NO: result.data.data.builderNo,
BUILDER_NM: result.data.data.builderNm, BUILDER_NM: result.data.data.builderNm,
IS_LOGGED_IN: true, IS_LOGGED_IN: true,
ROLE: '', ROLE: session.role,
CUST_NM: result.data.data.custNm, CUST_NM: result.data.data.custNm,
} }
if (result.data.data.userId === 'T01' || result.data.data.storeId === 'T01') {
resultForSession.ROLE = 'T01'
} else if (result.data.data.groupId === '60000') {
resultForSession.ROLE = 'Admin'
} else if (result.data.data.groupId === '70000' && result.data.data.builderNo === null && result.data.data.userAuthCd !== 'B') {
resultForSession.ROLE = 'Admin_Sub'
} else if (
(result.data.data.groupId === '70000' && result.data.data.builderNo !== null) ||
(result.data.data.groupId === '70000' && result.data.data.builderNo === null && result.data.data.userAuthCd === 'B')
) {
resultForSession.ROLE = 'Builder'
} else {
resultForSession.ROLE = 'User'
}
finalResult = { finalResult = {
code: 200, code: 200,
message: 'Login is Succecss!!', message: 'Login is Succecss!!',

View File

@ -91,6 +91,9 @@ export default function Login() {
result: SessionData result: SessionData
} }
// TODO: queryKey가 고정값(['login', 'account'])이라 이전 로그인 성공 캐시가 남아있으면
// isLogin이 true로 바뀌는 순간 캐시를 먼저 반환 → useEffect 실행 → router.push('/') 발생
// useMutation으로 교체 필요
const { const {
data: loginData, data: loginData,
isPending, isPending,

View File

@ -49,7 +49,8 @@ export const defaultSession: SessionData = {
builderNm: null, builderNm: null,
isLoggedIn: false, isLoggedIn: false,
role: null, role: null,
custNm: null custNm: null,
sessionId: null,
} }
export const getSession = async () => { export const getSession = async () => {

View File

@ -32,4 +32,5 @@ export interface SessionData {
isLoggedIn: boolean isLoggedIn: boolean
role: string | null role: string | null
custNm: null | string custNm: null | string
sessionId: string | null
} }