feat: 1회용 관리자 설정 API (/api/setup-admin)
This commit is contained in:
Johngreen
@@ -0,0 +1,47 @@
|
||||
import { NextResponse } from 'next/server';
|
||||
import { createPrismaClient } from '@startover/database';
|
||||
import argon2 from 'argon2';
|
||||
|
||||
const prisma = createPrismaClient();
|
||||
|
||||
export async function POST(request: Request) {
|
||||
const body = await request.json().catch(() => ({}));
|
||||
const secret = body.secret as string | undefined;
|
||||
|
||||
// 간단한 보안: 비밀키 확인
|
||||
if (secret !== 'startover-setup-2026') {
|
||||
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
|
||||
}
|
||||
|
||||
const email = 'admin@admin.com';
|
||||
const emailNormalized = email.toLowerCase().trim();
|
||||
|
||||
const existing = await prisma.user.findFirst({
|
||||
where: { emailNormalized },
|
||||
});
|
||||
|
||||
if (existing) {
|
||||
// 이미 존재하면 비밀번호만 업데이트
|
||||
const passwordHash = await argon2.hash('admin123');
|
||||
await prisma.user.update({
|
||||
where: { id: existing.id },
|
||||
data: { passwordHash, status: 'ACTIVE', primaryRole: 'SUPER_ADMIN' },
|
||||
});
|
||||
return NextResponse.json({ message: 'Admin user updated', id: existing.id.toString() });
|
||||
}
|
||||
|
||||
const passwordHash = await argon2.hash('admin123');
|
||||
const user = await prisma.user.create({
|
||||
data: {
|
||||
email,
|
||||
emailNormalized,
|
||||
name: '운영자',
|
||||
passwordHash,
|
||||
primaryRole: 'SUPER_ADMIN',
|
||||
status: 'ACTIVE',
|
||||
emailVerifiedAt: new Date(),
|
||||
},
|
||||
});
|
||||
|
||||
return NextResponse.json({ message: 'Admin user created', id: user.id.toString() });
|
||||
}
|
||||
Reference in New Issue
Block a user