From 2d5b94a026f0dad32770ec309619c24621f16eee Mon Sep 17 00:00:00 2001
From: chpark <chpark@wace.me>
Date: Thu, 14 May 2026 00:16:07 +0900
Subject: [PATCH] =?UTF-8?q?feat(admin/users):=20=EC=88=98=EC=A0=95=20?=
 =?UTF-8?q?=ED=99=94=EB=A9=B4=EC=97=90=EC=84=9C=EB=8F=84=20=EB=B9=84?=
 =?UTF-8?q?=EB=B0=80=EB=B2=88=ED=98=B8=20=EB=B3=80=EA=B2=BD=20=EA=B0=80?=
 =?UTF-8?q?=EB=8A=A5?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- 사용자 수정 폼에 '비밀번호 변경' 입력란 추가 (빈 칸이면 기존 유지)
- /api/admin/users/save update 분기: password 값이 있으면 AES 암호화 후
  user_password 갱신
---
 src/app/admin-panel/user-form/page.tsx | 7 ++++++-
 src/app/api/admin/users/save/route.ts  | 9 ++++++++-
 2 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/src/app/admin-panel/user-form/page.tsx b/src/app/admin-panel/user-form/page.tsx
index 0530cae..82dc5a2 100644
--- a/src/app/admin-panel/user-form/page.tsx
+++ b/src/app/admin-panel/user-form/page.tsx
@@ -93,9 +93,14 @@ function UserForm() {
         <div className="col-span-2"><label className="block text-[11px] font-medium text-gray-500 mb-0.5">주소</label>
           <Input className="h-8" value={form.address || ""} onChange={(e) => set("address", e.target.value)} /></div>
 
-        {isNew && (
+        {isNew ? (
           <div className="col-span-2"><label className="block text-[11px] font-medium text-gray-500 mb-0.5">초기 비밀번호</label>
             <Input className="h-8" type="password" value={form.password || ""} onChange={(e) => set("password", e.target.value)} placeholder="비밀번호 입력 (미입력 시 1)" /></div>
+        ) : (
+          <div className="col-span-2"><label className="block text-[11px] font-medium text-gray-500 mb-0.5">
+              비밀번호 변경 <span className="text-gray-400 font-normal">(빈 칸이면 안 바꿈)</span>
+            </label>
+            <Input className="h-8" type="password" value={form.password || ""} onChange={(e) => set("password", e.target.value)} placeholder="새 비밀번호 입력" /></div>
         )}
       </div>
 
diff --git a/src/app/api/admin/users/save/route.ts b/src/app/api/admin/users/save/route.ts
index 8a15816..04608fc 100644
--- a/src/app/api/admin/users/save/route.ts
+++ b/src/app/api/admin/users/save/route.ts
@@ -28,7 +28,6 @@ export async function POST(request: NextRequest) {
          encPassword, body.tel || ""]
       );
     } else {
-      // Update without changing password
       const unlimited = body.unlimited_qty === "Y" ? "Y" : "N";
       const viewHidden = body.view_hidden === "Y" ? "Y" : "N";
       // 빈 문자열 / undefined → NULL 처리
@@ -51,6 +50,14 @@ export async function POST(request: NextRequest) {
          body.address ?? null, body.ceo_name ?? null, body.biz_no ?? null,
          unlimited, viewHidden, defaultWh, stmtBranch]
       );
+      // 비밀번호가 입력된 경우만 변경 (빈 문자열이면 기존 유지)
+      if (typeof body.password === "string" && body.password.length > 0) {
+        const encPassword = encrypt(body.password);
+        await client.query(
+          `UPDATE user_info SET user_password=$1 WHERE user_id=$2`,
+          [encPassword, body.user_id || ""]
+        );
+      }
     }
     return NextResponse.json({ success: true, message: isNew ? "등록되었습니다." : "수정되었습니다." });
   } catch (e) {