chpark/pipeline
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Enhance user management and token invalidation features

Browse Source 
- Added comprehensive validation for user data during registration and updates, including email format, company code existence, user type validation, and password length checks.
- Implemented JWT token invalidation for users when their status changes or when roles are updated, ensuring security and compliance with the latest policies.
- Introduced a new TokenInvalidationService to manage token versioning and invalidation processes efficiently.
- Updated the admin controller to provide detailed error messages and success responses for user status changes and validations.
- Enhanced the authentication middleware to check token versions against the database, ensuring that invalidated tokens cannot be used.

This commit improves the overall security and user management experience within the application.
This commit is contained in:
kjs
2026-03-25 18:47:50 +09:00
parent 782ebb1b33
commit 70e040db39
12 changed files with 573 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files
frontend/app/(main)/production/plan-management/page.tsx
+16 -2
View File
@@ -582,8 +582,22 @@ export default function ProductionPlanManagementPage() {
if (!ok) return;
try {
await Promise.all(plannedIds.map((id) => deletePlan(id)));
toast.success(`${plannedIds.length}건의 계획이 삭제되었습니다`);
const results = await Promise.allSettled(plannedIds.map((id) => deletePlan(id)));
const failedIds = plannedIds.filter((_, i) => results[i].status === "rejected");
const succeededCount = plannedIds.length - failedIds.length;
if (failedIds.length === plannedIds.length) {
// 전부 삭제 실패
toast.error(`${failedIds.length}건 모두 삭제에 실패했습니다. 다시 시도해주세요.`);
} else if (failedIds.length > 0) {
// 일부 삭제 실패
toast.warning(
`${succeededCount}건 삭제 완료, ${failedIds.length}건 삭제 실패. 실패 항목을 다시 시도해주세요.`
);
} else {
// 전부 성공
toast.success(`${plannedIds.length}건의 계획이 삭제되었습니다`);
}
fetchPlans();
} catch (err: any) {
toast.error("삭제 실패: " + (err.message || ""));
frontend/lib/api/client.ts
+7
View File
@@ -457,6 +457,13 @@ apiClient.interceptors.response.use(
}
}
// TOKEN_INVALIDATED → 재로그인 필요 (갱신 시도 없이 즉시)
if (errorCode === "TOKEN_INVALIDATED") {
authLog("REDIRECT_TO_LOGIN", `토큰 무효화 (보안 정책 변경) → 즉시 로그인 리다이렉트 (${url})`);
redirectToLogin();
return Promise.reject(error);
}
// TOKEN_MISSING, INVALID_TOKEN 등 → 로그인으로
authLog("REDIRECT_TO_LOGIN", `복구 불가능한 인증 에러 (${errorCode || "UNKNOWN"}, ${url}) → 로그인 리다이렉트`);
redirectToLogin();