From 3eeb0764bf97a273317b8d840c83f1149d14ac5f Mon Sep 17 00:00:00 2001
From: johngreen <ramses7448@gmail.com>
Date: Tue, 12 May 2026 19:27:44 +0900
Subject: [PATCH] =?UTF-8?q?fix(=EB=B9=84=EB=B2=88=EC=B4=88=EA=B8=B0?=
 =?UTF-8?q?=ED=99=94):=20=ED=82=A4=20=EB=B6=88=EC=9D=BC=EC=B9=98=20+=20?=
 =?UTF-8?q?=EC=9E=85=EB=A0=A5=EA=B0=92=20=EB=AC=B4=EC=8B=9C=20=ED=94=BD?=
 =?UTF-8?q?=EC=8A=A4?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Frontend: body 키를 snake_case (user_id/new_password) 로 변환
- Controller: new_password 도 추출해서 service 에 전달
- Service: 2-arg 오버로드 추가, newPassword 입력값 사용 (blank 일 때만 Welcome1! fallback), userId null/blank 시 IllegalArgumentException

증상: 사용자관리에서 비밀번호 초기화 modal 입력 → backend 가 user_id=null 로 SQL 실행 (0행) + newPassword 무시 후 항상 Welcome1! 로 덮어쓰기.
---
 .../main/java/com/erp/controller/AdminController.java |  3 ++-
 .../src/main/java/com/erp/service/AdminService.java   | 11 +++++++++--
 frontend/lib/api/user.ts                              |  5 ++++-
 3 files changed, 15 insertions(+), 4 deletions(-)

diff --git a/backend-spring/src/main/java/com/erp/controller/AdminController.java b/backend-spring/src/main/java/com/erp/controller/AdminController.java
index 978ad236..a1c8d745 100644
--- a/backend-spring/src/main/java/com/erp/controller/AdminController.java
+++ b/backend-spring/src/main/java/com/erp/controller/AdminController.java
@@ -295,7 +295,8 @@ public class AdminController {
     @PostMapping("/users/reset-password")
     public ResponseEntity<ApiResponse<Void>> resetUserPassword(@RequestBody Map<String, Object> body) {
         String userId = (String) body.get("user_id");
-        adminService.resetUserPassword(userId);
+        String newPassword = (String) body.get("new_password");
+        adminService.resetUserPassword(userId, newPassword);
         return ResponseEntity.ok(ApiResponse.success(null, "비밀번호 초기화 성공"));
     }
 
diff --git a/backend-spring/src/main/java/com/erp/service/AdminService.java b/backend-spring/src/main/java/com/erp/service/AdminService.java
index a83fc7a6..749ed51e 100644
--- a/backend-spring/src/main/java/com/erp/service/AdminService.java
+++ b/backend-spring/src/main/java/com/erp/service/AdminService.java
@@ -208,10 +208,17 @@ public class AdminService extends BaseService {
     }
 
     public void resetUserPassword(String userId) {
-        String defaultPw = passwordEncoder.encode("Welcome1!");
+        resetUserPassword(userId, null);
+    }
+
+    public void resetUserPassword(String userId, String newPassword) {
+        if (userId == null || userId.isBlank()) {
+            throw new IllegalArgumentException("user_id 는 필수입니다");
+        }
+        String rawPw = (newPassword != null && !newPassword.isBlank()) ? newPassword : "Welcome1!";
         Map<String, Object> params = new HashMap<>();
         params.put("user_id", userId);
-        params.put("user_password", defaultPw);
+        params.put("user_password", passwordEncoder.encode(rawPw));
         sqlSession.update("admin.updateUserPassword", params);
     }
 
diff --git a/frontend/lib/api/user.ts b/frontend/lib/api/user.ts
index db327caa..6704c2d7 100644
--- a/frontend/lib/api/user.ts
+++ b/frontend/lib/api/user.ts
@@ -199,7 +199,10 @@ export async function getUserHistory(userId: string, params?: Record<string, any
  * 사용자 비밀번호 초기화
  */
 export async function resetUserPassword(resetData: { userId: string; newPassword: string }) {
-  const response = await apiClient.post("/admin/users/reset-password", resetData);
+  const response = await apiClient.post("/admin/users/reset-password", {
+    user_id: resetData.userId,
+    new_password: resetData.newPassword,
+  });
 
   return response.data;
 }