diff options
Diffstat (limited to 'app/api/auth/send-sms/route.ts')
| -rw-r--r-- | app/api/auth/send-sms/route.ts | 75 |
1 files changed, 75 insertions, 0 deletions
diff --git a/app/api/auth/send-sms/route.ts b/app/api/auth/send-sms/route.ts new file mode 100644 index 00000000..3d51d445 --- /dev/null +++ b/app/api/auth/send-sms/route.ts @@ -0,0 +1,75 @@ +// app/api/auth/send-sms/route.ts + +import { NextRequest, NextResponse } from 'next/server'; +import { z } from 'zod'; +import { getServerSession } from 'next-auth'; +import { authOptions } from '@/app/api/auth/[...nextauth]/route'; +import { getUserById } from '@/lib/users/repository'; +import { generateAndSendSmsToken } from '@/lib/users/auth/passwordUtil'; + +const sendSmsSchema = z.object({ + userId: z.string(), +}); + +export async function POST(request: NextRequest) { + try { + // 세션 확인 + const session = await getServerSession(authOptions); + if (!session?.user?.id) { + return NextResponse.json( + { error: '인증이 필요합니다' }, + { status: 401 } + ); + } + + const body = await request.json(); + const { userId } = sendSmsSchema.parse(body); + + // 본인 확인 + if (session.user.id !== userId) { + return NextResponse.json( + { error: '권한이 없습니다' }, + { status: 403 } + ); + } + + // 사용자 정보 조회 + const user = await getUserById(Number(userId)); + if (!user || !user.phone) { + return NextResponse.json( + { error: '전화번호가 등록되지 않았습니다' }, + { status: 400 } + ); + } + + // SMS 전송 + const result = await generateAndSendSmsToken(parseInt(userId), user.phone); + + if (result.success) { + return NextResponse.json({ + success: true, + message: 'SMS가 전송되었습니다' + }); + } else { + return NextResponse.json( + { error: result.error }, + { status: 400 } + ); + } + + } catch (error) { + if (error instanceof z.ZodError) { + return NextResponse.json( + { error: '잘못된 요청입니다' }, + { status: 400 } + ); + } + + console.error('SMS send API error:', error); + return NextResponse.json( + { error: '서버 오류가 발생했습니다' }, + { status: 500 } + ); + } +} + |