fix: 보안 취약점 해결 및 인증 시스템 오류 수정

- npm audit fix로 tar-fs, brace-expansion 취약점 해결 - analysisRoutes.js에서 authMiddleware import 오류 수정 - dailyWorkReportController.js에 누락된 getAccumulatedReports 함수 추가 - JWT 인증 시스템 정상 작동 확인 완료
2025-07-31 10:42:53 +09:00
parent a1b7d3c5df
commit ef06cec8d6
3 changed files with 43 additions and 8 deletions
--- a/api.hyungi.net/controllers/dailyWorkReportController.js
+++ b/api.hyungi.net/controllers/dailyWorkReportController.js
@@ -491,6 +491,41 @@ const getErrorTypes = (req, res) => {
  });
 };

+/**
+ * 📊 누적 현황 조회
+ */
+const getAccumulatedReports = (req, res) => {
+  const { date, worker_id } = req.query;
+
+  if (!date || !worker_id) {
+    return res.status(400).json({ 
+      error: 'date와 worker_id가 필요합니다.',
+      example: 'date=2024-06-16&worker_id=1'
+    });
+  }
+
+  console.log(`📊 누적 현황 조회: date=${date}, worker_id=${worker_id}`);
+
+  dailyWorkReportModel.getAccumulatedReportsByDate(date, worker_id, (err, data) => {
+    if (err) {
+      console.error('누적 현황 조회 오류:', err);
+      return res.status(500).json({ 
+        error: '누적 현황 조회 중 오류가 발생했습니다.',
+        details: err.message 
+      });
+    }
+    
+    console.log(`📊 누적 현황 조회 결과: ${data.length}개`);
+    res.json({
+      date,
+      worker_id,
+      total_entries: data.length,
+      accumulated_data: data,
+      timestamp: new Date().toISOString()
+    });
+  });
+};
+
 // 모든 컨트롤러 함수 내보내기 (리팩토링된 함수 위주로 재구성)
 module.exports = {
  // 📝 V2 핵심 CRUD 함수
--- a/api.hyungi.net/package-lock.json
+++ b/api.hyungi.net/package-lock.json
@@ -744,9 +744,9 @@
      }
    },
    "node_modules/brace-expansion": {
-      "version": "1.1.11",
-      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz",
-      "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==",
+      "version": "1.1.12",
+      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz",
+      "integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==",
      "license": "MIT",
      "optional": true,
      "dependencies": {
@@ -4075,9 +4075,9 @@
      }
    },
    "node_modules/tar-fs": {
-      "version": "2.1.2",
-      "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-2.1.2.tgz",
-      "integrity": "sha512-EsaAXwxmx8UB7FRKqeozqEPop69DXcmYwTQwXvyAPF352HJsPdkVhvTaDPYqfNgruveJIJy3TA2l+2zj8LJIJA==",
+      "version": "2.1.3",
+      "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-2.1.3.tgz",
+      "integrity": "sha512-090nwYJDmlhwFwEW3QQl+vaNnxsO2yVsd45eTKRBzSzu+hlb1w2K9inVq5b0ngXuLVqQ4ApvsUHHnu/zQNkWAg==",
      "license": "MIT",
      "dependencies": {
        "chownr": "^1.1.1",
--- a/api.hyungi.net/routes/analysisRoutes.js
+++ b/api.hyungi.net/routes/analysisRoutes.js
@@ -2,9 +2,9 @@
 const express = require('express');
 const router = express.Router();
 const { getAnalysisData } = require('../controllers/analysisController');
-const authMiddleware = require('../middlewares/authMiddleware'); // 인증 미들웨어 추가
+const { verifyToken } = require('../middlewares/authMiddleware'); // 인증 미들웨어 추가

 // GET /api/analysis?startDate=...&endDate=...
-router.get('/', authMiddleware, getAnalysisData);
+router.get('/', verifyToken, getAnalysisData);

 module.exports = router;