From ba3ccae8802ddc1a5c5bfb5975ac1222f13c5d60 Mon Sep 17 00:00:00 2001
From: seorang42 <seorang42@naver.com>
Date: Thu, 13 Feb 2025 14:51:33 +0900
Subject: [PATCH 1/2] =?UTF-8?q?:bug:=20[fix]=20=EC=B4=88=EA=B8=B0=20?=
 =?UTF-8?q?=EB=B9=84=EB=B0=80=EB=B2=88=ED=98=B8=20=EC=9E=AC=EC=84=A4?=
 =?UTF-8?q?=EC=A0=95=20=EB=B6=88=EA=B0=80=EB=8A=A5=20=EC=98=A4=EB=A5=98=20?=
 =?UTF-8?q?=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/api/auth.ts            | 20 ++++++++++++++------
 src/constants/common.ts    |  2 +-
 src/router/index.ts        |  5 ++++-
 src/stores/member.ts       |  3 ++-
 src/views/LoginView.vue    |  2 +-
 src/views/PwChangeView.vue | 22 +++++++++++++++++++---
 6 files changed, 41 insertions(+), 13 deletions(-)

diff --git a/src/api/auth.ts b/src/api/auth.ts
index 35cb139..6ea94ad 100644
--- a/src/api/auth.ts
+++ b/src/api/auth.ts
@@ -25,17 +25,25 @@ export const postLogin = async (nickName: string, password: string) => {
     path: '/',
     sameSite: 'strict'
   })
-  Cookies.set('refreshToken', response.data.refreshToken, {
-    path: '/',
-    sameSite: 'strict'
-  })
+  if (response.data.refreshToken) {
+    Cookies.set('refreshToken', response.data.refreshToken, {
+      path: '/',
+      sameSite: 'strict'
+    })
+  }
   return response.data
 }
 
 export const patchPassword = async (password: string) => {
   const request = { password }
-  const response = await axiosInstance.patch('/api/members/password', request)
-  return response.data
+  const refreshToken = Cookies.get('refreshToken')
+  if (refreshToken) {
+    const response = await axiosInstance.patch('/api/members/password', request)
+    return response.data
+  } else {
+    const response = await axiosInstance.patch('/api/members/initial-password', request)
+    return response.data
+  }
 }
 
 export const deleteLogout = async () => {
diff --git a/src/constants/common.ts b/src/constants/common.ts
index f459a61..669c53c 100644
--- a/src/constants/common.ts
+++ b/src/constants/common.ts
@@ -40,7 +40,7 @@ export const COLOR_LIST = [
 ]
 
 export const PERMITTED_URL = {
-  UNKNOWN: ['/login', '/pw-change-email'],
+  UNKNOWN: ['/login', '/pw-change-email', '/pw-change'],
   ROLE_USER: ['/my-request', '/task-request', '/edit-information', '/pw-change'],
   ROLE_MANAGER: [
     '/my-task',
diff --git a/src/router/index.ts b/src/router/index.ts
index b4d4601..5ef5e99 100644
--- a/src/router/index.ts
+++ b/src/router/index.ts
@@ -143,7 +143,10 @@ router.beforeEach(async (to, from, next) => {
     ROLE_ADMIN: '/member-management'
   }
 
-  if ((info.role && PERMITTED_URL.UNKNOWN.includes(to.path)) || (info.role && to.path === '/')) {
+  if (
+    (info.role && PERMITTED_URL.UNKNOWN.includes(to.path) && to.path !== '/pw-change') ||
+    (info.role && to.path === '/')
+  ) {
     return next(redirectMap[info.role])
   }
 
diff --git a/src/stores/member.ts b/src/stores/member.ts
index 0c20716..88bb4c3 100644
--- a/src/stores/member.ts
+++ b/src/stores/member.ts
@@ -26,7 +26,8 @@ export const useMemberStore = defineStore('memberInfo', () => {
 
   async function updateMemberInfoWithToken() {
     const token = Cookies.get('accessToken')
-    if (!token) return
+    const refreshToken = Cookies.get('refreshToken')
+    if (!token || !refreshToken) return
 
     const { data }: { data: User } = await axiosInstance.get('/api/members/info')
     info.value = data
diff --git a/src/views/LoginView.vue b/src/views/LoginView.vue
index d029cd9..1a1ad98 100644
--- a/src/views/LoginView.vue
+++ b/src/views/LoginView.vue
@@ -84,7 +84,7 @@ const handleLogin = async () => {
 
     if (!Cookies.get('refreshToken')) {
       router.push('/pw-change')
-    } else if (res && role && Cookies.get('refreshToken')) {
+    } else if (res) {
       switch (role) {
         case 'ROLE_ADMIN':
           router.push('/member-management')
diff --git a/src/views/PwChangeView.vue b/src/views/PwChangeView.vue
index 18a60cf..ebfdae6 100644
--- a/src/views/PwChangeView.vue
+++ b/src/views/PwChangeView.vue
@@ -33,7 +33,8 @@
         v-model="pw"
         placeholder="비밀번호를 입력해주세요"
         required
-        class="input-box" />
+        class="input-box"
+        autocomplete="current-password" />
       <div class="flex flex-col gap-2">
         <button
           type="submit"
@@ -60,6 +61,7 @@
           placeholder="새 비밀번호를 입력해주세요"
           required
           ref="passwordInput"
+          autocomplete="new-password"
           :class="[
             'block w-full px-4 py-4 border rounded focus:outline-none',
             isInvalid ? 'border-red-1' : 'border-border-1'
@@ -78,6 +80,7 @@
           ref="checkPwInput"
           placeholder="새 비밀번호를 다시 입력해주세요"
           required
+          autocomplete="new-password"
           :class="[
             'block w-full px-4 py-4 border rounded focus:outline-none',
             isDifferent ? 'border-red-1' : 'border-border-1'
@@ -108,9 +111,10 @@
 <script setup lang="ts">
 import { patchPassword, postPasswordCheck } from '@/api/auth'
 import TitleContainer from '@/components/common/TitleContainer.vue'
-import { nextTick, ref } from 'vue'
+import { nextTick, onMounted, ref } from 'vue'
 import ModalView from '@/components/common/ModalView.vue'
 import { useRouter } from 'vue-router'
+import Cookies from 'js-cookie'
 
 const isErrorVisible = ref(false)
 
@@ -134,6 +138,13 @@ const passwordInput = ref<HTMLInputElement | null>(null)
 const isModalVisible = ref(false)
 const router = useRouter()
 
+onMounted(() => {
+  const refreshToken = Cookies.get('refreshToken')
+  if (!refreshToken) {
+    isConfirmed.value = true
+  }
+})
+
 const validatePassword = () => {
   const regex = /^(?=.*[A-Z])(?=.*[a-z])(?=.*\d)(?=.*[!@#$%^&*()_+{}\[\]:;<>,.?/~`-]).{8,20}$/
   isInvalid.value = !regex.test(newPw.value)
@@ -165,7 +176,12 @@ const handleChange = async () => {
 
 const closeModal = () => {
   isModalVisible.value = !isModalVisible.value
-  router.replace('/edit-information')
+  if (Cookies.get('refreshToken')) {
+    router.replace('/edit-information')
+  } else {
+    Cookies.remove('accessToken')
+    router.replace('/login')
+  }
 }
 const closeError = () => {
   isErrorVisible.value = !isErrorVisible.value

From 553c6ba18daf83f4d9c68cf09f7c4cac48ad512a Mon Sep 17 00:00:00 2001
From: seorang42 <seorang42@naver.com>
Date: Thu, 13 Feb 2025 15:12:21 +0900
Subject: [PATCH 2/2] =?UTF-8?q?:bug:=20[fix]=20=EB=8B=A4=EC=9D=B4=EB=82=98?=
 =?UTF-8?q?=EB=AF=B9=20=EB=9D=BC=EC=9A=B0=ED=8C=85=EC=9C=BC=EB=A1=9C=20?=
 =?UTF-8?q?=EC=9D=B8=ED=95=B4=20=EC=B9=B4=ED=85=8C=EA=B3=A0=EB=A6=AC=20?=
 =?UTF-8?q?=EC=88=98=EC=A0=95=20=ED=8E=98=EC=9D=B4=EC=A7=80=20=EC=A7=84?=
 =?UTF-8?q?=EC=9E=85=20=EB=B6=88=EA=B0=80=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/router/index.ts | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/src/router/index.ts b/src/router/index.ts
index 5ef5e99..2aea2b9 100644
--- a/src/router/index.ts
+++ b/src/router/index.ts
@@ -170,11 +170,20 @@ router.beforeEach(async (to, from, next) => {
     ROLE_ADMIN: PERMITTED_URL.ROLE_ADMIN
   }
 
-  if (from.path === redirectMap[info.role] && !permittedUrlMap[info.role].includes(to.path)) {
+  const isPathPermitted = (path: string, permittedPaths: string[]) => {
+    return permittedPaths.some(permittedPath => {
+      return path.startsWith(permittedPath)
+    })
+  }
+
+  if (
+    from.path === redirectMap[info.role] &&
+    !isPathPermitted(to.path, permittedUrlMap[info.role])
+  ) {
     return false
   }
 
-  if (!permittedUrlMap[info.role].includes(to.path)) {
+  if (!isPathPermitted(to.path, permittedUrlMap[info.role])) {
     if (to.path === redirectMap[info.role]) {
       return next()
     }