From 4c2ce55afb0f5f44f1a7c478b428d8318103638c Mon Sep 17 00:00:00 2001
From: hskwon <shine1324@gmail.com>
Date: Tue, 22 Jul 2025 16:44:26 +0900
Subject: [PATCH] =?UTF-8?q?fix=20:=20Bearer=20=EC=9D=B8=EC=A6=9D=20?=
 =?UTF-8?q?=EA=B8=B0=EB=8A=A5=20=EC=88=98=EC=A0=95=20(=EC=B6=94=EA=B0=80)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/Http/Controllers/Api/V1/ApiController.php |  5 ++++-
 app/Http/Middleware/ApiKeyMiddleware.php      | 14 ++++++++++++++
 2 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/app/Http/Controllers/Api/V1/ApiController.php b/app/Http/Controllers/Api/V1/ApiController.php
index e0733fc..370a468 100644
--- a/app/Http/Controllers/Api/V1/ApiController.php
+++ b/app/Http/Controllers/Api/V1/ApiController.php
@@ -89,6 +89,9 @@ public function login(Request $request)
             return response()->json(['error' => '아이디 또는 비밀번호가 올바르지 않습니다.'], 401);
         }
 
+        //인증토큰 생성
+        $token = $user->createToken('front-app')->plainTextToken;
+
         // 선택: DB에 신규 token 저장
         $USER_TOKEN = hash('sha256', $user->mb_id.date('YmdHis'));
         $user->remember_token = $USER_TOKEN;
@@ -96,7 +99,7 @@ public function login(Request $request)
 
         return response()->json([
             'message' => '로그인 성공',
-            'user_token' => $user->remember_token,
+            'user_token' => $token,
         ]);
     }
 
diff --git a/app/Http/Middleware/ApiKeyMiddleware.php b/app/Http/Middleware/ApiKeyMiddleware.php
index 11e2483..b03f126 100644
--- a/app/Http/Middleware/ApiKeyMiddleware.php
+++ b/app/Http/Middleware/ApiKeyMiddleware.php
@@ -6,6 +6,7 @@
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\DB;
 use App\Models\Member;
+use Laravel\Sanctum\PersonalAccessToken;
 
 class ApiKeyMiddleware
 {
@@ -45,6 +46,19 @@ public function handle(Request $request, Closure $next)
             return response()->json(['message' => 'Unauthorized. Invalid or missing API key or token'], 401);
         }
 
+        // Bearer 인증 (Sanctum)
+        $user = [];
+        if($token = $request->bearerToken()) {
+            $accessToken = PersonalAccessToken::findToken($token);
+            if ($accessToken && $accessToken->tokenable instanceof Member) {
+                $user = $accessToken->tokenable;
+            }
+        }
+        if ($user) {
+            $request->setUserResolver(fn() => $user);
+        }
+
+
         return $next($request);
     }
 }