SamProject/sam-manage
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix:동기화 페이지 CSRF 및 인증 문제 수정

Browse Source 
- CSRF 예외에 common-code-sync/*, category-sync/* 추가
- fetch 요청에 credentials: 'same-origin' 추가
- 메뉴 동기화 시 menu_id 파싱 방식 수정 (value → dataset.menuId)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
권혁성
2026-01-29 06:57:42 +09:00
parent 6d708cfdda
commit 60ab03601f
4 changed files with 9 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
bootstrap/app.php
View File

@@ -24,6 +24,8 @@
// CSRF 토큰 검증 예외 (외부 API 호출용)
$middleware->validateCsrfTokens(except: [
'menu-sync/*',
'common-code-sync/*',
'category-sync/*',
]);
// web 미들웨어 그룹에 자동 재인증 추가

2
resources/views/categories/sync.blade.php
View File

@@ -350,6 +350,7 @@ function updateSelectedCount(side) {
'X-CSRF-TOKEN': csrfToken,
'Accept': 'application/json'
},
credentials: 'same-origin',
body: JSON.stringify({ env: selectedEnv, type: selectedType, category_keys: categoryKeys })
});
@@ -388,6 +389,7 @@ function updateSelectedCount(side) {
'X-CSRF-TOKEN': csrfToken,
'Accept': 'application/json'
},
credentials: 'same-origin',
body: JSON.stringify({ env: selectedEnv, type: selectedType, category_keys: categoryKeys })
});

2
resources/views/common-codes/sync.blade.php
View File

@@ -351,6 +351,7 @@ function updateSelectedCount(side) {
'X-CSRF-TOKEN': csrfToken,
'Accept': 'application/json'
},
credentials: 'same-origin',
body: JSON.stringify({ env: selectedEnv, type: selectedType, code_keys: codeKeys })
});
@@ -389,6 +390,7 @@ function updateSelectedCount(side) {
'X-CSRF-TOKEN': csrfToken,
'Accept': 'application/json'
},
credentials: 'same-origin',
body: JSON.stringify({ env: selectedEnv, type: selectedType, code_keys: codeKeys })
});

4
resources/views/menus/sync.blade.php
View File

@@ -381,7 +381,7 @@ function closeSettingsModal() {
return;
}
const menuIds = Array.from(checkboxes).map(cb => cb.value);
const menuIds = Array.from(checkboxes).map(cb => parseInt(cb.dataset.menuId));
if (!confirm(`${menuIds.length}개 메뉴를 ${selectedEnv === 'dev' ? '개발' : '운영'} 서버로 Push 하시겠습니까?`)) {
return;
@@ -395,6 +395,7 @@ function closeSettingsModal() {
'X-CSRF-TOKEN': csrfToken,
'Accept': 'application/json'
},
credentials: 'same-origin',
body: JSON.stringify({ env: selectedEnv, menu_ids: menuIds })
});
@@ -432,6 +433,7 @@ function closeSettingsModal() {
'X-CSRF-TOKEN': csrfToken,
'Accept': 'application/json'
},
credentials: 'same-origin',
body: JSON.stringify({ env: selectedEnv, menu_names: menuNames })
});