feat: 최초 로그인 시 비밀번호 변경 강제 기능

- User 모델에 must_change_password 필드 추가 - UserService: createUser(), resetPassword()에서 플래그 설정 - ProfileService: changePassword()에서 플래그 해제 - EnsurePasswordChanged 미들웨어 추가 - 인증 라우트에 password.changed 미들웨어 적용 - 프로필 페이지에 비밀번호 변경 필요 알림 추가 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-12-01 23:44:56 +09:00
parent 817690f544
commit 7ea8997927
7 changed files with 92 additions and 5 deletions
--- a/routes/web.php
+++ b/routes/web.php
@@ -3,15 +3,16 @@
 use App\Http\Controllers\ArchivedRecordController;
 use App\Http\Controllers\Auth\LoginController;
 use App\Http\Controllers\BoardController;
+use App\Http\Controllers\DailyLogController;
 use App\Http\Controllers\DepartmentController;
 use App\Http\Controllers\DevTools\FlowTesterController;
 use App\Http\Controllers\MenuController;
 use App\Http\Controllers\PermissionController;
-use App\Http\Controllers\DailyLogController;
+use App\Http\Controllers\PostController;
+use App\Http\Controllers\ProfileController;
 use App\Http\Controllers\ProjectManagementController;
 use App\Http\Controllers\RoleController;
 use App\Http\Controllers\RolePermissionController;
-use App\Http\Controllers\ProfileController;
 use App\Http\Controllers\TenantController;
 use App\Http\Controllers\UserController;
 use Illuminate\Support\Facades\Route;
@@ -35,7 +36,7 @@
 | - hq.member: 본사(HQ) 테넌트 소속 확인
 */

-Route::middleware(['auth', 'hq.member'])->group(function () {
+Route::middleware(['auth', 'hq.member', 'password.changed'])->group(function () {
    Route::post('/logout', [LoginController::class, 'logout'])->name('logout');

    // 테넌트 전환
@@ -95,6 +96,17 @@
        Route::get('/', [BoardController::class, 'index'])->name('index');
        Route::get('/create', [BoardController::class, 'create'])->name('create');
        Route::get('/{id}/edit', [BoardController::class, 'edit'])->name('edit');
+
+        // 게시글 CRUD (board 하위 중첩 라우트)
+        Route::prefix('{board}/posts')->name('posts.')->group(function () {
+            Route::get('/', [PostController::class, 'index'])->name('index');
+            Route::get('/create', [PostController::class, 'create'])->name('create');
+            Route::post('/', [PostController::class, 'store'])->name('store');
+            Route::get('/{post}', [PostController::class, 'show'])->name('show');
+            Route::get('/{post}/edit', [PostController::class, 'edit'])->name('edit');
+            Route::put('/{post}', [PostController::class, 'update'])->name('update');
+            Route::delete('/{post}', [PostController::class, 'destroy'])->name('destroy');
+        });
    });

    // 역할 권한 관리 (Blade 화면만)