보안 점검 및 대시보드 문구 수정

2026-02-13 15:44:41 +09:00
parent 1ac907cd27
commit 7c194d7452
31 changed files with 686 additions and 438 deletions
--- a/app/api/kis/validate-profile/route.ts
+++ b/app/api/kis/validate-profile/route.ts
@@ -1,5 +1,6 @@
 import { NextRequest, NextResponse } from "next/server";
 import type { DashboardKisProfileValidateResponse } from "@/features/trade/types/trade.types";
+import { hasKisApiSession } from "@/app/api/kis/_session";
 import { parseKisAccountParts } from "@/lib/kis/account";
 import { kisGet } from "@/lib/kis/client";
 import { normalizeTradingEnv, type KisCredentialInput } from "@/lib/kis/config";
@@ -43,6 +44,22 @@ const BALANCE_VALIDATION_PRESETS: BalanceValidationPreset[] = [
 * @see features/settings/apis/kis-auth.api.ts validateKisProfile 클라이언트 API 함수
 */
 export async function POST(request: NextRequest) {
+  const fallbackTradingEnv = normalizeTradingEnv(
+    request.headers.get("x-kis-trading-env") ?? undefined,
+  );
+
+  const hasSession = await hasKisApiSession();
+  if (!hasSession) {
+    return NextResponse.json(
+      {
+        ok: false,
+        tradingEnv: fallbackTradingEnv,
+        message: "로그인이 필요합니다.",
+      } satisfies Pick<DashboardKisProfileValidateResponse, "ok" | "tradingEnv" | "message">,
+      { status: 401 },
+    );
+  }
+
  let body: KisProfileValidateRequestBody = {};

  try {
@@ -51,7 +68,7 @@ export async function POST(request: NextRequest) {
    return NextResponse.json(
      {
        ok: false,
-        tradingEnv: "mock",
+        tradingEnv: fallbackTradingEnv,
        message: "요청 본문(JSON)을 읽을 수 없습니다.",
      } satisfies Pick<DashboardKisProfileValidateResponse, "ok" | "tradingEnv" | "message">,
      { status: 400 },