feat(comment): implement comment board (backend API + admin panel)#6
Open
Menstear wants to merge 14 commits into
Open
feat(comment): implement comment board (backend API + admin panel)#6Menstear wants to merge 14 commits into
Menstear wants to merge 14 commits into
Conversation
refactor(backend): migrate MySQL/Sequelize to MongoDB for Render
Add MongoDB-backed ActivityType and ActivityItem models. Add backoffice CRUD and reorder APIs for activity CMS. Register MongoDB connection, Swagger docs, and standalone backoffice docker compose. Refs #3
fix(backend): resolve unable to access recruit page
백엔드
- Comment 모델 추가 (content, author, status: pending/approved/rejected)
- AuditLog 모델 추가 (관리자 액션 감사 로그, actorUserId: Mixed 타입)
- AuditLogService 추가
- 공개 API: POST /comments (등록), GET /comments (승인된 목록 페이지네이션)
- 관리자 API: GET/PATCH(approve/reject)/DELETE /bo/admin/comments
- 보안: 허니팟 필드, rate limit (IP당 분당 5회), page 파라미터 DoS 상한(500)
- CORS: 개발/프로덕션 origin 배열로 수정, 프로덕션에 DELETE 메서드 추가
- trust proxy: app.enable → app.set('trust proxy', 1) 로 변경
- express-rate-limit, cors 패키지 추가
프론트엔드
- comment_api.jsx 추가 (fetchComments, approveComment, rejectComment, deleteComment)
- commentAdmin 기능을 recruitDB 내 오버레이 패널로 통합 (별도 라우트 제거)
- 코멘트 관리 패널: 상태 탭 필터, 테이블, 페이지네이션, ESC 키 닫기
- recruitDB.css에 다크 테마 패널 스타일 추가
|
Deployment failed with the following error: |
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
Menstear
changed the title
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
backoffice PR
feat(comment): 코멘트 게시판 기능 구현 (#5)
개요
웹사이트 방문자가 코멘트를 남기고, 관리자가 검토 후 공개 여부를 결정하는 게시판 기능을 구현했습니다.
변경 사항
백엔드
모델
Comment—content,author,status(pending/approved/rejected),timestampsAuditLog— 관리자 액션 감사 로그 (actorUserId: Mixed— local/OAuth 계정 모두 호환)공개 API
POST /comments— 코멘트 등록 (rate limit: IP당 분당 5회)GET /comments— 승인된 코멘트 목록 (페이지네이션)관리자 API (
isLoggedIn미들웨어 적용)GET /bo/admin/comments— 전체 목록 (상태 필터)PATCH /bo/admin/comments/:id/approve— 승인 (멱등 처리)PATCH /bo/admin/comments/:id/reject— 거절 (멱등 처리)DELETE /bo/admin/comments/:id— 삭제보안
page파라미터 DoS 상한 적용 (최대 500)DELETE메서드 추가app.enable("trust proxy")→app.set("trust proxy", 1)변경 (nginx 한 단계만 신뢰)패키지 추가:
express-rate-limit,cors프론트엔드
comment_api.jsx추가 (fetchComments / approveComment / rejectComment / deleteComment)/commentAdmin)를recruitDB내 오버레이 패널로 통합commentAdmin.jsx,commentAdmin.css삭제 (기능 통합으로 불필요)