diff --git a/webapp/backend/apiserver/controllers/userController.js b/webapp/backend/apiserver/controllers/userController.js index c8ea91fa5e8236015bb72b13b5c0fd76d77a4e14..54da91b3d54e257e36558bf086eaf850b7f450e1 100644 --- a/webapp/backend/apiserver/controllers/userController.js +++ b/webapp/backend/apiserver/controllers/userController.js @@ -218,7 +218,7 @@ exports.updateUser = async (req, res) => { const userID = req.user.userID; - if (req.params.id !== userID) { + if (parseInt(req.params.id) !== parseInt(userID)) { return res.status(403).json({ error: '사용자 정보를 업데이트할 권한이 없습니다.' }); @@ -279,7 +279,7 @@ exports.updateUser = async (req, res) => { exports.deleteUser = async (req, res) => { const userID = req.user.userID; - if (req.params.id !== userID) { + if (parseInt(req.params.id) !== parseInt(userID)) { return res.status(403).json({ error: '사용자 정보를 삭제할 권한이 없습니다.' });