feat: 비밀번호 초기화 시 랜덤한 비밀번호를 부여하도록 수정

MU-Software · MU-Software · commit 5bdc34cfdd27 · 2026-02-28T14:54:01.000+09:00
diff --git a/app/admin_api/serializers/user.py b/app/admin_api/serializers/user.py
@@ -102,6 +102,10 @@ def save(self, **kwargs: typing.Any) -> UserExt:
         return user
 
 
+class UserAdminPasswordResetResponseSerializer(serializers.Serializer):
+    password = serializers.CharField(read_only=True)
+
+
 class OrganizationAdminSerializer(BaseAbstractSerializer, JsonSchemaSerializer, serializers.ModelSerializer):
     class Meta:
         model = Organization
diff --git a/app/admin_api/views/user.py b/app/admin_api/views/user.py
@@ -1,10 +1,13 @@
+import secrets
+import string
+
 from admin_api.serializers.user import (
     OrganizationAdminSerializer,
     UserAdminPasswordChangeSerializer,
+    UserAdminPasswordResetResponseSerializer,
     UserAdminSerializer,
     UserAdminSignInSerializer,
 )
-from core.const.account import INITIAL_ADMIN_PASSWORD
 from core.const.tag import OpenAPITag
 from core.permissions import IsSuperUser
 from core.viewset.json_schema_viewset import JsonSchemaViewSet
@@ -58,13 +61,22 @@ def signout(self, request: request.Request, *args: tuple, **kwargs: dict) -> res
         logout(request=request)
         return response.Response(status=status.HTTP_204_NO_CONTENT)
 
-    @extend_schema(tags=[OpenAPITag.ADMIN_USER], responses={status.HTTP_204_NO_CONTENT: None})
+    @extend_schema(
+        tags=[OpenAPITag.ADMIN_USER],
+        responses={status.HTTP_200_OK: UserAdminPasswordResetResponseSerializer},
+    )
     @decorators.action(detail=True, methods=["DELETE"], url_path="password")
     def reset_password(self, *args: tuple, **kwargs: dict) -> response.Response:
+        alphabet = string.ascii_letters + string.digits + string.punctuation
+        new_password = "".join(secrets.choice(alphabet) for _ in range(16))
+
         user: UserExt = self.get_object()
-        user.set_password(INITIAL_ADMIN_PASSWORD)
+        user.set_password(new_password)
         user.save(update_fields=["password"])
-        return response.Response(status=status.HTTP_204_NO_CONTENT)
+        return response.Response(
+            data={"password": new_password},
+            status=status.HTTP_200_OK,
+        )
 
     @extend_schema(
         tags=[OpenAPITag.ADMIN_ACCOUNT],
