@ahhaohho/auth-middleware 2.3.0 → 2.3.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/package.json +1 -1
  2. package/src/middleware/auth.js +7 -35
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@ahhaohho/auth-middleware",
3
- "version": "2.3.0",
3
+ "version": "2.3.2",
4
4
  "description": "Shared authentication and authorization middleware for ahhaohho microservices",
5
5
  "main": "src/index.js",
6
6
  "scripts": {
package/src/middleware/auth.js CHANGED
@@ -35,15 +35,7 @@ function authenticateJWT(req, res, next) {
35
35
  initializePassport();
36
36
 
37
37
  passport.authenticate('jwt', { session: false }, (err, user, info) => {
38
- if (err) {
39
- console.error('[@ahhaohho/auth-middleware] Authentication error:', err.message);
40
- return res.status(500).json({
41
- error: 'Authentication error',
42
- message: err.message
43
- });
44
- }
45
-
46
- if (!user) {
38
+ if (err || !user) {
47
39
  return res.status(401).json({
48
40
  error: 'Unauthorized',
49
41
  message: info?.message || 'Invalid or expired token'
@@ -74,15 +66,7 @@ function authenticateRefresh(req, res, next) {
74
66
  initializePassport();
75
67
 
76
68
  passport.authenticate('refresh', { session: false }, (err, user, info) => {
77
- if (err) {
78
- console.error('[@ahhaohho/auth-middleware] Refresh token error:', err.message);
79
- return res.status(500).json({
80
- error: 'Token refresh error',
81
- message: err.message
82
- });
83
- }
84
-
85
- if (!user) {
69
+ if (err || !user) {
86
70
  return res.status(401).json({
87
71
  error: 'Invalid refresh token',
88
72
  message: info?.message || 'Invalid or expired refresh token'
@@ -148,15 +132,12 @@ async function authenticateHybrid(req, res, next) {
148
132
  // 1. Access token 검증 시도
149
133
  passport.authenticate('jwt', { session: false }, async (err, user, info) => {
150
134
  if (err) {
151
- console.error('[@ahhaohho/auth-middleware] Hybrid auth error:', err.message);
152
- return res.status(500).json({
153
- error: 'Authentication error',
154
- message: err.message
155
- });
135
+ // Access token 검증 에러는 refresh token 시도로 넘어감
136
+ console.log('[@ahhaohho/auth-middleware] Access token error, trying refresh token...');
156
137
  }
157
138
 
158
139
  // Access token이 유효한 경우
159
- if (user) {
140
+ if (!err && user) {
160
141
  req.user = user;
161
142
 
162
143
  // 하위 호환성: req.userId, req.userRole 설정
@@ -179,16 +160,7 @@ async function authenticateHybrid(req, res, next) {
179
160
 
180
161
  // 3. Refresh token 검증
181
162
  passport.authenticate('refresh', { session: false }, async (refreshErr, refreshUser, refreshInfo) => {
182
- if (refreshErr) {
183
- console.error('[@ahhaohho/auth-middleware] Refresh token error:', refreshErr.message);
184
- return res.status(500).json({
185
- error: 'Token refresh error',
186
- message: refreshErr.message
187
- });
188
- }
189
-
190
- if (!refreshUser) {
191
- console.error('[@ahhaohho/auth-middleware] ❌ No refresh user found, returning 401');
163
+ if (refreshErr || !refreshUser) {
192
164
  return res.status(401).json({
193
165
  error: 'Unauthorized',
194
166
  message: 'Both access and refresh tokens are invalid'
@@ -224,7 +196,7 @@ async function authenticateHybrid(req, res, next) {
224
196
  console.error('[@ahhaohho/auth-middleware] Failed to generate new token:', tokenError.message);
225
197
  return res.status(500).json({
226
198
  error: 'Token generation error',
227
- message: tokenError.message
199
+ message: 'Failed to generate new access token'
228
200
  });
229
201
  }
230
202
  })(req, res, next);