@ahhaohho/auth-middleware 2.3.2 → 2.3.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/package.json +1 -1
  2. package/src/utils/secretManager.js +23 -2
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@ahhaohho/auth-middleware",
3
- "version": "2.3.2",
3
+ "version": "2.3.4",
4
4
  "description": "Shared authentication and authorization middleware for ahhaohho microservices",
5
5
  "main": "src/index.js",
6
6
  "scripts": {
package/src/utils/secretManager.js CHANGED
@@ -1,6 +1,27 @@
1
1
  const { SecretsManagerClient, GetSecretValueCommand } = require('@aws-sdk/client-secrets-manager');
2
2
  const redisManager = require('../config/redis');
3
3
 
4
+ // NODE_ENV 검증 (모듈 로드 시 1회)
5
+ const JWT_KEY_ENV = process.env.NODE_ENV;
6
+ if (!JWT_KEY_ENV || !['development', 'staging', 'production'].includes(JWT_KEY_ENV)) {
7
+ console.warn(
8
+ `[@ahhaohho/auth-middleware] NODE_ENV="${JWT_KEY_ENV || ''}" is not explicitly set. JWT keys will default to "dev".`
9
+ );
10
+ }
11
+ console.log(`[@ahhaohho/auth-middleware] JWT key environment: ${JWT_KEY_ENV || 'dev (default)'}`);
12
+
13
+ /**
14
+ * NODE_ENV에 따라 시크릿에서 올바른 키를 선택
15
+ * Secret 구조: { dev: "...", staging: "...", prod: "..." }
16
+ * @param {object} secret - AWS Secrets Manager에서 가져온 시크릿 객체
17
+ * @returns {string|undefined}
18
+ */
19
+ function resolveKeyByEnv(secret) {
20
+ if (JWT_KEY_ENV === 'production') return secret.prod;
21
+ if (JWT_KEY_ENV === 'staging') return secret.staging;
22
+ return secret.dev;
23
+ }
24
+
4
25
  /**
5
26
  * AWS Secrets Manager에서 JWT 키 가져오기
6
27
  *
@@ -56,7 +77,7 @@ class SecretManager {
56
77
  }
57
78
 
58
79
  const secret = JSON.parse(response.SecretString);
59
- const currentKey = secret.current || secret.jwt_secret_key || secret.dev;
80
+ const currentKey = secret.current || secret.jwt_secret_key || resolveKeyByEnv(secret);
60
81
 
61
82
  // previous 키 결정: secret 내 previous 필드 → AWSPREVIOUS 버전 순서
62
83
  let previousKey = secret.previous || null;
@@ -70,7 +91,7 @@ class SecretManager {
70
91
  const prevResponse = await this.client.send(prevCommand);
71
92
  if (prevResponse.SecretString) {
72
93
  const prevSecret = JSON.parse(prevResponse.SecretString);
73
- const prevCandidate = prevSecret.current || prevSecret.jwt_secret_key || prevSecret.dev;
94
+ const prevCandidate = prevSecret.current || prevSecret.jwt_secret_key || resolveKeyByEnv(prevSecret);
74
95
  // 이전 키가 현재 키와 다를 때만 사용
75
96
  if (prevCandidate && prevCandidate !== currentKey) {
76
97
  previousKey = prevCandidate;