@ahhaohho/auth-middleware 2.3.3 → 2.3.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/.github/workflows/publish.yml +32 -0
  2. package/package.json +1 -1
  3. package/src/utils/secretManager.js +31 -26
package/.github/workflows/publish.yml ADDED
@@ -0,0 +1,32 @@
1
+ name: Publish to npm
2
+
3
+ on:
4
+ push:
5
+ tags:
6
+ - 'v*'
7
+ workflow_dispatch:
8
+
9
+ jobs:
10
+ publish:
11
+ runs-on: ubuntu-latest
12
+
13
+ steps:
14
+ - name: Checkout code
15
+ uses: actions/checkout@v4
16
+
17
+ - name: Setup Node.js
18
+ uses: actions/setup-node@v4
19
+ with:
20
+ node-version: '22'
21
+ registry-url: 'https://registry.npmjs.org'
22
+
23
+ - name: Install dependencies
24
+ run: npm ci
25
+
26
+ - name: Build
27
+ run: npm run build
28
+
29
+ - name: Publish
30
+ run: npm publish
31
+ env:
32
+ NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@ahhaohho/auth-middleware",
3
- "version": "2.3.3",
3
+ "version": "2.3.5",
4
4
  "description": "Shared authentication and authorization middleware for ahhaohho microservices",
5
5
  "main": "src/index.js",
6
6
  "scripts": {
package/src/utils/secretManager.js CHANGED
@@ -1,6 +1,15 @@
1
1
  const { SecretsManagerClient, GetSecretValueCommand } = require('@aws-sdk/client-secrets-manager');
2
2
  const redisManager = require('../config/redis');
3
3
 
4
+ // NODE_ENV 검증 (모듈 로드 시 1회)
5
+ const JWT_KEY_ENV = process.env.NODE_ENV;
6
+ if (!JWT_KEY_ENV || !['development', 'staging', 'production'].includes(JWT_KEY_ENV)) {
7
+ console.warn(
8
+ `[@ahhaohho/auth-middleware] NODE_ENV="${JWT_KEY_ENV || ''}" is not explicitly set. JWT keys will default to "dev".`
9
+ );
10
+ }
11
+ console.log(`[@ahhaohho/auth-middleware] JWT key environment: ${JWT_KEY_ENV || 'dev (default)'}`);
12
+
4
13
  /**
5
14
  * NODE_ENV에 따라 시크릿에서 올바른 키를 선택
6
15
  * Secret 구조: { dev: "...", staging: "...", prod: "..." }
@@ -8,9 +17,8 @@ const redisManager = require('../config/redis');
8
17
  * @returns {string|undefined}
9
18
  */
10
19
  function resolveKeyByEnv(secret) {
11
- const env = process.env.NODE_ENV;
12
- if (env === 'production') return secret.prod;
13
- if (env === 'staging') return secret.staging;
20
+ if (JWT_KEY_ENV === 'production') return secret.prod;
21
+ if (JWT_KEY_ENV === 'staging') return secret.staging;
14
22
  return secret.dev;
15
23
  }
16
24
 
@@ -69,31 +77,28 @@ class SecretManager {
69
77
  }
70
78
 
71
79
  const secret = JSON.parse(response.SecretString);
72
- const currentKey = secret.current || secret.jwt_secret_key || resolveKeyByEnv(secret);
73
-
74
- // previous 결정: secret previous 필드 → AWSPREVIOUS 버전 순서
75
- let previousKey = secret.previous || null;
76
-
77
- if (!previousKey) {
78
- try {
79
- const prevCommand = new GetSecretValueCommand({
80
- SecretId: this.secretName,
81
- VersionStage: 'AWSPREVIOUS'
82
- });
83
- const prevResponse = await this.client.send(prevCommand);
84
- if (prevResponse.SecretString) {
85
- const prevSecret = JSON.parse(prevResponse.SecretString);
86
- const prevCandidate = prevSecret.current || prevSecret.jwt_secret_key || resolveKeyByEnv(prevSecret);
87
- // 이전 키가 현재 키와 다를 때만 사용
88
- if (prevCandidate && prevCandidate !== currentKey) {
89
- previousKey = prevCandidate;
90
- console.log('[@ahhaohho/auth-middleware] Using AWSPREVIOUS version as fallback key');
91
- }
80
+ const currentKey = resolveKeyByEnv(secret);
81
+
82
+ // 이전 키: AWSPREVIOUS에서 환경별 가져오기
83
+ let previousKey = null;
84
+ try {
85
+ const prevCommand = new GetSecretValueCommand({
86
+ SecretId: this.secretName,
87
+ VersionStage: 'AWSPREVIOUS'
88
+ });
89
+ const prevResponse = await this.client.send(prevCommand);
90
+ if (prevResponse.SecretString) {
91
+ const prevSecret = JSON.parse(prevResponse.SecretString);
92
+ const prevCandidate = resolveKeyByEnv(prevSecret);
93
+ // 이전 키가 현재 키와 다를 때만 사용
94
+ if (prevCandidate && prevCandidate !== currentKey) {
95
+ previousKey = prevCandidate;
96
+ console.log('[@ahhaohho/auth-middleware] Using AWSPREVIOUS version as fallback key');
92
97
  }
93
- } catch (prevError) {
94
- // AWSPREVIOUS가 없을 수 있음 (첫 시크릿이거나 로테이션 미사용)
95
- console.log('[@ahhaohho/auth-middleware] No AWSPREVIOUS version available');
96
98
  }
99
+ } catch (prevError) {
100
+ // AWSPREVIOUS가 없을 수 있음 (첫 시크릿이거나 로테이션 미사용)
101
+ console.log('[@ahhaohho/auth-middleware] No AWSPREVIOUS version available');
97
102
  }
98
103
 
99
104
  const keys = {