@ahhaohho/auth-middleware 2.3.5 → 2.3.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@ahhaohho/auth-middleware",
3
- "version": "2.3.5",
3
+ "version": "2.3.6",
4
4
  "description": "Shared authentication and authorization middleware for ahhaohho microservices",
5
5
  "main": "src/index.js",
6
6
  "scripts": {
@@ -70,7 +70,21 @@ function createRefreshStrategy() {
70
70
 
71
71
  return done(null, user);
72
72
  } catch (error) {
73
- console.error('[@ahhaohho/auth-middleware] Refresh token verification failed:', error.message);
73
+ // 검증 실패 토큰을 디코딩(검증 없이)하여 발급 시점 확인
74
+ let debugInfo = '';
75
+ try {
76
+ const jwt = require('jsonwebtoken');
77
+ const token = extractRefreshToken(req);
78
+ if (token) {
79
+ const payload = jwt.decode(token);
80
+ if (payload) {
81
+ const iat = payload.iat ? new Date(payload.iat * 1000).toISOString() : 'unknown';
82
+ const exp = payload.exp ? new Date(payload.exp * 1000).toISOString() : 'unknown';
83
+ debugInfo = ` | userId=${payload.userId} iat=${iat} exp=${exp}`;
84
+ }
85
+ }
86
+ } catch { /* ignore decode errors */ }
87
+ console.error(`[@ahhaohho/auth-middleware] ❌ Refresh token verification failed: ${error.message}${debugInfo}`);
74
88
  return done(error, false);
75
89
  }
76
90
  });