@ahhaohho/auth-middleware 2.3.5 → 2.3.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json
CHANGED
package/src/middleware/auth.js
CHANGED
|
@@ -177,7 +177,8 @@ async function authenticateHybrid(req, res, next) {
|
|
|
177
177
|
phoneNumber: refreshUser.phoneNumber
|
|
178
178
|
};
|
|
179
179
|
|
|
180
|
-
const
|
|
180
|
+
const accessExpiration = process.env.JWT_ACCESS_EXPIRATION || '24h';
|
|
181
|
+
const newAccessToken = await signToken(tokenData, { expiresIn: accessExpiration });
|
|
181
182
|
|
|
182
183
|
console.log('[@ahhaohho/auth-middleware] ✅ New access token generated for userId:', refreshUser.userId);
|
|
183
184
|
|
|
@@ -70,7 +70,21 @@ function createRefreshStrategy() {
|
|
|
70
70
|
|
|
71
71
|
return done(null, user);
|
|
72
72
|
} catch (error) {
|
|
73
|
-
|
|
73
|
+
// 검증 실패 시 토큰을 디코딩(검증 없이)하여 발급 시점 확인
|
|
74
|
+
let debugInfo = '';
|
|
75
|
+
try {
|
|
76
|
+
const jwt = require('jsonwebtoken');
|
|
77
|
+
const token = extractRefreshToken(req);
|
|
78
|
+
if (token) {
|
|
79
|
+
const payload = jwt.decode(token);
|
|
80
|
+
if (payload) {
|
|
81
|
+
const iat = payload.iat ? new Date(payload.iat * 1000).toISOString() : 'unknown';
|
|
82
|
+
const exp = payload.exp ? new Date(payload.exp * 1000).toISOString() : 'unknown';
|
|
83
|
+
debugInfo = ` | userId=${payload.userId} iat=${iat} exp=${exp}`;
|
|
84
|
+
}
|
|
85
|
+
}
|
|
86
|
+
} catch { /* ignore decode errors */ }
|
|
87
|
+
console.error(`[@ahhaohho/auth-middleware] ❌ Refresh token verification failed: ${error.message}${debugInfo}`);
|
|
74
88
|
return done(error, false);
|
|
75
89
|
}
|
|
76
90
|
});
|