@hemia/auth-sdk 0.0.11 → 0.0.12
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -185,11 +185,11 @@ let AuthService = class AuthService {
|
|
|
185
185
|
const sessionId = randomBytes(16).toString('hex');
|
|
186
186
|
const sessionData = {
|
|
187
187
|
accessToken: access_token,
|
|
188
|
-
refreshToken: refresh_token,
|
|
189
|
-
idToken: id_token,
|
|
188
|
+
refreshToken: refresh_token || '',
|
|
189
|
+
idToken: id_token || '',
|
|
190
190
|
expiresAt: Date.now() + (expires_in * 1000),
|
|
191
191
|
createdAt: new Date().toISOString(),
|
|
192
|
-
|
|
192
|
+
sessionId: session_id
|
|
193
193
|
};
|
|
194
194
|
await this.storage.set(`x-session:${sessionId}`, sessionData, expires_in);
|
|
195
195
|
return {
|
|
@@ -306,7 +306,7 @@ let AuthService = class AuthService {
|
|
|
306
306
|
if (session) {
|
|
307
307
|
try {
|
|
308
308
|
await this.networkServices.post(this.config.ssoLogoutEndpoint, {
|
|
309
|
-
|
|
309
|
+
sessionId: session.sessionId
|
|
310
310
|
});
|
|
311
311
|
}
|
|
312
312
|
catch (e) { /* Silent error */ }
|
|
@@ -350,7 +350,7 @@ let AuthService = class AuthService {
|
|
|
350
350
|
clientId: this.config.clientId,
|
|
351
351
|
clientSecret: this.config.clientSecret,
|
|
352
352
|
refreshToken: session.refreshToken,
|
|
353
|
-
sessionId: session.
|
|
353
|
+
sessionId: session.sessionId
|
|
354
354
|
});
|
|
355
355
|
if (response.status !== 200) {
|
|
356
356
|
throw new CustomHttpError('Token refresh failed', response.status, 'token_refresh_failed');
|
|
@@ -386,6 +386,7 @@ const AUTH_SERVICE_ID = Symbol.for('HemiaAuthService');
|
|
|
386
386
|
let AuthSDKController = class AuthSDKController {
|
|
387
387
|
constructor(authService) {
|
|
388
388
|
this.authService = authService;
|
|
389
|
+
this.COOKIE_NAME = process.env.AUTH_COOKIE_NAME || 'x-session';
|
|
389
390
|
}
|
|
390
391
|
async login(req, res) {
|
|
391
392
|
try {
|
|
@@ -413,12 +414,12 @@ let AuthSDKController = class AuthSDKController {
|
|
|
413
414
|
}
|
|
414
415
|
const storedState = JSON.parse(authFlowCookie);
|
|
415
416
|
const result = await this.authService.handleCallback(code, state, storedState);
|
|
416
|
-
res.cookie(
|
|
417
|
+
res.cookie(this.COOKIE_NAME, result.sessionId, {
|
|
417
418
|
httpOnly: true,
|
|
418
419
|
secure: process.env.NODE_ENV === 'production',
|
|
419
420
|
sameSite: 'lax',
|
|
420
421
|
maxAge: result.expiresIn * 1000,
|
|
421
|
-
path: '/'
|
|
422
|
+
path: '/',
|
|
422
423
|
});
|
|
423
424
|
res.clearCookie('auth_flow');
|
|
424
425
|
res.redirect(result.redirectUrl);
|
|
@@ -441,7 +442,11 @@ let AuthSDKController = class AuthSDKController {
|
|
|
441
442
|
}
|
|
442
443
|
}
|
|
443
444
|
async me(req, res) {
|
|
444
|
-
const sessionId = req.cookies[
|
|
445
|
+
const sessionId = req.cookies[this.COOKIE_NAME];
|
|
446
|
+
console.log(`🔍 [App Cookie Name]: ${this.COOKIE_NAME}`);
|
|
447
|
+
console.log('🔍 [App Port]:', req.headers.origin || 'unknown');
|
|
448
|
+
console.log('🔍 [SessionId]:', sessionId);
|
|
449
|
+
console.log('🔍 [All Cookies]:', req.cookies);
|
|
445
450
|
if (!sessionId) {
|
|
446
451
|
return res.status(401).json({
|
|
447
452
|
success: false,
|
|
@@ -463,7 +468,7 @@ let AuthSDKController = class AuthSDKController {
|
|
|
463
468
|
});
|
|
464
469
|
}
|
|
465
470
|
catch (error) {
|
|
466
|
-
res.clearCookie(
|
|
471
|
+
res.clearCookie(this.COOKIE_NAME, {
|
|
467
472
|
httpOnly: true,
|
|
468
473
|
secure: process.env.NODE_ENV === 'production',
|
|
469
474
|
sameSite: 'lax',
|
|
@@ -491,11 +496,11 @@ let AuthSDKController = class AuthSDKController {
|
|
|
491
496
|
}
|
|
492
497
|
}
|
|
493
498
|
async logout(req, res) {
|
|
494
|
-
const sessionId = req.cookies[
|
|
499
|
+
const sessionId = req.cookies[this.COOKIE_NAME];
|
|
495
500
|
if (sessionId) {
|
|
496
501
|
await this.authService.logout(sessionId);
|
|
497
502
|
}
|
|
498
|
-
res.clearCookie(
|
|
503
|
+
res.clearCookie(this.COOKIE_NAME, {
|
|
499
504
|
httpOnly: true,
|
|
500
505
|
secure: process.env.NODE_ENV === 'production',
|
|
501
506
|
sameSite: 'lax',
|
package/dist/hemia-auth-sdk.js
CHANGED
|
@@ -187,11 +187,11 @@ exports.AuthService = class AuthService {
|
|
|
187
187
|
const sessionId = crypto.randomBytes(16).toString('hex');
|
|
188
188
|
const sessionData = {
|
|
189
189
|
accessToken: access_token,
|
|
190
|
-
refreshToken: refresh_token,
|
|
191
|
-
idToken: id_token,
|
|
190
|
+
refreshToken: refresh_token || '',
|
|
191
|
+
idToken: id_token || '',
|
|
192
192
|
expiresAt: Date.now() + (expires_in * 1000),
|
|
193
193
|
createdAt: new Date().toISOString(),
|
|
194
|
-
|
|
194
|
+
sessionId: session_id
|
|
195
195
|
};
|
|
196
196
|
await this.storage.set(`x-session:${sessionId}`, sessionData, expires_in);
|
|
197
197
|
return {
|
|
@@ -308,7 +308,7 @@ exports.AuthService = class AuthService {
|
|
|
308
308
|
if (session) {
|
|
309
309
|
try {
|
|
310
310
|
await this.networkServices.post(this.config.ssoLogoutEndpoint, {
|
|
311
|
-
|
|
311
|
+
sessionId: session.sessionId
|
|
312
312
|
});
|
|
313
313
|
}
|
|
314
314
|
catch (e) { /* Silent error */ }
|
|
@@ -352,7 +352,7 @@ exports.AuthService = class AuthService {
|
|
|
352
352
|
clientId: this.config.clientId,
|
|
353
353
|
clientSecret: this.config.clientSecret,
|
|
354
354
|
refreshToken: session.refreshToken,
|
|
355
|
-
sessionId: session.
|
|
355
|
+
sessionId: session.sessionId
|
|
356
356
|
});
|
|
357
357
|
if (response.status !== 200) {
|
|
358
358
|
throw new common.CustomHttpError('Token refresh failed', response.status, 'token_refresh_failed');
|
|
@@ -388,6 +388,7 @@ const AUTH_SERVICE_ID = Symbol.for('HemiaAuthService');
|
|
|
388
388
|
exports.AuthSDKController = class AuthSDKController {
|
|
389
389
|
constructor(authService) {
|
|
390
390
|
this.authService = authService;
|
|
391
|
+
this.COOKIE_NAME = process.env.AUTH_COOKIE_NAME || 'x-session';
|
|
391
392
|
}
|
|
392
393
|
async login(req, res) {
|
|
393
394
|
try {
|
|
@@ -415,12 +416,12 @@ exports.AuthSDKController = class AuthSDKController {
|
|
|
415
416
|
}
|
|
416
417
|
const storedState = JSON.parse(authFlowCookie);
|
|
417
418
|
const result = await this.authService.handleCallback(code, state, storedState);
|
|
418
|
-
res.cookie(
|
|
419
|
+
res.cookie(this.COOKIE_NAME, result.sessionId, {
|
|
419
420
|
httpOnly: true,
|
|
420
421
|
secure: process.env.NODE_ENV === 'production',
|
|
421
422
|
sameSite: 'lax',
|
|
422
423
|
maxAge: result.expiresIn * 1000,
|
|
423
|
-
path: '/'
|
|
424
|
+
path: '/',
|
|
424
425
|
});
|
|
425
426
|
res.clearCookie('auth_flow');
|
|
426
427
|
res.redirect(result.redirectUrl);
|
|
@@ -443,7 +444,11 @@ exports.AuthSDKController = class AuthSDKController {
|
|
|
443
444
|
}
|
|
444
445
|
}
|
|
445
446
|
async me(req, res) {
|
|
446
|
-
const sessionId = req.cookies[
|
|
447
|
+
const sessionId = req.cookies[this.COOKIE_NAME];
|
|
448
|
+
console.log(`🔍 [App Cookie Name]: ${this.COOKIE_NAME}`);
|
|
449
|
+
console.log('🔍 [App Port]:', req.headers.origin || 'unknown');
|
|
450
|
+
console.log('🔍 [SessionId]:', sessionId);
|
|
451
|
+
console.log('🔍 [All Cookies]:', req.cookies);
|
|
447
452
|
if (!sessionId) {
|
|
448
453
|
return res.status(401).json({
|
|
449
454
|
success: false,
|
|
@@ -465,7 +470,7 @@ exports.AuthSDKController = class AuthSDKController {
|
|
|
465
470
|
});
|
|
466
471
|
}
|
|
467
472
|
catch (error) {
|
|
468
|
-
res.clearCookie(
|
|
473
|
+
res.clearCookie(this.COOKIE_NAME, {
|
|
469
474
|
httpOnly: true,
|
|
470
475
|
secure: process.env.NODE_ENV === 'production',
|
|
471
476
|
sameSite: 'lax',
|
|
@@ -493,11 +498,11 @@ exports.AuthSDKController = class AuthSDKController {
|
|
|
493
498
|
}
|
|
494
499
|
}
|
|
495
500
|
async logout(req, res) {
|
|
496
|
-
const sessionId = req.cookies[
|
|
501
|
+
const sessionId = req.cookies[this.COOKIE_NAME];
|
|
497
502
|
if (sessionId) {
|
|
498
503
|
await this.authService.logout(sessionId);
|
|
499
504
|
}
|
|
500
|
-
res.clearCookie(
|
|
505
|
+
res.clearCookie(this.COOKIE_NAME, {
|
|
501
506
|
httpOnly: true,
|
|
502
507
|
secure: process.env.NODE_ENV === 'production',
|
|
503
508
|
sameSite: 'lax',
|
|
@@ -6,6 +6,7 @@ import { AuthService } from "../services/auth.service";
|
|
|
6
6
|
*/
|
|
7
7
|
export declare class AuthSDKController {
|
|
8
8
|
private readonly authService;
|
|
9
|
+
private readonly COOKIE_NAME;
|
|
9
10
|
constructor(authService: AuthService);
|
|
10
11
|
login(req: Request, res: Response): Promise<void>;
|
|
11
12
|
callback(req: Request, res: Response): Promise<void>;
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@hemia/auth-sdk",
|
|
3
|
-
"version": "0.0.
|
|
3
|
+
"version": "0.0.12",
|
|
4
4
|
"description": "Hemia SDK for authentication",
|
|
5
5
|
"main": "dist/hemia-auth-sdk.js",
|
|
6
6
|
"module": "dist/hemia-auth-sdk.esm.js",
|
|
@@ -44,8 +44,8 @@
|
|
|
44
44
|
],
|
|
45
45
|
"peerDependencies": {
|
|
46
46
|
"@hemia/cache-manager": "^0.0.5",
|
|
47
|
-
"@hemia/common": "^0.0.
|
|
48
|
-
"@hemia/jwt-manager": "^0.0.
|
|
47
|
+
"@hemia/common": "^0.0.12",
|
|
48
|
+
"@hemia/jwt-manager": "^0.0.5",
|
|
49
49
|
"@hemia/network-services": "^0.0.3",
|
|
50
50
|
"inversify": "^7.11.0",
|
|
51
51
|
"reflect-metadata": "^0.2.2"
|