@payez/next-mvp 4.0.37 → 4.0.39
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -71,16 +71,16 @@ async function getTokenTestAware(req) {
|
|
|
71
71
|
}
|
|
72
72
|
// Production path: try Better Auth first, fall back to NextAuth JWT cookie
|
|
73
73
|
const session = await (0, auth_1.getSession)(req);
|
|
74
|
-
if (session) {
|
|
74
|
+
if (session?.user && session?.session?.token) {
|
|
75
75
|
// Return a token-like object for backward compatibility with callers
|
|
76
76
|
// that access token.sub, token.email, token.sessionToken, token.roles, etc.
|
|
77
77
|
return {
|
|
78
|
-
sub: session.user
|
|
79
|
-
email: session.user
|
|
80
|
-
name: session.user
|
|
81
|
-
sessionToken: session.session
|
|
82
|
-
roles: session.user
|
|
83
|
-
...
|
|
78
|
+
sub: session.user.id,
|
|
79
|
+
email: session.user.email,
|
|
80
|
+
name: session.user.name,
|
|
81
|
+
sessionToken: session.session.token,
|
|
82
|
+
roles: session.user.roles || [],
|
|
83
|
+
...session.user,
|
|
84
84
|
};
|
|
85
85
|
}
|
|
86
86
|
// Fallback: NextAuth JWT cookie (for sites still on NextAuth like localhost.api.payez.net)
|
|
@@ -92,11 +92,32 @@ async function getTokenTestAware(req) {
|
|
|
92
92
|
if (nextAuthJwt?.getToken) {
|
|
93
93
|
const { resolveNextAuthSecret } = await Promise.resolve().then(() => __importStar(require('./nextauth-secret')));
|
|
94
94
|
const secret = await resolveNextAuthSecret();
|
|
95
|
-
|
|
95
|
+
// Use the app-slug-prefixed cookie name (e.g., payez_idp_admin_web.session-token)
|
|
96
|
+
const cookieName = (0, app_slug_1.getSessionCookieName)();
|
|
97
|
+
const nextAuthToken = await nextAuthJwt.getToken({
|
|
98
|
+
req,
|
|
99
|
+
secret,
|
|
100
|
+
cookieName,
|
|
101
|
+
secureCookie: false, // dev: http
|
|
102
|
+
});
|
|
96
103
|
if (nextAuthToken) {
|
|
97
104
|
logger_1.logger.debug('[GET_TOKEN] Resolved via NextAuth JWT fallback');
|
|
98
105
|
return nextAuthToken;
|
|
99
106
|
}
|
|
107
|
+
// Try with the secure cookie name as a second attempt
|
|
108
|
+
const { getSecureSessionCookieName } = await Promise.resolve().then(() => __importStar(require('./app-slug')));
|
|
109
|
+
const secureCookieName = getSecureSessionCookieName();
|
|
110
|
+
const secureToken = await nextAuthJwt.getToken({
|
|
111
|
+
req,
|
|
112
|
+
secret,
|
|
113
|
+
cookieName: secureCookieName,
|
|
114
|
+
secureCookie: true,
|
|
115
|
+
});
|
|
116
|
+
if (secureToken) {
|
|
117
|
+
logger_1.logger.debug('[GET_TOKEN] Resolved via NextAuth JWT fallback (secure cookie)');
|
|
118
|
+
return secureToken;
|
|
119
|
+
}
|
|
120
|
+
logger_1.logger.debug('[GET_TOKEN] NextAuth getToken returned null', { cookieName, secureCookieName });
|
|
100
121
|
}
|
|
101
122
|
}
|
|
102
123
|
catch (error) {
|
package/package.json
CHANGED
|
@@ -26,16 +26,16 @@ export async function getTokenTestAware(req: NextRequest): Promise<any> {
|
|
|
26
26
|
}
|
|
27
27
|
// Production path: try Better Auth first, fall back to NextAuth JWT cookie
|
|
28
28
|
const session = await getSession(req);
|
|
29
|
-
if (session) {
|
|
29
|
+
if (session?.user && session?.session?.token) {
|
|
30
30
|
// Return a token-like object for backward compatibility with callers
|
|
31
31
|
// that access token.sub, token.email, token.sessionToken, token.roles, etc.
|
|
32
32
|
return {
|
|
33
|
-
sub: session.user
|
|
34
|
-
email: session.user
|
|
35
|
-
name: session.user
|
|
36
|
-
sessionToken: session.session
|
|
37
|
-
roles: session.user
|
|
38
|
-
...
|
|
33
|
+
sub: session.user.id,
|
|
34
|
+
email: session.user.email,
|
|
35
|
+
name: session.user.name,
|
|
36
|
+
sessionToken: session.session.token,
|
|
37
|
+
roles: session.user.roles || [],
|
|
38
|
+
...session.user,
|
|
39
39
|
};
|
|
40
40
|
}
|
|
41
41
|
|
|
@@ -48,11 +48,32 @@ export async function getTokenTestAware(req: NextRequest): Promise<any> {
|
|
|
48
48
|
if (nextAuthJwt?.getToken) {
|
|
49
49
|
const { resolveNextAuthSecret } = await import('./nextauth-secret');
|
|
50
50
|
const secret = await resolveNextAuthSecret();
|
|
51
|
-
|
|
51
|
+
// Use the app-slug-prefixed cookie name (e.g., payez_idp_admin_web.session-token)
|
|
52
|
+
const cookieName = getSessionCookieName();
|
|
53
|
+
const nextAuthToken = await nextAuthJwt.getToken({
|
|
54
|
+
req,
|
|
55
|
+
secret,
|
|
56
|
+
cookieName,
|
|
57
|
+
secureCookie: false, // dev: http
|
|
58
|
+
});
|
|
52
59
|
if (nextAuthToken) {
|
|
53
60
|
logger.debug('[GET_TOKEN] Resolved via NextAuth JWT fallback');
|
|
54
61
|
return nextAuthToken;
|
|
55
62
|
}
|
|
63
|
+
// Try with the secure cookie name as a second attempt
|
|
64
|
+
const { getSecureSessionCookieName } = await import('./app-slug');
|
|
65
|
+
const secureCookieName = getSecureSessionCookieName();
|
|
66
|
+
const secureToken = await nextAuthJwt.getToken({
|
|
67
|
+
req,
|
|
68
|
+
secret,
|
|
69
|
+
cookieName: secureCookieName,
|
|
70
|
+
secureCookie: true,
|
|
71
|
+
});
|
|
72
|
+
if (secureToken) {
|
|
73
|
+
logger.debug('[GET_TOKEN] Resolved via NextAuth JWT fallback (secure cookie)');
|
|
74
|
+
return secureToken;
|
|
75
|
+
}
|
|
76
|
+
logger.debug('[GET_TOKEN] NextAuth getToken returned null', { cookieName, secureCookieName });
|
|
56
77
|
}
|
|
57
78
|
} catch (error) {
|
|
58
79
|
logger.debug('[GET_TOKEN] NextAuth fallback failed', { error: error instanceof Error ? error.message : String(error) });
|