@payez/next-mvp 4.0.38 → 4.0.40

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/dist/lib/test-aware-get-token.js +34 -7
  2. package/package.json +1 -1
  3. package/src/lib/test-aware-get-token.ts +33 -7
package/dist/lib/test-aware-get-token.js CHANGED
@@ -84,23 +84,50 @@ async function getTokenTestAware(req) {
84
84
  };
85
85
  }
86
86
  // Fallback: NextAuth JWT cookie (for sites still on NextAuth like localhost.api.payez.net)
87
- // Use string-literal import that bundlers won't statically resolve
87
+ // Use eval'd require to bypass bundler analysis entirely
88
88
  try {
89
- const moduleName = 'next-auth/jwt';
90
- // eslint-disable-next-line @typescript-eslint/no-explicit-any
91
- const nextAuthJwt = await Promise.resolve(`${moduleName}`).then(s => __importStar(require(s))).catch(() => null);
89
+ let nextAuthJwt = null;
90
+ try {
91
+ // eslint-disable-next-line @typescript-eslint/no-implied-eval, no-eval
92
+ const dynamicRequire = eval('require');
93
+ nextAuthJwt = dynamicRequire('next-auth/jwt');
94
+ }
95
+ catch {
96
+ logger_1.logger.debug('[GET_TOKEN] next-auth/jwt not installed in consumer');
97
+ return null;
98
+ }
92
99
  if (nextAuthJwt?.getToken) {
93
100
  const { resolveNextAuthSecret } = await Promise.resolve().then(() => __importStar(require('./nextauth-secret')));
94
101
  const secret = await resolveNextAuthSecret();
95
- const nextAuthToken = await nextAuthJwt.getToken({ req, secret });
102
+ const cookieName = (0, app_slug_1.getSessionCookieName)();
103
+ logger_1.logger.info('[GET_TOKEN] Trying NextAuth fallback', { cookieName });
104
+ const nextAuthToken = await nextAuthJwt.getToken({
105
+ req,
106
+ secret,
107
+ cookieName,
108
+ secureCookie: false,
109
+ });
96
110
  if (nextAuthToken) {
97
- logger_1.logger.debug('[GET_TOKEN] Resolved via NextAuth JWT fallback');
111
+ logger_1.logger.info('[GET_TOKEN] Resolved via NextAuth JWT fallback');
98
112
  return nextAuthToken;
99
113
  }
114
+ const { getSecureSessionCookieName } = await Promise.resolve().then(() => __importStar(require('./app-slug')));
115
+ const secureCookieName = getSecureSessionCookieName();
116
+ const secureToken = await nextAuthJwt.getToken({
117
+ req,
118
+ secret,
119
+ cookieName: secureCookieName,
120
+ secureCookie: true,
121
+ });
122
+ if (secureToken) {
123
+ logger_1.logger.info('[GET_TOKEN] Resolved via NextAuth JWT fallback (secure)');
124
+ return secureToken;
125
+ }
126
+ logger_1.logger.warn('[GET_TOKEN] NextAuth getToken returned null for both cookie names', { cookieName, secureCookieName });
100
127
  }
101
128
  }
102
129
  catch (error) {
103
- logger_1.logger.debug('[GET_TOKEN] NextAuth fallback failed', { error: error instanceof Error ? error.message : String(error) });
130
+ logger_1.logger.warn('[GET_TOKEN] NextAuth fallback failed', { error: error instanceof Error ? error.message : String(error) });
104
131
  }
105
132
  return null;
106
133
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@payez/next-mvp",
3
- "version": "4.0.38",
3
+ "version": "4.0.40",
4
4
  "sideEffects": false,
5
5
  "main": "dist/index.js",
6
6
  "types": "dist/index.d.ts",
package/src/lib/test-aware-get-token.ts CHANGED
@@ -40,22 +40,48 @@ export async function getTokenTestAware(req: NextRequest): Promise<any> {
40
40
  }
41
41
 
42
42
  // Fallback: NextAuth JWT cookie (for sites still on NextAuth like localhost.api.payez.net)
43
- // Use string-literal import that bundlers won't statically resolve
43
+ // Use eval'd require to bypass bundler analysis entirely
44
44
  try {
45
- const moduleName = 'next-auth/jwt';
46
- // eslint-disable-next-line @typescript-eslint/no-explicit-any
47
- const nextAuthJwt: any = await import(/* webpackIgnore: true */ moduleName).catch(() => null);
45
+ let nextAuthJwt: any = null;
46
+ try {
47
+ // eslint-disable-next-line @typescript-eslint/no-implied-eval, no-eval
48
+ const dynamicRequire = eval('require') as NodeRequire;
49
+ nextAuthJwt = dynamicRequire('next-auth/jwt');
50
+ } catch {
51
+ logger.debug('[GET_TOKEN] next-auth/jwt not installed in consumer');
52
+ return null;
53
+ }
48
54
  if (nextAuthJwt?.getToken) {
49
55
  const { resolveNextAuthSecret } = await import('./nextauth-secret');
50
56
  const secret = await resolveNextAuthSecret();
51
- const nextAuthToken = await nextAuthJwt.getToken({ req, secret });
57
+ const cookieName = getSessionCookieName();
58
+ logger.info('[GET_TOKEN] Trying NextAuth fallback', { cookieName });
59
+ const nextAuthToken = await nextAuthJwt.getToken({
60
+ req,
61
+ secret,
62
+ cookieName,
63
+ secureCookie: false,
64
+ });
52
65
  if (nextAuthToken) {
53
- logger.debug('[GET_TOKEN] Resolved via NextAuth JWT fallback');
66
+ logger.info('[GET_TOKEN] Resolved via NextAuth JWT fallback');
54
67
  return nextAuthToken;
55
68
  }
69
+ const { getSecureSessionCookieName } = await import('./app-slug');
70
+ const secureCookieName = getSecureSessionCookieName();
71
+ const secureToken = await nextAuthJwt.getToken({
72
+ req,
73
+ secret,
74
+ cookieName: secureCookieName,
75
+ secureCookie: true,
76
+ });
77
+ if (secureToken) {
78
+ logger.info('[GET_TOKEN] Resolved via NextAuth JWT fallback (secure)');
79
+ return secureToken;
80
+ }
81
+ logger.warn('[GET_TOKEN] NextAuth getToken returned null for both cookie names', { cookieName, secureCookieName });
56
82
  }
57
83
  } catch (error) {
58
- logger.debug('[GET_TOKEN] NextAuth fallback failed', { error: error instanceof Error ? error.message : String(error) });
84
+ logger.warn('[GET_TOKEN] NextAuth fallback failed', { error: error instanceof Error ? error.message : String(error) });
59
85
  }
60
86
 
61
87
  return null;