npm - @payez/next-mvp - Versions diffs - 4.0.39 → 4.0.40 - Mend

@payez/next-mvp 4.0.39 → 4.0.40

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/lib/test-aware-get-token.js +17 -11
package/package.json +1 -1
package/src/lib/test-aware-get-token.ts +16 -11

package/dist/lib/test-aware-get-token.js CHANGED Viewed

@@ -84,27 +84,33 @@ async function getTokenTestAware(req) {
         };
     }
     // Fallback: NextAuth JWT cookie (for sites still on NextAuth like localhost.api.payez.net)
-    // Use string-literal import that bundlers won't statically resolve
+    // Use eval'd require to bypass bundler analysis entirely
     try {
-        const moduleName = 'next-auth/jwt';
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        const nextAuthJwt = await Promise.resolve(`${moduleName}`).then(s => __importStar(require(s))).catch(() => null);
+        let nextAuthJwt = null;
+        try {
+            // eslint-disable-next-line @typescript-eslint/no-implied-eval, no-eval
+            const dynamicRequire = eval('require');
+            nextAuthJwt = dynamicRequire('next-auth/jwt');
+        }
+        catch {
+            logger_1.logger.debug('[GET_TOKEN] next-auth/jwt not installed in consumer');
+            return null;
+        }
         if (nextAuthJwt?.getToken) {
             const { resolveNextAuthSecret } = await Promise.resolve().then(() => __importStar(require('./nextauth-secret')));
             const secret = await resolveNextAuthSecret();
-            // Use the app-slug-prefixed cookie name (e.g., payez_idp_admin_web.session-token)
             const cookieName = (0, app_slug_1.getSessionCookieName)();
+            logger_1.logger.info('[GET_TOKEN] Trying NextAuth fallback', { cookieName });
             const nextAuthToken = await nextAuthJwt.getToken({
                 req,
                 secret,
                 cookieName,
-                secureCookie: false, // dev: http
+                secureCookie: false,
             });
             if (nextAuthToken) {
-                logger_1.logger.debug('[GET_TOKEN] Resolved via NextAuth JWT fallback');
+                logger_1.logger.info('[GET_TOKEN] Resolved via NextAuth JWT fallback');
                 return nextAuthToken;
             }
-            // Try with the secure cookie name as a second attempt
             const { getSecureSessionCookieName } = await Promise.resolve().then(() => __importStar(require('./app-slug')));
             const secureCookieName = getSecureSessionCookieName();
             const secureToken = await nextAuthJwt.getToken({
@@ -114,14 +120,14 @@ async function getTokenTestAware(req) {
                 secureCookie: true,
             });
             if (secureToken) {
-                logger_1.logger.debug('[GET_TOKEN] Resolved via NextAuth JWT fallback (secure cookie)');
+                logger_1.logger.info('[GET_TOKEN] Resolved via NextAuth JWT fallback (secure)');
                 return secureToken;
             }
-            logger_1.logger.debug('[GET_TOKEN] NextAuth getToken returned null', { cookieName, secureCookieName });
+            logger_1.logger.warn('[GET_TOKEN] NextAuth getToken returned null for both cookie names', { cookieName, secureCookieName });
         }
     }
     catch (error) {
-        logger_1.logger.debug('[GET_TOKEN] NextAuth fallback failed', { error: error instanceof Error ? error.message : String(error) });
+        logger_1.logger.warn('[GET_TOKEN] NextAuth fallback failed', { error: error instanceof Error ? error.message : String(error) });
     }
     return null;
 }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@payez/next-mvp",
-  "version": "4.0.39",
+  "version": "4.0.40",
   "sideEffects": false,
   "main": "dist/index.js",
   "types": "dist/index.d.ts",

package/src/lib/test-aware-get-token.ts CHANGED Viewed

@@ -40,27 +40,32 @@ export async function getTokenTestAware(req: NextRequest): Promise<any> {
   }
   // Fallback: NextAuth JWT cookie (for sites still on NextAuth like localhost.api.payez.net)
-  // Use string-literal import that bundlers won't statically resolve
+  // Use eval'd require to bypass bundler analysis entirely
   try {
-    const moduleName = 'next-auth/jwt';
-    // eslint-disable-next-line @typescript-eslint/no-explicit-any
-    const nextAuthJwt: any = await import(/* webpackIgnore: true */ moduleName).catch(() => null);
+    let nextAuthJwt: any = null;
+    try {
+      // eslint-disable-next-line @typescript-eslint/no-implied-eval, no-eval
+      const dynamicRequire = eval('require') as NodeRequire;
+      nextAuthJwt = dynamicRequire('next-auth/jwt');
+    } catch {
+      logger.debug('[GET_TOKEN] next-auth/jwt not installed in consumer');
+      return null;
+    }
     if (nextAuthJwt?.getToken) {
       const { resolveNextAuthSecret } = await import('./nextauth-secret');
       const secret = await resolveNextAuthSecret();
-      // Use the app-slug-prefixed cookie name (e.g., payez_idp_admin_web.session-token)
       const cookieName = getSessionCookieName();
+      logger.info('[GET_TOKEN] Trying NextAuth fallback', { cookieName });
       const nextAuthToken = await nextAuthJwt.getToken({
         req,
         secret,
         cookieName,
-        secureCookie: false, // dev: http
+        secureCookie: false,
       });
       if (nextAuthToken) {
-        logger.debug('[GET_TOKEN] Resolved via NextAuth JWT fallback');
+        logger.info('[GET_TOKEN] Resolved via NextAuth JWT fallback');
         return nextAuthToken;
       }
-      // Try with the secure cookie name as a second attempt
       const { getSecureSessionCookieName } = await import('./app-slug');
       const secureCookieName = getSecureSessionCookieName();
       const secureToken = await nextAuthJwt.getToken({
@@ -70,13 +75,13 @@ export async function getTokenTestAware(req: NextRequest): Promise<any> {
         secureCookie: true,
       });
       if (secureToken) {
-        logger.debug('[GET_TOKEN] Resolved via NextAuth JWT fallback (secure cookie)');
+        logger.info('[GET_TOKEN] Resolved via NextAuth JWT fallback (secure)');
         return secureToken;
       }
-      logger.debug('[GET_TOKEN] NextAuth getToken returned null', { cookieName, secureCookieName });
+      logger.warn('[GET_TOKEN] NextAuth getToken returned null for both cookie names', { cookieName, secureCookieName });
     }
   } catch (error) {
-    logger.debug('[GET_TOKEN] NextAuth fallback failed', { error: error instanceof Error ? error.message : String(error) });
+    logger.warn('[GET_TOKEN] NextAuth fallback failed', { error: error instanceof Error ? error.message : String(error) });
   }
   return null;