@payez/next-mvp 4.0.39 → 4.0.41

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/dist/lib/test-aware-get-token.js +1 -43
  2. package/package.json +1 -1
  3. package/src/lib/test-aware-get-token.ts +1 -43
package/dist/lib/test-aware-get-token.js CHANGED
@@ -69,11 +69,9 @@ async function getTokenTestAware(req) {
69
69
  return null;
70
70
  }
71
71
  }
72
- // Production path: try Better Auth first, fall back to NextAuth JWT cookie
72
+ // Production path: Better Auth session
73
73
  const session = await (0, auth_1.getSession)(req);
74
74
  if (session?.user && session?.session?.token) {
75
- // Return a token-like object for backward compatibility with callers
76
- // that access token.sub, token.email, token.sessionToken, token.roles, etc.
77
75
  return {
78
76
  sub: session.user.id,
79
77
  email: session.user.email,
@@ -83,45 +81,5 @@ async function getTokenTestAware(req) {
83
81
  ...session.user,
84
82
  };
85
83
  }
86
- // Fallback: NextAuth JWT cookie (for sites still on NextAuth like localhost.api.payez.net)
87
- // Use string-literal import that bundlers won't statically resolve
88
- try {
89
- const moduleName = 'next-auth/jwt';
90
- // eslint-disable-next-line @typescript-eslint/no-explicit-any
91
- const nextAuthJwt = await Promise.resolve(`${moduleName}`).then(s => __importStar(require(s))).catch(() => null);
92
- if (nextAuthJwt?.getToken) {
93
- const { resolveNextAuthSecret } = await Promise.resolve().then(() => __importStar(require('./nextauth-secret')));
94
- const secret = await resolveNextAuthSecret();
95
- // Use the app-slug-prefixed cookie name (e.g., payez_idp_admin_web.session-token)
96
- const cookieName = (0, app_slug_1.getSessionCookieName)();
97
- const nextAuthToken = await nextAuthJwt.getToken({
98
- req,
99
- secret,
100
- cookieName,
101
- secureCookie: false, // dev: http
102
- });
103
- if (nextAuthToken) {
104
- logger_1.logger.debug('[GET_TOKEN] Resolved via NextAuth JWT fallback');
105
- return nextAuthToken;
106
- }
107
- // Try with the secure cookie name as a second attempt
108
- const { getSecureSessionCookieName } = await Promise.resolve().then(() => __importStar(require('./app-slug')));
109
- const secureCookieName = getSecureSessionCookieName();
110
- const secureToken = await nextAuthJwt.getToken({
111
- req,
112
- secret,
113
- cookieName: secureCookieName,
114
- secureCookie: true,
115
- });
116
- if (secureToken) {
117
- logger_1.logger.debug('[GET_TOKEN] Resolved via NextAuth JWT fallback (secure cookie)');
118
- return secureToken;
119
- }
120
- logger_1.logger.debug('[GET_TOKEN] NextAuth getToken returned null', { cookieName, secureCookieName });
121
- }
122
- }
123
- catch (error) {
124
- logger_1.logger.debug('[GET_TOKEN] NextAuth fallback failed', { error: error instanceof Error ? error.message : String(error) });
125
- }
126
84
  return null;
127
85
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@payez/next-mvp",
3
- "version": "4.0.39",
3
+ "version": "4.0.41",
4
4
  "sideEffects": false,
5
5
  "main": "dist/index.js",
6
6
  "types": "dist/index.d.ts",
package/src/lib/test-aware-get-token.ts CHANGED
@@ -24,11 +24,9 @@ export async function getTokenTestAware(req: NextRequest): Promise<any> {
24
24
  return payload;
25
25
  } catch (error) { logger.error('[GET_TOKEN] TEST_MODE token decode error:', { error: error instanceof Error ? error.message : String(error) }); return null; }
26
26
  }
27
- // Production path: try Better Auth first, fall back to NextAuth JWT cookie
27
+ // Production path: Better Auth session
28
28
  const session = await getSession(req);
29
29
  if (session?.user && session?.session?.token) {
30
- // Return a token-like object for backward compatibility with callers
31
- // that access token.sub, token.email, token.sessionToken, token.roles, etc.
32
30
  return {
33
31
  sub: session.user.id,
34
32
  email: session.user.email,
@@ -39,45 +37,5 @@ export async function getTokenTestAware(req: NextRequest): Promise<any> {
39
37
  };
40
38
  }
41
39
 
42
- // Fallback: NextAuth JWT cookie (for sites still on NextAuth like localhost.api.payez.net)
43
- // Use string-literal import that bundlers won't statically resolve
44
- try {
45
- const moduleName = 'next-auth/jwt';
46
- // eslint-disable-next-line @typescript-eslint/no-explicit-any
47
- const nextAuthJwt: any = await import(/* webpackIgnore: true */ moduleName).catch(() => null);
48
- if (nextAuthJwt?.getToken) {
49
- const { resolveNextAuthSecret } = await import('./nextauth-secret');
50
- const secret = await resolveNextAuthSecret();
51
- // Use the app-slug-prefixed cookie name (e.g., payez_idp_admin_web.session-token)
52
- const cookieName = getSessionCookieName();
53
- const nextAuthToken = await nextAuthJwt.getToken({
54
- req,
55
- secret,
56
- cookieName,
57
- secureCookie: false, // dev: http
58
- });
59
- if (nextAuthToken) {
60
- logger.debug('[GET_TOKEN] Resolved via NextAuth JWT fallback');
61
- return nextAuthToken;
62
- }
63
- // Try with the secure cookie name as a second attempt
64
- const { getSecureSessionCookieName } = await import('./app-slug');
65
- const secureCookieName = getSecureSessionCookieName();
66
- const secureToken = await nextAuthJwt.getToken({
67
- req,
68
- secret,
69
- cookieName: secureCookieName,
70
- secureCookie: true,
71
- });
72
- if (secureToken) {
73
- logger.debug('[GET_TOKEN] Resolved via NextAuth JWT fallback (secure cookie)');
74
- return secureToken;
75
- }
76
- logger.debug('[GET_TOKEN] NextAuth getToken returned null', { cookieName, secureCookieName });
77
- }
78
- } catch (error) {
79
- logger.debug('[GET_TOKEN] NextAuth fallback failed', { error: error instanceof Error ? error.message : String(error) });
80
- }
81
-
82
40
  return null;
83
41
  }