@payez/next-mvp 4.0.40 → 4.0.41

package/dist/lib/test-aware-get-token.js

@@ -69,11 +69,9 @@ async function getTokenTestAware(req) {
             return null;
         }
     }
-    // Production path: try Better Auth first, fall back to NextAuth JWT cookie
+    // Production path: Better Auth session
     const session = await (0, auth_1.getSession)(req);
     if (session?.user && session?.session?.token) {
-        // Return a token-like object for backward compatibility with callers
-        // that access token.sub, token.email, token.sessionToken, token.roles, etc.
         return {
             sub: session.user.id,
             email: session.user.email,
@@ -83,51 +81,5 @@ async function getTokenTestAware(req) {
             ...session.user,
         };
     }
-    // Fallback: NextAuth JWT cookie (for sites still on NextAuth like localhost.api.payez.net)
-    // Use eval'd require to bypass bundler analysis entirely
-    try {
-        let nextAuthJwt = null;
-        try {
-            // eslint-disable-next-line @typescript-eslint/no-implied-eval, no-eval
-            const dynamicRequire = eval('require');
-            nextAuthJwt = dynamicRequire('next-auth/jwt');
-        }
-        catch {
-            logger_1.logger.debug('[GET_TOKEN] next-auth/jwt not installed in consumer');
-            return null;
-        }
-        if (nextAuthJwt?.getToken) {
-            const { resolveNextAuthSecret } = await Promise.resolve().then(() => __importStar(require('./nextauth-secret')));
-            const secret = await resolveNextAuthSecret();
-            const cookieName = (0, app_slug_1.getSessionCookieName)();
-            logger_1.logger.info('[GET_TOKEN] Trying NextAuth fallback', { cookieName });
-            const nextAuthToken = await nextAuthJwt.getToken({
-                req,
-                secret,
-                cookieName,
-                secureCookie: false,
-            });
-            if (nextAuthToken) {
-                logger_1.logger.info('[GET_TOKEN] Resolved via NextAuth JWT fallback');
-                return nextAuthToken;
-            }
-            const { getSecureSessionCookieName } = await Promise.resolve().then(() => __importStar(require('./app-slug')));
-            const secureCookieName = getSecureSessionCookieName();
-            const secureToken = await nextAuthJwt.getToken({
-                req,
-                secret,
-                cookieName: secureCookieName,
-                secureCookie: true,
-            });
-            if (secureToken) {
-                logger_1.logger.info('[GET_TOKEN] Resolved via NextAuth JWT fallback (secure)');
-                return secureToken;
-            }
-            logger_1.logger.warn('[GET_TOKEN] NextAuth getToken returned null for both cookie names', { cookieName, secureCookieName });
-        }
-    }
-    catch (error) {
-        logger_1.logger.warn('[GET_TOKEN] NextAuth fallback failed', { error: error instanceof Error ? error.message : String(error) });
-    }
     return null;
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@payez/next-mvp",
-  "version": "4.0.40",
+  "version": "4.0.41",
   "sideEffects": false,
   "main": "dist/index.js",
   "types": "dist/index.d.ts",

package/src/lib/test-aware-get-token.ts

@@ -24,11 +24,9 @@ export async function getTokenTestAware(req: NextRequest): Promise<any> {
       return payload;
     } catch (error) { logger.error('[GET_TOKEN] TEST_MODE token decode error:', { error: error instanceof Error ? error.message : String(error) }); return null; }
   }
-  // Production path: try Better Auth first, fall back to NextAuth JWT cookie
+  // Production path: Better Auth session
   const session = await getSession(req);
   if (session?.user && session?.session?.token) {
-    // Return a token-like object for backward compatibility with callers
-    // that access token.sub, token.email, token.sessionToken, token.roles, etc.
     return {
       sub: session.user.id,
       email: session.user.email,
@@ -39,50 +37,5 @@ export async function getTokenTestAware(req: NextRequest): Promise<any> {
     };
   }
 
-  // Fallback: NextAuth JWT cookie (for sites still on NextAuth like localhost.api.payez.net)
-  // Use eval'd require to bypass bundler analysis entirely
-  try {
-    let nextAuthJwt: any = null;
-    try {
-      // eslint-disable-next-line @typescript-eslint/no-implied-eval, no-eval
-      const dynamicRequire = eval('require') as NodeRequire;
-      nextAuthJwt = dynamicRequire('next-auth/jwt');
-    } catch {
-      logger.debug('[GET_TOKEN] next-auth/jwt not installed in consumer');
-      return null;
-    }
-    if (nextAuthJwt?.getToken) {
-      const { resolveNextAuthSecret } = await import('./nextauth-secret');
-      const secret = await resolveNextAuthSecret();
-      const cookieName = getSessionCookieName();
-      logger.info('[GET_TOKEN] Trying NextAuth fallback', { cookieName });
-      const nextAuthToken = await nextAuthJwt.getToken({
-        req,
-        secret,
-        cookieName,
-        secureCookie: false,
-      });
-      if (nextAuthToken) {
-        logger.info('[GET_TOKEN] Resolved via NextAuth JWT fallback');
-        return nextAuthToken;
-      }
-      const { getSecureSessionCookieName } = await import('./app-slug');
-      const secureCookieName = getSecureSessionCookieName();
-      const secureToken = await nextAuthJwt.getToken({
-        req,
-        secret,
-        cookieName: secureCookieName,
-        secureCookie: true,
-      });
-      if (secureToken) {
-        logger.info('[GET_TOKEN] Resolved via NextAuth JWT fallback (secure)');
-        return secureToken;
-      }
-      logger.warn('[GET_TOKEN] NextAuth getToken returned null for both cookie names', { cookieName, secureCookieName });
-    }
-  } catch (error) {
-    logger.warn('[GET_TOKEN] NextAuth fallback failed', { error: error instanceof Error ? error.message : String(error) });
-  }
-
   return null;
 }