npm - @things-factory/auth-base - Versions diffs - 7.0.44 → 7.0.48 - Mend

@things-factory/auth-base 7.0.44 → 7.0.48

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist-client/directive/privileged.d.ts +1 -1
package/dist-client/tsconfig.tsbuildinfo +1 -1
package/dist-server/tsconfig.tsbuildinfo +1 -1
package/dist-server/utils/access-token-cookie.js +4 -2
package/dist-server/utils/access-token-cookie.js.map +1 -1
package/package.json +4 -4
package/server/utils/access-token-cookie.ts +4 -2

package/dist-server/utils/access-token-cookie.js CHANGED Viewed

@@ -17,7 +17,8 @@ function setAccessTokenCookie(context, token) {
     var cookie = {
         secure,
         httpOnly: true,
-        maxAge: max_age_1.MAX_AGE
+        maxAge: max_age_1.MAX_AGE,
+        sameSite: 'Lax'
     };
     const cookieDomain = (0, shell_1.getCookieDomainFromHostname)(context.hostname);
     if (cookieDomain) {
@@ -38,7 +39,8 @@ function clearAccessTokenCookie(context) {
     const { secure } = context;
     var cookie = {
         secure,
-        httpOnly: true
+        httpOnly: true,
+        sameSite: 'Lax'
     };
     const cookieDomain = (0, shell_1.getCookieDomainFromHostname)(context.hostname);
     if (cookieDomain) {

package/dist-server/utils/access-token-cookie.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"access-token-cookie.js","sourceRoot":"","sources":["../../server/utils/access-token-cookie.ts"],"names":[],"mappings":";;AAMA,oDAEC;AAED,~~oDAeC~~;AAED,sDASC;AAED,~~wDAoBC~~;~~AA1DD~~,iDAAmE;AACnE,6CAA4C;AAC5C,kDAA8C;AAE9C,MAAM,oBAAoB,GAAG,YAAM,CAAC,GAAG,CAAC,sBAAsB,EAAE,cAAc,CAAC,CAAA;AAE/E,SAAgB,oBAAoB,CAAC,OAAO;;IAC1C,OAAO,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,OAAO,0CAAE,GAAG,CAAC,oBAAoB,CAAC,CAAA;AACpD,CAAC;AAED,SAAgB,oBAAoB,CAAC,OAAO,EAAE,KAAK;IACjD,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAA;IAE1B,IAAI,MAAM,GAAG;QACX,MAAM;QACN,QAAQ,EAAE,IAAI;QACd,MAAM,EAAE,iBAAO;KAChB,CAAA;IAED,MAAM,YAAY,GAAG,IAAA,mCAA2B,EAAC,OAAO,CAAC,QAAQ,CAAC,CAAA;IAClE,IAAI,YAAY,EAAE,CAAC;QACjB,MAAM,CAAC,QAAQ,CAAC,GAAG,YAAY,CAAA;IACjC,CAAC;IAED,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAAE,KAAK,EAAE,MAAM,CAAC,CAAA;AAC1D,CAAC;AAED,SAAgB,qBAAqB,CAAC,OAAO;IAC3C,0FAA0F;IAC1F,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAE9B,OAAO,CAAC,OAAO,GAAG;QAChB,EAAE,EAAE,IAAI,CAAC,EAAE;QACX,QAAQ,EAAE,IAAI,CAAC,IAAI;QACnB,MAAM,EAAE,IAAI,CAAC,KAAK;KACnB,CAAA;AACH,CAAC;AAED,SAAgB,sBAAsB,CAAC,OAAO;IAC5C,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAA;IAE1B,IAAI,MAAM,GAAG;QACX,MAAM;QACN,QAAQ,EAAE,IAAI;~~KACf~~,CAAA;IAED,MAAM,YAAY,GAAG,IAAA,mCAA2B,EAAC,OAAO,CAAC,QAAQ,CAAC,CAAA;IAClE,IAAI,YAAY,EAAE,CAAC;QACjB,MAAM,CAAC,QAAQ,CAAC,GAAG,YAAY,CAAA;IACjC,CAAC;IAED,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAAE,EAAE,EAAE,MAAM,CAAC,CAAA;IACrD;;;OAGG;IACH,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,EAAE,EAAE,EAAE,MAAM,CAAC,CAAA;IAC1C,OAAO,CAAC,OAAO,GAAG,IAAI,CAAA;AACxB,CAAC","sourcesContent":["import { getCookieDomainFromHostname } from '@things-factory/shell'\nimport { config } from '@things-factory/env'\nimport { MAX_AGE } from '../constants/max-age'\n\nconst accessTokenCookieKey = config.get('accessTokenCookieKey', 'access_token')\n\nexport function getAccessTokenCookie(context) {\n return context?.cookies?.get(accessTokenCookieKey)\n}\n\nexport function setAccessTokenCookie(context, token) {\n const { secure } = context\n\n var cookie = {\n secure,\n httpOnly: true,\n maxAge: MAX_AGE\n }\n\n const cookieDomain = getCookieDomainFromHostname(context.hostname)\n if (cookieDomain) {\n cookie['domain'] = cookieDomain\n }\n\n context.cookies.set(accessTokenCookieKey, token, cookie)\n}\n\nexport function setSessionAccessToken(context) {\n /* koa-session 을 사용하는 경우에는, cookie 직접 설정이 작동되지 않는다. 그런 경우에는 session에 설정해서 cookie를 변경한다. /\n const { user } = context.state\n\n context.session = {\n id: user.id,\n userType: user.type,\n status: user.state\n }\n}\n\nexport function clearAccessTokenCookie(context) {\n const { secure } = context\n\n var cookie = {\n secure,\n httpOnly: true\n }\n\n const cookieDomain = getCookieDomainFromHostname(context.hostname)\n if (cookieDomain) {\n cookie['domain'] = cookieDomain\n }\n\n context.cookies.set(accessTokenCookieKey, '', cookie)\n /\n * TODO clear i18next cookie as well - need to support domain\n * https://github.com/hatiolab/things-factory/issues/70\n */\n context.cookies.set('i18next', '', cookie)\n context.session = null\n}\n"]}
1	+ {"version":3,"file":"access-token-cookie.js","sourceRoot":"","sources":["../../server/utils/access-token-cookie.ts"],"names":[],"mappings":";;AAMA,oDAEC;AAED,oDAgBC;AAED,sDASC;AAED,wDAqBC;AA5DD,iDAAmE;AACnE,6CAA4C;AAC5C,kDAA8C;AAE9C,MAAM,oBAAoB,GAAG,YAAM,CAAC,GAAG,CAAC,sBAAsB,EAAE,cAAc,CAAC,CAAA;AAE/E,SAAgB,oBAAoB,CAAC,OAAO;;IAC1C,OAAO,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,OAAO,0CAAE,GAAG,CAAC,oBAAoB,CAAC,CAAA;AACpD,CAAC;AAED,SAAgB,oBAAoB,CAAC,OAAO,EAAE,KAAK;IACjD,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAA;IAE1B,IAAI,MAAM,GAAG;QACX,MAAM;QACN,QAAQ,EAAE,IAAI;QACd,MAAM,EAAE,iBAAO;QACf,QAAQ,EAAE,KAAK;KAChB,CAAA;IAED,MAAM,YAAY,GAAG,IAAA,mCAA2B,EAAC,OAAO,CAAC,QAAQ,CAAC,CAAA;IAClE,IAAI,YAAY,EAAE,CAAC;QACjB,MAAM,CAAC,QAAQ,CAAC,GAAG,YAAY,CAAA;IACjC,CAAC;IAED,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAAE,KAAK,EAAE,MAAM,CAAC,CAAA;AAC1D,CAAC;AAED,SAAgB,qBAAqB,CAAC,OAAO;IAC3C,0FAA0F;IAC1F,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAE9B,OAAO,CAAC,OAAO,GAAG;QAChB,EAAE,EAAE,IAAI,CAAC,EAAE;QACX,QAAQ,EAAE,IAAI,CAAC,IAAI;QACnB,MAAM,EAAE,IAAI,CAAC,KAAK;KACnB,CAAA;AACH,CAAC;AAED,SAAgB,sBAAsB,CAAC,OAAO;IAC5C,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAA;IAE1B,IAAI,MAAM,GAAG;QACX,MAAM;QACN,QAAQ,EAAE,IAAI;QACd,QAAQ,EAAE,KAAK;KAChB,CAAA;IAED,MAAM,YAAY,GAAG,IAAA,mCAA2B,EAAC,OAAO,CAAC,QAAQ,CAAC,CAAA;IAClE,IAAI,YAAY,EAAE,CAAC;QACjB,MAAM,CAAC,QAAQ,CAAC,GAAG,YAAY,CAAA;IACjC,CAAC;IAED,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAAE,EAAE,EAAE,MAAM,CAAC,CAAA;IACrD;;;OAGG;IACH,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,EAAE,EAAE,EAAE,MAAM,CAAC,CAAA;IAC1C,OAAO,CAAC,OAAO,GAAG,IAAI,CAAA;AACxB,CAAC","sourcesContent":["import { getCookieDomainFromHostname } from '@things-factory/shell'\nimport { config } from '@things-factory/env'\nimport { MAX_AGE } from '../constants/max-age'\n\nconst accessTokenCookieKey = config.get('accessTokenCookieKey', 'access_token')\n\nexport function getAccessTokenCookie(context) {\n return context?.cookies?.get(accessTokenCookieKey)\n}\n\nexport function setAccessTokenCookie(context, token) {\n const { secure } = context\n\n var cookie = {\n secure,\n httpOnly: true,\n maxAge: MAX_AGE,\n sameSite: 'Lax'\n }\n\n const cookieDomain = getCookieDomainFromHostname(context.hostname)\n if (cookieDomain) {\n cookie['domain'] = cookieDomain\n }\n\n context.cookies.set(accessTokenCookieKey, token, cookie)\n}\n\nexport function setSessionAccessToken(context) {\n /* koa-session 을 사용하는 경우에는, cookie 직접 설정이 작동되지 않는다. 그런 경우에는 session에 설정해서 cookie를 변경한다. /\n const { user } = context.state\n\n context.session = {\n id: user.id,\n userType: user.type,\n status: user.state\n }\n}\n\nexport function clearAccessTokenCookie(context) {\n const { secure } = context\n\n var cookie = {\n secure,\n httpOnly: true,\n sameSite: 'Lax'\n }\n\n const cookieDomain = getCookieDomainFromHostname(context.hostname)\n if (cookieDomain) {\n cookie['domain'] = cookieDomain\n }\n\n context.cookies.set(accessTokenCookieKey, '', cookie)\n /\n * TODO clear i18next cookie as well - need to support domain\n * https://github.com/hatiolab/things-factory/issues/70\n */\n context.cookies.set('i18next', '', cookie)\n context.session = null\n}\n"]}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@things-factory/auth-base",
-  "version": "7.0.44",
+  "version": "7.0.48",
   "main": "dist-server/index.js",
   "browser": "dist-client/index.js",
   "things-factory": true,
@@ -32,9 +32,9 @@
   "dependencies": {
     "@simplewebauthn/browser": "^10.0.0",
     "@simplewebauthn/server": "^10.0.0",
-    "@things-factory/email-base": "^7.0.44",
+    "@things-factory/email-base": "^7.0.48",
     "@things-factory/env": "^7.0.33",
-    "@things-factory/shell": "^7.0.44",
+    "@things-factory/shell": "^7.0.48",
     "@things-factory/utils": "^7.0.33",
     "@types/webappsec-credential-management": "^0.6.8",
     "jsonwebtoken": "^9.0.0",
@@ -46,5 +46,5 @@
     "passport-jwt": "^4.0.0",
     "passport-local": "^1.0.0"
   },
-  "gitHead": "15c3e1b6a2b5f33c03cca37aabdc5f4c388d7dc9"
+  "gitHead": "516772ebee08900790bcc43477419d60adcb4dcd"
 }

package/server/utils/access-token-cookie.ts CHANGED Viewed

@@ -14,7 +14,8 @@ export function setAccessTokenCookie(context, token) {
   var cookie = {
     secure,
     httpOnly: true,
-    maxAge: MAX_AGE
+    maxAge: MAX_AGE,
+    sameSite: 'Lax'
   }
   const cookieDomain = getCookieDomainFromHostname(context.hostname)
@@ -41,7 +42,8 @@ export function clearAccessTokenCookie(context) {
   var cookie = {
     secure,
-    httpOnly: true
+    httpOnly: true,
+    sameSite: 'Lax'
   }
   const cookieDomain = getCookieDomainFromHostname(context.hostname)