npm - @thinkingcat/auth-utils - Versions diffs - 1.0.23 → 1.0.24 - Mend

@thinkingcat/auth-utils 1.0.23 → 1.0.24

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/dist/index.js +11 -6
package/package.json +1 -1

package/dist/index.js CHANGED Viewed

@@ -1256,20 +1256,25 @@ async function verifyAndRefreshTokenWithNextAuth(req, nextAuthToken, secret, opt
         hasValidAccess: hasValidAccessToken,
         hasRefresh: !!refreshToken,
     });
-    // NextAuth 토큰 또는 access token 중 하나라도 유효하면 통과
-    if (hasValidNextAuthToken || hasValidAccessToken) {
-        debugLog('verifyAndRefreshTokenWithNextAuth', 'At least one token is valid');
+    // NextAuth cookie와 access token이 모두 유효하면 통과
+    if (hasValidNextAuthToken && hasValidAccessToken) {
+        debugLog('verifyAndRefreshTokenWithNextAuth', 'Both NextAuth and access tokens are valid');
         return { isValid: true };
     }
-    // 둘 다 없으면 refresh token으로 갱신 시도
-    if (refreshToken) {
-        debugLog('verifyAndRefreshTokenWithNextAuth', 'No valid tokens, attempting refresh');
+    // NextAuth cookie가 없거나 access token이 없으면 refresh 시도
+    if (refreshToken && (!hasValidNextAuthToken || !hasValidAccessToken)) {
+        debugLog('verifyAndRefreshTokenWithNextAuth', 'Missing NextAuth or access token, attempting refresh');
         const authCheck = await verifyAndRefreshToken(req, secret, {
             ...options,
             forceRefresh: true,
         });
         return authCheck;
     }
+    // 하나라도 유효하면 일단 통과 (refresh token이 없는 경우)
+    if (hasValidNextAuthToken || hasValidAccessToken) {
+        debugLog('verifyAndRefreshTokenWithNextAuth', 'At least one token is valid (no refresh token)');
+        return { isValid: true };
+    }
     debugLog('verifyAndRefreshTokenWithNextAuth', 'No tokens available');
     return { isValid: false, error: 'NO_TOKEN' };
 }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@thinkingcat/auth-utils",
-  "version": "1.0.23",
+  "version": "1.0.24",
   "description": "Authentication utilities for ThinkingCat SSO services with conditional logging",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",