@thinkingcat/auth-utils 1.0.27 → 1.0.29

package/dist/index.d.ts

@@ -162,15 +162,19 @@ export declare function createRedirectHTML(redirectPath: string, text: string):
  * @param accessToken access token
  * @param secret JWT 서명에 사용할 secret key
  * @param options 추가 옵션
+ * @param options.req NextRequest 객체 (필수 - URL origin을 위해 필요)
  * @param options.refreshToken refresh token (선택)
- * @param options.redirectPath 리다이렉트할 경로 (기본값: 페이지 리로드)
- * @param options.text 리다이렉트 HTML에 표시할 텍스트 (선택사항)
+ * @param options.redirectPath 리다이렉트할 경로 (HTTP 302 리다이렉트 사용)
+ * @param options.text 응답 메시지 텍스트 (선택사항)
  * @param options.cookiePrefix 쿠키 이름 접두사 (필수)
  * @param options.isProduction 프로덕션 환경 여부 (기본값: false)
  * @param options.cookieDomain 쿠키 도메인 (선택)
- * @returns NextResponse 객체
+ * @param options.serviceId 서비스 ID (필수)
+ * @param options.licenseKey 라이센스 키 (필수)
+ * @returns NextResponse 객체 (리다이렉트 또는 JSON 응답)
  */
 export declare function createAuthResponse(accessToken: string, secret: string, options: {
+    req: NextRequest;
     refreshToken?: string;
     redirectPath?: string;
     text?: string;

package/dist/index.js

@@ -418,17 +418,20 @@ function createRedirectHTML(redirectPath, text) {
  * @param accessToken access token
  * @param secret JWT 서명에 사용할 secret key
  * @param options 추가 옵션
+ * @param options.req NextRequest 객체 (필수 - URL origin을 위해 필요)
  * @param options.refreshToken refresh token (선택)
- * @param options.redirectPath 리다이렉트할 경로 (기본값: 페이지 리로드)
- * @param options.text 리다이렉트 HTML에 표시할 텍스트 (선택사항)
+ * @param options.redirectPath 리다이렉트할 경로 (HTTP 302 리다이렉트 사용)
+ * @param options.text 응답 메시지 텍스트 (선택사항)
  * @param options.cookiePrefix 쿠키 이름 접두사 (필수)
  * @param options.isProduction 프로덕션 환경 여부 (기본값: false)
  * @param options.cookieDomain 쿠키 도메인 (선택)
- * @returns NextResponse 객체
+ * @param options.serviceId 서비스 ID (필수)
+ * @param options.licenseKey 라이센스 키 (필수)
+ * @returns NextResponse 객체 (리다이렉트 또는 JSON 응답)
  */
 async function createAuthResponse(accessToken, secret, options) {
     await checkLicenseKey(options.licenseKey);
-    const { refreshToken, redirectPath, text, cookiePrefix, isProduction = false, cookieDomain, serviceId, } = options;
+    const { req, refreshToken, redirectPath, text, cookiePrefix, isProduction = false, cookieDomain, serviceId, } = options;
     // 1. 토큰 검증
     const tokenResult = await verifyToken(accessToken, secret);
     if (!tokenResult) {
@@ -451,20 +454,18 @@ async function createAuthResponse(accessToken, secret, options) {
     });
     // 3. NextAuth session cookie 생성
     const nextAuthToken = await encodeNextAuthToken(jwt, secret);
-    debugLog('createAuthResponse', 'NextAuth session token encoded');
-    // 5. HTML 생성
-    const displayText = text || serviceId;
-    const html = redirectPath
-        ? createRedirectHTML(redirectPath, displayText)
-        : createRedirectHTML('', displayText).replace("window.location.href = ''", "window.location.reload()");
-    // 6. Response 생성
-    const { NextResponse: NextResponseClass } = await getNextServer();
-    const response = new NextResponseClass(html, {
-        status: 200,
-        headers: {
-            'Content-Type': 'text/html',
-        },
+    debugLog('createAuthResponse', 'NextAuth session token encoded:', {
+        tokenLength: nextAuthToken.length,
+        tokenPrefix: nextAuthToken.substring(0, 30) + '...',
+        jwtId: jwt.id,
+        jwtEmail: jwt.email?.substring(0, 20) + '...',
     });
+    // 4. Response 생성 (HTTP 302 리다이렉트 사용)
+    const { NextResponse: NextResponseClass } = await getNextServer();
+    // redirectPath가 있으면 302 리다이렉트, 없으면 200 OK
+    const response = redirectPath
+        ? NextResponseClass.redirect(new URL(redirectPath, req.url), { status: 302 })
+        : NextResponseClass.json({ success: true, message: text || 'Authentication successful' }, { status: 200 });
     // 4. NextAuth session cookie 설정
     const nextAuthCookieName = isProduction
         ? '__Secure-next-auth.session-token'
@@ -480,7 +481,11 @@ async function createAuthResponse(accessToken, secret, options) {
         cookieOptions.domain = cookieDomain;
     }
     response.cookies.set(nextAuthCookieName, nextAuthToken, cookieOptions);
-    debugLog('createAuthResponse', 'NextAuth session cookie set:', nextAuthCookieName);
+    debugLog('createAuthResponse', 'NextAuth session cookie set:', {
+        name: nextAuthCookieName,
+        valueLength: nextAuthToken.length,
+        ...cookieOptions,
+    });
     // 5. 커스텀 토큰 쿠키 설정
     if (refreshToken) {
         setCustomTokens(response, accessToken, refreshToken, {
@@ -648,6 +653,7 @@ async function verifyAndRefreshToken(req, secret, options) {
                     }
                     debugLog('verifyAndRefreshToken', 'Creating auth response...');
                     const response = await createAuthResponse(refreshResult.accessToken, secret, {
+                        req,
                         refreshToken: newRefreshToken,
                         redirectPath: '',
                         text: text || serviceId,
@@ -1248,7 +1254,14 @@ async function verifyAndRefreshTokenWithNextAuth(req, nextAuthToken, secret, opt
     const nextAuthSessionTokenCookieName = isProduction
         ? '__Secure-next-auth.session-token'
         : 'next-auth.session-token';
-    const hasNextAuthSessionTokenCookie = !!req.cookies.get(nextAuthSessionTokenCookieName)?.value;
+    const nextAuthCookieValue = req.cookies.get(nextAuthSessionTokenCookieName)?.value;
+    const hasNextAuthSessionTokenCookie = !!nextAuthCookieValue;
+    debugLog('verifyAndRefreshTokenWithNextAuth', 'NextAuth cookie check:', {
+        cookieName: nextAuthSessionTokenCookieName,
+        hasCookie: hasNextAuthSessionTokenCookie,
+        cookieLength: nextAuthCookieValue?.length || 0,
+        cookiePrefix: nextAuthCookieValue?.substring(0, 30) + '...' || 'none',
+    });
     // NextAuth 토큰 확인
     const hasValidNextAuthToken = nextAuthToken && isValidToken(nextAuthToken);
     // Access token 확인
@@ -1430,13 +1443,16 @@ async function handleMiddleware(req, config, options) {
         let token = null;
         if (getNextAuthToken) {
             token = await getNextAuthToken(req);
+            debugLog('handleMiddleware', 'Custom getNextAuthToken result:', { hasToken: !!token });
         }
         else {
             try {
                 const { getToken } = await Promise.resolve().then(() => __importStar(require('next-auth/jwt')));
                 token = await getToken({ req, secret });
+                debugLog('handleMiddleware', 'getToken result:', { hasToken: !!token });
             }
-            catch {
+            catch (error) {
+                debugLog('handleMiddleware', 'getToken failed:', error);
                 // NextAuth가 없으면 null 유지
             }
         }
@@ -1500,6 +1516,7 @@ async function handleMiddleware(req, config, options) {
                     const redirectPath = config.rolePaths[tokenRole] || config.rolePaths[defaultRole] || '/admin';
                     debugLog('handleMiddleware', `Creating auth response, redirect to: ${redirectPath}`);
                     const response = await createAuthResponse(tokenParam, secret, {
+                        req,
                         refreshToken: refreshToken || undefined,
                         redirectPath,
                         text: serviceId,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@thinkingcat/auth-utils",
-  "version": "1.0.27",
+  "version": "1.0.29",
   "description": "Authentication utilities for ThinkingCat SSO services with conditional logging",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",