@thinkingcat/auth-utils 1.0.31 → 1.0.33

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/dist/index.js +10 -28
  2. package/package.json +1 -1
package/dist/index.js CHANGED
@@ -214,16 +214,19 @@ async function encodeNextAuthToken(jwt, secret, maxAge = 30 * 24 * 60 * 60) {
214
214
  try {
215
215
  // next-auth/jwt의 encode 함수를 동적 import로 사용 (Edge Runtime 호환)
216
216
  const { encode } = await Promise.resolve().then(() => __importStar(require('next-auth/jwt')));
217
- return await encode({
217
+ debugLog('encodeNextAuthToken', 'Using next-auth/jwt encode');
218
+ const encoded = await encode({
218
219
  token: jwt,
219
220
  secret: secret,
220
221
  maxAge: maxAge,
221
222
  });
223
+ debugLog('encodeNextAuthToken', 'Encode successful, length:', encoded.length);
224
+ return encoded;
222
225
  }
223
226
  catch (error) {
224
227
  // Edge Runtime에서 encode가 작동하지 않을 수 있으므로
225
228
  // jose의 EncryptJWT를 사용하여 JWE 토큰 생성 (NextAuth가 기대하는 형식)
226
- debugLog('encodeNextAuthToken', 'encode failed, using EncryptJWT fallback');
229
+ debugLog('encodeNextAuthToken', 'encode failed, using EncryptJWT fallback', error);
227
230
  // NextAuth는 secret을 SHA-256 해시하여 32바이트 키로 사용
228
231
  // jose의 EncryptJWT는 'dir' 알고리즘에서 Uint8Array 키를 직접 사용
229
232
  const secretHash = await createHashSHA256(secret);
@@ -651,33 +654,12 @@ async function verifyAndRefreshToken(req, secret, options) {
651
654
  catch {
652
655
  // 토큰 검증 실패
653
656
  }
654
- debugLog('verifyAndRefreshToken', 'Updating cookies without redirect...');
655
- // NextResponse.next()를 생성하고 쿠키만 설정
657
+ debugLog('verifyAndRefreshToken', 'Updating custom cookies only (NextAuth will handle session)...');
658
+ // NextResponse.next()를 생성하고 커스텀 토큰만 설정
659
+ // NextAuth 쿠키는 생성하지 않음 - NextAuth가 자체적으로 처리하도록 함
656
660
  const { NextResponse: NextResponseClass } = await getNextServer();
657
661
  const response = NextResponseClass.next();
658
- // NextAuth JWT 생성
659
- const jwt = createNextAuthJWT(payload, serviceId);
660
- if (newRefreshToken) {
661
- jwt.refreshToken = newRefreshToken;
662
- }
663
- jwt.accessTokenExpires = Date.now() + (15 * 60 * 1000);
664
- // NextAuth 세션 쿠키 설정
665
- const nextAuthToken = await encodeNextAuthToken(jwt, secret);
666
- const nextAuthCookieName = isProduction
667
- ? '__Secure-next-auth.session-token'
668
- : 'next-auth.session-token';
669
- const cookieOptions = {
670
- httpOnly: true,
671
- secure: isProduction,
672
- sameSite: isProduction ? 'none' : 'lax',
673
- path: '/',
674
- maxAge: 30 * 24 * 60 * 60,
675
- };
676
- if (cookieDomain) {
677
- cookieOptions.domain = cookieDomain;
678
- }
679
- response.cookies.set(nextAuthCookieName, nextAuthToken, cookieOptions);
680
- // 커스텀 토큰 쿠키 설정
662
+ // 커스텀 토큰 쿠키만 설정
681
663
  if (newRefreshToken) {
682
664
  setCustomTokens(response, refreshResult.accessToken, newRefreshToken, {
683
665
  cookiePrefix,
@@ -692,7 +674,7 @@ async function verifyAndRefreshToken(req, secret, options) {
692
674
  cookieDomain,
693
675
  });
694
676
  }
695
- debugLog('verifyAndRefreshToken', 'Cookies updated, continuing with current request');
677
+ debugLog('verifyAndRefreshToken', 'Custom cookies updated, NextAuth will pick them up via handleJWTCallback');
696
678
  return { isValid: true, response, payload };
697
679
  }
698
680
  catch (error) {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@thinkingcat/auth-utils",
3
- "version": "1.0.31",
3
+ "version": "1.0.33",
4
4
  "description": "Authentication utilities for ThinkingCat SSO services with conditional logging",
5
5
  "main": "dist/index.js",
6
6
  "types": "dist/index.d.ts",