@thinkingcat/auth-utils 1.0.35 → 1.0.37
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +21 -60
- package/package.json +1 -1
package/dist/index.js
CHANGED
|
@@ -435,45 +435,20 @@ async function createAuthResponse(accessToken, secret, options) {
|
|
|
435
435
|
}
|
|
436
436
|
// accessTokenExpires 추가 (15분)
|
|
437
437
|
jwt.accessTokenExpires = Date.now() + (15 * 60 * 1000);
|
|
438
|
-
debugLog('createAuthResponse', 'JWT
|
|
438
|
+
debugLog('createAuthResponse', 'JWT prepared (NextAuth will encode it in API Routes):', {
|
|
439
439
|
hasId: !!jwt.id,
|
|
440
440
|
hasEmail: !!jwt.email,
|
|
441
441
|
hasRole: !!jwt.role,
|
|
442
442
|
hasRefreshToken: !!jwt.refreshToken,
|
|
443
443
|
});
|
|
444
|
-
// 3.
|
|
445
|
-
const nextAuthToken = await encodeNextAuthToken(jwt, secret);
|
|
446
|
-
debugLog('createAuthResponse', 'NextAuth session token encoded:', {
|
|
447
|
-
tokenLength: nextAuthToken.length,
|
|
448
|
-
tokenPrefix: nextAuthToken.substring(0, 30) + '...',
|
|
449
|
-
});
|
|
450
|
-
// 4. Response 생성 (HTTP 302 리다이렉트 사용)
|
|
444
|
+
// 3. Response 생성 (HTTP 302 리다이렉트 사용)
|
|
451
445
|
const { NextResponse: NextResponseClass } = await getNextServer();
|
|
452
446
|
// redirectPath가 있으면 302 리다이렉트, 없으면 200 OK
|
|
453
447
|
const response = redirectPath
|
|
454
448
|
? NextResponseClass.redirect(new URL(redirectPath, req.url), { status: 302 })
|
|
455
449
|
: NextResponseClass.json({ success: true, message: text || 'Authentication successful' }, { status: 200 });
|
|
456
|
-
//
|
|
457
|
-
|
|
458
|
-
? '__Secure-next-auth.session-token'
|
|
459
|
-
: 'next-auth.session-token';
|
|
460
|
-
const cookieOptions = {
|
|
461
|
-
httpOnly: true,
|
|
462
|
-
secure: isProduction,
|
|
463
|
-
sameSite: isProduction ? 'none' : 'lax',
|
|
464
|
-
path: '/',
|
|
465
|
-
maxAge: 30 * 24 * 60 * 60, // 30일
|
|
466
|
-
};
|
|
467
|
-
if (cookieDomain) {
|
|
468
|
-
cookieOptions.domain = cookieDomain;
|
|
469
|
-
}
|
|
470
|
-
response.cookies.set(nextAuthCookieName, nextAuthToken, cookieOptions);
|
|
471
|
-
debugLog('createAuthResponse', 'NextAuth session cookie set:', {
|
|
472
|
-
name: nextAuthCookieName,
|
|
473
|
-
valueLength: nextAuthToken.length,
|
|
474
|
-
...cookieOptions,
|
|
475
|
-
});
|
|
476
|
-
// 6. 커스텀 토큰 쿠키 설정
|
|
450
|
+
// 4. 커스텀 토큰 쿠키만 설정
|
|
451
|
+
// NextAuth 쿠키는 handleJWTCallback에서 커스텀 토큰을 읽어서 자동 생성됨
|
|
477
452
|
if (refreshToken) {
|
|
478
453
|
setCustomTokens(response, accessToken, refreshToken, {
|
|
479
454
|
cookiePrefix,
|
|
@@ -638,37 +613,12 @@ async function verifyAndRefreshToken(req, secret, options) {
|
|
|
638
613
|
catch {
|
|
639
614
|
// 토큰 검증 실패
|
|
640
615
|
}
|
|
641
|
-
debugLog('verifyAndRefreshToken', 'Updating cookies
|
|
642
|
-
// NextResponse.next()를 생성하고
|
|
616
|
+
debugLog('verifyAndRefreshToken', 'Updating custom cookies only (NextAuth will handle session)...');
|
|
617
|
+
// NextResponse.next()를 생성하고 커스텀 토큰만 설정
|
|
643
618
|
const { NextResponse: NextResponseClass } = await getNextServer();
|
|
644
619
|
const response = NextResponseClass.next();
|
|
645
|
-
//
|
|
646
|
-
|
|
647
|
-
if (newRefreshToken) {
|
|
648
|
-
jwt.refreshToken = newRefreshToken;
|
|
649
|
-
}
|
|
650
|
-
jwt.accessTokenExpires = Date.now() + (15 * 60 * 1000);
|
|
651
|
-
// NextAuth 세션 쿠키 설정 (jose 사용으로 Edge/Node.js Runtime 호환)
|
|
652
|
-
const nextAuthToken = await encodeNextAuthToken(jwt, secret);
|
|
653
|
-
const nextAuthCookieName = isProduction
|
|
654
|
-
? '__Secure-next-auth.session-token'
|
|
655
|
-
: 'next-auth.session-token';
|
|
656
|
-
const cookieOptions = {
|
|
657
|
-
httpOnly: true,
|
|
658
|
-
secure: isProduction,
|
|
659
|
-
sameSite: isProduction ? 'none' : 'lax',
|
|
660
|
-
path: '/',
|
|
661
|
-
maxAge: 30 * 24 * 60 * 60,
|
|
662
|
-
};
|
|
663
|
-
if (cookieDomain) {
|
|
664
|
-
cookieOptions.domain = cookieDomain;
|
|
665
|
-
}
|
|
666
|
-
response.cookies.set(nextAuthCookieName, nextAuthToken, cookieOptions);
|
|
667
|
-
debugLog('verifyAndRefreshToken', 'NextAuth session cookie set:', {
|
|
668
|
-
name: nextAuthCookieName,
|
|
669
|
-
valueLength: nextAuthToken.length,
|
|
670
|
-
});
|
|
671
|
-
// 커스텀 토큰 쿠키 설정
|
|
620
|
+
// 커스텀 토큰 쿠키만 설정
|
|
621
|
+
// NextAuth 쿠키는 handleJWTCallback에서 커스텀 토큰을 읽어서 자동 생성됨
|
|
672
622
|
if (newRefreshToken) {
|
|
673
623
|
setCustomTokens(response, refreshResult.accessToken, newRefreshToken, {
|
|
674
624
|
cookiePrefix,
|
|
@@ -683,7 +633,7 @@ async function verifyAndRefreshToken(req, secret, options) {
|
|
|
683
633
|
cookieDomain,
|
|
684
634
|
});
|
|
685
635
|
}
|
|
686
|
-
debugLog('verifyAndRefreshToken', '
|
|
636
|
+
debugLog('verifyAndRefreshToken', 'Custom cookies updated, NextAuth will pick them up via handleJWTCallback');
|
|
687
637
|
return { isValid: true, response, payload };
|
|
688
638
|
}
|
|
689
639
|
catch (error) {
|
|
@@ -1069,7 +1019,18 @@ async function getJWTFromCustomTokenCookie(cookieName, secret, serviceId, licens
|
|
|
1069
1019
|
}
|
|
1070
1020
|
const { payload } = tokenResult;
|
|
1071
1021
|
const jwt = createNextAuthJWT(payload, serviceId);
|
|
1072
|
-
|
|
1022
|
+
// accessTokenExpires 추가 (15분)
|
|
1023
|
+
jwt.accessTokenExpires = Date.now() + (15 * 60 * 1000);
|
|
1024
|
+
// refreshToken 읽기 (쿠키에서)
|
|
1025
|
+
const refreshTokenCookieName = cookieName.replace('_access_token', '_refresh_token');
|
|
1026
|
+
const refreshToken = cookieStore.get(refreshTokenCookieName)?.value;
|
|
1027
|
+
if (refreshToken) {
|
|
1028
|
+
jwt.refreshToken = refreshToken;
|
|
1029
|
+
}
|
|
1030
|
+
debugLog('getJWTFromCustomTokenCookie', 'JWT created successfully from custom token', {
|
|
1031
|
+
hasAccessTokenExpires: !!jwt.accessTokenExpires,
|
|
1032
|
+
hasRefreshToken: !!jwt.refreshToken,
|
|
1033
|
+
});
|
|
1073
1034
|
return jwt;
|
|
1074
1035
|
}
|
|
1075
1036
|
catch (error) {
|
package/package.json
CHANGED