npm - @thinkingcat/auth-utils - Versions diffs - 1.0.39 → 1.0.40 - Mend

@thinkingcat/auth-utils 1.0.39 → 1.0.40

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/dist/index.js +6 -28
package/package.json +1 -1

package/dist/index.js CHANGED Viewed

@@ -448,44 +448,22 @@ async function createAuthResponse(accessToken, secret, options) {
     }
     // accessTokenExpires 추가 (15분)
     jwt.accessTokenExpires = Date.now() + (15 * 60 * 1000);
-    debugLog('createAuthResponse', 'JWT created:', {
+    debugLog('createAuthResponse', 'JWT prepared (NextAuth will create session from custom tokens):', {
         hasId: !!jwt.id,
         hasEmail: !!jwt.email,
         hasRole: !!jwt.role,
         hasRefreshToken: !!jwt.refreshToken,
     });
-    // 3. NextAuth 세션 쿠키 생성 (NextAuth encode() 우선 사용)
-    const nextAuthToken = await encodeNextAuthToken(jwt, secret);
-    debugLog('createAuthResponse', 'NextAuth session token encoded:', {
-        tokenLength: nextAuthToken.length,
-    });
-    // 4. Response 생성 (HTTP 302 리다이렉트 사용)
+    // 3. Response 생성 (HTTP 302 리다이렉트 사용)
     const { NextResponse: NextResponseClass } = await getNextServer();
     // redirectPath가 있으면 302 리다이렉트, 없으면 200 OK
     const response = redirectPath
         ? NextResponseClass.redirect(new URL(redirectPath, req.url), { status: 302 })
         : NextResponseClass.json({ success: true, message: text || 'Authentication successful' }, { status: 200 });
-    // 5. NextAuth 세션 쿠키 설정
-    const nextAuthCookieName = isProduction
-        ? '__Secure-next-auth.session-token'
-        : 'next-auth.session-token';
-    const cookieOptions = {
-        httpOnly: true,
-        secure: isProduction,
-        sameSite: isProduction ? 'none' : 'lax',
-        path: '/',
-        maxAge: 30 * 24 * 60 * 60, // 30일
-    };
-    if (cookieDomain) {
-        cookieOptions.domain = cookieDomain;
-    }
-    response.cookies.set(nextAuthCookieName, nextAuthToken, cookieOptions);
-    debugLog('createAuthResponse', 'NextAuth session cookie set:', {
-        name: nextAuthCookieName,
-        valueLength: nextAuthToken.length,
-        ...cookieOptions,
-    });
-    // 6. 커스텀 토큰 쿠키 설정
+    // 4. 처음 로그인 시에는 NextAuth 쿠키를 생성하지 않음
+    // Edge Runtime에서 생성한 NextAuth 쿠키는 Node.js Runtime에서 디코드 실패
+    // 대신 커스텀 토큰만 설정하고, handleJWTCallback이 이를 읽어서 세션 생성
+    // 5. 커스텀 토큰 쿠키 설정
     if (refreshToken) {
         setCustomTokens(response, accessToken, refreshToken, {
             cookiePrefix,

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@thinkingcat/auth-utils",
-  "version": "1.0.39",
+  "version": "1.0.40",
   "description": "Authentication utilities for ThinkingCat SSO services with conditional logging",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",