@thinkingcat/auth-utils 1.0.40 → 1.0.41
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +54 -7
- package/package.json +1 -1
package/dist/index.js
CHANGED
|
@@ -460,9 +460,33 @@ async function createAuthResponse(accessToken, secret, options) {
|
|
|
460
460
|
const response = redirectPath
|
|
461
461
|
? NextResponseClass.redirect(new URL(redirectPath, req.url), { status: 302 })
|
|
462
462
|
: NextResponseClass.json({ success: true, message: text || 'Authentication successful' }, { status: 200 });
|
|
463
|
-
// 4.
|
|
464
|
-
|
|
465
|
-
|
|
463
|
+
// 4. NextAuth 세션 쿠키 생성 (Edge Runtime에서도 작동하도록 encodeNextAuthToken 사용)
|
|
464
|
+
try {
|
|
465
|
+
const nextAuthToken = await encodeNextAuthToken(jwt, secret);
|
|
466
|
+
const nextAuthCookieName = isProduction
|
|
467
|
+
? '__Secure-next-auth.session-token'
|
|
468
|
+
: 'next-auth.session-token';
|
|
469
|
+
const cookieOptions = {
|
|
470
|
+
httpOnly: true,
|
|
471
|
+
secure: isProduction,
|
|
472
|
+
sameSite: isProduction ? 'none' : 'lax',
|
|
473
|
+
path: '/',
|
|
474
|
+
maxAge: 30 * 24 * 60 * 60, // 30일
|
|
475
|
+
};
|
|
476
|
+
if (cookieDomain) {
|
|
477
|
+
cookieOptions.domain = cookieDomain;
|
|
478
|
+
}
|
|
479
|
+
response.cookies.set(nextAuthCookieName, nextAuthToken, cookieOptions);
|
|
480
|
+
debugLog('createAuthResponse', 'NextAuth session cookie set:', {
|
|
481
|
+
name: nextAuthCookieName,
|
|
482
|
+
valueLength: nextAuthToken.length,
|
|
483
|
+
hasRefreshToken: !!refreshToken,
|
|
484
|
+
});
|
|
485
|
+
}
|
|
486
|
+
catch (error) {
|
|
487
|
+
debugError('createAuthResponse', 'Failed to set NextAuth cookie:', error);
|
|
488
|
+
// NextAuth 쿠키 실패해도 커스텀 토큰으로는 작동 가능
|
|
489
|
+
}
|
|
466
490
|
// 5. 커스텀 토큰 쿠키 설정
|
|
467
491
|
if (refreshToken) {
|
|
468
492
|
setCustomTokens(response, accessToken, refreshToken, {
|
|
@@ -1534,12 +1558,35 @@ async function handleMiddleware(req, config, options) {
|
|
|
1534
1558
|
const tokenRole = extractRoleFromPayload(payload, serviceId, defaultRole);
|
|
1535
1559
|
debugLog('handleMiddleware', `Extracted role: ${tokenRole}`);
|
|
1536
1560
|
// 3. Refresh token 가져오기 (서버 간 통신)
|
|
1537
|
-
const userId = payload.sub || payload.userId || '';
|
|
1561
|
+
const userId = payload.id || payload.sub || payload.userId || '';
|
|
1538
1562
|
const ssoBaseURL = options.ssoBaseURL;
|
|
1539
1563
|
const authServiceKey = options.authServiceKey;
|
|
1540
|
-
|
|
1541
|
-
|
|
1542
|
-
:
|
|
1564
|
+
debugLog('handleMiddleware', 'Getting refresh token from SSO:', {
|
|
1565
|
+
userId,
|
|
1566
|
+
hasSSO: !!ssoBaseURL,
|
|
1567
|
+
hasAuthKey: !!authServiceKey,
|
|
1568
|
+
});
|
|
1569
|
+
let refreshToken = '';
|
|
1570
|
+
if (authServiceKey && userId) {
|
|
1571
|
+
try {
|
|
1572
|
+
const refreshTokenResult = await getRefreshTokenFromSSO(userId, tokenParam, { ssoBaseURL, authServiceKey });
|
|
1573
|
+
refreshToken = refreshTokenResult || '';
|
|
1574
|
+
debugLog('handleMiddleware', 'Refresh token result:', {
|
|
1575
|
+
hasRefreshToken: !!refreshToken,
|
|
1576
|
+
length: refreshToken.length,
|
|
1577
|
+
});
|
|
1578
|
+
}
|
|
1579
|
+
catch (error) {
|
|
1580
|
+
debugError('handleMiddleware', 'Failed to get refresh token:', error);
|
|
1581
|
+
// refresh token이 없어도 access token으로는 로그인 가능
|
|
1582
|
+
}
|
|
1583
|
+
}
|
|
1584
|
+
else {
|
|
1585
|
+
debugLog('handleMiddleware', 'Skipping refresh token fetch:', {
|
|
1586
|
+
hasUserId: !!userId,
|
|
1587
|
+
hasAuthKey: !!authServiceKey,
|
|
1588
|
+
});
|
|
1589
|
+
}
|
|
1543
1590
|
// 4. 자체 토큰 생성 및 쿠키 설정
|
|
1544
1591
|
const redirectPath = config.rolePaths[tokenRole] || config.rolePaths[defaultRole] || '/admin';
|
|
1545
1592
|
debugLog('handleMiddleware', `Creating auth response, redirect to: ${redirectPath}`);
|
package/package.json
CHANGED