create-nara 1.0.8 → 1.0.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of create-nara might be problematic. Click here for more details.

Files changed (3) hide show
  1. package/package.json +1 -1
  2. package/templates/features/auth/app/controllers/AuthController.ts +9 -10
  3. package/templates/features/auth/app/middlewares/auth.ts +2 -2
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "create-nara",
3
- "version": "1.0.8",
3
+ "version": "1.0.9",
4
4
  "description": "CLI to scaffold NARA projects",
5
5
  "type": "module",
6
6
  "bin": {
package/templates/features/auth/app/controllers/AuthController.ts CHANGED
@@ -4,14 +4,13 @@ import bcrypt from 'bcrypt';
4
4
  import jwt from 'jsonwebtoken';
5
5
 
6
6
  const JWT_SECRET = process.env.JWT_SECRET || 'your-secret-key';
7
- const JWT_EXPIRES_IN = process.env.JWT_EXPIRES_IN || '7d';
7
+ const JWT_EXPIRES_SECONDS = 7 * 24 * 60 * 60; // 7 days in seconds
8
8
 
9
9
  // Cookie options for auth token
10
10
  const COOKIE_OPTIONS = {
11
11
  httpOnly: true,
12
12
  secure: process.env.NODE_ENV === 'production',
13
13
  sameSite: 'lax' as const,
14
- maxAge: 7 * 24 * 60 * 60 * 1000, // 7 days in milliseconds
15
14
  path: '/',
16
15
  };
17
16
 
@@ -33,11 +32,11 @@ export class AuthController extends BaseController {
33
32
  const token = jwt.sign(
34
33
  { userId: 1, email, name: 'Demo User' },
35
34
  JWT_SECRET,
36
- { expiresIn: JWT_EXPIRES_IN }
35
+ { expiresIn: JWT_EXPIRES_SECONDS }
37
36
  );
38
37
 
39
- // Set auth cookie for web routes
40
- res.cookie('auth_token', token, COOKIE_OPTIONS);
38
+ // Set auth cookie for web routes (maxAge in ms)
39
+ res.cookie('auth_token', token, JWT_EXPIRES_SECONDS * 1000, COOKIE_OPTIONS);
41
40
 
42
41
  return jsonSuccess(res, {
43
42
  user: { id: 1, email, name: 'Demo User' },
@@ -66,11 +65,11 @@ export class AuthController extends BaseController {
66
65
  const token = jwt.sign(
67
66
  { userId: 1, email, name },
68
67
  JWT_SECRET,
69
- { expiresIn: JWT_EXPIRES_IN }
68
+ { expiresIn: JWT_EXPIRES_SECONDS }
70
69
  );
71
70
 
72
- // Set auth cookie for web routes
73
- res.cookie('auth_token', token, COOKIE_OPTIONS);
71
+ // Set auth cookie for web routes (maxAge in ms)
72
+ res.cookie('auth_token', token, JWT_EXPIRES_SECONDS * 1000, COOKIE_OPTIONS);
74
73
 
75
74
  return jsonSuccess(res, {
76
75
  user: { id: 1, email, name },
@@ -89,8 +88,8 @@ export class AuthController extends BaseController {
89
88
  }
90
89
 
91
90
  async logout(req: NaraRequest, res: NaraResponse) {
92
- // Clear auth cookie
93
- res.cookie('auth_token', '', { ...COOKIE_OPTIONS, maxAge: 0 });
91
+ // Clear auth cookie (set maxAge to 0)
92
+ res.cookie('auth_token', '', 0, COOKIE_OPTIONS);
94
93
 
95
94
  return jsonSuccess(res, { redirect: '/login' }, 'Logged out successfully');
96
95
  }
package/templates/features/auth/app/middlewares/auth.ts CHANGED
@@ -49,7 +49,7 @@ export function webAuthMiddleware(req: NaraRequest, res: NaraResponse, next: ()
49
49
  next();
50
50
  } catch (error) {
51
51
  // Clear invalid token
52
- res.cookie('auth_token', '', { maxAge: 0 });
52
+ res.cookie('auth_token', '', 0);
53
53
  if (req.headers['x-inertia']) {
54
54
  res.status(409).setHeader('X-Inertia-Location', '/login').send('');
55
55
  } else {
@@ -77,7 +77,7 @@ export function guestMiddleware(req: NaraRequest, res: NaraResponse, next: () =>
77
77
  return;
78
78
  } catch {
79
79
  // Invalid token, clear it and continue
80
- res.cookie('auth_token', '', { maxAge: 0 });
80
+ res.cookie('auth_token', '', 0);
81
81
  }
82
82
  }
83
83