nucleus-core-ts 0.9.702 → 0.9.703
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/src/Client/Proxy/wsProxy.js +28 -15
- package/package.json +1 -1
|
@@ -25,23 +25,36 @@ export function createWsProxyHandler(config) {
|
|
|
25
25
|
url = `${url}?${queryString}`;
|
|
26
26
|
}
|
|
27
27
|
if (target.injectTokenFromCookie) {
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
28
|
+
const paramName = target.injectTokenFromCookie.queryParam ?? 'token';
|
|
29
|
+
// PRECEDENCE: respect a token the client already supplied in the URL.
|
|
30
|
+
// The frontend fetches/refreshes a FRESH access_token server-side and puts
|
|
31
|
+
// it in `?token=`. The browser ALSO auto-sends the spanning HttpOnly
|
|
32
|
+
// `access_token` COOKIE on the WS handshake — but on a sibling subdomain
|
|
33
|
+
// (e.g. acta./ace.) that cookie is STALE/expired (only www activity
|
|
34
|
+
// refreshes it), and a fallback `session_token` isn't a valid bearer for
|
|
35
|
+
// the backend. Injecting the cookie therefore OVERRODE the fresh client
|
|
36
|
+
// token → backend closed the WS with "Not authenticated". Only inject from
|
|
37
|
+
// the cookie when the client supplied no token.
|
|
38
|
+
if (query.get(paramName)) {
|
|
39
|
+
logger.info(`[WS:auth] Using client-supplied ${paramName} for ${path}`);
|
|
40
|
+
} else {
|
|
41
|
+
let token = cookies[target.injectTokenFromCookie.cookieName];
|
|
42
|
+
let tokenSource = target.injectTokenFromCookie.cookieName;
|
|
43
|
+
if (!token && target.injectTokenFromCookie.fallbackCookieNames) {
|
|
44
|
+
for (const fallback of target.injectTokenFromCookie.fallbackCookieNames){
|
|
45
|
+
if (cookies[fallback]) {
|
|
46
|
+
token = cookies[fallback];
|
|
47
|
+
tokenSource = `${fallback} (fallback)`;
|
|
48
|
+
break;
|
|
49
|
+
}
|
|
36
50
|
}
|
|
37
51
|
}
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
logger.warn(`[WS:auth] No token found for ${path} — tried: ${target.injectTokenFromCookie.cookieName}${target.injectTokenFromCookie.fallbackCookieNames ? `, ${target.injectTokenFromCookie.fallbackCookieNames.join(', ')}` : ''}`);
|
|
52
|
+
if (token) {
|
|
53
|
+
url = addQueryParam(url, paramName, token);
|
|
54
|
+
logger.info(`[WS:auth] Token injected from ${tokenSource} for ${path}`);
|
|
55
|
+
} else {
|
|
56
|
+
logger.warn(`[WS:auth] No token found for ${path} — tried: ${target.injectTokenFromCookie.cookieName}${target.injectTokenFromCookie.fallbackCookieNames ? `, ${target.injectTokenFromCookie.fallbackCookieNames.join(', ')}` : ''}`);
|
|
57
|
+
}
|
|
45
58
|
}
|
|
46
59
|
}
|
|
47
60
|
return url;
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "nucleus-core-ts",
|
|
3
|
-
"version": "0.9.
|
|
3
|
+
"version": "0.9.703",
|
|
4
4
|
"description": "Production-ready, enterprise-grade TypeScript framework for building multi-tenant APIs",
|
|
5
5
|
"author": "Hidayet Can \u00d6zcan <hidayetcan@gmail.com>",
|
|
6
6
|
"license": "SEE LICENSE IN LICENSE",
|