ugly-app 0.1.300 → 0.1.301
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli/version.d.ts +1 -1
- package/dist/cli/version.js +1 -1
- package/dist/server/Auth.d.ts.map +1 -1
- package/dist/server/Auth.js +2 -32
- package/dist/server/Auth.js.map +1 -1
- package/package.json +1 -1
- package/src/cli/version.ts +1 -1
- package/src/server/Auth.ts +2 -32
package/dist/cli/version.d.ts
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
export declare const CLI_VERSION = "0.1.
|
|
1
|
+
export declare const CLI_VERSION = "0.1.301";
|
|
2
2
|
//# sourceMappingURL=version.d.ts.map
|
package/dist/cli/version.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Auth.d.ts","sourceRoot":"","sources":["../../src/server/Auth.ts"],"names":[],"mappings":"AACA,OAAO,OAAO,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAS3D,wBAAsB,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,
|
|
1
|
+
{"version":3,"file":"Auth.d.ts","sourceRoot":"","sources":["../../src/server/Auth.ts"],"names":[],"mappings":"AACA,OAAO,OAAO,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAS3D,wBAAsB,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAahE;AAED,MAAM,WAAW,YAAY;IAG3B,MAAM,CACJ,IAAI,EAAE,MAAM,GACX,OAAO,CAAC;QAAE,MAAM,EAAE,MAAM,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAE/C,OAAO,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,CAAC;IAEhC,cAAc,CAAC,CAAC,MAAM,EAAE,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;CAC/C;AAED,eAAO,MAAM,mBAAmB,EAAE,YAyBjC,CAAC;AAGF,MAAM,MAAM,YAAY,GAAG,CACzB,MAAM,EAAE,MAAM,EACd,IAAI,EAAE;IAAE,KAAK,CAAC,EAAE,MAAM,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAA;CAAE,EACxC,EAAE,EAAE,OAAO,CAAC,GAAG,CAAC,KACb,OAAO,CAAC,IAAI,CAAC,CAAC;AAInB,eAAO,MAAM,cAAc,EAAE,UAAU,CAAC,GAAG,CAY1C,CAAC;AAIF,wBAAgB,gBAAgB,CAAC,QAAQ,CAAC,EAAE,YAAY,GAAG,OAAO,CAAC,MAAM,CAAC;AAE1E,wBAAgB,gBAAgB,CAE9B,EAAE,EAAE,OAAO,CAAC,GAAG,CAAC,EAEhB,UAAU,EAAE,UAAU,CAAC,GAAG,CAAC,EAC3B,YAAY,EAAE,YAAY,EAC1B,QAAQ,CAAC,EAAE,YAAY,GACtB,OAAO,CAAC,MAAM,CAAC"}
|
package/dist/server/Auth.js
CHANGED
|
@@ -6,23 +6,6 @@ import { createTypedDB } from './DB.js';
|
|
|
6
6
|
/** Default cookie max-age: 30 days (in seconds). */
|
|
7
7
|
const COOKIE_MAX_AGE_SECONDS = 30 * 24 * 60 * 60;
|
|
8
8
|
export async function verifyToken(token) {
|
|
9
|
-
// Local JWT verification — for apps that are the auth server (JWT_SECRET set)
|
|
10
|
-
// or for tests (TEST_JWT_SECRET set)
|
|
11
|
-
const jwtSecret = process.env['JWT_SECRET'] ?? process.env['TEST_JWT_SECRET'];
|
|
12
|
-
if (jwtSecret) {
|
|
13
|
-
try {
|
|
14
|
-
const { jwtVerify } = await import('jose');
|
|
15
|
-
const secret = new TextEncoder().encode(jwtSecret);
|
|
16
|
-
const { payload } = await jwtVerify(token, secret);
|
|
17
|
-
if (!payload.sub)
|
|
18
|
-
throw new AuthError('Invalid token');
|
|
19
|
-
return payload.sub;
|
|
20
|
-
}
|
|
21
|
-
catch {
|
|
22
|
-
// Local verification failed — token may have been signed by ugly.bot OAuth.
|
|
23
|
-
// Fall through to remote verification.
|
|
24
|
-
}
|
|
25
|
-
}
|
|
26
9
|
const verifyUrl = `${getUglyBotUrl()}/verify`;
|
|
27
10
|
const res = await fetch(verifyUrl, {
|
|
28
11
|
headers: { Authorization: `Bearer ${token}` },
|
|
@@ -110,20 +93,7 @@ userHelper, onUserCreate, provider) {
|
|
|
110
93
|
if (!verifyResult.token) {
|
|
111
94
|
throw new Error('Auth provider did not return a token');
|
|
112
95
|
}
|
|
113
|
-
|
|
114
|
-
// don't require a remote round-trip (the OAuth token is signed by ugly.bot's key).
|
|
115
|
-
let cookieToken = verifyResult.token;
|
|
116
|
-
const jwtSecret = process.env['JWT_SECRET'];
|
|
117
|
-
if (jwtSecret) {
|
|
118
|
-
const { SignJWT } = await import('jose');
|
|
119
|
-
const secret = new TextEncoder().encode(jwtSecret);
|
|
120
|
-
cookieToken = await new SignJWT({ sub: verifyResult.userId })
|
|
121
|
-
.setProtectedHeader({ alg: 'HS256' })
|
|
122
|
-
.setIssuedAt()
|
|
123
|
-
.setExpirationTime('30d')
|
|
124
|
-
.sign(secret);
|
|
125
|
-
}
|
|
126
|
-
res.cookie('auth_token', cookieToken, {
|
|
96
|
+
res.cookie('auth_token', verifyResult.token, {
|
|
127
97
|
httpOnly: true,
|
|
128
98
|
secure: process.env.NODE_ENV === 'production',
|
|
129
99
|
sameSite: 'lax',
|
|
@@ -131,7 +101,7 @@ userHelper, onUserCreate, provider) {
|
|
|
131
101
|
path: '/',
|
|
132
102
|
});
|
|
133
103
|
console.log('[Auth] Login success, setting cookie');
|
|
134
|
-
res.json({ token:
|
|
104
|
+
res.json({ token: verifyResult.token });
|
|
135
105
|
}
|
|
136
106
|
catch (err) {
|
|
137
107
|
console.error('[Auth] OAuth verify failed', err);
|
package/dist/server/Auth.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Auth.js","sourceRoot":"","sources":["../../src/server/Auth.ts"],"names":[],"mappings":"AACA,OAAO,OAAO,MAAM,SAAS,CAAC;AAE9B,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAC/C,OAAO,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAChD,OAAO,EAAE,aAAa,EAAE,MAAM,yBAAyB,CAAC;AACxD,OAAO,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AAExC,oDAAoD;AACpD,MAAM,sBAAsB,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;AAEjD,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,KAAa;IAC7C,
|
|
1
|
+
{"version":3,"file":"Auth.js","sourceRoot":"","sources":["../../src/server/Auth.ts"],"names":[],"mappings":"AACA,OAAO,OAAO,MAAM,SAAS,CAAC;AAE9B,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAC/C,OAAO,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAChD,OAAO,EAAE,aAAa,EAAE,MAAM,yBAAyB,CAAC;AACxD,OAAO,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AAExC,oDAAoD;AACpD,MAAM,sBAAsB,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;AAEjD,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,KAAa;IAC7C,MAAM,SAAS,GAAG,GAAG,aAAa,EAAE,SAAS,CAAC;IAC9C,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,SAAS,EAAE;QACjC,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,KAAK,EAAE,EAAE;KAC9C,CAAC,CAAC;IACH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;QACZ,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC;QAC9C,OAAO,CAAC,KAAK,CAAC,gCAAgC,GAAG,CAAC,MAAM,IAAI,IAAI,QAAQ,SAAS,EAAE,CAAC,CAAC;QACrF,MAAM,IAAI,SAAS,CAAC,eAAe,CAAC,CAAC;IACvC,CAAC;IACD,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAwB,CAAC;IACvD,IAAI,CAAC,IAAI,CAAC,MAAM;QAAE,MAAM,IAAI,SAAS,CAAC,eAAe,CAAC,CAAC;IACvD,OAAO,IAAI,CAAC,MAAM,CAAC;AACrB,CAAC;AAcD,MAAM,CAAC,MAAM,mBAAmB,GAAiB;IAC/C,OAAO,EAAE,CAAC,MAAc,EAAE,EAAE,CAC1B,GAAG,aAAa,EAAE,iBAAiB,kBAAkB,CAAC,MAAM,CAAC,EAAE;IACjE,MAAM,EAAE,KAAK,EAAE,IAAY,EAAE,EAAE;QAC7B,MAAM,SAAS,GAAG,GAAG,aAAa,EAAE,sBAAsB,kBAAkB,CAAC,IAAI,CAAC,EAAE,CAAC;QACrF,OAAO,CAAC,GAAG,CAAC,wBAAwB,EAAE,SAAS,CAAC,CAAC;QACjD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,SAAS,CAAC,CAAC;QACxC,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC;YACnD,OAAO,CAAC,KAAK,CAAC,qCAAqC,EAAE;gBACnD,MAAM,EAAE,QAAQ,CAAC,MAAM;gBACvB,GAAG,EAAE,SAAS;gBACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,GAAG,CAAC;aAC7B,CAAC,CAAC;YACH,MAAM,IAAI,KAAK,CAAC,wCAAwC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;QAC7E,CAAC;QACD,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAGlC,CAAC;QACF,OAAO;YACL,MAAM,EAAE,IAAI,CAAC,OAAO;YACpB,KAAK,EAAE,IAAI,CAAC,KAAK;SAClB,CAAC;IACJ,CAAC;CACF,CAAC;AASF,uFAAuF;AACvF,8DAA8D;AAC9D,MAAM,CAAC,MAAM,cAAc,GAAoB;IAC7C,4DAA4D;IAC5D,GAAG,EAAE,KAAK,IAAI,EAAE,CAAC,IAAI;IACrB,4DAA4D;IAC5D,GAAG,EAAE,KAAK,IAAI,EAAE,CAAC,KAAK;IACtB,4DAA4D;IAC5D,MAAM,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,EAAE,CAAC,CAAC;QAC9B,EAAE,EAAE,MAAM;QACV,OAAO,EAAE,CAAC;QACV,OAAO,EAAE,IAAI,IAAI,EAAE;QACnB,OAAO,EAAE,IAAI,IAAI,EAAE;KACpB,CAAC;CACH,CAAC;AACF,MAAM,gBAAgB,GAAiB,KAAK,IAAI,EAAE,GAAE,CAAC,CAAC;AAatD,MAAM,UAAU,gBAAgB;AAC9B,8DAA8D;AAC9D,YAA0C;AAC1C,8DAA8D;AAC9D,UAA4B,EAC5B,YAA2B,EAC3B,QAAuB;IAEvB,gFAAgF;IAChF,8DAA8D;IAC9D,IAAI,EAAgB,CAAC;IACrB,IAAI,gBAA8B,CAAC;IACnC,8DAA8D;IAC9D,MAAM,cAAc,GAAG,CAAC,CAAU,EAAqB,EAAE,CACvD,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,KAAK,IAAI,IAAI,QAAQ,IAAI,CAAC,IAAI,SAAS,IAAI,CAAC,CAAC;IAEzE,IAAI,YAAY,KAAK,SAAS,IAAI,cAAc,CAAC,YAAY,CAAC,EAAE,CAAC;QAC/D,EAAE,GAAG,aAAa,CAAC,YAAY,CAAC,CAAC;QACjC,gBAAgB,GAAG,YAAY,IAAI,mBAAmB,CAAC;IACzD,CAAC;SAAM,CAAC;QACN,EAAE,GAAG,YAAY,CAAC;QAClB,gBAAgB,GAAG,QAAQ,IAAI,mBAAmB,CAAC;IACrD,CAAC;IACD,MAAM,kBAAkB,GAAG,UAAU,IAAI,cAAc,CAAC;IACxD,MAAM,oBAAoB,GAAG,YAAY,IAAI,gBAAgB,CAAC;IAE9D,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAEhC,+FAA+F;IAC/F,MAAM,CAAC,IAAI,CAAC,cAAc,EAAE,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,EAAE;QAChE,IAAI,CAAC;YACH,MAAM,EAAE,IAAI,EAAE,GAAG,GAAG,CAAC,IAAyB,CAAC;YAC/C,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,CAAC,CAAC;gBAChD,OAAO;YACT,CAAC;YACD,MAAM,YAAY,GAAG,MAAM,gBAAgB,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;YACzD,OAAO,CAAC,GAAG,CAAC,+BAA+B,EAAE,YAAY,CAAC,MAAM,EAAE,WAAW,EAAE,CAAC,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC;YACrG,IAAI,CAAC,YAAY,CAAC,KAAK,EAAE,CAAC;gBACxB,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;YAC1D,CAAC;YAED,GAAG,CAAC,MAAM,CAAC,YAAY,EAAE,YAAY,CAAC,KAAK,EAAE;gBAC3C,QAAQ,EAAE,IAAI;gBACd,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY;gBAC7C,QAAQ,EAAE,KAAK;gBACf,MAAM,EAAE,sBAAsB,GAAG,IAAI;gBACrC,IAAI,EAAE,GAAG;aACV,CAAC,CAAC;YACH,OAAO,CAAC,GAAG,CAAC,sCAAsC,CAAC,CAAC;YACpD,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,YAAY,CAAC,KAAK,EAAE,CAAC,CAAC;QAC1C,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,4BAA4B,EAAE,GAAG,CAAC,CAAC;YACjD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,uBAAuB,EAAE,CAAC,CAAC;QAC3D,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,uEAAuE;IACvE,MAAM,CAAC,GAAG,CAAC,aAAa,EAAE,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,EAAE;QAC9D,MAAM,KAAK,GAAG,GAAG,CAAC,OAAO,EAAE,UAAgC,CAAC;QAC5D,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,YAAY,EAAE,CAAC,CAAC;YAC9C,OAAO;QACT,CAAC;QACD,IAAI,CAAC;YACH,yCAAyC;YACzC,MAAM,WAAW,CAAC,KAAK,CAAC,CAAC;YACzB,kCAAkC;YAClC,GAAG,CAAC,MAAM,CAAC,YAAY,EAAE,KAAK,EAAE;gBAC9B,QAAQ,EAAE,IAAI;gBACd,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY;gBAC7C,QAAQ,EAAE,KAAK;gBACf,MAAM,EAAE,sBAAsB,GAAG,IAAI;gBACrC,IAAI,EAAE,GAAG;aACV,CAAC,CAAC;YACH,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;QACtB,CAAC;QAAC,MAAM,CAAC;YACP,GAAG,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;YAC9B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,iBAAiB,EAAE,CAAC,CAAC;QACrD,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,6CAA6C;IAC7C,MAAM,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC,IAAa,EAAE,GAAa,EAAE,EAAE;QAC3D,GAAG,CAAC,WAAW,CAAC,YAAY,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC;QAC7C,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;IACzB,CAAC,CAAC,CAAC;IAEH,6DAA6D;IAC7D,MAAM,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,GAAY,EAAE,GAAa,EAAE,EAAE;QACtD,MAAM,MAAM,GAAG,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAuB,CAAC;QACzD,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,gBAAgB,EAAE,CAAC,CAAC;YAClD,OAAO;QACT,CAAC;QACD,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,gBAAgB,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IACtD,CAAC,CAAC,CAAC;IAEH,wCAAwC;IACxC,IAAI,gBAAgB,CAAC,cAAc,EAAE,CAAC;QACpC,gBAAgB,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;IAC1C,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC"}
|
package/package.json
CHANGED
package/src/cli/version.ts
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
1
|
// Auto-generated by prebuild — do not edit manually
|
|
2
|
-
export const CLI_VERSION = "0.1.
|
|
2
|
+
export const CLI_VERSION = "0.1.301";
|
package/src/server/Auth.ts
CHANGED
|
@@ -10,22 +10,6 @@ import { createTypedDB } from './DB.js';
|
|
|
10
10
|
const COOKIE_MAX_AGE_SECONDS = 30 * 24 * 60 * 60;
|
|
11
11
|
|
|
12
12
|
export async function verifyToken(token: string): Promise<string> {
|
|
13
|
-
// Local JWT verification — for apps that are the auth server (JWT_SECRET set)
|
|
14
|
-
// or for tests (TEST_JWT_SECRET set)
|
|
15
|
-
const jwtSecret = process.env['JWT_SECRET'] ?? process.env['TEST_JWT_SECRET'];
|
|
16
|
-
if (jwtSecret) {
|
|
17
|
-
try {
|
|
18
|
-
const { jwtVerify } = await import('jose');
|
|
19
|
-
const secret = new TextEncoder().encode(jwtSecret);
|
|
20
|
-
const { payload } = await jwtVerify(token, secret);
|
|
21
|
-
if (!payload.sub) throw new AuthError('Invalid token');
|
|
22
|
-
return payload.sub;
|
|
23
|
-
} catch {
|
|
24
|
-
// Local verification failed — token may have been signed by ugly.bot OAuth.
|
|
25
|
-
// Fall through to remote verification.
|
|
26
|
-
}
|
|
27
|
-
}
|
|
28
|
-
|
|
29
13
|
const verifyUrl = `${getUglyBotUrl()}/verify`;
|
|
30
14
|
const res = await fetch(verifyUrl, {
|
|
31
15
|
headers: { Authorization: `Bearer ${token}` },
|
|
@@ -156,21 +140,7 @@ export function createAuthRoutes(
|
|
|
156
140
|
throw new Error('Auth provider did not return a token');
|
|
157
141
|
}
|
|
158
142
|
|
|
159
|
-
|
|
160
|
-
// don't require a remote round-trip (the OAuth token is signed by ugly.bot's key).
|
|
161
|
-
let cookieToken = verifyResult.token;
|
|
162
|
-
const jwtSecret = process.env['JWT_SECRET'];
|
|
163
|
-
if (jwtSecret) {
|
|
164
|
-
const { SignJWT } = await import('jose');
|
|
165
|
-
const secret = new TextEncoder().encode(jwtSecret);
|
|
166
|
-
cookieToken = await new SignJWT({ sub: verifyResult.userId })
|
|
167
|
-
.setProtectedHeader({ alg: 'HS256' })
|
|
168
|
-
.setIssuedAt()
|
|
169
|
-
.setExpirationTime('30d')
|
|
170
|
-
.sign(secret);
|
|
171
|
-
}
|
|
172
|
-
|
|
173
|
-
res.cookie('auth_token', cookieToken, {
|
|
143
|
+
res.cookie('auth_token', verifyResult.token, {
|
|
174
144
|
httpOnly: true,
|
|
175
145
|
secure: process.env.NODE_ENV === 'production',
|
|
176
146
|
sameSite: 'lax',
|
|
@@ -178,7 +148,7 @@ export function createAuthRoutes(
|
|
|
178
148
|
path: '/',
|
|
179
149
|
});
|
|
180
150
|
console.log('[Auth] Login success, setting cookie');
|
|
181
|
-
res.json({ token:
|
|
151
|
+
res.json({ token: verifyResult.token });
|
|
182
152
|
} catch (err) {
|
|
183
153
|
console.error('[Auth] OAuth verify failed', err);
|
|
184
154
|
res.status(401).json({ error: 'Authentication failed' });
|