From 2c850d1c594fd7d86eb8de3a42852e0a55cbc75c Mon Sep 17 00:00:00 2001
From: Julien Froidefond <julien.froidefond@cdbdx.biz>
Date: Thu, 16 Oct 2025 23:56:46 +0200
Subject: [PATCH] chore: update ENV.md for NextAuth URL configuration, remove
 debug logging from middleware, and adjust session token handling in auth
 middleware

---
 ENV.md                     |  5 ++++-
 src/lib/auth.ts            | 14 +-------------
 src/lib/middleware-auth.ts |  7 ++++---
 src/middleware.ts          |  2 --
 4 files changed, 9 insertions(+), 19 deletions(-)

diff --git a/ENV.md b/ENV.md
index ff0c20b..b0b9dda 100644
--- a/ENV.md
+++ b/ENV.md
@@ -9,7 +9,10 @@ MONGODB_URI=mongodb://admin:your-secure-password@mongodb:27017/stripstream?authS
 
 # NextAuth Configuration
 NEXTAUTH_SECRET=your-secret-key-here-generate-with-openssl-rand-base64-32
-NEXTAUTH_URL=http://localhost:3020
+# Si derrière un reverse proxy HTTPS, utiliser l'URL HTTPS publique :
+NEXTAUTH_URL=https://ton-domaine.com
+# Sinon en local :
+# NEXTAUTH_URL=http://localhost:3020
 
 # Admin User (optional - default password for julienfroidefond@gmail.com)
 ADMIN_DEFAULT_PASSWORD=Admin@2025
diff --git a/src/lib/auth.ts b/src/lib/auth.ts
index 45fa61f..bbb6ce2 100644
--- a/src/lib/auth.ts
+++ b/src/lib/auth.ts
@@ -57,19 +57,7 @@ export const { handlers, auth, signIn, signOut } = NextAuth({
   session: {
     strategy: "jwt",
   },
-  cookies: {
-    sessionToken: {
-      name: process.env.NODE_ENV === "production" 
-        ? `__Secure-next-auth.session-token`
-        : `next-auth.session-token`,
-      options: {
-        httpOnly: true,
-        sameSite: "lax",
-        path: "/",
-        secure: process.env.NODE_ENV === "production",
-      },
-    },
-  },
   secret: process.env.NEXTAUTH_SECRET,
   trustHost: true,
+  // useSecureCookies sera automatiquement détecté via NEXTAUTH_URL
 });
\ No newline at end of file
diff --git a/src/lib/middleware-auth.ts b/src/lib/middleware-auth.ts
index a6b394c..42edd46 100644
--- a/src/lib/middleware-auth.ts
+++ b/src/lib/middleware-auth.ts
@@ -5,11 +5,12 @@ export async function getAuthSession(request: NextRequest) {
   try {
     const token = await getToken({ 
       req: request,
-      secret: process.env.NEXTAUTH_SECRET 
+      secret: process.env.NEXTAUTH_SECRET,
+      cookieName: process.env.NODE_ENV === "production" 
+        ? "__Secure-authjs.session-token"
+        : "authjs.session-token"
     });
     
-    console.log(`[getAuthSession] Token exists: ${!!token}, Secret configured: ${!!process.env.NEXTAUTH_SECRET}`);
-    
     if (!token) {
       return null;
     }
diff --git a/src/middleware.ts b/src/middleware.ts
index bf469a6..55d2ad1 100644
--- a/src/middleware.ts
+++ b/src/middleware.ts
@@ -40,8 +40,6 @@ export default async function middleware(request: NextRequest) {
   // Vérifier l'authentification avec NextAuth v5
   const session = await getAuthSession(request);
   
-  console.log(`[Middleware] Path: ${pathname}, Has session: ${!!session}`);
-  
   if (!session) {
     if (pathname.startsWith("/api/")) {
       return NextResponse.json(