julienfroidefond/stripstream
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore: update ENV.md for NextAuth URL configuration, remove debug logging from middleware, and adjust session token handling in auth middleware

Browse Source
This commit is contained in:
Julien Froidefond
2025-10-16 23:56:46 +02:00
parent 57a1cb5e46
commit 2c850d1c59
4 changed files with 9 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
ENV.md
View File

@@ -9,7 +9,10 @@ MONGODB_URI=mongodb://admin:your-secure-password@mongodb:27017/stripstream?authS
# NextAuth Configuration # NextAuth Configuration
NEXTAUTH_SECRET=your-secret-key-here-generate-with-openssl-rand-base64-32 NEXTAUTH_SECRET=your-secret-key-here-generate-with-openssl-rand-base64-32
NEXTAUTH_URL=http://localhost:3020 # Si derrière un reverse proxy HTTPS, utiliser l'URL HTTPS publique :
NEXTAUTH_URL=https://ton-domaine.com
# Sinon en local :
# NEXTAUTH_URL=http://localhost:3020
# Admin User (optional - default password for julienfroidefond@gmail.com) # Admin User (optional - default password for julienfroidefond@gmail.com)
ADMIN_DEFAULT_PASSWORD=Admin@2025 ADMIN_DEFAULT_PASSWORD=Admin@2025

14
src/lib/auth.ts
View File

@@ -57,19 +57,7 @@ export const { handlers, auth, signIn, signOut } = NextAuth({
session: { session: {
strategy: "jwt", strategy: "jwt",
}, },
cookies: {
sessionToken: {
name: process.env.NODE_ENV === "production"
? `__Secure-next-auth.session-token`
: `next-auth.session-token`,
options: {
httpOnly: true,
sameSite: "lax",
path: "/",
secure: process.env.NODE_ENV === "production",
},
},
},
secret: process.env.NEXTAUTH_SECRET, secret: process.env.NEXTAUTH_SECRET,
trustHost: true, trustHost: true,
// useSecureCookies sera automatiquement détecté via NEXTAUTH_URL
}); });

7
src/lib/middleware-auth.ts
View File

@@ -5,11 +5,12 @@ export async function getAuthSession(request: NextRequest) {
try { try {
const token = await getToken({ const token = await getToken({
req: request, req: request,
secret: process.env.NEXTAUTH_SECRET secret: process.env.NEXTAUTH_SECRET,
cookieName: process.env.NODE_ENV === "production"
? "__Secure-authjs.session-token"
: "authjs.session-token"
}); });
console.log(`[getAuthSession] Token exists: ${!!token}, Secret configured: ${!!process.env.NEXTAUTH_SECRET}`);
if (!token) { if (!token) {
return null; return null;
} }

2
src/middleware.ts
View File

@@ -40,8 +40,6 @@ export default async function middleware(request: NextRequest) {
// Vérifier l'authentification avec NextAuth v5 // Vérifier l'authentification avec NextAuth v5
const session = await getAuthSession(request); const session = await getAuthSession(request);
console.log(`[Middleware] Path: ${pathname}, Has session: ${!!session}`);
if (!session) { if (!session) {
if (pathname.startsWith("/api/")) { if (pathname.startsWith("/api/")) {
return NextResponse.json( return NextResponse.json(