alma/NeahStable
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fondation

Browse Source
This commit is contained in:
alma 2026-01-16 22:42:51 +01:00
parent 0c7dfe861a
commit d2926c452a
3 changed files with 7 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
app/api/auth/options.ts
View File

@ -192,6 +192,7 @@ async function refreshAccessToken(token: ExtendedJWT) {
} }
export const authOptions: NextAuthOptions = { export const authOptions: NextAuthOptions = {
debug: false, // Désactive les logs NextAuth en mode debug pour la sécurité
providers: [ providers: [
KeycloakProvider({ KeycloakProvider({
clientId: getRequiredEnvVar("KEYCLOAK_CLIENT_ID"), clientId: getRequiredEnvVar("KEYCLOAK_CLIENT_ID"),
@ -358,7 +359,7 @@ export const authOptions: NextAuthOptions = {
// If we recently failed, return error immediately (cooldown active) // If we recently failed, return error immediately (cooldown active)
if (timeSinceFailure < REFRESH_COOLDOWN_MS) { if (timeSinceFailure < REFRESH_COOLDOWN_MS) {
logger.debug('Refresh cooldown active, skipping refresh attempt', { logger.debug('Refresh cooldown active, skipping refresh attempt', {
userId, userIdHash: Buffer.from(userId).toString('base64').slice(0, 12),
timeSinceFailure, timeSinceFailure,
cooldownRemaining: REFRESH_COOLDOWN_MS - timeSinceFailure, cooldownRemaining: REFRESH_COOLDOWN_MS - timeSinceFailure,
}); });
@ -431,7 +432,7 @@ export const authOptions: NextAuthOptions = {
cleanupRefreshCooldown(); // Prevent memory leak cleanupRefreshCooldown(); // Prevent memory leak
logger.info("Keycloak session invalidated, setting cooldown", { logger.info("Keycloak session invalidated, setting cooldown", {
userId, userIdHash: Buffer.from(userId).toString('base64').slice(0, 12),
cooldownMs: REFRESH_COOLDOWN_MS, cooldownMs: REFRESH_COOLDOWN_MS,
}); });
@ -550,12 +551,11 @@ export const authOptions: NextAuthOptions = {
signIn: '/signin', signIn: '/signin',
error: '/signin', error: '/signin',
}, },
debug: process.env.NODE_ENV === 'development',
// Add error handling events // Add error handling events
events: { events: {
async signIn({ user, account, profile }) { async signIn({ user, account, profile }) {
logger.info('[NEXTAUTH] Sign-in event', { logger.info('[NEXTAUTH] Sign-in event', {
userId: user?.id, userIdHash: user?.id ? Buffer.from(user.id).toString('base64').slice(0, 12) : null,
emailPresent: !!user?.email, emailPresent: !!user?.email,
provider: account?.provider, provider: account?.provider,
}); });

3
app/api/courrier/unread-counts/route.ts
View File

@ -220,8 +220,7 @@ async function fetchUnreadCounts(userId: string): Promise<Record<string, Record<
unreadCounts[accountId][`${accountId}:${folder}`] = status.unseen; unreadCounts[accountId][`${accountId}:${folder}`] = status.unseen;
logger.debug('[UNREAD_API] Account folder unread count', { logger.debug('[UNREAD_API] Account folder unread count', {
accountId, accountIdHash: Buffer.from(accountId).toString('base64').slice(0, 12),
folder,
unseen: status.unseen unseen: status.unseen
}); });
} }

4
app/api/users/route.ts
View File

@ -13,8 +13,8 @@ export async function GET() {
logger.debug('[USERS] Session info', { logger.debug('[USERS] Session info', {
hasAccessToken: !!session.accessToken, hasAccessToken: !!session.accessToken,
userId: session.user.id, userIdHash: Buffer.from(session.user.id).toString('base64').slice(0, 12),
email: session.user.email, emailHash: session.user.email ? Buffer.from(session.user.email.toLowerCase()).toString('base64').slice(0, 12) : null,
}); });
try { try {