From 1c6efb9d78e5b1d645d452e18106b0fea493ee3d Mon Sep 17 00:00:00 2001 From: Claude VM Date: Mon, 18 May 2026 23:46:47 +0300 Subject: [PATCH] debug(auth): expose session.debug={hasRefreshToken, expiresIn} MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Temporary — verify whether Marius's JWT has a refresh_token. Will revert once cause is identified. Co-Authored-By: Claude Opus 4.7 (1M context) --- src/core/auth/auth-options.ts | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/src/core/auth/auth-options.ts b/src/core/auth/auth-options.ts index 6d3760b..86a18db 100644 --- a/src/core/auth/auth-options.ts +++ b/src/core/auth/auth-options.ts @@ -161,6 +161,16 @@ export const authOptions: NextAuthOptions = { (session as any).accessToken = token.accessToken; // Surface refresh failure so the client can force a re-login UX. if (token.error) (session as any).error = token.error; + // Temporary diagnostic — confirms whether jwt callback captured a + // refresh_token + expiry on sign-in. Reveal counts/booleans only, + // never the actual tokens. + (session as any).debug = { + hasRefreshToken: !!token.refreshToken, + accessTokenExpiresIn: + typeof token.accessTokenExpires === "number" + ? Math.round((token.accessTokenExpires - Date.now()) / 1000) + : null, + }; // Faza C cutover flag — exposed on session so client components can // branch the same way server routes do (env-driven, evaluated per // request so flag flip + container restart picks up without rebuild).