passkey fix

2025-12-12 06:52:24 +00:00 · 2023-08-29 16:37:46 +02:00
parent 6d6a629e33
commit 88ef377658
3 changed files with 42 additions and 33 deletions
--- a/apps/login/app/api/session/route.ts
+++ b/apps/login/app/api/session/route.ts
@@ -45,7 +45,7 @@ export async function PUT(request: NextRequest) {
  const body = await request.json();

  if (body) {
-    const { loginName, password, passkey, authRequestId } = body;
+    const { loginName, password, webAuthN, authRequestId } = body;
    const challenges: RequestChallenges = body.challenges;

    const recentPromise: Promise<SessionCookie> = loginName
@@ -64,12 +64,13 @@ export async function PUT(request: NextRequest) {

    return recentPromise
      .then((recent) => {
+        console.log("setsession", webAuthN);
        return setSessionAndUpdateCookie(
          recent.id,
          recent.token,
          recent.loginName,
          password,
-          passkey,
+          webAuthN,
          challenges,
          authRequestId
        ).then((session) => {
--- a/apps/login/ui/LoginPasskey.tsx
+++ b/apps/login/ui/LoginPasskey.tsx
@@ -33,7 +33,7 @@ export default function LoginPasskey({
        .then((response) => {
          console.log(response);
          const pK =
-            response.challenges.passkey.publicKeyCredentialRequestOptions
+            response.challenges.webAuthN.publicKeyCredentialRequestOptions
              .publicKey;
          if (pK) {
            submitLoginAndContinue(pK)
@@ -68,7 +68,7 @@ export default function LoginPasskey({
        challenges: {
          webAuthN: {
            domain: "",
-            userVerificationRequirement: 2,
+            userVerificationRequirement: 1,
          },
        },
        authRequestId,
@@ -85,6 +85,7 @@ export default function LoginPasskey({

  async function submitLogin(data: any) {
    setLoading(true);
+    console.log(data);
    const res = await fetch("/api/session", {
      method: "PUT",
      headers: {
@@ -92,7 +93,7 @@ export default function LoginPasskey({
      },
      body: JSON.stringify({
        loginName,
-        passkey: data,
+        webAuthN: { credentialAssertionData: data },
        authRequestId,
      }),
    });
@@ -127,18 +128,18 @@ export default function LoginPasskey({
      })
      .then((assertedCredential: any) => {
        if (assertedCredential) {
-          let authData = new Uint8Array(
+          const authData = new Uint8Array(
            assertedCredential.response.authenticatorData
          );
-          let clientDataJSON = new Uint8Array(
+          const clientDataJSON = new Uint8Array(
            assertedCredential.response.clientDataJSON
          );
-          let rawId = new Uint8Array(assertedCredential.rawId);
-          let sig = new Uint8Array(assertedCredential.response.signature);
-          let userHandle = new Uint8Array(
+          const rawId = new Uint8Array(assertedCredential.rawId);
+          const sig = new Uint8Array(assertedCredential.response.signature);
+          const userHandle = new Uint8Array(
            assertedCredential.response.userHandle
          );
-          let data = JSON.stringify({
+          const data = JSON.stringify({
            id: assertedCredential.id,
            rawId: coerceToBase64Url(rawId, "rawId"),
            type: assertedCredential.type,
--- a/apps/login/utils/session.ts
+++ b/apps/login/utils/session.ts
@@ -58,17 +58,16 @@ export async function setSessionAndUpdateCookie(
  sessionToken: string,
  loginName: string,
  password: string | undefined,
-  passkey: { credentialAssertionData: any } | undefined,
+  webAuthN: { credentialAssertionData: any } | undefined,
  challenges: RequestChallenges | undefined,
  authRequestId: string | undefined
 ): Promise<SessionWithChallenges> {
-  console.log(password, passkey, challenges);
  return setSession(
    server,
    sessionId,
    sessionToken,
    password,
-    passkey,
+    webAuthN,
    challenges
  ).then((updatedSession) => {
    if (updatedSession) {
@@ -83,9 +82,14 @@ export async function setSessionAndUpdateCookie(
        sessionCookie.authRequestId = authRequestId;
      }

-      return getSession(server, sessionCookie.id, sessionCookie.token).then(
+      return new Promise((resolve) => setTimeout(resolve, 1000)).then(() =>
+        // TODO: remove
+        getSession(server, sessionCookie.id, sessionCookie.token).then(
          (response) => {
-          if (response?.session && response.session.factors?.user?.loginName) {
+            if (
+              response?.session &&
+              response.session.factors?.user?.loginName
+            ) {
              const { session } = response;
              const newCookie: SessionCookie = {
                id: sessionCookie.id,
@@ -98,13 +102,16 @@ export async function setSessionAndUpdateCookie(
                newCookie.authRequestId = sessionCookie.authRequestId;
              }

-            return updateSessionCookie(sessionCookie.id, newCookie).then(() => {
+              return updateSessionCookie(sessionCookie.id, newCookie).then(
+                () => {
                  return { challenges: updatedSession.challenges, ...session };
-            });
+                }
+              );
            } else {
              throw "could not get session or session does not have loginName";
            }
          }
+        )
      );
    } else {
      throw "Session not be set";