pangolin_mirror/pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-03-01 16:26:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix securitykey

Browse Source
This commit is contained in:
Lokowitz
2025-09-23 16:51:08 +00:00
parent 812820472f
commit 73cd82081a
1 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
server/routers/auth/securityKey.ts
View File

@@ -20,7 +20,7 @@ import type {
AuthenticatorTransportFuture AuthenticatorTransportFuture
} from "@simplewebauthn/server"; } from "@simplewebauthn/server";
import { import {
isoUint8Array isoBase64URL
} from '@simplewebauthn/server/helpers'; } from '@simplewebauthn/server/helpers';
import config from "@server/lib/config"; import config from "@server/lib/config";
import { UserType } from "@server/types/UserTypes"; import { UserType } from "@server/types/UserTypes";
@@ -205,7 +205,7 @@ export async function startRegistration(
const options: GenerateRegistrationOptionsOpts = { const options: GenerateRegistrationOptionsOpts = {
rpName, rpName,
rpID, rpID,
userID: isoUint8Array.fromUTF8String( user.userId ), userID: isoBase64URL.toBuffer(user.userId),
userName: user.email || user.username, userName: user.email || user.username,
attestationType: 'none', attestationType: 'none',
excludeCredentials, excludeCredentials,
@@ -303,9 +303,9 @@ export async function verifyRegistration(
await db.insert(securityKeys).values({ await db.insert(securityKeys).values({
credentialId: registrationInfo.credential.id, credentialId: registrationInfo.credential.id,
userId: user.userId, userId: user.userId,
publicKey: Buffer.from(registrationInfo.credential.publicKey).toString('base64'), publicKey: isoBase64URL.fromBuffer(registrationInfo.credential.publicKey),
signCount: registrationInfo.credential.counter || 0, signCount: registrationInfo.credential.counter || 0,
transports: credential.response.transports ? JSON.stringify(credential.response.transports) : null, transports: registrationInfo.credential.transports ? JSON.stringify(registrationInfo.credential.transports) : null,
name: challengeData.securityKeyName, name: challengeData.securityKeyName,
lastUsed: new Date().toISOString(), lastUsed: new Date().toISOString(),
dateCreated: new Date().toISOString() dateCreated: new Date().toISOString()
@@ -644,7 +644,7 @@ export async function verifyAuthentication(
expectedRPID: rpID, expectedRPID: rpID,
credential: { credential: {
id: securityKey.credentialId, id: securityKey.credentialId,
publicKey: Buffer.from(securityKey.publicKey, 'base64'), publicKey: isoBase64URL.toBuffer(securityKey.publicKey),
counter: securityKey.signCount, counter: securityKey.signCount,
transports: securityKey.transports ? JSON.parse(securityKey.transports) as AuthenticatorTransportFuture[] : undefined transports: securityKey.transports ? JSON.parse(securityKey.transports) as AuthenticatorTransportFuture[] : undefined
}, },