diff options
author | Emma [it/its]@Rory& <root@rory.gay> | 2023-12-11 01:12:54 +0100 |
---|---|---|
committer | Emma [it/its]@Rory& <root@rory.gay> | 2023-12-11 01:12:54 +0100 |
commit | 0a8ceb9e6349284e75545a01ffad608b020f78e2 (patch) | |
tree | 17a9163f963eddabf9168b0b630096b2f7535b64 /src/api/routes/users/@me/mfa/webauthn/credentials/index.ts | |
parent | Prettier: use editorconfig (diff) | |
download | server-0a8ceb9e6349284e75545a01ffad608b020f78e2.tar.xz |
Actually run prettier dev/emma-refactors
Diffstat (limited to 'src/api/routes/users/@me/mfa/webauthn/credentials/index.ts')
-rw-r--r-- | src/api/routes/users/@me/mfa/webauthn/credentials/index.ts | 72 |
1 files changed, 19 insertions, 53 deletions
diff --git a/src/api/routes/users/@me/mfa/webauthn/credentials/index.ts b/src/api/routes/users/@me/mfa/webauthn/credentials/index.ts index f383ffb7..b8e33da7 100644 --- a/src/api/routes/users/@me/mfa/webauthn/credentials/index.ts +++ b/src/api/routes/users/@me/mfa/webauthn/credentials/index.ts @@ -35,15 +35,11 @@ import { ExpectedAttestationResult } from "fido2-lib"; import { HTTPError } from "lambert-server"; const router = Router(); -const isGenerateSchema = ( - body: WebAuthnPostSchema, -): body is GenerateWebAuthnCredentialsSchema => { +const isGenerateSchema = (body: WebAuthnPostSchema): body is GenerateWebAuthnCredentialsSchema => { return "password" in body; }; -const isCreateSchema = ( - body: WebAuthnPostSchema, -): body is CreateWebAuthnCredentialSchema => { +const isCreateSchema = (body: WebAuthnPostSchema): body is CreateWebAuthnCredentialSchema => { return "credential" in body; }; @@ -67,7 +63,7 @@ router.get("/", route({}), async (req: Request, res: Response) => { securityKeys.map((key) => ({ id: key.id, name: key.name, - })), + })) ); }); @@ -94,24 +90,13 @@ router.post( where: { id: req.user_id, }, - select: [ - "data", - "id", - "disabled", - "deleted", - "totp_secret", - "mfa_enabled", - "username", - ], + select: ["data", "id", "disabled", "deleted", "totp_secret", "mfa_enabled", "username"], relations: ["settings"], }); if (isGenerateSchema(req.body)) { const { password } = req.body; - const same_password = await bcrypt.compare( - password, - user.data.hash || "", - ); + const same_password = await bcrypt.compare(password, user.data.hash || ""); if (!same_password) { throw FieldErrors({ password: { @@ -121,14 +106,11 @@ router.post( }); } - const registrationOptions = - await WebAuthn.fido2.attestationOptions(); + const registrationOptions = await WebAuthn.fido2.attestationOptions(); const challenge = JSON.stringify({ publicKey: { ...registrationOptions, - challenge: Buffer.from( - registrationOptions.challenge, - ).toString("base64"), + challenge: Buffer.from(registrationOptions.challenge).toString("base64"), user: { id: user.id, name: user.username, @@ -151,35 +133,22 @@ router.post( const clientAttestationResponse = JSON.parse(credential); - if (!clientAttestationResponse.rawId) - throw new HTTPError("Missing rawId", 400); + if (!clientAttestationResponse.rawId) throw new HTTPError("Missing rawId", 400); - const rawIdBuffer = Buffer.from( - clientAttestationResponse.rawId, - "base64", - ); + const rawIdBuffer = Buffer.from(clientAttestationResponse.rawId, "base64"); clientAttestationResponse.rawId = toArrayBuffer(rawIdBuffer); - const attestationExpectations: ExpectedAttestationResult = - JSON.parse( - Buffer.from( - clientAttestationResponse.response.clientDataJSON, - "base64", - ).toString(), - ); - - const regResult = await WebAuthn.fido2.attestationResult( - clientAttestationResponse, - { - ...attestationExpectations, - factor: "second", - }, + const attestationExpectations: ExpectedAttestationResult = JSON.parse( + Buffer.from(clientAttestationResponse.response.clientDataJSON, "base64").toString() ); + const regResult = await WebAuthn.fido2.attestationResult(clientAttestationResponse, { + ...attestationExpectations, + factor: "second", + }); + const authnrData = regResult.authnrData; - const keyId = Buffer.from(authnrData.get("credId")).toString( - "base64", - ); + const keyId = Buffer.from(authnrData.get("credId")).toString("base64"); const counter = authnrData.get("counter"); const publicKey = authnrData.get("credentialPublicKeyPem"); @@ -191,10 +160,7 @@ router.post( key_id: keyId, }); - await Promise.all([ - securityKey.save(), - User.update({ id: req.user_id }, { webauthn_enabled: true }), - ]); + await Promise.all([securityKey.save(), User.update({ id: req.user_id }, { webauthn_enabled: true })]); return res.json({ name, @@ -203,7 +169,7 @@ router.post( } else { throw DiscordApiErrors.INVALID_AUTHENTICATION_TOKEN; } - }, + } ); export default router; |