diff options
| author | Madeline <46743919+MaddyUnderStars@users.noreply.github.com> | 2023-02-03 16:28:12 +1100 |
|---|---|---|
| committer | Madeline <46743919+MaddyUnderStars@users.noreply.github.com> | 2023-02-03 16:28:12 +1100 |
| commit | d899942b1a4a292cd9692ad338fd2552efbdaf26 (patch) | |
| tree | 9b493292b758e8a83b708bba2028f2c401272fab /src | |
| parent | remove MANAGE_GUILDS, EDIT_FLAGS, SELF_EDIT_FLAGS, MANAGE_GROUPS from default... (diff) | |
| parent | various fixes for webauthn (#973) (diff) | |
| download | server-d899942b1a4a292cd9692ad338fd2552efbdaf26.tar.xz | |
Merge branch 'master' of github.com:fosscord/fosscord-server
Diffstat (limited to 'src')
| -rw-r--r-- | src/api/routes/auth/mfa/webauthn.ts | 17 | ||||
| -rw-r--r-- | src/api/routes/users/@me/mfa/webauthn/credentials/#key_id/index.ts | 8 | ||||
| -rw-r--r-- | src/api/routes/users/@me/mfa/webauthn/credentials/index.ts | 5 |
3 files changed, 21 insertions, 9 deletions
diff --git a/src/api/routes/auth/mfa/webauthn.ts b/src/api/routes/auth/mfa/webauthn.ts index e574b969..c4334c4c 100644 --- a/src/api/routes/auth/mfa/webauthn.ts +++ b/src/api/routes/auth/mfa/webauthn.ts @@ -64,20 +64,23 @@ router.post( await User.update({ id: user.id }, { totp_last_ticket: "" }); const clientAttestationResponse = JSON.parse(code); - const securityKey = await SecurityKey.findOneOrFail({ - where: { - user_id: req.user_id, - key_id: clientAttestationResponse.rawId, - }, - }); if (!clientAttestationResponse.rawId) throw new HTTPError("Missing rawId", 400); clientAttestationResponse.rawId = toArrayBuffer( - Buffer.from(clientAttestationResponse.rawId, "base64"), + Buffer.from(clientAttestationResponse.rawId, "base64url"), ); + const securityKey = await SecurityKey.findOneOrFail({ + where: { + key_id: Buffer.from( + clientAttestationResponse.rawId, + "base64url", + ).toString("base64"), + }, + }); + const assertionExpectations: ExpectedAssertionResult = JSON.parse( Buffer.from( clientAttestationResponse.response.clientDataJSON, diff --git a/src/api/routes/users/@me/mfa/webauthn/credentials/#key_id/index.ts b/src/api/routes/users/@me/mfa/webauthn/credentials/#key_id/index.ts index c451e357..a4381f37 100644 --- a/src/api/routes/users/@me/mfa/webauthn/credentials/#key_id/index.ts +++ b/src/api/routes/users/@me/mfa/webauthn/credentials/#key_id/index.ts @@ -17,7 +17,7 @@ */ import { route } from "@fosscord/api"; -import { SecurityKey } from "@fosscord/util"; +import { SecurityKey, User } from "@fosscord/util"; import { Request, Response, Router } from "express"; const router = Router(); @@ -29,6 +29,12 @@ router.delete("/", route({}), async (req: Request, res: Response) => { user_id: req.user_id, }); + const keys = await SecurityKey.count({ where: { user_id: req.user_id } }); + + // disable webauthn if there are no keys left + if (keys === 0) + await User.update({ id: req.user_id }, { webauthn_enabled: false }); + res.sendStatus(204); }); diff --git a/src/api/routes/users/@me/mfa/webauthn/credentials/index.ts b/src/api/routes/users/@me/mfa/webauthn/credentials/index.ts index 581950b8..a33e06ce 100644 --- a/src/api/routes/users/@me/mfa/webauthn/credentials/index.ts +++ b/src/api/routes/users/@me/mfa/webauthn/credentials/index.ts @@ -181,7 +181,10 @@ router.post( key_id: keyId, }); - await securityKey.save(); + await Promise.all([ + securityKey.save(), + User.update({ id: req.user_id }, { webauthn_enabled: true }), + ]); return res.json({ name, |