diff options
Diffstat (limited to 'src/api/routes/auth/mfa')
-rw-r--r-- | src/api/routes/auth/mfa/webauthn.ts | 17 |
1 files changed, 10 insertions, 7 deletions
diff --git a/src/api/routes/auth/mfa/webauthn.ts b/src/api/routes/auth/mfa/webauthn.ts index e574b969..c4334c4c 100644 --- a/src/api/routes/auth/mfa/webauthn.ts +++ b/src/api/routes/auth/mfa/webauthn.ts @@ -64,20 +64,23 @@ router.post( await User.update({ id: user.id }, { totp_last_ticket: "" }); const clientAttestationResponse = JSON.parse(code); - const securityKey = await SecurityKey.findOneOrFail({ - where: { - user_id: req.user_id, - key_id: clientAttestationResponse.rawId, - }, - }); if (!clientAttestationResponse.rawId) throw new HTTPError("Missing rawId", 400); clientAttestationResponse.rawId = toArrayBuffer( - Buffer.from(clientAttestationResponse.rawId, "base64"), + Buffer.from(clientAttestationResponse.rawId, "base64url"), ); + const securityKey = await SecurityKey.findOneOrFail({ + where: { + key_id: Buffer.from( + clientAttestationResponse.rawId, + "base64url", + ).toString("base64"), + }, + }); + const assertionExpectations: ExpectedAssertionResult = JSON.parse( Buffer.from( clientAttestationResponse.response.clientDataJSON, |