From e290965d007a3faea650b2d137a123ccbf3c3b1a Mon Sep 17 00:00:00 2001
From: Puyodead1 <puyodead@proton.me>
Date: Thu, 2 Feb 2023 23:05:54 -0500
Subject: various fixes for webauthn (#973)

---
 .../routes/users/@me/mfa/webauthn/credentials/#key_id/index.ts    | 8 +++++++-
 src/api/routes/users/@me/mfa/webauthn/credentials/index.ts        | 5 ++++-
 2 files changed, 11 insertions(+), 2 deletions(-)

(limited to 'src/api/routes/users/@me')

diff --git a/src/api/routes/users/@me/mfa/webauthn/credentials/#key_id/index.ts b/src/api/routes/users/@me/mfa/webauthn/credentials/#key_id/index.ts
index c451e357..a4381f37 100644
--- a/src/api/routes/users/@me/mfa/webauthn/credentials/#key_id/index.ts
+++ b/src/api/routes/users/@me/mfa/webauthn/credentials/#key_id/index.ts
@@ -17,7 +17,7 @@
 */
 
 import { route } from "@fosscord/api";
-import { SecurityKey } from "@fosscord/util";
+import { SecurityKey, User } from "@fosscord/util";
 import { Request, Response, Router } from "express";
 const router = Router();
 
@@ -29,6 +29,12 @@ router.delete("/", route({}), async (req: Request, res: Response) => {
 		user_id: req.user_id,
 	});
 
+	const keys = await SecurityKey.count({ where: { user_id: req.user_id } });
+
+	// disable webauthn if there are no keys left
+	if (keys === 0)
+		await User.update({ id: req.user_id }, { webauthn_enabled: false });
+
 	res.sendStatus(204);
 });
 
diff --git a/src/api/routes/users/@me/mfa/webauthn/credentials/index.ts b/src/api/routes/users/@me/mfa/webauthn/credentials/index.ts
index 581950b8..a33e06ce 100644
--- a/src/api/routes/users/@me/mfa/webauthn/credentials/index.ts
+++ b/src/api/routes/users/@me/mfa/webauthn/credentials/index.ts
@@ -181,7 +181,10 @@ router.post(
 				key_id: keyId,
 			});
 
-			await securityKey.save();
+			await Promise.all([
+				securityKey.save(),
+				User.update({ id: req.user_id }, { webauthn_enabled: true }),
+			]);
 
 			return res.json({
 				name,
-- 
cgit 1.5.1