@better-auth/passkey 1.5.0-beta.12 → 1.5.0-beta.15

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/dist/client.d.mts +19 -18
  2. package/dist/index.d.mts +585 -2
  3. package/dist/index.mjs +3 -3
  4. package/dist/index.mjs.map +1 -1
  5. package/dist/types-BEqo908g.d.mts +127 -0
  6. package/package.json +7 -7
  7. package/dist/index-yfjf9G9C.d.mts +0 -708
package/dist/client.d.mts CHANGED
@@ -1,8 +1,9 @@
1
- import { i as WebAuthnChallengeValue, n as Passkey, r as PasskeyOptions, t as passkey } from "./index-yfjf9G9C.mjs";
1
+ import { n as PasskeyOptions, r as WebAuthnChallengeValue, t as Passkey } from "./types-BEqo908g.mjs";
2
+ import { passkey } from "./index.mjs";
2
3
  import * as better_auth_client0 from "better-auth/client";
3
- import * as nanostores0 from "nanostores";
4
+ import * as nanostores from "nanostores";
4
5
  import { atom } from "nanostores";
5
- import * as better_auth18 from "better-auth";
6
+ import * as better_auth0 from "better-auth";
6
7
  import { ClientFetchOption, ClientStore } from "@better-auth/core";
7
8
  import { BetterFetch } from "@better-fetch/fetch";
8
9
  import { Session, User } from "better-auth/types";
@@ -10,13 +11,13 @@ export * from "@simplewebauthn/server";
10
11
 
11
12
  //#region src/error-codes.d.ts
12
13
  declare const PASSKEY_ERROR_CODES: {
13
- CHALLENGE_NOT_FOUND: better_auth18.RawError<"CHALLENGE_NOT_FOUND">;
14
- YOU_ARE_NOT_ALLOWED_TO_REGISTER_THIS_PASSKEY: better_auth18.RawError<"YOU_ARE_NOT_ALLOWED_TO_REGISTER_THIS_PASSKEY">;
15
- FAILED_TO_VERIFY_REGISTRATION: better_auth18.RawError<"FAILED_TO_VERIFY_REGISTRATION">;
16
- PASSKEY_NOT_FOUND: better_auth18.RawError<"PASSKEY_NOT_FOUND">;
17
- AUTHENTICATION_FAILED: better_auth18.RawError<"AUTHENTICATION_FAILED">;
18
- UNABLE_TO_CREATE_SESSION: better_auth18.RawError<"UNABLE_TO_CREATE_SESSION">;
19
- FAILED_TO_UPDATE_PASSKEY: better_auth18.RawError<"FAILED_TO_UPDATE_PASSKEY">;
14
+ CHALLENGE_NOT_FOUND: better_auth0.RawError<"CHALLENGE_NOT_FOUND">;
15
+ YOU_ARE_NOT_ALLOWED_TO_REGISTER_THIS_PASSKEY: better_auth0.RawError<"YOU_ARE_NOT_ALLOWED_TO_REGISTER_THIS_PASSKEY">;
16
+ FAILED_TO_VERIFY_REGISTRATION: better_auth0.RawError<"FAILED_TO_VERIFY_REGISTRATION">;
17
+ PASSKEY_NOT_FOUND: better_auth0.RawError<"PASSKEY_NOT_FOUND">;
18
+ AUTHENTICATION_FAILED: better_auth0.RawError<"AUTHENTICATION_FAILED">;
19
+ UNABLE_TO_CREATE_SESSION: better_auth0.RawError<"UNABLE_TO_CREATE_SESSION">;
20
+ FAILED_TO_UPDATE_PASSKEY: better_auth0.RawError<"FAILED_TO_UPDATE_PASSKEY">;
20
21
  };
21
22
  //#endregion
22
23
  //#region src/client.d.ts
@@ -191,7 +192,7 @@ declare const passkeyClient: () => {
191
192
  };
192
193
  getAtoms($fetch: BetterFetch): {
193
194
  listPasskeys: better_auth_client0.AuthQueryAtom<Passkey[]>;
194
- $listPasskeys: nanostores0.PreinitializedWritableAtom<any> & object;
195
+ $listPasskeys: nanostores.PreinitializedWritableAtom<any> & object;
195
196
  };
196
197
  pathMethods: {
197
198
  "/passkey/register": "POST";
@@ -205,13 +206,13 @@ declare const passkeyClient: () => {
205
206
  signal: "$sessionSignal";
206
207
  })[];
207
208
  $ERROR_CODES: {
208
- CHALLENGE_NOT_FOUND: better_auth18.RawError<"CHALLENGE_NOT_FOUND">;
209
- YOU_ARE_NOT_ALLOWED_TO_REGISTER_THIS_PASSKEY: better_auth18.RawError<"YOU_ARE_NOT_ALLOWED_TO_REGISTER_THIS_PASSKEY">;
210
- FAILED_TO_VERIFY_REGISTRATION: better_auth18.RawError<"FAILED_TO_VERIFY_REGISTRATION">;
211
- PASSKEY_NOT_FOUND: better_auth18.RawError<"PASSKEY_NOT_FOUND">;
212
- AUTHENTICATION_FAILED: better_auth18.RawError<"AUTHENTICATION_FAILED">;
213
- UNABLE_TO_CREATE_SESSION: better_auth18.RawError<"UNABLE_TO_CREATE_SESSION">;
214
- FAILED_TO_UPDATE_PASSKEY: better_auth18.RawError<"FAILED_TO_UPDATE_PASSKEY">;
209
+ CHALLENGE_NOT_FOUND: better_auth0.RawError<"CHALLENGE_NOT_FOUND">;
210
+ YOU_ARE_NOT_ALLOWED_TO_REGISTER_THIS_PASSKEY: better_auth0.RawError<"YOU_ARE_NOT_ALLOWED_TO_REGISTER_THIS_PASSKEY">;
211
+ FAILED_TO_VERIFY_REGISTRATION: better_auth0.RawError<"FAILED_TO_VERIFY_REGISTRATION">;
212
+ PASSKEY_NOT_FOUND: better_auth0.RawError<"PASSKEY_NOT_FOUND">;
213
+ AUTHENTICATION_FAILED: better_auth0.RawError<"AUTHENTICATION_FAILED">;
214
+ UNABLE_TO_CREATE_SESSION: better_auth0.RawError<"UNABLE_TO_CREATE_SESSION">;
215
+ FAILED_TO_UPDATE_PASSKEY: better_auth0.RawError<"FAILED_TO_UPDATE_PASSKEY">;
215
216
  };
216
217
  };
217
218
  //#endregion
package/dist/index.d.mts CHANGED
@@ -1,2 +1,585 @@
1
- import { n as Passkey, r as PasskeyOptions, t as passkey } from "./index-yfjf9G9C.mjs";
2
- export { Passkey, PasskeyOptions, passkey };
1
+ import { n as PasskeyOptions, t as Passkey } from "./types-BEqo908g.mjs";
2
+ import * as _simplewebauthn_server0 from "@simplewebauthn/server";
3
+ import * as zod from "zod";
4
+ import * as better_auth0 from "better-auth";
5
+ import * as better_call0 from "better-call";
6
+
7
+ //#region src/index.d.ts
8
+ declare module "@better-auth/core" {
9
+ interface BetterAuthPluginRegistry<AuthOptions, Options> {
10
+ passkey: {
11
+ creator: typeof passkey;
12
+ };
13
+ }
14
+ }
15
+ declare const passkey: (options?: PasskeyOptions | undefined) => {
16
+ id: "passkey";
17
+ endpoints: {
18
+ generatePasskeyRegistrationOptions: better_call0.StrictEndpoint<"/passkey/generate-register-options", {
19
+ method: "GET";
20
+ use: ((inputContext: better_call0.MiddlewareInputContext<better_call0.MiddlewareOptions>) => Promise<{
21
+ session: {
22
+ session: Record<string, any> & {
23
+ id: string;
24
+ createdAt: Date;
25
+ updatedAt: Date;
26
+ userId: string;
27
+ expiresAt: Date;
28
+ token: string;
29
+ ipAddress?: string | null | undefined;
30
+ userAgent?: string | null | undefined;
31
+ };
32
+ user: Record<string, any> & {
33
+ id: string;
34
+ createdAt: Date;
35
+ updatedAt: Date;
36
+ email: string;
37
+ emailVerified: boolean;
38
+ name: string;
39
+ image?: string | null | undefined;
40
+ };
41
+ };
42
+ }>)[];
43
+ query: zod.ZodOptional<zod.ZodObject<{
44
+ authenticatorAttachment: zod.ZodOptional<zod.ZodEnum<{
45
+ platform: "platform";
46
+ "cross-platform": "cross-platform";
47
+ }>>;
48
+ name: zod.ZodOptional<zod.ZodString>;
49
+ }, better_auth0.$strip>>;
50
+ metadata: {
51
+ openapi: {
52
+ operationId: string;
53
+ description: string;
54
+ responses: {
55
+ 200: {
56
+ description: string;
57
+ parameters: {
58
+ query: {
59
+ authenticatorAttachment: {
60
+ description: string;
61
+ required: boolean;
62
+ };
63
+ name: {
64
+ description: string;
65
+ required: boolean;
66
+ };
67
+ };
68
+ };
69
+ content: {
70
+ "application/json": {
71
+ schema: {
72
+ type: "object";
73
+ properties: {
74
+ challenge: {
75
+ type: string;
76
+ };
77
+ rp: {
78
+ type: string;
79
+ properties: {
80
+ name: {
81
+ type: string;
82
+ };
83
+ id: {
84
+ type: string;
85
+ };
86
+ };
87
+ };
88
+ user: {
89
+ type: string;
90
+ properties: {
91
+ id: {
92
+ type: string;
93
+ };
94
+ name: {
95
+ type: string;
96
+ };
97
+ displayName: {
98
+ type: string;
99
+ };
100
+ };
101
+ };
102
+ pubKeyCredParams: {
103
+ type: string;
104
+ items: {
105
+ type: string;
106
+ properties: {
107
+ type: {
108
+ type: string;
109
+ };
110
+ alg: {
111
+ type: string;
112
+ };
113
+ };
114
+ };
115
+ };
116
+ timeout: {
117
+ type: string;
118
+ };
119
+ excludeCredentials: {
120
+ type: string;
121
+ items: {
122
+ type: string;
123
+ properties: {
124
+ id: {
125
+ type: string;
126
+ };
127
+ type: {
128
+ type: string;
129
+ };
130
+ transports: {
131
+ type: string;
132
+ items: {
133
+ type: string;
134
+ };
135
+ };
136
+ };
137
+ };
138
+ };
139
+ authenticatorSelection: {
140
+ type: string;
141
+ properties: {
142
+ authenticatorAttachment: {
143
+ type: string;
144
+ };
145
+ requireResidentKey: {
146
+ type: string;
147
+ };
148
+ userVerification: {
149
+ type: string;
150
+ };
151
+ };
152
+ };
153
+ attestation: {
154
+ type: string;
155
+ };
156
+ extensions: {
157
+ type: string;
158
+ };
159
+ };
160
+ };
161
+ };
162
+ };
163
+ };
164
+ };
165
+ };
166
+ };
167
+ }, _simplewebauthn_server0.PublicKeyCredentialCreationOptionsJSON>;
168
+ generatePasskeyAuthenticationOptions: better_call0.StrictEndpoint<"/passkey/generate-authenticate-options", {
169
+ method: "GET";
170
+ metadata: {
171
+ openapi: {
172
+ operationId: string;
173
+ description: string;
174
+ responses: {
175
+ 200: {
176
+ description: string;
177
+ content: {
178
+ "application/json": {
179
+ schema: {
180
+ type: "object";
181
+ properties: {
182
+ challenge: {
183
+ type: string;
184
+ };
185
+ rp: {
186
+ type: string;
187
+ properties: {
188
+ name: {
189
+ type: string;
190
+ };
191
+ id: {
192
+ type: string;
193
+ };
194
+ };
195
+ };
196
+ user: {
197
+ type: string;
198
+ properties: {
199
+ id: {
200
+ type: string;
201
+ };
202
+ name: {
203
+ type: string;
204
+ };
205
+ displayName: {
206
+ type: string;
207
+ };
208
+ };
209
+ };
210
+ timeout: {
211
+ type: string;
212
+ };
213
+ allowCredentials: {
214
+ type: string;
215
+ items: {
216
+ type: string;
217
+ properties: {
218
+ id: {
219
+ type: string;
220
+ };
221
+ type: {
222
+ type: string;
223
+ };
224
+ transports: {
225
+ type: string;
226
+ items: {
227
+ type: string;
228
+ };
229
+ };
230
+ };
231
+ };
232
+ };
233
+ userVerification: {
234
+ type: string;
235
+ };
236
+ authenticatorSelection: {
237
+ type: string;
238
+ properties: {
239
+ authenticatorAttachment: {
240
+ type: string;
241
+ };
242
+ requireResidentKey: {
243
+ type: string;
244
+ };
245
+ userVerification: {
246
+ type: string;
247
+ };
248
+ };
249
+ };
250
+ extensions: {
251
+ type: string;
252
+ };
253
+ };
254
+ };
255
+ };
256
+ };
257
+ };
258
+ };
259
+ };
260
+ };
261
+ }, _simplewebauthn_server0.PublicKeyCredentialRequestOptionsJSON>;
262
+ verifyPasskeyRegistration: better_call0.StrictEndpoint<"/passkey/verify-registration", {
263
+ method: "POST";
264
+ body: zod.ZodObject<{
265
+ response: zod.ZodAny;
266
+ name: zod.ZodOptional<zod.ZodString>;
267
+ }, better_auth0.$strip>;
268
+ use: ((inputContext: better_call0.MiddlewareInputContext<better_call0.MiddlewareOptions>) => Promise<{
269
+ session: {
270
+ session: Record<string, any> & {
271
+ id: string;
272
+ createdAt: Date;
273
+ updatedAt: Date;
274
+ userId: string;
275
+ expiresAt: Date;
276
+ token: string;
277
+ ipAddress?: string | null | undefined;
278
+ userAgent?: string | null | undefined;
279
+ };
280
+ user: Record<string, any> & {
281
+ id: string;
282
+ createdAt: Date;
283
+ updatedAt: Date;
284
+ email: string;
285
+ emailVerified: boolean;
286
+ name: string;
287
+ image?: string | null | undefined;
288
+ };
289
+ };
290
+ }>)[];
291
+ metadata: {
292
+ openapi: {
293
+ operationId: string;
294
+ description: string;
295
+ responses: {
296
+ 200: {
297
+ description: string;
298
+ content: {
299
+ "application/json": {
300
+ schema: {
301
+ $ref: string;
302
+ };
303
+ };
304
+ };
305
+ };
306
+ 400: {
307
+ description: string;
308
+ };
309
+ };
310
+ };
311
+ };
312
+ }, Passkey>;
313
+ verifyPasskeyAuthentication: better_call0.StrictEndpoint<"/passkey/verify-authentication", {
314
+ method: "POST";
315
+ body: zod.ZodObject<{
316
+ response: zod.ZodRecord<zod.ZodAny, zod.ZodAny>;
317
+ }, better_auth0.$strip>;
318
+ metadata: {
319
+ openapi: {
320
+ operationId: string;
321
+ description: string;
322
+ responses: {
323
+ 200: {
324
+ description: string;
325
+ content: {
326
+ "application/json": {
327
+ schema: {
328
+ type: "object";
329
+ properties: {
330
+ session: {
331
+ $ref: string;
332
+ };
333
+ user: {
334
+ $ref: string;
335
+ };
336
+ };
337
+ };
338
+ };
339
+ };
340
+ };
341
+ };
342
+ };
343
+ $Infer: {
344
+ body: {
345
+ response: _simplewebauthn_server0.AuthenticationResponseJSON;
346
+ };
347
+ };
348
+ };
349
+ }, {
350
+ session: {
351
+ id: string;
352
+ createdAt: Date;
353
+ updatedAt: Date;
354
+ userId: string;
355
+ expiresAt: Date;
356
+ token: string;
357
+ ipAddress?: string | null | undefined;
358
+ userAgent?: string | null | undefined;
359
+ };
360
+ }>;
361
+ listPasskeys: better_call0.StrictEndpoint<"/passkey/list-user-passkeys", {
362
+ method: "GET";
363
+ use: ((inputContext: better_call0.MiddlewareInputContext<better_call0.MiddlewareOptions>) => Promise<{
364
+ session: {
365
+ session: Record<string, any> & {
366
+ id: string;
367
+ createdAt: Date;
368
+ updatedAt: Date;
369
+ userId: string;
370
+ expiresAt: Date;
371
+ token: string;
372
+ ipAddress?: string | null | undefined;
373
+ userAgent?: string | null | undefined;
374
+ };
375
+ user: Record<string, any> & {
376
+ id: string;
377
+ createdAt: Date;
378
+ updatedAt: Date;
379
+ email: string;
380
+ emailVerified: boolean;
381
+ name: string;
382
+ image?: string | null | undefined;
383
+ };
384
+ };
385
+ }>)[];
386
+ metadata: {
387
+ openapi: {
388
+ description: string;
389
+ responses: {
390
+ "200": {
391
+ description: string;
392
+ content: {
393
+ "application/json": {
394
+ schema: {
395
+ type: "array";
396
+ items: {
397
+ $ref: string;
398
+ required: string[];
399
+ };
400
+ description: string;
401
+ };
402
+ };
403
+ };
404
+ };
405
+ };
406
+ };
407
+ };
408
+ }, Passkey[]>;
409
+ deletePasskey: better_call0.StrictEndpoint<"/passkey/delete-passkey", {
410
+ method: "POST";
411
+ body: zod.ZodObject<{
412
+ id: zod.ZodString;
413
+ }, better_auth0.$strip>;
414
+ use: ((inputContext: better_call0.MiddlewareInputContext<better_call0.MiddlewareOptions>) => Promise<{
415
+ session: {
416
+ session: Record<string, any> & {
417
+ id: string;
418
+ createdAt: Date;
419
+ updatedAt: Date;
420
+ userId: string;
421
+ expiresAt: Date;
422
+ token: string;
423
+ ipAddress?: string | null | undefined;
424
+ userAgent?: string | null | undefined;
425
+ };
426
+ user: Record<string, any> & {
427
+ id: string;
428
+ createdAt: Date;
429
+ updatedAt: Date;
430
+ email: string;
431
+ emailVerified: boolean;
432
+ name: string;
433
+ image?: string | null | undefined;
434
+ };
435
+ };
436
+ }>)[];
437
+ metadata: {
438
+ openapi: {
439
+ description: string;
440
+ responses: {
441
+ "200": {
442
+ description: string;
443
+ content: {
444
+ "application/json": {
445
+ schema: {
446
+ type: "object";
447
+ properties: {
448
+ status: {
449
+ type: string;
450
+ description: string;
451
+ };
452
+ };
453
+ required: string[];
454
+ };
455
+ };
456
+ };
457
+ };
458
+ };
459
+ };
460
+ };
461
+ }, {
462
+ status: boolean;
463
+ }>;
464
+ updatePasskey: better_call0.StrictEndpoint<"/passkey/update-passkey", {
465
+ method: "POST";
466
+ body: zod.ZodObject<{
467
+ id: zod.ZodString;
468
+ name: zod.ZodString;
469
+ }, better_auth0.$strip>;
470
+ use: ((inputContext: better_call0.MiddlewareInputContext<better_call0.MiddlewareOptions>) => Promise<{
471
+ session: {
472
+ session: Record<string, any> & {
473
+ id: string;
474
+ createdAt: Date;
475
+ updatedAt: Date;
476
+ userId: string;
477
+ expiresAt: Date;
478
+ token: string;
479
+ ipAddress?: string | null | undefined;
480
+ userAgent?: string | null | undefined;
481
+ };
482
+ user: Record<string, any> & {
483
+ id: string;
484
+ createdAt: Date;
485
+ updatedAt: Date;
486
+ email: string;
487
+ emailVerified: boolean;
488
+ name: string;
489
+ image?: string | null | undefined;
490
+ };
491
+ };
492
+ }>)[];
493
+ metadata: {
494
+ openapi: {
495
+ description: string;
496
+ responses: {
497
+ "200": {
498
+ description: string;
499
+ content: {
500
+ "application/json": {
501
+ schema: {
502
+ type: "object";
503
+ properties: {
504
+ passkey: {
505
+ $ref: string;
506
+ };
507
+ };
508
+ required: string[];
509
+ };
510
+ };
511
+ };
512
+ };
513
+ };
514
+ };
515
+ };
516
+ }, {
517
+ passkey: Passkey;
518
+ }>;
519
+ };
520
+ schema: {
521
+ passkey: {
522
+ fields: {
523
+ name: {
524
+ type: "string";
525
+ required: false;
526
+ };
527
+ publicKey: {
528
+ type: "string";
529
+ required: true;
530
+ };
531
+ userId: {
532
+ type: "string";
533
+ references: {
534
+ model: string;
535
+ field: string;
536
+ };
537
+ required: true;
538
+ index: true;
539
+ };
540
+ credentialID: {
541
+ type: "string";
542
+ required: true;
543
+ index: true;
544
+ };
545
+ counter: {
546
+ type: "number";
547
+ required: true;
548
+ };
549
+ deviceType: {
550
+ type: "string";
551
+ required: true;
552
+ };
553
+ backedUp: {
554
+ type: "boolean";
555
+ required: true;
556
+ };
557
+ transports: {
558
+ type: "string";
559
+ required: false;
560
+ };
561
+ createdAt: {
562
+ type: "date";
563
+ required: false;
564
+ };
565
+ aaguid: {
566
+ type: "string";
567
+ required: false;
568
+ };
569
+ };
570
+ };
571
+ };
572
+ $ERROR_CODES: {
573
+ CHALLENGE_NOT_FOUND: better_auth0.RawError<"CHALLENGE_NOT_FOUND">;
574
+ YOU_ARE_NOT_ALLOWED_TO_REGISTER_THIS_PASSKEY: better_auth0.RawError<"YOU_ARE_NOT_ALLOWED_TO_REGISTER_THIS_PASSKEY">;
575
+ FAILED_TO_VERIFY_REGISTRATION: better_auth0.RawError<"FAILED_TO_VERIFY_REGISTRATION">;
576
+ PASSKEY_NOT_FOUND: better_auth0.RawError<"PASSKEY_NOT_FOUND">;
577
+ AUTHENTICATION_FAILED: better_auth0.RawError<"AUTHENTICATION_FAILED">;
578
+ UNABLE_TO_CREATE_SESSION: better_auth0.RawError<"UNABLE_TO_CREATE_SESSION">;
579
+ FAILED_TO_UPDATE_PASSKEY: better_auth0.RawError<"FAILED_TO_UPDATE_PASSKEY">;
580
+ };
581
+ options: PasskeyOptions | undefined;
582
+ };
583
+ //#endregion
584
+ export { type Passkey, type PasskeyOptions, passkey };
585
+ //# sourceMappingURL=index.d.mts.map
package/dist/index.mjs CHANGED
@@ -257,13 +257,13 @@ const verifyPasskeyRegistration = (options) => createAuthEndpoint("/passkey/veri
257
257
  } }
258
258
  }, async (ctx) => {
259
259
  const origin = options?.origin || ctx.headers?.get("origin") || "";
260
- if (!origin) return ctx.json(null, { status: 400 });
260
+ if (!origin) throw APIError.from("BAD_REQUEST", PASSKEY_ERROR_CODES.FAILED_TO_VERIFY_REGISTRATION);
261
261
  const resp = ctx.body.response;
262
262
  const webAuthnCookie = ctx.context.createAuthCookie(options.advanced.webAuthnChallengeCookie);
263
263
  const verificationToken = await ctx.getSignedCookie(webAuthnCookie.name, ctx.context.secret);
264
264
  if (!verificationToken) throw APIError.from("BAD_REQUEST", PASSKEY_ERROR_CODES.CHALLENGE_NOT_FOUND);
265
265
  const data = await ctx.context.internalAdapter.findVerificationValue(verificationToken);
266
- if (!data) return ctx.json(null, { status: 400 });
266
+ if (!data) throw APIError.from("BAD_REQUEST", PASSKEY_ERROR_CODES.CHALLENGE_NOT_FOUND);
267
267
  const { expectedChallenge, userData } = JSON.parse(data.value);
268
268
  if (userData.id !== ctx.context.session.user.id) throw APIError.from("UNAUTHORIZED", PASSKEY_ERROR_CODES.YOU_ARE_NOT_ALLOWED_TO_REGISTER_THIS_PASSKEY);
269
269
  try {
@@ -274,7 +274,7 @@ const verifyPasskeyRegistration = (options) => createAuthEndpoint("/passkey/veri
274
274
  expectedRPID: getRpID(options, ctx.context.options.baseURL),
275
275
  requireUserVerification: false
276
276
  });
277
- if (!verified || !registrationInfo) return ctx.json(null, { status: 400 });
277
+ if (!verified || !registrationInfo) throw APIError.from("BAD_REQUEST", PASSKEY_ERROR_CODES.FAILED_TO_VERIFY_REGISTRATION);
278
278
  const { aaguid, credentialDeviceType, credentialBackedUp, credential } = registrationInfo;
279
279
  const pubKey = base64.encode(credential.publicKey);
280
280
  const newPasskey = {