@better-auth/passkey 1.7.0-beta.2 → 1.7.0-beta.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/client.d.mts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { a as PasskeyExtensionsResolver, c as PasskeyRegistrationUser, i as PasskeyAuthenticationOptions, l as WebAuthnChallengeValue, n as PASSKEY_ERROR_CODES, o as PasskeyOptions, r as Passkey, s as PasskeyRegistrationOptions, t as passkey } from "./index-
|
|
1
|
+
import { a as PasskeyExtensionsResolver, c as PasskeyRegistrationUser, i as PasskeyAuthenticationOptions, l as WebAuthnChallengeValue, n as PASSKEY_ERROR_CODES, o as PasskeyOptions, r as Passkey, s as PasskeyRegistrationOptions, t as passkey } from "./index-BoC1i3hA.mjs";
|
|
2
2
|
import { AuthenticationExtensionsClientInputs, AuthenticationExtensionsClientOutputs, AuthenticationResponseJSON, RegistrationResponseJSON } from "@simplewebauthn/server";
|
|
3
3
|
import * as better_auth_client0 from "better-auth/client";
|
|
4
4
|
import * as nanostores from "nanostores";
|
|
@@ -39,6 +39,14 @@ declare const getPasskeyActions: ($fetch: BetterFetch, {
|
|
|
39
39
|
user: User;
|
|
40
40
|
};
|
|
41
41
|
error: null;
|
|
42
|
+
} | {
|
|
43
|
+
data: null;
|
|
44
|
+
error: {
|
|
45
|
+
code: string;
|
|
46
|
+
message: string;
|
|
47
|
+
status: number;
|
|
48
|
+
statusText: string;
|
|
49
|
+
};
|
|
42
50
|
} | {
|
|
43
51
|
webauthn: {
|
|
44
52
|
response: AuthenticationResponseJSON;
|
|
@@ -60,14 +68,6 @@ declare const getPasskeyActions: ($fetch: BetterFetch, {
|
|
|
60
68
|
user: User;
|
|
61
69
|
};
|
|
62
70
|
error: null;
|
|
63
|
-
} | {
|
|
64
|
-
data: null;
|
|
65
|
-
error: {
|
|
66
|
-
code: string;
|
|
67
|
-
message: string;
|
|
68
|
-
status: number;
|
|
69
|
-
statusText: string;
|
|
70
|
-
};
|
|
71
71
|
}>;
|
|
72
72
|
};
|
|
73
73
|
passkey: {
|
|
@@ -165,6 +165,14 @@ declare const passkeyClient: () => {
|
|
|
165
165
|
user: User;
|
|
166
166
|
};
|
|
167
167
|
error: null;
|
|
168
|
+
} | {
|
|
169
|
+
data: null;
|
|
170
|
+
error: {
|
|
171
|
+
code: string;
|
|
172
|
+
message: string;
|
|
173
|
+
status: number;
|
|
174
|
+
statusText: string;
|
|
175
|
+
};
|
|
168
176
|
} | {
|
|
169
177
|
webauthn: {
|
|
170
178
|
response: AuthenticationResponseJSON;
|
|
@@ -186,14 +194,6 @@ declare const passkeyClient: () => {
|
|
|
186
194
|
user: User;
|
|
187
195
|
};
|
|
188
196
|
error: null;
|
|
189
|
-
} | {
|
|
190
|
-
data: null;
|
|
191
|
-
error: {
|
|
192
|
-
code: string;
|
|
193
|
-
message: string;
|
|
194
|
-
status: number;
|
|
195
|
-
statusText: string;
|
|
196
|
-
};
|
|
197
197
|
}>;
|
|
198
198
|
};
|
|
199
199
|
passkey: {
|
package/dist/client.mjs
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { n as PASSKEY_ERROR_CODES, t as PACKAGE_VERSION } from "./version-
|
|
1
|
+
import { n as PASSKEY_ERROR_CODES, t as PACKAGE_VERSION } from "./version-D_0sS5d6.mjs";
|
|
2
2
|
import { WebAuthnError, startAuthentication, startRegistration } from "@simplewebauthn/browser";
|
|
3
3
|
import { useAuthQuery } from "better-auth/client";
|
|
4
4
|
import { atom } from "nanostores";
|
|
@@ -10,18 +10,31 @@ const getPasskeyActions = ($fetch, { $listPasskeys, $store }) => {
|
|
|
10
10
|
throw: false
|
|
11
11
|
});
|
|
12
12
|
if (!response.data) return response;
|
|
13
|
+
const mergedExtensions = response.data.extensions || opts?.extensions ? {
|
|
14
|
+
...response.data.extensions || {},
|
|
15
|
+
...opts?.extensions || {}
|
|
16
|
+
} : void 0;
|
|
17
|
+
let res;
|
|
13
18
|
try {
|
|
14
|
-
|
|
15
|
-
...response.data.extensions || {},
|
|
16
|
-
...opts?.extensions || {}
|
|
17
|
-
} : void 0;
|
|
18
|
-
const res = await startAuthentication({
|
|
19
|
+
res = await startAuthentication({
|
|
19
20
|
optionsJSON: {
|
|
20
21
|
...response.data,
|
|
21
22
|
extensions: mergedExtensions
|
|
22
23
|
},
|
|
23
24
|
useBrowserAutofill: opts?.autoFill
|
|
24
25
|
});
|
|
26
|
+
} catch (err) {
|
|
27
|
+
return {
|
|
28
|
+
data: null,
|
|
29
|
+
error: {
|
|
30
|
+
code: err instanceof WebAuthnError ? err.code : "AUTH_CANCELLED",
|
|
31
|
+
message: PASSKEY_ERROR_CODES.AUTH_CANCELLED.message,
|
|
32
|
+
status: 400,
|
|
33
|
+
statusText: "BAD_REQUEST"
|
|
34
|
+
}
|
|
35
|
+
};
|
|
36
|
+
}
|
|
37
|
+
try {
|
|
25
38
|
const { clientExtensionResults, ...responseBody } = res;
|
|
26
39
|
const verified = await $fetch("/passkey/verify-authentication", {
|
|
27
40
|
body: { response: responseBody },
|
|
@@ -250,7 +250,7 @@ declare const passkey: (options?: PasskeyOptions | undefined) => {
|
|
|
250
250
|
image?: string | null | undefined;
|
|
251
251
|
};
|
|
252
252
|
};
|
|
253
|
-
}>)[]
|
|
253
|
+
}>)[];
|
|
254
254
|
query: zod.ZodOptional<zod.ZodObject<{
|
|
255
255
|
authenticatorAttachment: zod.ZodOptional<zod.ZodEnum<{
|
|
256
256
|
platform: "platform";
|
|
@@ -503,7 +503,7 @@ declare const passkey: (options?: PasskeyOptions | undefined) => {
|
|
|
503
503
|
image?: string | null | undefined;
|
|
504
504
|
};
|
|
505
505
|
};
|
|
506
|
-
}>)[]
|
|
506
|
+
}>)[];
|
|
507
507
|
metadata: {
|
|
508
508
|
openapi: {
|
|
509
509
|
operationId: string;
|
package/dist/index.d.mts
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
import { n as PASSKEY_ERROR_CODES, o as PasskeyOptions, r as Passkey, t as passkey } from "./index-
|
|
1
|
+
import { n as PASSKEY_ERROR_CODES, o as PasskeyOptions, r as Passkey, t as passkey } from "./index-BoC1i3hA.mjs";
|
|
2
2
|
export { PASSKEY_ERROR_CODES, Passkey, PasskeyOptions, passkey };
|
package/dist/index.mjs
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { n as PASSKEY_ERROR_CODES, t as PACKAGE_VERSION } from "./version-
|
|
1
|
+
import { n as PASSKEY_ERROR_CODES, t as PACKAGE_VERSION } from "./version-D_0sS5d6.mjs";
|
|
2
2
|
import { mergeSchema } from "better-auth/db";
|
|
3
3
|
import { createAuthEndpoint } from "@better-auth/core/api";
|
|
4
4
|
import { APIError } from "@better-auth/core/error";
|
|
@@ -55,7 +55,7 @@ const generatePasskeyQuerySchema = z.object({
|
|
|
55
55
|
const generatePasskeyRegistrationOptions = (opts, { maxAgeInSeconds }) => {
|
|
56
56
|
return createAuthEndpoint("/passkey/generate-register-options", {
|
|
57
57
|
method: "GET",
|
|
58
|
-
use: opts.registration?.requireSession ?? true ? [freshSessionMiddleware] :
|
|
58
|
+
use: opts.registration?.requireSession ?? true ? [freshSessionMiddleware] : [],
|
|
59
59
|
query: generatePasskeyQuerySchema,
|
|
60
60
|
metadata: { openapi: {
|
|
61
61
|
operationId: "generatePasskeyRegistrationOptions",
|
|
@@ -294,7 +294,7 @@ const verifyPasskeyRegistration = (options) => {
|
|
|
294
294
|
return createAuthEndpoint("/passkey/verify-registration", {
|
|
295
295
|
method: "POST",
|
|
296
296
|
body: verifyPasskeyRegistrationBodySchema,
|
|
297
|
-
use: requireSession ? [freshSessionMiddleware] :
|
|
297
|
+
use: requireSession ? [freshSessionMiddleware] : [],
|
|
298
298
|
metadata: { openapi: {
|
|
299
299
|
operationId: "passkeyVerifyRegistration",
|
|
300
300
|
description: "Verify registration of a new passkey",
|
|
@@ -313,7 +313,7 @@ const verifyPasskeyRegistration = (options) => {
|
|
|
313
313
|
const webAuthnCookie = ctx.context.createAuthCookie(options.advanced.webAuthnChallengeCookie);
|
|
314
314
|
const verificationToken = await ctx.getSignedCookie(webAuthnCookie.name, ctx.context.secret);
|
|
315
315
|
if (!verificationToken) throw APIError.from("BAD_REQUEST", PASSKEY_ERROR_CODES.CHALLENGE_NOT_FOUND);
|
|
316
|
-
const data = await ctx.context.internalAdapter.
|
|
316
|
+
const data = await ctx.context.internalAdapter.consumeVerificationValue(verificationToken);
|
|
317
317
|
if (!data) throw APIError.from("BAD_REQUEST", PASSKEY_ERROR_CODES.CHALLENGE_NOT_FOUND);
|
|
318
318
|
const { expectedChallenge, userData, context } = JSON.parse(data.value);
|
|
319
319
|
const session = requireSession ? ctx.context.session : await getSessionFromCtx(ctx);
|
|
@@ -357,7 +357,7 @@ const verifyPasskeyRegistration = (options) => {
|
|
|
357
357
|
publicKey: pubKey,
|
|
358
358
|
counter: credential.counter,
|
|
359
359
|
deviceType: credentialDeviceType,
|
|
360
|
-
transports: resp.response.transports
|
|
360
|
+
transports: resp.response.transports?.join(",") ?? "",
|
|
361
361
|
backedUp: credentialBackedUp,
|
|
362
362
|
createdAt: /* @__PURE__ */ new Date(),
|
|
363
363
|
aaguid
|
|
@@ -366,9 +366,9 @@ const verifyPasskeyRegistration = (options) => {
|
|
|
366
366
|
model: "passkey",
|
|
367
367
|
data: newPasskey
|
|
368
368
|
});
|
|
369
|
-
await ctx.context.internalAdapter.deleteVerificationByIdentifier(verificationToken);
|
|
370
369
|
return ctx.json(newPasskeyRes, { status: 200 });
|
|
371
370
|
} catch (e) {
|
|
371
|
+
if (e instanceof APIError) throw e;
|
|
372
372
|
ctx.context.logger.error("Failed to verify registration", e);
|
|
373
373
|
throw APIError.from("INTERNAL_SERVER_ERROR", PASSKEY_ERROR_CODES.FAILED_TO_VERIFY_REGISTRATION);
|
|
374
374
|
}
|
|
@@ -402,7 +402,7 @@ const verifyPasskeyAuthentication = (options) => createAuthEndpoint("/passkey/ve
|
|
|
402
402
|
const webAuthnCookie = ctx.context.createAuthCookie(options.advanced.webAuthnChallengeCookie);
|
|
403
403
|
const verificationToken = await ctx.getSignedCookie(webAuthnCookie.name, ctx.context.secret);
|
|
404
404
|
if (!verificationToken) throw APIError.from("BAD_REQUEST", PASSKEY_ERROR_CODES.CHALLENGE_NOT_FOUND);
|
|
405
|
-
const data = await ctx.context.internalAdapter.
|
|
405
|
+
const data = await ctx.context.internalAdapter.consumeVerificationValue(verificationToken);
|
|
406
406
|
if (!data) throw APIError.from("BAD_REQUEST", PASSKEY_ERROR_CODES.CHALLENGE_NOT_FOUND);
|
|
407
407
|
const { expectedChallenge } = JSON.parse(data.value);
|
|
408
408
|
const passkey = await ctx.context.adapter.findOne({
|
|
@@ -450,12 +450,12 @@ const verifyPasskeyAuthentication = (options) => createAuthEndpoint("/passkey/ve
|
|
|
450
450
|
session: s,
|
|
451
451
|
user
|
|
452
452
|
});
|
|
453
|
-
await ctx.context.internalAdapter.deleteVerificationByIdentifier(verificationToken);
|
|
454
453
|
return ctx.json({
|
|
455
454
|
session: s,
|
|
456
455
|
user
|
|
457
456
|
}, { status: 200 });
|
|
458
457
|
} catch (e) {
|
|
458
|
+
if (e instanceof APIError) throw e;
|
|
459
459
|
ctx.context.logger.error("Failed to verify authentication", e);
|
|
460
460
|
throw APIError.from("BAD_REQUEST", PASSKEY_ERROR_CODES.AUTHENTICATION_FAILED);
|
|
461
461
|
}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@better-auth/passkey",
|
|
3
|
-
"version": "1.7.0-beta.
|
|
3
|
+
"version": "1.7.0-beta.4",
|
|
4
4
|
"description": "Passkey plugin for Better Auth",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"license": "MIT",
|
|
@@ -55,16 +55,16 @@
|
|
|
55
55
|
},
|
|
56
56
|
"devDependencies": {
|
|
57
57
|
"tsdown": "0.21.1",
|
|
58
|
-
"@better-auth/core": "1.7.0-beta.
|
|
59
|
-
"better-auth": "1.7.0-beta.
|
|
58
|
+
"@better-auth/core": "1.7.0-beta.4",
|
|
59
|
+
"better-auth": "1.7.0-beta.4"
|
|
60
60
|
},
|
|
61
61
|
"peerDependencies": {
|
|
62
|
-
"@better-auth/utils": "0.4.
|
|
62
|
+
"@better-auth/utils": "0.4.1",
|
|
63
63
|
"@better-fetch/fetch": "1.1.21",
|
|
64
64
|
"better-call": "1.3.5",
|
|
65
65
|
"nanostores": "^1.0.1",
|
|
66
|
-
"@better-auth/core": "^1.7.0-beta.
|
|
67
|
-
"better-auth": "^1.7.0-beta.
|
|
66
|
+
"@better-auth/core": "^1.7.0-beta.4",
|
|
67
|
+
"better-auth": "^1.7.0-beta.4"
|
|
68
68
|
},
|
|
69
69
|
"scripts": {
|
|
70
70
|
"build": "tsdown",
|