@things-factory/auth-base 7.0.1-rc.8 → 7.0.2

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@things-factory/auth-base",
-  "version": "7.0.1-rc.8",
+  "version": "7.0.2",
   "main": "dist-server/index.js",
   "browser": "dist-client/index.js",
   "things-factory": true,
@@ -32,10 +32,10 @@
   "dependencies": {
     "@simplewebauthn/browser": "^10.0.0",
     "@simplewebauthn/server": "^10.0.0",
-    "@things-factory/email-base": "^7.0.1-rc.8",
-    "@things-factory/env": "^7.0.1-rc.8",
-    "@things-factory/shell": "^7.0.1-rc.8",
-    "@things-factory/utils": "^7.0.1-rc.7",
+    "@things-factory/email-base": "^7.0.2",
+    "@things-factory/env": "^7.0.0",
+    "@things-factory/shell": "^7.0.2",
+    "@things-factory/utils": "^7.0.0",
     "@types/webappsec-credential-management": "^0.6.8",
     "jsonwebtoken": "^9.0.0",
     "koa-passport": "^6.0.0",
@@ -46,5 +46,5 @@
     "passport-jwt": "^4.0.0",
     "passport-local": "^1.0.0"
   },
-  "gitHead": "cf1d0f8f261c73eadecb517fc6c82e92e50d6caf"
+  "gitHead": "19f0e3097a5b583831ae530d8ff4138ca50d1619"
 }

package/server/middlewares/webauthn-middleware.ts

@@ -7,10 +7,7 @@ import { User } from '../service/user/user'
 import { AuthError } from '../errors/auth-error'
 
 import { WebAuthCredential } from '../service/web-auth-credential/web-auth-credential'
-import {
-  verifyRegistrationResponse,
-  verifyAuthenticationResponse
-} from '@simplewebauthn/server'
+import { verifyRegistrationResponse, verifyAuthenticationResponse } from '@simplewebauthn/server'
 
 import { AuthenticatorAssertionResponse } from '@simplewebauthn/types'
 
@@ -32,7 +29,7 @@ passport.use(
 
     if (verification.verified) {
       const { registrationInfo } = verification
-      const publicKey = Buffer.from(registrationInfo.credentialPublicKey).toString('base64');
+      const publicKey = Buffer.from(registrationInfo.credentialPublicKey).toString('base64')
 
       if (user) {
         const webAuthRepository = getRepository(WebAuthCredential)
@@ -56,47 +53,52 @@ passport.use(
 passport.use(
   'webauthn-login',
   new CustomStrategy(async (context, done) => {
-    const { body, session, origin, hostname } = context as any
-
-    const challenge = session.challenge
-
-    const assertionResponse = body as {
-      id: string
-      response: AuthenticatorAssertionResponse
-    }
-    
-    const credential = await getRepository(WebAuthCredential).findOne({
-      where: {
-        credentialId: assertionResponse.id
+    try {
+      const { body, session, origin, hostname } = context as any
+
+      const challenge = session.challenge
+  
+      const assertionResponse = body as {
+        id: string
+        response: AuthenticatorAssertionResponse
       }
-    })
-
-    if (!credential) {
-      return done(null, false)
-    }
-
-    const verification = await verifyAuthenticationResponse({
-      response: body,
-      expectedChallenge: challenge,
-      expectedOrigin: origin,
-      expectedRPID: hostname,
-      requireUserVerification: false,
-      authenticator: {
-        credentialID: credential.credentialId,
-        credentialPublicKey: new Uint8Array(Buffer.from(credential.publicKey, 'base64')),
-        counter: credential.counter
+  
+      const credential = await getRepository(WebAuthCredential).findOne({
+        where: {
+          credentialId: assertionResponse.id
+        },
+        relations: ['user']
+      })
+  
+      if (!credential) {
+        return done(null, false)
       }
-    })
-
-    if (verification.verified) {
-      const { authenticationInfo } = verification
-      credential.counter = authenticationInfo.newCounter
-      await getRepository(WebAuthCredential).save(credential)
-
-      const user = await getRepository(User).findOne({ where: { email: body.email } })
-      return done(null, user)
-    } else {
-      return done(verification, false)
+  
+      const verification = await verifyAuthenticationResponse({
+        response: body,
+        expectedChallenge: challenge,
+        expectedOrigin: origin,
+        expectedRPID: hostname,
+        requireUserVerification: false,
+        authenticator: {
+          credentialID: credential.credentialId,
+          credentialPublicKey: new Uint8Array(Buffer.from(credential.publicKey, 'base64')),
+          counter: credential.counter
+        }
+      })
+  
+      if (verification.verified) {
+        const { authenticationInfo } = verification
+        credential.counter = authenticationInfo.newCounter
+        await getRepository(WebAuthCredential).save(credential)
+  
+        const user = credential.user
+        return done(null, user)
+      } else {
+        return done(verification, false)
+      }
+    } catch(error) {
+      return done(error, false)
     }
   })
 )
@@ -111,15 +113,15 @@ export function createWebAuthnMiddleware(strategy: 'webauthn-register' | 'webaut
           throw new AuthError({
             errorCode: AuthError.ERROR_CODES.AUTHN_VERIFICATION_FAILED,
             detail: err
-          });
+          })
         } else {
-          context.state.user = user;
+          context.state.user = user
 
-          context.body = { user, verified: true };
+          context.body = { user, verified: true }
         }
 
-        await next();
+        await next()
       }
-    )(context, next);
-  };
+    )(context, next)
+  }
 }