Enhance debug logging and Cross-Device support for Passkey Registration

Update the registrieren.vue component to include detailed debug statements for the Cross-Device authentication flow, specifically during QR-Code generation. Improve logging in the register-passkey-options and register-passkey APIs to capture request details such as user agent and IP address, aiding in troubleshooting. Additionally, introduce a new function to retrieve pre-registration data, enhancing the overall registration process and compliance with Cross-Device requirements.
2026-01-08 23:27:11 +01:00
parent badf91afef
commit 29ef644581
7 changed files with 174 additions and 11 deletions
--- a/server/middleware/log-requests.js
+++ b/server/middleware/log-requests.js
@@ -0,0 +1,41 @@
+/**
+ * Globales Request-Logging für Debugging
+ * Loggt alle Requests, besonders Passkey-relevante Endpoints
+ */
+
+export default defineEventHandler((event) => {
+  const url = getRequestURL(event)
+  const method = getMethod(event)
+  const path = url.pathname
+  const origin = getHeader(event, 'origin')
+  const userAgent = getHeader(event, 'user-agent')
+  const ip = getHeader(event, 'x-forwarded-for') || getHeader(event, 'x-real-ip') || 'unknown'
+  
+  // Logge nur Passkey-relevante Endpoints (um Logs nicht zu überfluten)
+  const passkeyEndpoints = [
+    '/api/auth/register-passkey',
+    '/api/auth/register-passkey-options',
+    '/api/auth/passkeys/registration-options',
+    '/api/auth/passkeys/register',
+    '/api/auth/passkeys/authentication-options',
+    '/api/auth/passkeys/login',
+    '/api/auth/passkeys/recovery'
+  ]
+  
+  const isPasskeyEndpoint = passkeyEndpoints.some(ep => path.startsWith(ep))
+  
+  if (isPasskeyEndpoint) {
+    const timestamp = new Date().toISOString()
+    console.log(`[REQUEST] ${timestamp} ${method} ${path}`)
+    console.log(`[REQUEST] Origin: ${origin || 'none'}`)
+    console.log(`[REQUEST] IP: ${ip}`)
+    console.log(`[REQUEST] User-Agent: ${userAgent?.substring(0, 100) || 'none'}`)
+    
+    // Spezielle Logs für Cross-Device
+    if (path.includes('register-passkey')) {
+      console.log(`[REQUEST] 🔑 PASSKEY REQUEST - ${method} ${path}`)
+      console.log(`[REQUEST] ⚠️ Wenn dieser Request vom Smartphone kommt, sollte der User-Agent Mobile/Android/iPhone enthalten`)
+      console.log(`[REQUEST] ⚠️ Wenn dieser Request NICHT kommt, erreicht das Smartphone den Server nicht`)
+    }
+  }
+})