Refine WebAuthn configuration and enhance debug logging for origin verification

Update the WebAuthn configuration to ensure HTTPS origins do not include ports, improving compliance with standards. Add detailed debug logging in the passkey registration process to verify the actual origin from the client response, aiding in troubleshooting and enhancing the clarity of the registration flow.

server/api/auth/register-passkey.post.js

@@ -55,10 +55,26 @@ export default defineEventHandler(async (event) => {
   }
 
   const { origin, rpId, requireUV } = getWebAuthnConfig()
+  
+  // Debug: Prüfe die tatsächliche Origin aus der Response
+  const clientData = response?.response?.clientDataJSON
+  let actualOrigin = null
+  if (clientData) {
+    try {
+      const decoded = Buffer.from(clientData, 'base64').toString('utf-8')
+      const parsed = JSON.parse(decoded)
+      actualOrigin = parsed.origin
+    } catch (e) {
+      console.warn('[DEBUG] Could not parse clientDataJSON:', e)
+    }
+  }
+  
   console.log('[DEBUG] WebAuthn config for verification', {
-    origin,
+    expectedOrigin: origin,
+    actualOriginFromResponse: actualOrigin,
     rpId,
-    requireUV
+    requireUV,
+    originMatch: origin === actualOrigin
   })
 
   console.log('[DEBUG] Verifying registration response...')