diff --git a/server/api/auth/passkeys/authentication-options.post.js b/server/api/auth/passkeys/authentication-options.post.js index 9fad9e4..a827d7c 100644 --- a/server/api/auth/passkeys/authentication-options.post.js +++ b/server/api/auth/passkeys/authentication-options.post.js @@ -14,7 +14,7 @@ export default defineEventHandler(async (event) => { } // Provide a safe fallback for getMethod when linting/runtime doesn't expose it - const _getMethod = typeof getMethod === 'function' ? getMethod : (e) => (e?.req?.method || e?.method || 'GET') + const _getMethod = typeof globalThis.getMethod === 'function' ? globalThis.getMethod : (e) => (e?.req?.method || e?.method || 'GET') if (_getMethod(event) === 'OPTIONS') { return { success: true } } diff --git a/server/api/auth/passkeys/login.post.js b/server/api/auth/passkeys/login.post.js index 18392b2..8e1448d 100644 --- a/server/api/auth/passkeys/login.post.js +++ b/server/api/auth/passkeys/login.post.js @@ -7,6 +7,12 @@ import { getAuthCookieOptions } from '../../../utils/cookies.js' import { writeAuditLog } from '../../../utils/audit-log.js' import { getClientIp } from '../../../utils/rate-limit.js' +// Local fallback for Nitro globals when lint/run env doesn't provide them +const getMethod = globalThis.getMethod ?? ((e) => (e?.req?.method || e?.method || 'GET')) +const getRequestURL = globalThis.getRequestURL ?? ((e) => { + try { return new URL(e?.req?.url, 'http://localhost') } catch { return { href: String(e?.req?.url || ''), pathname: String(e?.req?.url || '').split('?')[0] || '' } } +}) + function findUserByCredentialId(users, credentialId) { const cid = String(credentialId || '') for (const u of users) { diff --git a/server/api/auth/passkeys/registration-options.post.js b/server/api/auth/passkeys/registration-options.post.js index 0a32121..fc90622 100644 --- a/server/api/auth/passkeys/registration-options.post.js +++ b/server/api/auth/passkeys/registration-options.post.js @@ -1,4 +1,7 @@ import { generateRegistrationOptions } from '@simplewebauthn/server' + +// Local fallback for Nitro globals when lint/run env doesn't provide them +const getMethod = globalThis.getMethod ?? ((e) => (e?.req?.method || e?.method || 'GET')) import { getUserFromToken, hasAnyRole } from '../../../utils/auth.js' import { getWebAuthnConfig } from '../../../utils/webauthn-config.js' import { setRegistrationChallenge } from '../../../utils/webauthn-challenges.js' diff --git a/server/api/auth/register-passkey-options.post.js b/server/api/auth/register-passkey-options.post.js index 5e3302e..fe123a8 100644 --- a/server/api/auth/register-passkey-options.post.js +++ b/server/api/auth/register-passkey-options.post.js @@ -5,6 +5,9 @@ import { getWebAuthnConfig } from '../../utils/webauthn-config.js' import { setPreRegistration } from '../../utils/webauthn-challenges.js' import { writeAuditLog } from '../../utils/audit-log.js' +// Local fallback for Nitro globals when lint/run env doesn't provide them +const getMethod = globalThis.getMethod ?? ((e) => (e?.req?.method || e?.method || 'GET')) + function isValidEmail(email) { return /^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(String(email || '')) } diff --git a/server/api/auth/register-passkey-options/[registrationId].get.js b/server/api/auth/register-passkey-options/[registrationId].get.js index 85efa4f..9a34905 100644 --- a/server/api/auth/register-passkey-options/[registrationId].get.js +++ b/server/api/auth/register-passkey-options/[registrationId].get.js @@ -1,4 +1,6 @@ import { getPreRegistration } from '../../../utils/webauthn-challenges.js' +// Local fallback for Nitro globals when lint/run env doesn't provide them +const getMethod = globalThis.getMethod ?? ((e) => (e?.req?.method || e?.method || 'GET')) import { generateRegistrationOptions } from '@simplewebauthn/server' import { getWebAuthnConfig } from '../../../utils/webauthn-config.js' diff --git a/server/api/auth/register-passkey.post.js b/server/api/auth/register-passkey.post.js index 6c98488..9a2a606 100644 --- a/server/api/auth/register-passkey.post.js +++ b/server/api/auth/register-passkey.post.js @@ -9,6 +9,12 @@ import { writeAuditLog } from '../../utils/audit-log.js' import { assertPasswordNotPwned } from '../../utils/hibp.js' import { getClientIp } from '../../utils/rate-limit.js' +// Local fallback for Nitro globals when lint/run env doesn't provide them +const getMethod = globalThis.getMethod ?? ((e) => (e?.req?.method || e?.method || 'GET')) +const getRequestURL = globalThis.getRequestURL ?? ((e) => { + try { return new URL(e?.req?.url, 'http://localhost') } catch { return { href: String(e?.req?.url || ''), pathname: String(e?.req?.url || '').split('?')[0] || '' } } +}) + export default defineEventHandler(async (event) => { const requestStart = Date.now() const requestOrigin = getHeader(event, 'origin') diff --git a/server/middleware/log-requests.js b/server/middleware/log-requests.js index 73b1861..e1f9ec4 100644 --- a/server/middleware/log-requests.js +++ b/server/middleware/log-requests.js @@ -4,6 +4,10 @@ */ export default defineEventHandler((event) => { + const getRequestURL = globalThis.getRequestURL ?? ((e) => { + try { return new URL(e?.req?.url, 'http://localhost') } catch { return { href: String(e?.req?.url || ''), pathname: String(e?.req?.url || '').split('?')[0] || '' } } + }) + const getMethod = globalThis.getMethod ?? ((e) => (e?.req?.method || e?.method || 'GET')) const url = getRequestURL(event) const method = getMethod(event) const path = url.pathname