import { generateAuthenticationOptions } from '@simplewebauthn/server'
import { getWebAuthnConfig } from '../../../utils/webauthn-config.js'
import { setAuthChallenge } from '../../../utils/webauthn-challenges.js'

export default defineEventHandler(async (_event) => {
  const { rpId } = getWebAuthnConfig()

  // Username-less / discoverable credentials: allowCredentials absichtlich leer
  const options = await generateAuthenticationOptions({
    rpID: rpId,
    userVerification: 'preferred'
  })

  setAuthChallenge(options.challenge)

  return { success: true, options }
})