29ef644581
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 45s
Update the registrieren.vue component to include detailed debug statements for the Cross-Device authentication flow, specifically during QR-Code generation. Improve logging in the register-passkey-options and register-passkey APIs to capture request details such as user agent and IP address, aiding in troubleshooting. Additionally, introduce a new function to retrieve pre-registration data, enhancing the overall registration process and compliance with Cross-Device requirements.
77 lines
2.6 KiB
JavaScript
77 lines
2.6 KiB
JavaScript
import { getPreRegistration } from '../../../utils/webauthn-challenges.js'
|
|
import { generateRegistrationOptions } from '@simplewebauthn/server'
|
|
import { getWebAuthnConfig } from '../../../utils/webauthn-config.js'
|
|
|
|
export default defineEventHandler(async (event) => {
|
|
const registrationId = getRouterParam(event, 'registrationId')
|
|
const requestOrigin = getHeader(event, 'origin')
|
|
const userAgent = getHeader(event, 'user-agent')
|
|
|
|
console.log('[DEBUG] ===== GET register-passkey-options/[registrationId] =====')
|
|
console.log('[DEBUG] Request Details:', {
|
|
registrationId,
|
|
origin: requestOrigin,
|
|
userAgent: userAgent?.substring(0, 100),
|
|
timestamp: new Date().toISOString(),
|
|
method: getMethod(event),
|
|
note: 'Dieser Endpoint wird vom Smartphone aufgerufen, um die Options für Cross-Device zu erhalten'
|
|
})
|
|
|
|
if (!registrationId) {
|
|
throw createError({ statusCode: 400, message: 'registrationId ist erforderlich' })
|
|
}
|
|
|
|
// Hole Pre-Registration-Daten
|
|
const pre = getPreRegistration(registrationId)
|
|
if (!pre) {
|
|
console.error('[DEBUG] Pre-registration not found', { registrationId })
|
|
throw createError({ statusCode: 404, message: 'Registrierungs-Session nicht gefunden oder abgelaufen' })
|
|
}
|
|
|
|
const { challenge, userId, name, email } = pre
|
|
console.log('[DEBUG] Pre-registration found', {
|
|
userId,
|
|
email: email?.substring(0, 10) + '...',
|
|
hasChallenge: !!challenge
|
|
})
|
|
|
|
const { rpId, rpName, origin: webauthnOrigin } = getWebAuthnConfig()
|
|
|
|
// Generiere Options neu (mit der gespeicherten Challenge)
|
|
const options = await generateRegistrationOptions({
|
|
rpName,
|
|
rpID: rpId,
|
|
userID: new TextEncoder().encode(String(userId)),
|
|
userName: email,
|
|
userDisplayName: name,
|
|
attestationType: 'none',
|
|
authenticatorSelection: {
|
|
residentKey: 'preferred',
|
|
userVerification: 'preferred'
|
|
},
|
|
timeout: 300000,
|
|
challenge: challenge // Verwende die gespeicherte Challenge
|
|
})
|
|
|
|
console.log('[DEBUG] Options regenerated for Cross-Device', {
|
|
hasChallenge: !!options.challenge,
|
|
challengeMatches: options.challenge === challenge,
|
|
rpId: options.rp?.id
|
|
})
|
|
|
|
// CORS-Header für Cross-Device
|
|
const allowedOrigin = requestOrigin || webauthnOrigin
|
|
if (allowedOrigin) {
|
|
setHeader(event, 'Access-Control-Allow-Origin', allowedOrigin)
|
|
setHeader(event, 'Access-Control-Allow-Credentials', 'true')
|
|
setHeader(event, 'Access-Control-Allow-Methods', 'GET, OPTIONS')
|
|
setHeader(event, 'Access-Control-Allow-Headers', 'Content-Type, Authorization, Origin, X-Requested-With')
|
|
}
|
|
|
|
return {
|
|
success: true,
|
|
registrationId,
|
|
options
|
|
}
|
|
})
|