Wire up an endpoint for attestation options

1 files changed, 39 insertions, 3 deletions

diff --git a/example/index.js b/example/index.js
index 1a3b72d..574bd8c 100644
--- a/example/index.js
+++ b/example/index.js
@@ -1,11 +1,47 @@
 const path = require('path');
 const express = require('express');
 
+const {
+  // Registration ("Attestation")
+  generateAttestationOptions,
+  verifyAssertionResponse,
+  // Login ("Assertion")
+  generateAssertionOptions,
+  verifyAttestationResponse,
+} = require('@webauthntine/server');
+
 const app = express();
-const port = 3000;
+const host = '0.0.0.0';
+const port = 80;
 
 app.use(express.static('./public/'));
+app.use(express.json());
+
+// Domain where the WebAuthn interactions are expected to occur
+const origin = 'dev.millerti.me:3000';
+// GENERATE A NEW VALUE FOR THIS EVERY TIME! The server needs to temporarily remember this value,
+// so don't lose it until after you verify
+const randomChallenge = 'totallyUniqueValueEveryTime';
+// Your internal, _unique_ ID for the user (uuid, etc...). Avoid using identifying information here,
+// like an email address
+const userId = 'internalUserId';
+// A username for the user
+const username = 'user@webauthntine.foo';
+
+app.get('/generate-attestation-options', (req, res) => {
+  res.send(generateAttestationOptions(
+    'WebAuthntine Example',
+    'dev.millerti.me:3000',
+    randomChallenge,
+    userId,
+    username,
+  ));
+});
+
+app.post('/verify-registration', (req, res) => {
+  const { body } = req;
+});
 
-app.listen(port, () => {
-  console.log(`🚀 Server ready at http://localhost:${port}`);
+app.listen(port, host, () => {
+  console.log(`🚀 Server ready at http://${host}:${port}`);
 });