diff options
| author | Matthew Miller <matthew@millerti.me> | 2022-02-10 16:31:38 -0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-02-10 16:31:38 -0800 |
| commit | ef75d848a7da6ad8da773db53072be56dd43e6de (patch) | |
| tree | 5ba33d4c9aa8876900162f28551b76e6a96cfb25 /example | |
| parent | a8b97311fdec49734d2476c8654202b567d89ffb (diff) | |
| parent | 830c3e7ff1d83268d048e3dba280752ab8e2b029 (diff) | |
Merge pull request #178 from MasterKale/fix/fido-mds-authr-pubkey-check
fix/fido-mds-authr-pubkey-check
Diffstat (limited to 'example')
| -rw-r--r-- | example/index.ts | 12 |
1 files changed, 5 insertions, 7 deletions
diff --git a/example/index.ts b/example/index.ts index 2d22c48..6378620 100644 --- a/example/index.ts +++ b/example/index.ts @@ -113,7 +113,7 @@ app.get('/generate-registration-options', (req, res) => { userID: loggedInUserId, userName: username, timeout: 60000, - attestationType: 'indirect', + attestationType: 'none', /** * Passing in a user's list of already-registered authenticator IDs here prevents users from * registering the same device multiple times. The authenticator will simply throw an error in @@ -130,7 +130,7 @@ app.get('/generate-registration-options', (req, res) => { * the types of authenticators that users to can use for registration */ authenticatorSelection: { - userVerification: 'preferred', + userVerification: 'required', requireResidentKey: false, }, /** @@ -164,6 +164,7 @@ app.post('/verify-registration', async (req, res) => { expectedChallenge: `${expectedChallenge}`, expectedOrigin, expectedRPID: rpID, + requireUserVerification: true, }; verification = await verifyRegistrationResponse(opts); } catch (error) { @@ -210,11 +211,7 @@ app.get('/generate-authentication-options', (req, res) => { type: 'public-key', transports: dev.transports ?? ['usb', 'ble', 'nfc', 'internal'], })), - /** - * This optional value controls whether or not the authenticator needs be able to uniquely - * identify the user interacting with it (via built-in PIN pad, fingerprint scanner, etc...) - */ - userVerification: 'preferred', + userVerification: 'required', rpID, }; @@ -258,6 +255,7 @@ app.post('/verify-authentication', (req, res) => { expectedOrigin, expectedRPID: rpID, authenticator: dbAuthenticator, + fidoUserVerification: 'required', }; verification = verifyAuthenticationResponse(opts); } catch (error) { |