diff options
Diffstat (limited to 'example/index.ts')
| -rw-r--r-- | example/index.ts | 96 |
1 files changed, 51 insertions, 45 deletions
diff --git a/example/index.ts b/example/index.ts index e8ce33a..1610205 100644 --- a/example/index.ts +++ b/example/index.ts @@ -4,42 +4,42 @@ * The webpages served from ./public use @simplewebauthn/browser. */ -import https from 'https'; -import http from 'http'; -import fs from 'fs'; +import https from "https"; +import http from "http"; +import fs from "fs"; -import express from 'express'; -import session from 'express-session'; -import memoryStore from 'memorystore'; -import dotenv from 'dotenv'; +import express from "express"; +import session from "express-session"; +import memoryStore from "memorystore"; +import dotenv from "dotenv"; dotenv.config(); import { - // Registration - generateRegistrationOptions, - verifyRegistrationResponse, // Authentication generateAuthenticationOptions, + // Registration + generateRegistrationOptions, verifyAuthenticationResponse, -} from '@simplewebauthn/server'; -import { isoBase64URL, isoUint8Array } from '@simplewebauthn/server/helpers'; + verifyRegistrationResponse, +} from "@simplewebauthn/server"; +import { isoBase64URL, isoUint8Array } from "@simplewebauthn/server/helpers"; import type { - GenerateRegistrationOptionsOpts, GenerateAuthenticationOptionsOpts, - VerifyRegistrationResponseOpts, - VerifyAuthenticationResponseOpts, - VerifiedRegistrationResponse, + GenerateRegistrationOptionsOpts, VerifiedAuthenticationResponse, -} from '@simplewebauthn/server'; + VerifiedRegistrationResponse, + VerifyAuthenticationResponseOpts, + VerifyRegistrationResponseOpts, +} from "@simplewebauthn/server"; import type { - RegistrationResponseJSON, AuthenticationResponseJSON, AuthenticatorDevice, -} from '@simplewebauthn/typescript-types'; + RegistrationResponseJSON, +} from "@simplewebauthn/typescript-types"; -import { LoggedInUser } from './example-server'; +import { LoggedInUser } from "./example-server"; const app = express(); const MemoryStore = memoryStore(session); @@ -47,14 +47,14 @@ const MemoryStore = memoryStore(session); const { ENABLE_CONFORMANCE, ENABLE_HTTPS, - RP_ID = 'localhost', + RP_ID = "localhost", } = process.env; -app.use(express.static('./public/')); +app.use(express.static("./public/")); app.use(express.json()); app.use( session({ - secret: 'secret123', + secret: "secret123", saveUninitialized: true, resave: false, cookie: { @@ -73,10 +73,12 @@ app.use( * FIDO Metadata Service. This enables greater control over the types of authenticators that can * interact with the Rely Party (a.k.a. "RP", a.k.a. "this server"). */ -if (ENABLE_CONFORMANCE === 'true') { - import('./fido-conformance').then(({ fidoRouteSuffix, fidoConformanceRouter }) => { - app.use(fidoRouteSuffix, fidoConformanceRouter); - }); +if (ENABLE_CONFORMANCE === "true") { + import("./fido-conformance").then( + ({ fidoRouteSuffix, fidoConformanceRouter }) => { + app.use(fidoRouteSuffix, fidoConformanceRouter); + }, + ); } /** @@ -87,7 +89,7 @@ export const rpID = RP_ID; // This value is set at the bottom of page as part of server initialization (the empty string is // to appease TypeScript until we determine the expected origin based on whether or not HTTPS // support is enabled) -export let expectedOrigin = ''; +export let expectedOrigin = ""; /** * 2FA and Passwordless WebAuthn flows expect you to be able to uniquely identify the user that @@ -97,7 +99,7 @@ export let expectedOrigin = ''; * * Here, the example server assumes the following user has completed login: */ -const loggedInUserId = 'internalUserId'; +const loggedInUserId = "internalUserId"; const inMemoryUserDeviceDB: { [loggedInUserId: string]: LoggedInUser } = { [loggedInUserId]: { @@ -110,7 +112,7 @@ const inMemoryUserDeviceDB: { [loggedInUserId: string]: LoggedInUser } = { /** * Registration (a.k.a. "Registration") */ -app.get('/generate-registration-options', (req, res) => { +app.get("/generate-registration-options", (req, res) => { const user = inMemoryUserDeviceDB[loggedInUserId]; const { @@ -122,25 +124,25 @@ app.get('/generate-registration-options', (req, res) => { } = user; const opts: GenerateRegistrationOptionsOpts = { - rpName: 'SimpleWebAuthn Example', + rpName: "SimpleWebAuthn Example", rpID, userID: loggedInUserId, userName: username, timeout: 60000, - attestationType: 'none', + attestationType: "none", /** * Passing in a user's list of already-registered authenticator IDs here prevents users from * registering the same device multiple times. The authenticator will simply throw an error in * the browser if it's asked to perform registration when one of these ID's already resides * on it. */ - excludeCredentials: devices.map(dev => ({ + excludeCredentials: devices.map((dev) => ({ id: dev.credentialID, - type: 'public-key', + type: "public-key", transports: dev.transports, })), authenticatorSelection: { - residentKey: 'discouraged', + residentKey: "discouraged", }, /** * Support the two most common algorithms: ES256, and RS256 @@ -159,7 +161,7 @@ app.get('/generate-registration-options', (req, res) => { res.send(options); }); -app.post('/verify-registration', async (req, res) => { +app.post("/verify-registration", async (req, res) => { const body: RegistrationResponseJSON = req.body; const user = inMemoryUserDeviceDB[loggedInUserId]; @@ -187,7 +189,9 @@ app.post('/verify-registration', async (req, res) => { if (verified && registrationInfo) { const { credentialPublicKey, credentialID, counter } = registrationInfo; - const existingDevice = user.devices.find(device => isoUint8Array.areEqual(device.credentialID, credentialID)); + const existingDevice = user.devices.find((device) => + isoUint8Array.areEqual(device.credentialID, credentialID) + ); if (!existingDevice) { /** @@ -211,18 +215,18 @@ app.post('/verify-registration', async (req, res) => { /** * Login (a.k.a. "Authentication") */ -app.get('/generate-authentication-options', (req, res) => { +app.get("/generate-authentication-options", (req, res) => { // You need to know the user by this point const user = inMemoryUserDeviceDB[loggedInUserId]; const opts: GenerateAuthenticationOptionsOpts = { timeout: 60000, - allowCredentials: user.devices.map(dev => ({ + allowCredentials: user.devices.map((dev) => ({ id: dev.credentialID, - type: 'public-key', + type: "public-key", transports: dev.transports, })), - userVerification: 'required', + userVerification: "required", rpID, }; @@ -237,7 +241,7 @@ app.get('/generate-authentication-options', (req, res) => { res.send(options); }); -app.post('/verify-authentication', async (req, res) => { +app.post("/verify-authentication", async (req, res) => { const body: AuthenticationResponseJSON = req.body; const user = inMemoryUserDeviceDB[loggedInUserId]; @@ -255,7 +259,9 @@ app.post('/verify-authentication', async (req, res) => { } if (!dbAuthenticator) { - return res.status(400).send({ error: 'Authenticator is not registered with this site' }); + return res.status(400).send({ + error: "Authenticator is not registered with this site", + }); } let verification: VerifiedAuthenticationResponse; @@ -288,7 +294,7 @@ app.post('/verify-authentication', async (req, res) => { }); if (ENABLE_HTTPS) { - const host = '0.0.0.0'; + const host = "0.0.0.0"; const port = 443; expectedOrigin = `https://${rpID}`; @@ -307,7 +313,7 @@ if (ENABLE_HTTPS) { console.log(`🚀 Server ready at ${expectedOrigin} (${host}:${port})`); }); } else { - const host = '127.0.0.1'; + const host = "127.0.0.1"; const port = 8000; expectedOrigin = `http://localhost:${port}`; |