mirror of
https://github.com/onsonr/sonr.git
synced 2025-03-10 13:07:09 +00:00
feat: remove username from passkey creation
This commit is contained in:
parent
5280209075
commit
b7a40ac3d7
@ -51,7 +51,7 @@ templ CodeInput(id string) {
|
||||
<sl-input id={ id } placeholder="●" type="text" maxlength="1" pill class="w-min"></sl-input>
|
||||
}
|
||||
|
||||
script createPasskey(userId string, userHandle string, userName string, challenge string) {
|
||||
script createPasskey(userId string, userHandle string, challenge string) {
|
||||
const publicKey = {
|
||||
challenge: Uint8Array.from(challenge, (c) => c.charCodeAt(0)),
|
||||
rp: {
|
||||
@ -60,7 +60,7 @@ const publicKey = {
|
||||
user: {
|
||||
// Assuming that userId is ASCII-only
|
||||
id: Uint8Array.from(userId, (c) => c.charCodeAt(0)),
|
||||
name: userName,
|
||||
name: userId,
|
||||
displayName: userHandle,
|
||||
},
|
||||
pubKeyCredParams: [
|
||||
@ -98,9 +98,8 @@ navigator.credentials
|
||||
}
|
||||
|
||||
// Hidden input and button which calls a JavaScript function to generate a passkey
|
||||
templ PasskeyInput(userId string, userHandle string, userName string, challenge string) {
|
||||
@CredentialsScripts()
|
||||
<sl-button pill style="width: 100%;" onclick={ createPasskey(userId, userHandle, userName, challenge) }>
|
||||
templ PasskeyInput(userId string, userHandle string, challenge string) {
|
||||
<sl-button pill style="width: 100%;" onclick={ createPasskey(userId, userHandle, challenge) }>
|
||||
<sl-icon slot="prefix" name="passkey" library="sonr" style="font-size: 20px;"></sl-icon>
|
||||
Create PassKey
|
||||
<sl-icon slot="suffix" name="arrow-right" library="sonr" style="font-size: 20px;"></sl-icon>
|
||||
|
||||
@ -215,10 +215,10 @@ func CodeInput(id string) templ.Component {
|
||||
})
|
||||
}
|
||||
|
||||
func createPasskey(userId string, userHandle string, userName string, challenge string) templ.ComponentScript {
|
||||
func createPasskey(userId string, userHandle string, challenge string) templ.ComponentScript {
|
||||
return templ.ComponentScript{
|
||||
Name: `__templ_createPasskey_9257`,
|
||||
Function: `function __templ_createPasskey_9257(userId, userHandle, userName, challenge){const publicKey = {
|
||||
Name: `__templ_createPasskey_9b69`,
|
||||
Function: `function __templ_createPasskey_9b69(userId, userHandle, challenge){const publicKey = {
|
||||
challenge: Uint8Array.from(challenge, (c) => c.charCodeAt(0)),
|
||||
rp: {
|
||||
name: "Sonr.ID",
|
||||
@ -226,7 +226,7 @@ func createPasskey(userId string, userHandle string, userName string, challenge
|
||||
user: {
|
||||
// Assuming that userId is ASCII-only
|
||||
id: Uint8Array.from(userId, (c) => c.charCodeAt(0)),
|
||||
name: userName,
|
||||
name: userId,
|
||||
displayName: userHandle,
|
||||
},
|
||||
pubKeyCredParams: [
|
||||
@ -262,13 +262,13 @@ navigator.credentials
|
||||
// No acceptable authenticator or user refused consent. Handle appropriately.
|
||||
});
|
||||
}`,
|
||||
Call: templ.SafeScript(`__templ_createPasskey_9257`, userId, userHandle, userName, challenge),
|
||||
CallInline: templ.SafeScriptInline(`__templ_createPasskey_9257`, userId, userHandle, userName, challenge),
|
||||
Call: templ.SafeScript(`__templ_createPasskey_9b69`, userId, userHandle, challenge),
|
||||
CallInline: templ.SafeScriptInline(`__templ_createPasskey_9b69`, userId, userHandle, challenge),
|
||||
}
|
||||
}
|
||||
|
||||
// Hidden input and button which calls a JavaScript function to generate a passkey
|
||||
func PasskeyInput(userId string, userHandle string, userName string, challenge string) templ.Component {
|
||||
func PasskeyInput(userId string, userHandle string, challenge string) templ.Component {
|
||||
return templruntime.GeneratedTemplate(func(templ_7745c5c3_Input templruntime.GeneratedComponentInput) (templ_7745c5c3_Err error) {
|
||||
templ_7745c5c3_W, ctx := templ_7745c5c3_Input.Writer, templ_7745c5c3_Input.Context
|
||||
if templ_7745c5c3_CtxErr := ctx.Err(); templ_7745c5c3_CtxErr != nil {
|
||||
@ -289,11 +289,7 @@ func PasskeyInput(userId string, userHandle string, userName string, challenge s
|
||||
templ_7745c5c3_Var10 = templ.NopComponent
|
||||
}
|
||||
ctx = templ.ClearChildren(ctx)
|
||||
templ_7745c5c3_Err = CredentialsScripts().Render(ctx, templ_7745c5c3_Buffer)
|
||||
if templ_7745c5c3_Err != nil {
|
||||
return templ_7745c5c3_Err
|
||||
}
|
||||
templ_7745c5c3_Err = templ.RenderScriptItems(ctx, templ_7745c5c3_Buffer, createPasskey(userId, userHandle, userName, challenge))
|
||||
templ_7745c5c3_Err = templ.RenderScriptItems(ctx, templ_7745c5c3_Buffer, createPasskey(userId, userHandle, challenge))
|
||||
if templ_7745c5c3_Err != nil {
|
||||
return templ_7745c5c3_Err
|
||||
}
|
||||
@ -301,7 +297,7 @@ func PasskeyInput(userId string, userHandle string, userName string, challenge s
|
||||
if templ_7745c5c3_Err != nil {
|
||||
return templ_7745c5c3_Err
|
||||
}
|
||||
var templ_7745c5c3_Var11 templ.ComponentScript = createPasskey(userId, userHandle, userName, challenge)
|
||||
var templ_7745c5c3_Var11 templ.ComponentScript = createPasskey(userId, userHandle, challenge)
|
||||
_, templ_7745c5c3_Err = templ_7745c5c3_Buffer.WriteString(templ_7745c5c3_Var11.Call)
|
||||
if templ_7745c5c3_Err != nil {
|
||||
return templ_7745c5c3_Err
|
||||
@ -343,7 +339,7 @@ func TurnstileWidget(sitekey string) templ.Component {
|
||||
var templ_7745c5c3_Var13 string
|
||||
templ_7745c5c3_Var13, templ_7745c5c3_Err = templ.JoinStringErrs(sitekey)
|
||||
if templ_7745c5c3_Err != nil {
|
||||
return templ.Error{Err: templ_7745c5c3_Err, FileName: `pkg/blocks/form/form.templ`, Line: 113, Col: 50}
|
||||
return templ.Error{Err: templ_7745c5c3_Err, FileName: `pkg/blocks/form/form.templ`, Line: 112, Col: 50}
|
||||
}
|
||||
_, templ_7745c5c3_Err = templ_7745c5c3_Buffer.WriteString(templ.EscapeString(templ_7745c5c3_Var13))
|
||||
if templ_7745c5c3_Err != nil {
|
||||
@ -386,7 +382,7 @@ func Submit(text string) templ.Component {
|
||||
var templ_7745c5c3_Var15 string
|
||||
templ_7745c5c3_Var15, templ_7745c5c3_Err = templ.JoinStringErrs(text)
|
||||
if templ_7745c5c3_Err != nil {
|
||||
return templ.Error{Err: templ_7745c5c3_Err, FileName: `pkg/blocks/form/form.templ`, Line: 119, Col: 8}
|
||||
return templ.Error{Err: templ_7745c5c3_Err, FileName: `pkg/blocks/form/form.templ`, Line: 118, Col: 8}
|
||||
}
|
||||
_, templ_7745c5c3_Err = templ_7745c5c3_Buffer.WriteString(templ.EscapeString(templ_7745c5c3_Var15))
|
||||
if templ_7745c5c3_Err != nil {
|
||||
|
||||
@ -1,18 +1,14 @@
|
||||
package handlers
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"net/http"
|
||||
|
||||
"github.com/go-webauthn/webauthn/protocol"
|
||||
"github.com/go-webauthn/webauthn/protocol/webauthncose"
|
||||
"github.com/labstack/echo/v4"
|
||||
"github.com/onsonr/sonr/crypto/mpc"
|
||||
"github.com/onsonr/sonr/pkg/common"
|
||||
"github.com/onsonr/sonr/pkg/common/response"
|
||||
"github.com/onsonr/sonr/pkg/gateway/config"
|
||||
"github.com/onsonr/sonr/pkg/gateway/internal/pages/register"
|
||||
"github.com/onsonr/sonr/pkg/gateway/internal/session"
|
||||
)
|
||||
|
||||
func HandleRegisterView(env config.Env) echo.HandlerFunc {
|
||||
@ -24,101 +20,16 @@ func HandleRegisterView(env config.Env) echo.HandlerFunc {
|
||||
func HandleRegisterStart(c echo.Context) error {
|
||||
challenge, _ := protocol.CreateChallenge()
|
||||
handle := c.FormValue("handle")
|
||||
firstName := c.FormValue("first_name")
|
||||
lastName := c.FormValue("last_name")
|
||||
fullName := fmt.Sprintf("%s %s", firstName, lastName)
|
||||
// firstName := c.FormValue("first_name")
|
||||
// lastName := c.FormValue("last_name")
|
||||
ks, err := mpc.NewKeyset()
|
||||
if err != nil {
|
||||
return echo.NewHTTPError(http.StatusInternalServerError, err.Error())
|
||||
}
|
||||
return response.TemplEcho(c, register.LinkCredentialView(ks.Address(), handle, fullName, challenge.String()))
|
||||
return response.TemplEcho(c, register.LinkCredentialView(ks.Address(), handle, challenge.String()))
|
||||
}
|
||||
|
||||
func HandleRegisterFinish(c echo.Context) error {
|
||||
// cred := c.FormValue("credential")
|
||||
return response.TemplEcho(c, register.LoadingVaultView())
|
||||
}
|
||||
|
||||
// ╭───────────────────────────────────────────────────────────╮
|
||||
// │ Registration Components │
|
||||
// ╰───────────────────────────────────────────────────────────╯
|
||||
|
||||
func getLinkCredentialRequest(c echo.Context, addr string, handle string, userKSJSON string) register.LinkCredentialRequest {
|
||||
cc, err := session.Get(c)
|
||||
if err != nil {
|
||||
return register.LinkCredentialRequest{
|
||||
Handle: handle,
|
||||
Address: addr,
|
||||
RegisterOptions: buildRegisterOptions(buildUserEntity(addr, handle), buildLargeBlob(userKSJSON), buildServiceEntity(c)),
|
||||
}
|
||||
}
|
||||
data := cc.Session()
|
||||
usr := buildUserEntity(addr, handle)
|
||||
blob := buildLargeBlob(userKSJSON)
|
||||
service := buildServiceEntity(c)
|
||||
|
||||
return register.LinkCredentialRequest{
|
||||
Platform: data.BrowserName,
|
||||
Handle: data.UserHandle,
|
||||
DeviceModel: data.BrowserVersion,
|
||||
Address: addr,
|
||||
RegisterOptions: buildRegisterOptions(usr, blob, service),
|
||||
}
|
||||
}
|
||||
|
||||
func buildRegisterOptions(user protocol.UserEntity, blob common.LargeBlob, service protocol.RelyingPartyEntity) protocol.PublicKeyCredentialCreationOptions {
|
||||
return protocol.PublicKeyCredentialCreationOptions{
|
||||
Timeout: 10000,
|
||||
Attestation: protocol.PreferDirectAttestation,
|
||||
AuthenticatorSelection: protocol.AuthenticatorSelection{
|
||||
AuthenticatorAttachment: "platform",
|
||||
ResidentKey: protocol.ResidentKeyRequirementPreferred,
|
||||
UserVerification: "preferred",
|
||||
},
|
||||
RelyingParty: service,
|
||||
User: user,
|
||||
Extensions: protocol.AuthenticationExtensions{
|
||||
"largeBlob": blob,
|
||||
},
|
||||
Parameters: []protocol.CredentialParameter{
|
||||
{
|
||||
Type: "public-key",
|
||||
Algorithm: webauthncose.AlgES256,
|
||||
},
|
||||
{
|
||||
Type: "public-key",
|
||||
Algorithm: webauthncose.AlgES256K,
|
||||
},
|
||||
{
|
||||
Type: "public-key",
|
||||
Algorithm: webauthncose.AlgEdDSA,
|
||||
},
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
func buildLargeBlob(userKeyshareJSON string) common.LargeBlob {
|
||||
return common.LargeBlob{
|
||||
Support: "required",
|
||||
Write: userKeyshareJSON,
|
||||
}
|
||||
}
|
||||
|
||||
func buildUserEntity(userAddress string, userHandle string) protocol.UserEntity {
|
||||
return protocol.UserEntity{
|
||||
ID: userAddress,
|
||||
DisplayName: userHandle,
|
||||
CredentialEntity: protocol.CredentialEntity{
|
||||
Name: userAddress,
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
func buildServiceEntity(c echo.Context) protocol.RelyingPartyEntity {
|
||||
return protocol.RelyingPartyEntity{
|
||||
CredentialEntity: protocol.CredentialEntity{
|
||||
Name: "Sonr.ID",
|
||||
},
|
||||
ID: c.Request().Host,
|
||||
}
|
||||
}
|
||||
|
||||
@ -3,6 +3,7 @@ package database
|
||||
import (
|
||||
"net/http"
|
||||
|
||||
"github.com/go-webauthn/webauthn/protocol"
|
||||
"github.com/labstack/echo/v4"
|
||||
"gorm.io/gorm"
|
||||
)
|
||||
@ -20,9 +21,9 @@ type User struct {
|
||||
gorm.Model
|
||||
Address string `json:"address"`
|
||||
Handle string `json:"handle"`
|
||||
FirstName string `json:"firstName"`
|
||||
LastInitial string `json:"lastInitial"`
|
||||
VaultCID string `json:"vaultCID"`
|
||||
Name string `json:"name"`
|
||||
CID string `json:"cid"`
|
||||
Credentials []*protocol.CredentialDescriptor `json:"credentials"`
|
||||
}
|
||||
|
||||
type Session struct {
|
||||
@ -38,4 +39,6 @@ type Session struct {
|
||||
FirstName string `json:"firstName"`
|
||||
LastInitial string `json:"lastInitial"`
|
||||
VaultAddress string `json:"vaultAddress"`
|
||||
HumanSum int `json:"humanSum"`
|
||||
Challenge string `json:"challenge"`
|
||||
}
|
||||
|
||||
@ -21,11 +21,11 @@ templ ProfileFormView(turnstileSiteKey string) {
|
||||
}
|
||||
}
|
||||
|
||||
templ LinkCredentialView(addr string, handle string, name string, challenge string) {
|
||||
templ LinkCredentialView(addr string, handle string, challenge string) {
|
||||
@layout.Root("Register | Sonr.ID") {
|
||||
@layout.Container() {
|
||||
@text.Header("Link a PassKey", "This will be used to login to your vault.")
|
||||
@form.Form("/register/finish", "POST", form.PasskeyInput(addr, handle, name, challenge), "65", false) {
|
||||
@form.Form("/register/finish", "POST", form.PasskeyInput(addr, handle, challenge), "65", false) {
|
||||
@details.PropertyList() {
|
||||
@details.Property("Address", addr, "wallet")
|
||||
@details.Property("Handle", handle, "at-sign")
|
||||
|
||||
@ -122,7 +122,7 @@ func ProfileFormView(turnstileSiteKey string) templ.Component {
|
||||
})
|
||||
}
|
||||
|
||||
func LinkCredentialView(addr string, handle string, name string, challenge string) templ.Component {
|
||||
func LinkCredentialView(addr string, handle string, challenge string) templ.Component {
|
||||
return templruntime.GeneratedTemplate(func(templ_7745c5c3_Input templruntime.GeneratedComponentInput) (templ_7745c5c3_Err error) {
|
||||
templ_7745c5c3_W, ctx := templ_7745c5c3_Input.Writer, templ_7745c5c3_Input.Context
|
||||
if templ_7745c5c3_CtxErr := ctx.Err(); templ_7745c5c3_CtxErr != nil {
|
||||
@ -219,7 +219,7 @@ func LinkCredentialView(addr string, handle string, name string, challenge strin
|
||||
}
|
||||
return templ_7745c5c3_Err
|
||||
})
|
||||
templ_7745c5c3_Err = form.Form("/register/finish", "POST", form.PasskeyInput(addr, handle, name, challenge), "65", false).Render(templ.WithChildren(ctx, templ_7745c5c3_Var8), templ_7745c5c3_Buffer)
|
||||
templ_7745c5c3_Err = form.Form("/register/finish", "POST", form.PasskeyInput(addr, handle, challenge), "65", false).Render(templ.WithChildren(ctx, templ_7745c5c3_Var8), templ_7745c5c3_Buffer)
|
||||
if templ_7745c5c3_Err != nil {
|
||||
return templ_7745c5c3_Err
|
||||
}
|
||||
|
||||
1
pkg/gateway/internal/session/db.go
Normal file
1
pkg/gateway/internal/session/db.go
Normal file
@ -0,0 +1 @@
|
||||
package session
|
||||
Loading…
x
Reference in New Issue
Block a user