fix: registration errors

mikalaum · Jan 20, 2021 · ed832a19159c5161b0fbceba09a21a6ab980be18 · ed832a1
1 parent 31a7451
commit ed832a19159c5161b0fbceba09a21a6ab980be18
Showing 1 changed file with 14 additions and 8 deletions.
diff --git a/routes/register.js b/routes/register.js
@@ -4,7 +4,6 @@ import base64url from "base64url";
 import crypto from "crypto";
 import cfg from "config";
 import User from "../models/user.js";
-// import { toBase64, fromBase64 } from "../helpers/utils.js";
 
 const mode = process.env.NODE_ENV || "dev";
 const config = cfg.get(mode);
@@ -39,6 +38,7 @@ router.post("/registration-options", async (req, res) => {
   }
 
   const userId = crypto.randomBytes(32);
+  // TODO: Create user in /register
   const user = await User.create({
     id: userId,
     firstName,
@@ -65,7 +65,7 @@ router.post("/registration-options", async (req, res) => {
 });
 
 router.post("/register", async (req, res) => {
-  const { credential } = req.body;
+  const { credential, email } = req.body;
 
   const challenge = new Uint8Array(req.session.challenge.data).buffer;
   const base64RawId = credential.rawId;
@@ -91,9 +91,15 @@ router.post("/register", async (req, res) => {
     const regResult = await fido.attestationResult(credential, attestationExpectations);
     req.session.publicKey = regResult.authnrData.get("credentialPublicKeyPem");
     req.session.prevCounter = regResult.authnrData.get("counter");
-    await User.updateOne({
-      credentialId: base64RawId,
-    });
+
+    await User.findOneAndUpdate(
+      {
+        email: email,
+      },
+      {
+        credentialId: base64RawId,
+      }
+    );
 
     res.json({ status: "ok" });
   } catch (e) {
@@ -113,7 +119,7 @@ router.post("/authentication-options", async (req, res) => {
     authnOptions.rawId = user.credentialId;
     res.json(authnOptions);
   } else {
-    res.status(404).json({ status: "User does not exist." });
+    res.status(404).json({ error: "User does not exist." });
   }
 });
 
@@ -127,7 +133,7 @@ router.post("/authenticate", async (req, res) => {
 
   if (publicKey === "undefined" || prevCounter === undefined) {
     console.log("Not found");
-    res.status(404).json({ status: "Not found" });
+    res.status(404).json({ error: "Credential not found" });
   } else {
     const assertionExpectations = {
       challenge,
@@ -142,7 +148,7 @@ router.post("/authenticate", async (req, res) => {
       res.json({ status: "ok" });
     } catch (e) {
       console.log(e);
-      res.status(500).json({ status: "failed" });
+      res.status(500).json({ error: "Failed due internal server error" });
     }
   }
 });