From ed832a19159c5161b0fbceba09a21a6ab980be18 Mon Sep 17 00:00:00 2001 From: MantasMikal Date: Wed, 20 Jan 2021 14:40:35 +0000 Subject: [PATCH] fix: registration errors --- routes/register.js | 22 ++++++++++++++-------- 1 file changed, 14 insertions(+), 8 deletions(-) diff --git a/routes/register.js b/routes/register.js index fe92d16..cc62bb7 100644 --- a/routes/register.js +++ b/routes/register.js @@ -4,7 +4,6 @@ import base64url from "base64url"; import crypto from "crypto"; import cfg from "config"; import User from "../models/user.js"; -// import { toBase64, fromBase64 } from "../helpers/utils.js"; const mode = process.env.NODE_ENV || "dev"; const config = cfg.get(mode); @@ -39,6 +38,7 @@ router.post("/registration-options", async (req, res) => { } const userId = crypto.randomBytes(32); + // TODO: Create user in /register const user = await User.create({ id: userId, firstName, @@ -65,7 +65,7 @@ router.post("/registration-options", async (req, res) => { }); router.post("/register", async (req, res) => { - const { credential } = req.body; + const { credential, email } = req.body; const challenge = new Uint8Array(req.session.challenge.data).buffer; const base64RawId = credential.rawId; @@ -91,9 +91,15 @@ router.post("/register", async (req, res) => { const regResult = await fido.attestationResult(credential, attestationExpectations); req.session.publicKey = regResult.authnrData.get("credentialPublicKeyPem"); req.session.prevCounter = regResult.authnrData.get("counter"); - await User.updateOne({ - credentialId: base64RawId, - }); + + await User.findOneAndUpdate( + { + email: email, + }, + { + credentialId: base64RawId, + } + ); res.json({ status: "ok" }); } catch (e) { @@ -113,7 +119,7 @@ router.post("/authentication-options", async (req, res) => { authnOptions.rawId = user.credentialId; res.json(authnOptions); } else { - res.status(404).json({ status: "User does not exist." }); + res.status(404).json({ error: "User does not exist." }); } }); @@ -127,7 +133,7 @@ router.post("/authenticate", async (req, res) => { if (publicKey === "undefined" || prevCounter === undefined) { console.log("Not found"); - res.status(404).json({ status: "Not found" }); + res.status(404).json({ error: "Credential not found" }); } else { const assertionExpectations = { challenge, @@ -142,7 +148,7 @@ router.post("/authenticate", async (req, res) => { res.json({ status: "ok" }); } catch (e) { console.log(e); - res.status(500).json({ status: "failed" }); + res.status(500).json({ error: "Failed due internal server error" }); } } });