From cff0c21c0c0bb87458b48d50eaab3e1cdb3ee79d Mon Sep 17 00:00:00 2001 From: Jeff Emmett Date: Wed, 18 Feb 2026 04:52:59 +0000 Subject: [PATCH] fix: WebAuthn .well-known routing and cross-origin passkey support Add Traefik priority=200 and service assignment to encryptid-wellknown router so it wins over canvas-website/personal-site for the /.well-known/webauthn path on jeffemmett.com. Add missing origins (rpubs.online, shop.mycofi.earth, canvas/press/cart.jeffemmett.com) to the allowed origins list. Co-Authored-By: Claude Opus 4.6 --- docker-compose.encryptid.yml | 4 +++- src/encryptid/server.ts | 6 ++++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/docker-compose.encryptid.yml b/docker-compose.encryptid.yml index ce53175..44e2917 100644 --- a/docker-compose.encryptid.yml +++ b/docker-compose.encryptid.yml @@ -28,9 +28,11 @@ services: - "traefik.http.routers.encryptid.rule=Host(`encryptid.jeffemmett.com`)" - "traefik.http.routers.encryptid.entrypoints=web" - "traefik.http.services.encryptid.loadbalancer.server.port=3000" - # Also serve from root domain for .well-known + # Also serve from root domain for .well-known (WebAuthn Related Origins) - "traefik.http.routers.encryptid-wellknown.rule=Host(`jeffemmett.com`) && PathPrefix(`/.well-known/webauthn`)" - "traefik.http.routers.encryptid-wellknown.entrypoints=web" + - "traefik.http.routers.encryptid-wellknown.priority=200" + - "traefik.http.routers.encryptid-wellknown.service=encryptid" networks: - traefik-public - encryptid-internal diff --git a/src/encryptid/server.ts b/src/encryptid/server.ts index 5418000..55b934e 100644 --- a/src/encryptid/server.ts +++ b/src/encryptid/server.ts @@ -80,6 +80,12 @@ const CONFIG = { 'https://rcart.online', 'https://rtube.online', 'https://rstack.online', + 'https://rpubs.online', + 'https://shop.mycofi.earth', + 'https://canvas.jeffemmett.com', + 'https://press.jeffemmett.com', + 'https://cart.jeffemmett.com', + 'https://cart.mycofi.earth', 'http://localhost:3000', 'http://localhost:5173', ],