jeffemmett
/
rspace-online
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'dev'
CI/CD / deploy (push) Failing after 2m24s Details

This commit is contained in:
Jeff Emmett 2026-04-08 19:30:48 -04:00
parent f051a5a644 b2d443421e
commit d69dfa4618
3 changed files with 8 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/encryptid/index.ts
View File

@ -108,7 +108,7 @@ import { getRecoveryManager } from './recovery';
*/ */
export async function isEncryptIDAvailable(): Promise<boolean> { export async function isEncryptIDAvailable(): Promise<boolean> {
const caps = await detectCapabilities(); const caps = await detectCapabilities();
return caps.webauthn && caps.platformAuthenticator; return caps.webauthn;
} }
/** /**

8
src/encryptid/server.ts
View File

@ -565,10 +565,11 @@ app.post('/api/register/start', async (c) => {
{ alg: -257, type: 'public-key' }, // RS256 { alg: -257, type: 'public-key' }, // RS256
], ],
authenticatorSelection: { authenticatorSelection: {
authenticatorAttachment: 'platform',
residentKey: 'required', residentKey: 'required',
requireResidentKey: true, requireResidentKey: true,
userVerification: 'required', userVerification: 'required',
// Don't force 'platform' — let the browser offer cross-platform
// authenticators (security keys, phone) on devices without platform auth
}, },
timeout: 60000, timeout: 60000,
attestation: 'none', attestation: 'none',
@ -1773,7 +1774,6 @@ app.post('/api/account/device/start', async (c) => {
{ alg: -257, type: 'public-key' }, { alg: -257, type: 'public-key' },
], ],
authenticatorSelection: { authenticatorSelection: {
authenticatorAttachment: 'platform',
residentKey: 'required', residentKey: 'required',
requireResidentKey: true, requireResidentKey: true,
userVerification: 'required', userVerification: 'required',
@ -2902,7 +2902,7 @@ app.get('/guardian', (c) => {
{ alg: -7, type: 'public-key' }, { alg: -7, type: 'public-key' },
{ alg: -257, type: 'public-key' }, { alg: -257, type: 'public-key' },
], ],
authenticatorSelection: { authenticatorAttachment: 'platform', residentKey: 'required', requireResidentKey: true, userVerification: 'required' }, authenticatorSelection: { residentKey: 'required', requireResidentKey: true, userVerification: 'required' },
attestation: 'none', attestation: 'none',
timeout: 60000, timeout: 60000,
}, },
@ -7727,7 +7727,7 @@ app.get('/', (c) => {
{ alg: -7, type: 'public-key' }, { alg: -7, type: 'public-key' },
{ alg: -257, type: 'public-key' }, { alg: -257, type: 'public-key' },
], ],
authenticatorSelection: { authenticatorAttachment: 'platform', residentKey: 'required', requireResidentKey: true, userVerification: 'required' }, authenticatorSelection: { residentKey: 'required', requireResidentKey: true, userVerification: 'required' },
attestation: 'none', attestation: 'none',
timeout: 60000, timeout: 60000,
extensions: { credProps: true, ...prfExtension }, extensions: { credProps: true, ...prfExtension },

5
src/encryptid/webauthn.ts
View File

@ -178,8 +178,9 @@ export async function registerPasskey(
// Require user verification (biometric/PIN) // Require user verification (biometric/PIN)
userVerification: cfg.userVerification, userVerification: cfg.userVerification,
// Force platform authenticator (Windows Hello, Touch ID, etc.) // Prefer platform authenticator, but allow cross-platform (security keys,
authenticatorAttachment: 'platform', // phone-as-authenticator) on devices without one (e.g. Linux desktops)
...(platformAvailable ? { authenticatorAttachment: 'platform' as const } : {}),
}, },
// Don't request attestation (privacy) // Don't request attestation (privacy)