FolkJS collaborative canvas with subdomain routing for community spaces
Go to file
Jeff Emmett 7103366047 Dynamic RP ID: use caller's domain for WebAuthn passkeys
Instead of hardcoding rpId to "rspace.online" (which requires Related
Origins support), derive the RP ID from the request's Origin header.
Each r* app (rmaps.online, rnotes.online, etc.) now gets its own RP ID
matching its domain, so passkeys work natively without browser support
for Related Origin Requests.

- Added resolveRpId() helper that maps Origin → hostname for allowed origins
- Registration creates passkeys with the caller's domain as RP ID
- Authentication uses the caller's domain as RP ID
- Added rp_id column to credentials table for per-credential RP ID tracking
- rspace.online subdomains still use rspace.online as shared RP ID

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-19 01:46:15 +00:00
backlog backlog: add system clock heartbeat service task (TASK-47) 2026-02-18 14:19:42 -07:00
docs feat: Add EncryptID unified identity system 2026-02-05 16:48:19 +00:00
lib feat: implement FUN model replacing CRUD across rSpace canvas 2026-02-18 23:21:53 +00:00
public/.well-known fix: change WebAuthn RP ID from jeffemmett.com to rspace.online 2026-02-18 14:32:57 -07:00
server feat: implement FUN model replacing CRUD across rSpace canvas 2026-02-18 23:21:53 +00:00
src Dynamic RP ID: use caller's domain for WebAuthn passkeys 2026-02-19 01:46:15 +00:00
website feat: implement FUN model replacing CRUD across rSpace canvas 2026-02-18 23:21:53 +00:00
.dockerignore fix: make Docker build self-contained with local context 2026-02-16 18:51:24 -07:00
.gitignore Initial rspace-online: FolkJS collaborative canvas with subdomain routing 2026-01-01 16:27:07 +01:00
Dockerfile fix: skip tsc in Docker build to avoid bun-types conflict 2026-02-16 18:52:38 -07:00
Dockerfile.encryptid Fix EncryptID Docker build to include encryptid-sdk dependency 2026-02-14 21:23:18 -07:00
MODULE_SPEC.md docs: add MODULE_SPEC.md with permission model and capabilities 2026-02-17 12:30:14 -07:00
bun.lock chore: update bun lockfile 2026-02-16 18:51:56 -07:00
docker-compose.encryptid.yml fix: change WebAuthn RP ID from jeffemmett.com to rspace.online 2026-02-18 14:32:57 -07:00
docker-compose.yml fix: make Docker build self-contained with local context 2026-02-16 18:51:24 -07:00
package.json feat: add email recovery with Mailcow SMTP and recovery page 2026-02-15 09:35:53 -07:00
tsconfig.json feat: add offline-first support with IndexedDB persistence and Service Worker 2026-02-18 12:39:28 -07:00
vite.config.ts feat: add offline-first support with IndexedDB persistence and Service Worker 2026-02-18 12:39:28 -07:00