From 789762dd51f07b844de55c78f3f092406f5a2696 Mon Sep 17 00:00:00 2001 From: tuxcoder Date: Mon, 25 Dec 2023 19:55:29 +0100 Subject: [PATCH] fix hardcoded value --- lenticular_cloud/views/auth.py | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/lenticular_cloud/views/auth.py b/lenticular_cloud/views/auth.py index 80e3973..4de24a4 100644 --- a/lenticular_cloud/views/auth.py +++ b/lenticular_cloud/views/auth.py @@ -198,7 +198,7 @@ async def login_auth() -> ResponseReturnValue: @auth_views.route('/passkey/verify', methods=['POST']) async def passkey_verify() -> ResponseReturnValue: secret_key = current_app.config['SECRET_KEY'] - public_url = current_app.config['PUBLIC_URL'] + public_url = urlparse(current_app.config['PUBLIC_URL']) data = request.get_json() @@ -218,14 +218,12 @@ async def passkey_verify() -> ResponseReturnValue: result = webauthn.verify_authentication_response( credential = credential, - expected_rp_id = "localhost", + expected_rp_id = public_url.hostname, expected_challenge = challenge, - expected_origin = [ public_url ], + expected_origin = [ public_url.geturl() ], credential_public_key = passkey.credential_public_key, credential_current_sign_count = passkey.sign_count, ) - logger.error(f"DEBUG: {passkey}") - logger.error(f"DEBUG: {result}") passkey.sign_count = result.new_sign_count passkey.last_used = datetime.utcnow()