admin/nexus-terminal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update

Browse Source
This commit is contained in:
Baobhan Sith
2025-04-27 01:14:13 +08:00
parent ea1af3a540
commit 0b80d9e536
2 changed files with 20 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files
packages/backend/src/auth/auth.controller.ts
+6 -3
View File
@@ -5,6 +5,7 @@ import { getDbInstance, runDb, getDb, allDb } from '../database/connection';
import speakeasy from 'speakeasy';
import qrcode from 'qrcode';
import { PasskeyService } from '../services/passkey.service';
import type { RegistrationResponseJSON } from '@simplewebauthn/server'; // 添加类型导入
import { NotificationService } from '../services/notification.service';
import { AuditLogService } from '../services/audit.service';
import { ipBlacklistService } from '../services/ip-blacklist.service';
@@ -450,6 +451,7 @@ export const verifyPasskeyRegistration = async (req: Request, res: Response): Pr
const expectedChallenge = req.session.currentChallenge;
// 将 name 提取出来,其余部分作为 registrationData 对象
const { name, ...registrationData } = req.body;
console.log(`[AuthController VerifyReg] Received request body: name=${name}, registrationData=${JSON.stringify(registrationData)}`); // Log received data
if (!userId || req.session.requiresTwoFactor) {
res.status(401).json({ message: '用户未认证或认证未完成。' });
@@ -485,16 +487,17 @@ export const verifyPasskeyRegistration = async (req: Request, res: Response): Pr
// 这个检查理论上在函数开头已经做过,但为了类型安全和明确性再次检查
throw new Error('无法获取用户 ID,无法验证 Passkey。');
}
console.log(`[AuthController VerifyReg] Calling passkeyService.verifyRegistration with: userId=${userId}, expectedChallenge=${expectedChallenge}, hostname=${hostname}, origin=${origin}, name=${name}`); // Log parameters before calling service
const verification = await passkeyService.verifyRegistration(
userId, // <-- 传递 userId 作为第一个参数
registrationData as any, // 将收集到的字段作为 registrationResponse 传递,可能需要类型断言
userId,
registrationData as RegistrationResponseJSON, // 将收集到的字段重新构造成符合类型的对象
expectedChallenge,
hostname,
origin,
name
);
console.log(`[AuthController VerifyReg] Received verification result from service: verified=${verification.verified}`); // Log service result
if (verification.verified && verification.registrationInfo) {
const clientIp = req.ip || req.socket?.remoteAddress || 'unknown';
packages/backend/src/services/passkey.service.ts
+14 -10
View File
@@ -88,6 +88,9 @@ export class PasskeyService {
passkeyName?: string
): Promise<VerifiedRegistrationResponse> {
console.log(`[PasskeyService VerifyReg] Received parameters: userId=${userId}, expectedChallenge=${expectedChallenge}, hostname=${hostname}, origin=${origin}, name=${passkeyName}`); // Log received parameters
console.log(`[PasskeyService VerifyReg] Received registrationResponse: ${JSON.stringify(registrationResponse)}`); // Log the raw registrationResponse
const expectedRPID = hostname;
const expectedOrigin = origin;
@@ -98,10 +101,13 @@ export class PasskeyService {
expectedRPID: expectedRPID,
requireUserVerification: true, // 强制要求用户验证, simplewebauthn defaults this to true now
};
console.log(`[PasskeyService VerifyReg] Constructed verificationOptions: ${JSON.stringify(verificationOptions)}`); // Log options before verification
let verification: VerifiedRegistrationResponse;
try {
verification = await verifyRegistrationResponse(verificationOptions);
console.log('[PasskeyService VerifyReg] Calling @simplewebauthn/server verifyRegistrationResponse...');
verification = await verifyRegistrationResponse(verificationOptions);
console.log(`[PasskeyService VerifyReg] verifyRegistrationResponse returned: verified=${verification.verified}, registrationInfo exists=${!!verification.registrationInfo}`); // Log verification result
} catch (error: any) {
console.error('Passkey 注册验证时发生异常:', error);
// Provide more context in the error
@@ -115,19 +121,17 @@ export class PasskeyService {
// --- 结束日志记录 ---
if (verification.verified && verification.registrationInfo) {
const registrationInfo = verification.registrationInfo as any;
// --- 移除日志记录 ---
// console.log('[PasskeyService] Extracted registrationInfo:', JSON.stringify(registrationInfo, null, 2));
// console.log('[PasskeyService] credentialPublicKey type:', typeof registrationInfo.credentialPublicKey, 'value:', registrationInfo.credentialPublicKey);
// console.log('[PasskeyService] credentialID type:', typeof registrationInfo.credentialID, 'value:', registrationInfo.credentialID);
// --- 结束日志记录 ---
// const { credentialPublicKey, credentialID, counter } = registrationInfo; // <-- 移除错误的解构
const registrationInfo = verification.registrationInfo as any; // Keep type assertion for now
console.log(`[PasskeyService VerifyReg] Verification successful. Extracted registrationInfo: ${JSON.stringify(registrationInfo)}`); // Log extracted info
// Log the critical fields BEFORE using them
console.log(`[PasskeyService VerifyReg] BEFORE Buffer.from(credentialID): Type=${typeof registrationInfo.credentialID}, Value=${registrationInfo.credentialID}`);
console.log(`[PasskeyService VerifyReg] BEFORE Buffer.from(credentialPublicKey): Type=${typeof registrationInfo.credentialPublicKey}, Value=${registrationInfo.credentialPublicKey}`);
const counter = registrationInfo.counter; // 直接获取 counter
// --- 直接使用 registrationInfo 的属性 ---
// console.log('[PasskeyService] BEFORE Buffer.from(credentialID): Type=', typeof registrationInfo.credentialID, 'Value=', registrationInfo.credentialID); // <-- 移除日志
const credentialIdBase64Url = Buffer.from(registrationInfo.credentialID).toString('base64url');
// console.log('[PasskeyService] BEFORE Buffer.from(credentialPublicKey): Type=', typeof registrationInfo.credentialPublicKey, 'Value=', registrationInfo.credentialPublicKey); // <-- 移除日志
const publicKeyBase64Url = Buffer.from(registrationInfo.credentialPublicKey).toString('base64url');
// 获取 transports 信息