update
This commit is contained in:
Baobhan Sith
@@ -448,7 +448,8 @@ export const generatePasskeyRegistrationOptions = async (req: Request, res: Resp
|
||||
export const verifyPasskeyRegistration = async (req: Request, res: Response): Promise<void> => {
|
||||
const userId = req.session.userId;
|
||||
const expectedChallenge = req.session.currentChallenge;
|
||||
const { registrationResponse, name } = req.body; // name 是用户给 Passkey 起的名字 (可选)
|
||||
// 将 name 提取出来,其余部分作为 registrationData 对象
|
||||
const { name, ...registrationData } = req.body;
|
||||
|
||||
if (!userId || req.session.requiresTwoFactor) {
|
||||
res.status(401).json({ message: '用户未认证或认证未完成。' });
|
||||
@@ -460,7 +461,8 @@ export const verifyPasskeyRegistration = async (req: Request, res: Response): Pr
|
||||
return;
|
||||
}
|
||||
|
||||
if (!registrationResponse) {
|
||||
// 检查 registrationData 是否存在且不为空对象
|
||||
if (!registrationData || Object.keys(registrationData).length === 0) {
|
||||
res.status(400).json({ message: '缺少注册响应数据。' });
|
||||
return;
|
||||
}
|
||||
@@ -486,7 +488,7 @@ export const verifyPasskeyRegistration = async (req: Request, res: Response): Pr
|
||||
|
||||
const verification = await passkeyService.verifyRegistration(
|
||||
userId, // <-- 传递 userId 作为第一个参数
|
||||
registrationResponse,
|
||||
registrationData as any, // 将收集到的字段作为 registrationResponse 传递,可能需要类型断言
|
||||
expectedChallenge,
|
||||
hostname,
|
||||
origin,
|
||||
|
||||
@@ -125,9 +125,9 @@ export class PasskeyService {
|
||||
const counter = registrationInfo.counter; // 直接获取 counter
|
||||
|
||||
// --- 直接使用 registrationInfo 的属性 ---
|
||||
console.log('[PasskeyService] BEFORE Buffer.from(credentialID): Type=', typeof registrationInfo.credentialID, 'Value=', registrationInfo.credentialID); // <-- 添加精确日志
|
||||
// console.log('[PasskeyService] BEFORE Buffer.from(credentialID): Type=', typeof registrationInfo.credentialID, 'Value=', registrationInfo.credentialID); // <-- 移除日志
|
||||
const credentialIdBase64Url = Buffer.from(registrationInfo.credentialID).toString('base64url');
|
||||
console.log('[PasskeyService] BEFORE Buffer.from(credentialPublicKey): Type=', typeof registrationInfo.credentialPublicKey, 'Value=', registrationInfo.credentialPublicKey); // <-- 添加精确日志
|
||||
// console.log('[PasskeyService] BEFORE Buffer.from(credentialPublicKey): Type=', typeof registrationInfo.credentialPublicKey, 'Value=', registrationInfo.credentialPublicKey); // <-- 移除日志
|
||||
const publicKeyBase64Url = Buffer.from(registrationInfo.credentialPublicKey).toString('base64url');
|
||||
|
||||
// 获取 transports 信息
|
||||
|
||||
@@ -905,15 +905,30 @@ const handleRegisterPasskey = async () => {
|
||||
return;
|
||||
}
|
||||
try {
|
||||
console.log('[Passkey Register] 开始获取注册选项...');
|
||||
const optionsResponse = await apiClient.post('/auth/passkey/register-options'); // 使用 apiClient
|
||||
const options = optionsResponse.data;
|
||||
console.log('[Passkey Register] 获取到的注册选项:', JSON.stringify(options, null, 2)); // 记录选项
|
||||
|
||||
console.log('[Passkey Register] 调用 startRegistration...');
|
||||
let registrationResponse = await startRegistration(options);
|
||||
await apiClient.post('/auth/passkey/verify-registration', { registrationResponse, name: passkeyName.value }); // 使用 apiClient
|
||||
console.log('[Passkey Register] startRegistration 返回结果:', JSON.stringify(registrationResponse, null, 2)); // 记录响应
|
||||
|
||||
const verificationPayload = { ...registrationResponse, name: passkeyName.value };
|
||||
console.log('[Passkey Register] 调用验证接口,发送数据:', JSON.stringify(verificationPayload, null, 2)); // 记录发送的数据
|
||||
|
||||
// 将 startRegistration 返回的对象字段展开,与 name 一起作为请求体发送
|
||||
await apiClient.post('/auth/passkey/verify-registration', verificationPayload); // 使用 apiClient
|
||||
console.log('[Passkey Register] 验证接口调用成功。');
|
||||
|
||||
passkeyMessage.value = t('settings.passkey.success.registered');
|
||||
passkeyName.value = '';
|
||||
await authStore.fetchPasskeys(); // 注册成功后刷新列表
|
||||
} catch (error: any) {
|
||||
console.error('Passkey 注册流程出错:', error);
|
||||
// 在 catch 块中记录更详细的错误信息
|
||||
console.error('[Passkey Register] 注册流程出错:', error);
|
||||
console.error('[Passkey Register] 错误详情:', JSON.stringify(error, Object.getOwnPropertyNames(error), 2)); // 尝试记录错误对象的更多属性
|
||||
|
||||
if (error.name === 'NotAllowedError') {
|
||||
passkeyError.value = t('settings.passkey.error.cancelled');
|
||||
} else if (isAxiosError(error) && error.response) { // 使用导入的 isAxiosError
|
||||
|
||||
Reference in New Issue
Block a user