fix routes WebAuthn

LycheeOrg · Aug 26, 2022 · 058ddc7 · 058ddc7
1 parent 025eff2
commit 058ddc7
Show file tree

Hide file tree

Showing 7 changed files with 22 additions and 38 deletions.
diff --git a/app/Http/Controllers/WebAuthn/WebAuthnLoginController.php b/app/Http/Controllers/WebAuthn/WebAuthnLoginController.php
@@ -2,10 +2,10 @@
 
 namespace App\Http\Controllers\WebAuthn;
 
-use App\Http\Requests\WebAuthn\AssertionRequest;
 use Illuminate\Contracts\Support\Responsable;
 use Illuminate\Http\Response;
 use Laragear\WebAuthn\Http\Requests\AssertedRequest;
+use Laragear\WebAuthn\Http\Requests\AssertionRequest;
 use function response;
 
 class WebAuthnLoginController
@@ -19,7 +19,7 @@ class WebAuthnLoginController
 	 */
 	public function options(AssertionRequest $request): Responsable
 	{
-		return $request->toVerify($request->validated()['user_id']);
+		return $request->toVerify($request->validate(['user_id' => 'sometimes|int'])['user_id']);
 	}
 
 	/**

diff --git a/app/Http/Requests/WebAuthn/AssertionRequest.php b/app/Http/Requests/WebAuthn/AssertionRequest.php
diff --git a/public/Lychee-front b/public/Lychee-front
diff --git a/public/dist/WebAuthn.js b/public/dist/WebAuthn.js
@@ -29,10 +29,10 @@
      * @type {{registerOptions: string, register: string, loginOptions: string, login: string, }}
      */
     #routes = {
-        registerOptions: "webauthn/register/options",
-        register: "webauthn/register",
-        loginOptions: "webauthn/login/options",
-        login: "webauthn/login",
+        registerOptions: "WebAuthn/register/options",
+        register: "WebAuthn/register",
+        loginOptions: "WebAuthn/login/options",
+        login: "WebAuthn/login",
     }
 
     /**

diff --git a/public/dist/main.js b/public/dist/main.js
diff --git a/routes/api.php b/routes/api.php
@@ -101,12 +101,12 @@
 Route::post('/WebAuthn::delete', [WebAuthn\WebAuthnManageController::class, 'delete']);
 
 // WebAuthn Routes
-Route::post('webauthn/register/options', [\App\Http\Controllers\WebAuthn\WebAuthnRegisterController::class, 'options'])
+Route::post('/WebAuthn/register/options', [\App\Http\Controllers\WebAuthn\WebAuthnRegisterController::class, 'options'])
 	->name('webauthn.register.options');
-Route::post('webauthn/register', [\App\Http\Controllers\WebAuthn\WebAuthnRegisterController::class, 'register'])
+Route::post('/WebAuthn/register', [\App\Http\Controllers\WebAuthn\WebAuthnRegisterController::class, 'register'])
 	->name('webauthn.register');
 
-Route::post('webauthn/login/options', [\App\Http\Controllers\WebAuthn\WebAuthnLoginController::class, 'options'])
+Route::post('/WebAuthn/login/options', [\App\Http\Controllers\WebAuthn\WebAuthnLoginController::class, 'options'])
 	->name('webauthn.login.options');
-Route::post('webauthn/login', [\App\Http\Controllers\WebAuthn\WebAuthnLoginController::class, 'login'])
+Route::post('/WebAuthn/login', [\App\Http\Controllers\WebAuthn\WebAuthnLoginController::class, 'login'])
 	->name('webauthn.login');
diff --git a/tests/Feature/WebAuthTest.php b/tests/Feature/WebAuthTest.php
@@ -29,10 +29,10 @@ public function testWebAuthTest(): void
 	{
 		Auth::loginUsingId(0);
 
-		$response = $this->postJson('/api/webAuthn/register/gen');
+		$response = $this->postJson('/api/WebAuthn/register/gen');
 		$response->assertOk();
 
-		$response = $this->postJson('/api/webAuthn/register', [
+		$response = $this->postJson('/api/WebAuthn/register', [
 			'id' => '-PhslGzltOv3nJ0j8Or1AuNHh9kgmMQmOdM0A7eF7yJcAuSZzFa9YhSHfrYvyllhNUhuIMTE6hFYA3Ef7gCOwg',
 			'rawId' => '+PhslGzltOv3nJ0j8Or1AuNHh9kgmMQmOdM0A7eF7yJcAuSZzFa9YhSHfrYvyllhNUhuIMTE6hFYA3Ef7gCOwg==',
 			'response' => [
@@ -46,10 +46,10 @@ public function testWebAuthTest(): void
 		Auth::logout();
 		Session::flush();
 
-		$response = $this->postJson('/api/webAuthn/login/gen', ['user_id' => 0]);
+		$response = $this->postJson('/api/WebAuthn/login/gen', ['user_id' => 0]);
 		$response->assertOk();
 
-		$response = $this->postJson('/api/webAuthn/login', [
+		$response = $this->postJson('/api/WebAuthn/login', [
 			'id' => 'jQJF5u0Fn-MsdabIxKJoxc19XSLXDCSDqs4g8TV1rXXXBDSEoT6LeRN60CfxZskRxq15EEl43OIbPluD7dVT0A',
 			'rawId' => 'jQJF5u0Fn+MsdabIxKJoxc19XSLXDCSDqs4g8TV1rXXXBDSEoT6LeRN60CfxZskRxq15EEl43OIbPluD7dVT0A==',
 			'response' => [
@@ -64,7 +64,7 @@ public function testWebAuthTest(): void
 
 		Auth::loginUsingId(0);
 
-		$response = $this->postJson('/api/webAuthn/list');
+		$response = $this->postJson('/api/WebAuthn/list');
 		$response->assertOk(); // code 200 something
 
 		$key = new WebAuthnCredential([
@@ -81,13 +81,13 @@ public function testWebAuthTest(): void
 		$user = User::query()->find(0);
 		$user->webAuthnCredentials()->save($key);
 
-		$response = $this->postJson('/api/webAuthn/delete', ['id' => '1234']);
+		$response = $this->postJson('/api/WebAuthn/delete', ['id' => '1234']);
 		$response->assertNoContent();
 
 		Auth::logout();
 		Session::flush();
 
-		$response = $this->postJson('/api/webAuthn/delete', ['id' => '1234']);
+		$response = $this->postJson('/api/WebAuthn/delete', ['id' => '1234']);
 		$response->assertForbidden();
 	}
 }