Skip to content

Commit

Permalink
feat: adding fingerprints to sessions (#109)
Browse files Browse the repository at this point in the history
* feat: adding fingerprints to sessions

* Update utilities.ts

* Update bundlesize.config.js

* Update utilities.ts
  • Loading branch information
aversini authored Jul 16, 2024
1 parent 0c1ec6a commit 3dbd8c8
Show file tree
Hide file tree
Showing 5 changed files with 38 additions and 6 deletions.
2 changes: 1 addition & 1 deletion packages/auth-provider/bundlesize.config.js
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ export default {
*/
{
path: "dist/index.js",
limit: "15 kb",
limit: "21 kb",
},
],
};
5 changes: 2 additions & 3 deletions packages/auth-provider/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -14,9 +14,7 @@
"type": "module",
"main": "dist/index.js",
"types": "dist/index.d.ts",
"files": [
"dist"
],
"files": ["dist"],
"scripts": {
"build:check": "tsc",
"build:js": "vite build",
Expand Down Expand Up @@ -45,6 +43,7 @@
},
"dependencies": {
"@simplewebauthn/browser": "10.0.0",
"@thumbmarkjs/thumbmarkjs": "0.14.8",
"@versini/auth-common": "workspace:../auth-common",
"@versini/ui-hooks": "4.0.1",
"jose": "5.6.3",
Expand Down
24 changes: 22 additions & 2 deletions packages/auth-provider/src/common/utilities.ts
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
import { getFingerprint } from "@thumbmarkjs/thumbmarkjs";
import {
API_TYPE,
AUTH_TYPES,
Expand Down Expand Up @@ -94,6 +95,7 @@ export type AuthenticateUserProps = {
code?: string;
code_verifier?: string;
domain: string;
fingerprint: string;
};
export const authenticateUser = async ({
username,
Expand All @@ -105,6 +107,7 @@ export const authenticateUser = async ({
code,
code_verifier,
domain,
fingerprint,
}: AuthenticateUserProps) => {
try {
const response = await serviceCall({
Expand All @@ -119,6 +122,7 @@ export const authenticateUser = async ({
code,
code_verifier,
domain,
fingerprint,
},
});
const jwt = await verifyAndExtractToken(response.data.idToken);
Expand Down Expand Up @@ -289,13 +293,15 @@ const GRAPHQL_QUERIES = {
$id: String!,
$authentication: AuthenticationOptionsInput!,
$nonce: String!,
$domain: String) {
$domain: String,
$fingerprint: String) {
verifyPasskeyAuthentication(
clientId: $clientId,
id: $id,
authentication: $authentication,
nonce: $nonce,
domain: $domain) {
domain: $domain,
fingerprint: $fingerprint) {
status,
idToken,
accessToken,
Expand Down Expand Up @@ -369,3 +375,17 @@ export const graphQLCall = async ({
return { status: 500, data: [] };
}
};

export const getCustomFingerprint = async () => {
try {
const res = await getFingerprint();
if (typeof res === "string") {
return res;
} else if (res.hash && typeof res.hash === "string") {
return res.hash;
}
return "";
} catch (_error) {
return "";
}
};
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ import {
startAuthentication,
startRegistration,
} from "@simplewebauthn/browser";

import {
AUTH_TYPES,
JWT,
Expand All @@ -27,6 +28,7 @@ import type { AuthProviderProps, LoginType } from "../../common/types";
import {
SERVICE_TYPES,
authenticateUser,
getCustomFingerprint,
getPreAuthCode,
graphQLCall,
logoutUser,
Expand Down Expand Up @@ -176,6 +178,7 @@ export const AuthProvider = ({
code: preResponse.code,
code_verifier,
domain,
fingerprint: await getCustomFingerprint(),
});
if (response.status) {
setIdToken(response.idToken);
Expand Down Expand Up @@ -207,6 +210,7 @@ export const AuthProvider = ({
nonce: _nonce,
type,
domain,
fingerprint: await getCustomFingerprint(),
});
if (response.status) {
setIdToken(response.idToken);
Expand Down Expand Up @@ -352,6 +356,7 @@ export const AuthProvider = ({
authentication,
nonce: _nonce,
domain,
fingerprint: await getCustomFingerprint(),
},
});

Expand Down
8 changes: 8 additions & 0 deletions pnpm-lock.yaml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 comments on commit 3dbd8c8

Please sign in to comment.