UNPKG

expo-passkey

Version:

Passkey authentication for Expo apps with Better Auth integration

github.com/iosazee/expo-passkey

iosazee/expo-passkey

126 lines 5.07 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
/** * @file WebAuthn challenge endpoint * @description Creates and stores challenges for WebAuthn registration and authentication */ import { createAuthEndpoint } from "better-auth/api"; import { APIError } from "better-call"; import crypto from "crypto"; import { challengeSchema } from "../utils/schema"; /** * Creates a WebAuthn challenge endpoint for registration and authentication */ export const createChallengeEndpoint = (options) => { const { logger, schemaConfig } = options; return createAuthEndpoint("/expo-passkey/challenge", { method: "POST", body: challengeSchema, metadata: { openapi: { description: "Generate a WebAuthn challenge for passkey registration or authentication", tags: ["Authentication"], responses: { 200: { description: "Challenge successfully generated", content: { "application/json": { schema: { type: "object", properties: { challenge: { type: "string" }, }, }, }, }, }, 400: { description: "Invalid request", content: { "application/json": { schema: { type: "object", properties: { error: { type: "object", properties: { code: { type: "string" }, message: { type: "string" }, }, }, }, }, }, }, }, }, }, }, }, async (ctx) => { const { userId, type, registrationOptions } = ctx.body; try { logger.debug("Generating WebAuthn challenge:", { userId, type, }); // Verify user exists (for registration) if (type === "registration") { const user = await ctx.context.adapter.findOne({ model: "user", where: [{ field: "id", operator: "eq", value: userId }], }); if (!user) { logger.warn("Challenge generation failed: User not found", { userId, }); throw new APIError("BAD_REQUEST", { code: "USER_NOT_FOUND", message: "User not found", }); } } // Generate a random challenge with sufficient entropy const randomBytes = crypto.randomBytes(32); const challenge = randomBytes.toString("base64url"); // Calculate expiration (5 minutes from now) const now = new Date(); const expiresAt = new Date(now.getTime() + 5 * 60 * 1000); // Store challenge in database await ctx.context.adapter.create({ model: schemaConfig.passkeyChallengeModel, data: { id: ctx.context.generateId({ model: schemaConfig.passkeyChallengeModel, size: 32, }), userId, challenge, type, createdAt: now.toISOString(), expiresAt: expiresAt.toISOString(), // Store registration options if provided (for registration challenges) registrationOptions: registrationOptions ? JSON.stringify(registrationOptions) : null, }, }); logger.debug("Challenge generated successfully", { userId, type, challengeLength: challenge.length, }); // Return the challenge return ctx.json({ challenge, }); } catch (error) { logger.error("Failed to generate challenge:", error); if (error instanceof APIError) throw error; throw new APIError("INTERNAL_SERVER_ERROR", { code: "CHALLENGE_GENERATION_FAILED", message: "Failed to generate challenge", }); } }); }; //# sourceMappingURL=challenge.js.map