UNPKG

expo-passkey

Version:

Passkey authentication for Expo apps with Better Auth integration

github.com/iosazee/expo-passkey

iosazee/expo-passkey

107 lines 4.44 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
/** * @file Revoke passkey endpoint * @description Implementation of the endpoint to revoke a WebAuthn passkey */ import { createAuthEndpoint } from "better-auth/api"; import { APIError } from "better-call"; import { ERROR_CODES, ERROR_MESSAGES } from "../../types/errors"; import { revokePasskeySchema } from "../utils/schema"; /** * Create endpoint to revoke a passkey */ export const createRevokeEndpoint = (options) => { const { logger, schemaConfig } = options; return createAuthEndpoint("/expo-passkey/revoke", { method: "POST", body: revokePasskeySchema, metadata: { openapi: { description: "Revoke a registered WebAuthn passkey", tags: ["Authentication"], responses: { 200: { description: "Passkey successfully revoked", content: { "application/json": { schema: { type: "object", properties: { success: { type: "boolean" }, }, }, }, }, }, 404: { description: "Passkey not found", content: { "application/json": { schema: { type: "object", properties: { error: { type: "object", properties: { code: { type: "string" }, message: { type: "string" }, }, }, }, }, }, }, }, }, }, }, }, async (ctx) => { const { userId, credentialId, reason } = ctx.body; try { logger.debug("Revoking passkey", { userId, credentialId }); // Find the active credential for the provided credential ID and user ID const credential = await ctx.context.adapter.findOne({ model: schemaConfig.authPasskeyModel, where: [ { field: "credentialId", operator: "eq", value: credentialId }, { field: "userId", operator: "eq", value: userId }, { field: "status", operator: "eq", value: "active" }, ], }); if (!credential) { logger.warn("Revoke failed: Passkey not found", { credentialId }); throw new APIError("NOT_FOUND", { code: ERROR_CODES.SERVER.CREDENTIAL_NOT_FOUND, message: ERROR_MESSAGES[ERROR_CODES.SERVER.CREDENTIAL_NOT_FOUND], }); } const now = new Date().toISOString(); // Update the credential to revoked status await ctx.context.adapter.update({ model: schemaConfig.authPasskeyModel, where: [{ field: "id", operator: "eq", value: credential.id }], update: { status: "revoked", revokedAt: now, revokedReason: reason || "user_initiated", updatedAt: now, }, }); logger.info("Passkey revoked successfully", { userId, credentialId, reason: reason || "user_initiated", }); return ctx.json({ success: true }); } catch (error) { logger.error("Failed to revoke passkey", error); if (error instanceof APIError) throw error; throw new APIError("BAD_REQUEST", { code: ERROR_CODES.SERVER.REVOCATION_FAILED, message: ERROR_MESSAGES[ERROR_CODES.SERVER.REVOCATION_FAILED], }); } }); }; //# sourceMappingURL=revoke.js.map