Add webauth & magic links to sveltekit (#973)

* Add webauth & magic links to sveltekit * Set cookies w setVerifierCookie & setAuthCookie Use 307 status in redirects * Use set/del cookie funcs instead of class methods * Update set cookie functions Use separate functions for verifier and auth token. * Add class methods for setting/deleting cookies
edgedb · May 17, 2024 · 2e2f007 · 2e2f007
1 parent 2e247ad
commit 2e2f007
Show file tree

Hide file tree

Showing 2 changed files with 277 additions and 60 deletions.
diff --git a/packages/auth-sveltekit/src/client.ts b/packages/auth-sveltekit/src/client.ts
@@ -1,14 +1,16 @@
 import type { BuiltinOAuthProviderNames } from "@edgedb/auth-core";
+import { WebAuthnClient } from "@edgedb/auth-core/webauthn";
 
 export interface AuthOptions {
   baseUrl: string;
   authRoutesPath?: string;
   authCookieName?: string;
   pkceVerifierCookieName?: string;
   passwordResetPath?: string;
+  magicLinkFailurePath?: string;
 }
 
-type OptionalOptions = "passwordResetPath";
+type OptionalOptions = "passwordResetPath" | "magicLinkFailurePath";
 
 export type AuthConfig = Required<Omit<AuthOptions, OptionalOptions>> &
   Pick<AuthOptions, OptionalOptions> & { authRoute: string };
@@ -25,6 +27,7 @@ export function getConfig(options: AuthOptions) {
     pkceVerifierCookieName:
       options.pkceVerifierCookieName ?? "edgedb-pkce-verifier",
     passwordResetPath: options.passwordResetPath,
+    magicLinkFailurePath: options.magicLinkFailurePath,
     authRoute: `${baseUrl}/${authRoutesPath}`,
   };
 }
@@ -36,11 +39,19 @@ export default function createClientAuth(options: AuthOptions) {
 export class ClientAuth {
   protected readonly config: AuthConfig;
   protected readonly isSecure: boolean;
+  readonly webAuthnClient: WebAuthnClient;
 
   /** @internal */
   constructor(options: AuthOptions) {
     this.config = getConfig(options);
     this.isSecure = this.config.baseUrl.startsWith("https");
+    this.webAuthnClient = new WebAuthnClient({
+      signupOptionsUrl: `${this.config.authRoute}/webauthn/signup/options`,
+      signupUrl: `${this.config.authRoute}/webauthn/signup`,
+      signinOptionsUrl: `${this.config.authRoute}/webauthn/signin/options`,
+      signinUrl: `${this.config.authRoute}/webauthn/signin`,
+      verifyUrl: `${this.config.authRoute}/webauthn/verify`,
+    });
   }
 
   getOAuthUrl(providerName: BuiltinOAuthProviderNames) {