From 6d3d5d03f885a8e7d7b22bcfe75b9d994ed25b97 Mon Sep 17 00:00:00 2001 From: Manav Rathi Date: Sun, 26 May 2024 05:38:50 +0530 Subject: [PATCH 1/4] Use correct origin for passkey API requests --- web/packages/accounts/services/passkey.ts | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/web/packages/accounts/services/passkey.ts b/web/packages/accounts/services/passkey.ts index e75c667d7..d215b0d04 100644 --- a/web/packages/accounts/services/passkey.ts +++ b/web/packages/accounts/services/passkey.ts @@ -1,6 +1,7 @@ import log from "@/next/log"; import { CustomError } from "@ente/shared/error"; import HTTPService from "@ente/shared/network/HTTPService"; +import { getEndpoint } from "@ente/shared/network/api"; import { getToken } from "@ente/shared/storage/localStorage/helpers"; export const isPasskeyRecoveryEnabled = async () => { @@ -8,7 +9,7 @@ export const isPasskeyRecoveryEnabled = async () => { const token = getToken(); const resp = await HTTPService.get( - "/users/two-factor/recovery-status", + `${getEndpoint()}/users/two-factor/recovery-status`, {}, { "X-Auth-Token": token, @@ -35,7 +36,7 @@ export const configurePasskeyRecovery = async ( const token = getToken(); const resp = await HTTPService.post( - "/users/two-factor/passkeys/configure-recovery", + `${getEndpoint()}/users/two-factor/passkeys/configure-recovery`, { secret, userEncryptedSecret, From 5fe5451f5ce47f5771be470f884413389a7f43b9 Mon Sep 17 00:00:00 2001 From: Manav Rathi Date: Sun, 26 May 2024 08:20:03 +0530 Subject: [PATCH 2/4] Fix key length error [error] failed to redirect to accounts page: TypeError: invalid key length --- web/apps/photos/src/components/Sidebar/index.tsx | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/web/apps/photos/src/components/Sidebar/index.tsx b/web/apps/photos/src/components/Sidebar/index.tsx index c01ffe48b..67f61d1f4 100644 --- a/web/apps/photos/src/components/Sidebar/index.tsx +++ b/web/apps/photos/src/components/Sidebar/index.tsx @@ -14,6 +14,7 @@ import { ACCOUNTS_PAGES, PHOTOS_PAGES as PAGES, } from "@ente/shared/constants/pages"; +import ComlinkCryptoWorker from "@ente/shared/crypto"; import { getRecoveryKey } from "@ente/shared/crypto/helpers"; import { encryptToB64, @@ -494,9 +495,10 @@ const UtilitySection: React.FC = ({ closeSidebar }) => { const resetSecret = await generateEncryptionKey(); + const cryptoWorker = await ComlinkCryptoWorker.getInstance(); const encryptionResult = await encryptToB64( resetSecret, - recoveryKey, + await cryptoWorker.fromHex(recoveryKey), ); await configurePasskeyRecovery( From db3764d448fa4c1da6d2d7acc2d3d5121497ae95 Mon Sep 17 00:00:00 2001 From: Manav Rathi Date: Sun, 26 May 2024 08:29:57 +0530 Subject: [PATCH 3/4] Fix param name to match server --- web/packages/accounts/services/passkey.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/web/packages/accounts/services/passkey.ts b/web/packages/accounts/services/passkey.ts index d215b0d04..737592510 100644 --- a/web/packages/accounts/services/passkey.ts +++ b/web/packages/accounts/services/passkey.ts @@ -29,7 +29,7 @@ export const isPasskeyRecoveryEnabled = async () => { export const configurePasskeyRecovery = async ( secret: string, - userEncryptedSecret: string, + userSecretCipher: string, userSecretNonce: string, ) => { try { @@ -39,7 +39,7 @@ export const configurePasskeyRecovery = async ( `${getEndpoint()}/users/two-factor/passkeys/configure-recovery`, { secret, - userEncryptedSecret, + userSecretCipher, userSecretNonce, }, { From d0d491f7f532c11d8086b15725038dc867df7c0b Mon Sep 17 00:00:00 2001 From: Manav Rathi Date: Sun, 26 May 2024 08:32:30 +0530 Subject: [PATCH 4/4] Pass the token instead of a query param --- web/packages/accounts/services/passkey.ts | 1 + 1 file changed, 1 insertion(+) diff --git a/web/packages/accounts/services/passkey.ts b/web/packages/accounts/services/passkey.ts index 737592510..809517791 100644 --- a/web/packages/accounts/services/passkey.ts +++ b/web/packages/accounts/services/passkey.ts @@ -42,6 +42,7 @@ export const configurePasskeyRecovery = async ( userSecretCipher, userSecretNonce, }, + undefined, { "X-Auth-Token": token, },