LeoVasanko/passkey-auth
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix reset link logic to include /auth when no configured auth-host.

Browse Source
This commit is contained in:
Leo Vasanko
2025-10-02 15:57:20 -06:00
parent 5d8304bbd9
commit bb35e57ba4
5 changed files with 25 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
passkey/bootstrap.py
View File

@@ -47,8 +47,7 @@ async def _create_and_log_admin_reset_link(user_uuid, message, session_type) ->
expires=authsession.expires(), expires=authsession.expires(),
info={"type": session_type}, info={"type": session_type},
) )
base = hostutil.auth_site_base_url() reset_link = hostutil.reset_link_url(token)
reset_link = f"{base}{token}"
logger.info(ADMIN_RESET_MESSAGE, message, reset_link) logger.info(ADMIN_RESET_MESSAGE, message, reset_link)
return reset_link return reset_link

5
passkey/fastapi/admin.py
View File

@@ -357,8 +357,9 @@ async def admin_create_user_registration_link(
expires=expires(), expires=expires(),
info={"type": "device addition", "created_by_admin": True}, info={"type": "device addition", "created_by_admin": True},
) )
base = hostutil.auth_site_base_url(request.url.scheme, request.headers.get("host")) url = hostutil.reset_link_url(
url = f"{base}{token}" token, request.url.scheme, request.headers.get("host")
)
return {"url": url, "expires": expires().isoformat()} return {"url": url, "expires": expires().isoformat()}

5
passkey/fastapi/api.py
View File

@@ -274,8 +274,9 @@ async def api_create_link(request: Request, auth=Cookie(None)):
expires=expires(), expires=expires(),
info=session.infodict(request, "device addition"), info=session.infodict(request, "device addition"),
) )
base = hostutil.auth_site_base_url(request.url.scheme, request.headers.get("host")) url = hostutil.reset_link_url(
url = f"{base}{token}" token, request.url.scheme, request.headers.get("host")
)
return { return {
"message": "Registration link generated successfully", "message": "Registration link generated successfully",
"url": url, "url": url,

3
passkey/fastapi/reset.py
View File

@@ -69,8 +69,7 @@ async def _create_reset(user, role_name: str):
expires=_authsession.expires(), expires=_authsession.expires(),
info={"type": "manual reset", "role": role_name}, info={"type": "manual reset", "role": role_name},
) )
base = hostutil.auth_site_base_url() return hostutil.reset_link_url(token), token
return f"{base}{token}", token
async def _main(query: str | None) -> int: async def _main(query: str | None) -> int:

29
passkey/util/hostutil.py
View File

@@ -42,25 +42,30 @@ def ui_base_path() -> str:
return "/" if is_root_mode() else "/auth/" return "/" if is_root_mode() else "/auth/"
def _format_base_url(scheme: str, netloc: str) -> str:
scheme_part = scheme or _default_origin_scheme()
base = f"{scheme_part}://{netloc}"
return base if base.endswith("/") else f"{base}/"
def auth_site_base_url(scheme: str | None = None, host: str | None = None) -> str: def auth_site_base_url(scheme: str | None = None, host: str | None = None) -> str:
cfg = _load_config() cfg = _load_config()
if cfg: if cfg:
cfg_scheme, cfg_host = cfg cfg_scheme, cfg_host = cfg
scheme_to_use = cfg_scheme or scheme or _default_origin_scheme() scheme_to_use = cfg_scheme or scheme or _default_origin_scheme()
return _format_base_url(scheme_to_use, cfg_host) netloc = cfg_host
else:
if host:
scheme_to_use = scheme or _default_origin_scheme()
netloc = host.strip("/")
else:
origin = global_passkey.instance.origin.rstrip("/")
return f"{origin}{ui_base_path()}"
if host: base = f"{scheme_to_use}://{netloc}".rstrip("/")
scheme_to_use = scheme or _default_origin_scheme() path = ui_base_path().lstrip("/")
return _format_base_url(scheme_to_use, host.strip("/")) return f"{base}/{path}" if path else f"{base}/"
origin = global_passkey.instance.origin.rstrip("/")
return f"{origin}/auth/" def reset_link_url(
token: str, scheme: str | None = None, host: str | None = None
) -> str:
base = auth_site_base_url(scheme, host)
return f"{base}{token}"
def reload_config() -> None: def reload_config() -> None: