feat: passkey support (#11804)

https://github.com/MisskeyIO/misskey/pull/149
2023-09-08 14:05:03 +09:00 · 2023-09-08 14:05:03 +09:00 · ff9a65e8fa
commit ff9a65e8fa
parent bc52d7a4fb
30 changed files with 800 additions and 1028 deletions
--- a/packages/backend/src/models/entities/AttestationChallenge.ts
+++ b/packages/backend/src/models/entities/AttestationChallenge.ts
@ -1,51 +0,0 @@
-/*
- * SPDX-FileCopyrightText: syuilo and other misskey contributors
- * SPDX-License-Identifier: AGPL-3.0-only
- */
-
-import { PrimaryColumn, Entity, JoinColumn, Column, ManyToOne, Index } from 'typeorm';
-import { id } from '../id.js';
-import { MiUser } from './User.js';
-
-@Entity('attestation_challenge')
-export class MiAttestationChallenge {
-	@PrimaryColumn(id())
-	public id: string;
-
-	@Index()
-	@PrimaryColumn(id())
-	public userId: MiUser['id'];
-
-	@ManyToOne(type => MiUser, {
-		onDelete: 'CASCADE',
-	})
-	@JoinColumn()
-	public user: MiUser | null;
-
-	@Index()
-	@Column('varchar', {
-		length: 64,
-		comment: 'Hex-encoded sha256 hash of the challenge.',
-	})
-	public challenge: string;
-
-	@Column('timestamp with time zone', {
-		comment: 'The date challenge was created for expiry purposes.',
-	})
-	public createdAt: Date;
-
-	@Column('boolean', {
-		comment:
-			'Indicates that the challenge is only for registration purposes if true to prevent the challenge for being used as authentication.',
-		default: false,
-	})
-	public registrationChallenge: boolean;
-
-	constructor(data: Partial<MiAttestationChallenge>) {
-		if (data == null) return;
-
-		for (const [k, v] of Object.entries(data)) {
-			(this as any)[k] = v;
-		}
-	}
-}
--- a/packages/backend/src/models/entities/UserSecurityKey.ts
+++ b/packages/backend/src/models/entities/UserSecurityKey.ts
@ -24,25 +24,48 @@ export class MiUserSecurityKey {
 	@JoinColumn()
 	public user: MiUser | null;

-	@Index()
-	@Column('varchar', {
-		comment:
-			'Variable-length public key used to verify attestations (hex-encoded).',
-	})
-	public publicKey: string;
-
-	@Column('timestamp with time zone', {
-		comment:
-			'The date of the last time the UserSecurityKey was successfully validated.',
-	})
-	public lastUsed: Date;
-
 	@Column('varchar', {
 		comment: 'User-defined name for this key',
 		length: 30,
 	})
 	public name: string;

+	@Index()
+	@Column('varchar', {
+		comment: 'The public key of the UserSecurityKey, hex-encoded.',
+	})
+	public publicKey: string;
+
+	@Column('bigint', {
+		comment: 'The number of times the UserSecurityKey was validated.',
+		default: 0,
+	})
+	public counter: number;
+
+	@Column('timestamp with time zone', {
+		comment: 'Timestamp of the last time the UserSecurityKey was used.',
+		default: () => 'now()',
+	})
+	public lastUsed: Date;
+
+	@Column('varchar', {
+		comment: 'The type of Backup Eligibility in authenticator data',
+		length: 32, nullable: true,
+	})
+	public credentialDeviceType: string | null;
+
+	@Column('boolean', {
+		comment: 'Whether or not the credential has been backed up',
+		nullable: true,
+	})
+	public credentialBackedUp: boolean | null;
+
+	@Column('varchar', {
+		comment: 'The type of the credential returned by the browser',
+		length: 32, array: true, nullable: true,
+	})
+	public transports: string[] | null;
+
 	constructor(data: Partial<MiUserSecurityKey>) {
 		if (data == null) return;