diff --git a/lib/new-admin/graphql/modules/authentication/FIDO2FAStrategy.js b/lib/new-admin/graphql/modules/authentication/FIDO2FAStrategy.js index 82cd4ee1..8b399e44 100644 --- a/lib/new-admin/graphql/modules/authentication/FIDO2FAStrategy.js +++ b/lib/new-admin/graphql/modules/authentication/FIDO2FAStrategy.js @@ -13,8 +13,8 @@ const devMode = require('minimist')(process.argv.slice(2)).dev const REMEMBER_ME_AGE = 90 * T.day -const rpID = devMode ? `localhost:3001` : domain -const expectedOrigin = `https://${rpID}` +const rpID = domain +const expectedOrigin = `https://${rpID}${devMode ? `:3001` : ``}` const generateAttestationOptions = (session, options) => { return users.getUserById(options.userId).then(user => { diff --git a/lib/new-admin/graphql/modules/authentication/FIDOPasswordlessStrategy.js b/lib/new-admin/graphql/modules/authentication/FIDOPasswordlessStrategy.js index 8c39e624..b31d3277 100644 --- a/lib/new-admin/graphql/modules/authentication/FIDOPasswordlessStrategy.js +++ b/lib/new-admin/graphql/modules/authentication/FIDOPasswordlessStrategy.js @@ -12,8 +12,8 @@ const devMode = require('minimist')(process.argv.slice(2)).dev const REMEMBER_ME_AGE = 90 * T.day -const rpID = devMode ? `localhost:3001` : domain -const expectedOrigin = `https://${rpID}` +const rpID = domain +const expectedOrigin = `https://${rpID}${devMode ? `:3001` : ``}` const generateAttestationOptions = (session, options) => { return users.getUserById(options.userId).then(user => { diff --git a/lib/new-admin/graphql/modules/authentication/FIDOUsernamelessStrategy.js b/lib/new-admin/graphql/modules/authentication/FIDOUsernamelessStrategy.js index 2a1ee59a..8d1ae4ec 100644 --- a/lib/new-admin/graphql/modules/authentication/FIDOUsernamelessStrategy.js +++ b/lib/new-admin/graphql/modules/authentication/FIDOUsernamelessStrategy.js @@ -12,8 +12,8 @@ const devMode = require('minimist')(process.argv.slice(2)).dev const REMEMBER_ME_AGE = 90 * T.day -const rpID = devMode ? `localhost:3001` : domain -const expectedOrigin = `https://${rpID}` +const rpID = domain +const expectedOrigin = `https://${rpID}${devMode ? `:3001` : ``}` const generateAttestationOptions = (session, options) => { return credentials.getHardwareCredentials().then(devices => {