LSP-Examples/WebAuthn/example1/.preload at master · RealTimeLogic/LSP-Examples · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
trace"example1/.preload: Starting Example"
local cbor
if not pcall(function() cbor=require"webauthn".cbor end) then
   error"Oops, you did not load the WebAuthnModule example"
end

-- The WebAuthn instance and the webauth directory service; set below
local webauthn,wadir

-- Read or write the Webauthn database
local function rwUserDb(data)
   return require"rwfile".file(ba.openio(xedge and "disk" or "home"),"Webauthn.userdb",data)
end

-- Encode and save the 'users' table, the Webauthn database
local function saveDb(users)
   rwUserDb(cbor.encode(users))
end

-- Read and decode the Webauthn database.
-- Return the 'users' table
local function readDb()
   local data=rwUserDb()
   if data then
      return cbor.decode(data)
   end
   trace"Webauthn.userdb not found. Creating empty DB"
   return {}
end

-- Debug function: Lists all registered authenticators associated with
-- the user. Prints the binary rawId using B64 encoding.
local function listAuth(user)
   -- The user table is a key/value store, where key is WebAuth rawId
   -- and value is the device authenticator.
   for rawId,auth in pairs(user) do
      tracep(false,0,string.format("\tUser's authenticator created at '%s', last used at '%s'",
                                  os.date("%c",auth.createdAt), os.date("%c",auth.lastUsedAt)))
   end
end

-- Called when new user registers
local function register(username,user,rawId,url)
   trace(username)
   listAuth(user)
   return true, true, -- accept-reg, immediately
          "Hello new user" -- Sent to browser
end

-- Called when the WebAuthn module activates the new registered user
local function registered(username, cmd)
   trace(username)
   saveDb(webauthn:get())
end

-- Called when the WebAuthn module authenticated an existing user
local function authenticate(cmd,username,user,rawId)
   local auth=user[rawId] -- get authenticator
   trace(username,auth.signatureCounter)
   listAuth(user)
   return true,
          "Hello "..username -- sent to browser
end

webauthn,wadir=require"webauthn".create{
   register=register,
   registered=registered,
   authenticate=authenticate,
   loginerr=function(emsg) trace("WebAuthn failed:",emsg) end
}
dir:insert(wadir)
webauthn:set(readDb())

_ENV.webauthn=webauthn -- Reference (anchor) the 'local' variable so it's not GC'd.
assert(_ENV == app) -- FYI: they are the same