Skip to content

Commit 02dbcb6

Browse files
committed
Remove redundant code relating to v1 endpoints
Cleanup Sveltekit demo Prepare for 2.9.2
1 parent a73d2fb commit 02dbcb6

23 files changed

Lines changed: 501 additions & 424 deletions

File tree

CHANGELOG.md

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
77

88
## [Unreleased]
99

10+
## [2.9.2] - 2026-06-25
11+
12+
### Removed
13+
14+
- Legacy code relating to old V1 endpoints
15+
1016
## [2.9.1] - 2026-06-25
1117

1218
### Changed
@@ -63,6 +69,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
6369

6470
await passlock.authorizePasskeyRegistration({
6571
rpId: 'example.com',
72+
rpName: 'Example App',
6673
...
6774
});
6875

README.md

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -61,7 +61,7 @@ Framework agnostic. Standards compliant.
6161
Works out of the box with sensible defaults.
6262

6363
**:arrow_right: Related origins**
64-
Migrate user passkeys to a new domain.
64+
Migrate passkeys with backend-selected RP IDs and WebAuthn related-origin files.
6565

6666
**:iphone: Credential management**
6767
Manage passkeys on end-user devices.
@@ -103,6 +103,7 @@ const passlock = new Passlock({ tenancyId, apiKey });
103103
const result = await passlock.authorizePasskeyRegistration(
104104
{
105105
rpId: "example.com",
106+
rpName: "Example App",
106107
userId: "user_123",
107108
username: "jdoe@gmail.com",
108109
displayName: "Jane Doe",
@@ -118,6 +119,9 @@ if (result.failure) {
118119
console.log("registration token: %s", result.value.registrationToken);
119120
```
120121

122+
Choose `rpId` in your backend for each prepared passkey ceremony. Passlock no
123+
longer uses a separate tenancy-level passkey settings RP ID.
124+
121125
```typescript
122126
// frontend/register.ts
123127
import { Passlock } from "@passlock/browser";

README.template.md

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -61,7 +61,7 @@ Framework agnostic. Standards compliant.
6161
Works out of the box with sensible defaults.
6262

6363
**:arrow_right: Related origins**
64-
Migrate user passkeys to a new domain.
64+
Migrate passkeys with backend-selected RP IDs and WebAuthn related-origin files.
6565

6666
**:iphone: Credential management**
6767
Manage passkeys on end-user devices.
@@ -103,6 +103,7 @@ const passlock = new Passlock({ tenancyId, apiKey });
103103
const result = await passlock.authorizePasskeyRegistration(
104104
{
105105
rpId: "example.com",
106+
rpName: "Example App",
106107
userId: "user_123",
107108
username: "jdoe@gmail.com",
108109
displayName: "Jane Doe",
@@ -118,6 +119,9 @@ if (result.failure) {
118119
console.log("registration token: %s", result.value.registrationToken);
119120
```
120121

122+
Choose `rpId` in your backend for each prepared passkey ceremony. Passlock no
123+
longer uses a separate tenancy-level passkey settings RP ID.
124+
121125
```typescript
122126
// frontend/register.ts
123127
import { Passlock } from "@passlock/browser";

examples/sveltekit/README.md

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -57,7 +57,9 @@ Follow the prompts and take note of your `Tenancy ID` and `API Key`.
5757
### 4. Set environment variables
5858

5959
Copy the `.env.example` to `.env` and set the `PUBLIC_PASSLOCK_TENANCY_ID`,
60-
`PASSLOCK_API_KEY`, and `PASSLOCK_RP_ID` variables.
60+
`PASSLOCK_API_KEY`, and `PASSLOCK_RP_ID` variables. `PASSLOCK_RP_ID` is the
61+
backend-selected relying party ID sent when the example authorizes passkey
62+
registration and authentication.
6163

6264
### 5. Setup the database
6365

examples/sveltekit/package.json

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
{
22
"name": "@passlock/sveltekit-example",
3-
"version": "2.9.1",
3+
"version": "2.9.2",
44
"private": true,
55
"description": "SvelteKit app making full use of passkeys along with email based one time login codes",
66
"type": "module",
@@ -29,14 +29,14 @@
2929
"@eslint/compat": "^2.1.0",
3030
"@eslint/js": "^10.0.1",
3131
"@lucide/svelte": "^1.21.0",
32-
"@passlock/browser": "workspace:^",
33-
"@passlock/server": "workspace:^",
32+
"@passlock/browser": "^2.9.2",
33+
"@passlock/server": "^2.9.2",
3434
"@sveltejs/adapter-auto": "^7.0.1",
3535
"@sveltejs/adapter-node": "^5.5.6",
3636
"@sveltejs/kit": "^2.67.0",
3737
"@sveltejs/vite-plugin-svelte": "^7.1.2",
3838
"@tailwindcss/vite": "4.3.1",
39-
"@types/node": "^26.0.0",
39+
"@types/node": "^24.1.0",
4040
"daisyui": "^5.5.23",
4141
"dotenv": "^17.4.2",
4242
"drizzle-kit": "^0.31.10",
@@ -50,7 +50,7 @@
5050
"prettier-plugin-tailwindcss": "^0.8.0",
5151
"sort-package-json": "catalog:",
5252
"svelte": "^5.56.4",
53-
"svelte-check": "^4.7.0",
53+
"svelte-check": "^4.7.1",
5454
"sveltekit-superforms": "^2.30.1",
5555
"tailwindcss": "^4.3.1",
5656
"typescript": "^6.0.3",

examples/sveltekit/src/lib/server/passlock.ts

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,9 @@ export const getPasslockConfig = () => {
1414
const apiKey = PASSLOCK_API_KEY;
1515
const tenancyId = PUBLIC_PASSLOCK_TENANCY_ID;
1616
const endpoint = PUBLIC_PASSLOCK_ENDPOINT;
17+
// Backend-selected RP ID for prepared passkey ceremonies.
1718
const rpId = PASSLOCK_RP_ID || 'localhost';
19+
const rpName = 'Passlock SvelteKit Example';
1820

1921
if (!apiKey || !tenancyId) {
2022
console.error('Passlock not configured');
@@ -25,6 +27,7 @@ export const getPasslockConfig = () => {
2527
tenancyId,
2628
apiKey,
2729
rpId,
30+
rpName,
2831
endpoint: endpoint || undefined
2932
} as const;
3033
};
@@ -34,9 +37,9 @@ export const getPasslockConfig = () => {
3437
*
3538
* Client code needs the tenancy and optional endpoint so it can talk to
3639
* Passlock via `@passlock/browser`. It MUST NOT receive the API key.
37-
* It SHOULD NOT receive the RP ID, as this is selected by server-side authorization calls.
40+
* It SHOULD NOT receive RP metadata, as this is selected by server-side authorization calls.
3841
*/
3942
export const getPasslockClientConfig = () => {
40-
const { apiKey: _apiKey, rpId: _rpId, ...rest } = getPasslockConfig();
43+
const { apiKey: _apiKey, rpId: _rpId, rpName: _rpName, ...rest } = getPasslockConfig();
4144
return rest;
4245
};

examples/sveltekit/src/routes/passkeys/registration/+server.ts

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,7 @@ export const POST: RequestHandler = async (event) => {
2222
const authorizedRegistration = await PasslockServer.authorizePasskeyRegistration(
2323
{
2424
rpId: config.rpId,
25+
rpName: config.rpName,
2526
userId: String(event.locals.user.userId),
2627
username: event.locals.user.email,
2728
displayName: displayName || undefined,

package.json

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
{
22
"name": "passlock",
3-
"version": "2.9.1",
3+
"version": "2.9.2",
44
"private": true,
55
"description": "Passlock monorepo root",
66
"keywords": [
@@ -28,7 +28,7 @@
2828
"type": "module",
2929
"scripts": {
3030
"build:readme": "VERSION=${npm_package_version} tsx ./scripts/replace-readme-tokens.ts .",
31-
"ncu": "pnpm exec ncu -c 25h -x vite -w -u --peer",
31+
"ncu": "pnpm exec ncu -c 25h -x vite -x @types/node -w -u --peer",
3232
"sort-package-json": "sort-package-json"
3333
},
3434
"devDependencies": {

packages/browser/README.md

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -40,7 +40,7 @@ Powerful passkey features for browser applications.
4040
Framework agnostic. Standards compliant.
4141

4242
2. **🔑 Domain migration**
43-
Use backend-authorized RP IDs with WebAuthn related-origin support.
43+
Use backend-authorized RP IDs with WebAuthn `/.well-known/webauthn` support.
4444

4545
3. **🚀 Zero config passkeys**
4646
Works out of the box with sensible defaults.
@@ -82,9 +82,9 @@ the result with Passlock.
8282

8383
Your backend chooses the RP ID when it authorizes registration or authentication.
8484
The browser library does not accept an RP ID directly; it uses the WebAuthn
85-
options returned by Passlock. During domain migration, configure WebAuthn
86-
related origins for the browser platform if the current origin needs to use
87-
passkeys for a different RP ID.
85+
options returned by Passlock. During domain migration, publish the RP ID
86+
domain's `/.well-known/webauthn` file so browsers and authenticators can enforce
87+
related-origin eligibility.
8888

8989
## More information
9090

packages/browser/README.template.md

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -40,7 +40,7 @@ Powerful passkey features for browser applications.
4040
Framework agnostic. Standards compliant.
4141

4242
2. **🔑 Domain migration**
43-
Use backend-authorized RP IDs with WebAuthn related-origin support.
43+
Use backend-authorized RP IDs with WebAuthn `/.well-known/webauthn` support.
4444

4545
3. **🚀 Zero config passkeys**
4646
Works out of the box with sensible defaults.
@@ -82,9 +82,9 @@ the result with Passlock.
8282

8383
Your backend chooses the RP ID when it authorizes registration or authentication.
8484
The browser library does not accept an RP ID directly; it uses the WebAuthn
85-
options returned by Passlock. During domain migration, configure WebAuthn
86-
related origins for the browser platform if the current origin needs to use
87-
passkeys for a different RP ID.
85+
options returned by Passlock. During domain migration, publish the RP ID
86+
domain's `/.well-known/webauthn` file so browsers and authenticators can enforce
87+
related-origin eligibility.
8888

8989
## More information
9090

0 commit comments

Comments
 (0)