I've recently started looking at U2F in Node.js and Javascript.
I get the error: TypeError: Cannot read property 'registerResponse' of undefined
Before receiving the error on the server i get the following returned:
{errorCode: 5, errorMessage: "NotAllowedError: The operation either timed out or…://w3c.github.io/webauthn/#sec-assertion-privacy."}
The server is using HTTPS and a self signed cert on localhost in Mac os
What could be the issue? The response seems to be empty; and i dont get asked to insert the usb in the browser.
app.js:
const U2F = require("u2f");
const Cors = require("cors");
const session = require("express-session");
const HTTPS = require("https");
const FS = require("fs");
const BodyParser = require("body-parser");
const express = require("express");
var app = express();
var routes = require("./routes")(app);
const APP_ID = "https://localhost:3000";
app.use(BodyParser.json());
app.use(BodyParser.urlencoded({ extended: true }));
app.use(session({ secret: "thepolyglotdeveloper", cookie: { secure: true, maxAge: 60000 }, saveUninitialized: true, resave: true }));
app.use(Cors({ origin: [APP_ID], credentials: true }));
HTTPS.createServer({
key: FS.readFileSync("server.key"),
cert: FS.readFileSync("server.crt")
}, app).listen(3000, () => {
console.log("Listening at :443...");
});
routes.js
const U2F = require("u2f");
const session = require("express-session");
const APP_ID = "https://localhost:3000";
var appRouter = function(app) {
var user;
app.get("/", function(req, res, next) {
res.sendFile(__dirname + '/index.html');
});
app.get("/register", function(req, res, next) {
var session = U2F.request(APP_ID);
app.set("session", JSON.stringify(session));
console.log("session: " + JSON.stringify(session));
res.send(session);
});
app.post("/register", function (req, res, next) {
console.log("res2: " + req.body);
var registration = U2F.checkRegistration(JSON.parse(app.get("session")), req.body.registerResponse);
if(!registration.successful) {
return res.status(500).send({ message: "error" });
} else {
console.log("error");
}
user = registration;
res.send(registration);
});
}
module.exports = appRouter;
index.html
$("#register").click(() => {
if(window.u2f && window.u2f.register) {
$.get("/register", result => {
console.log(result);
window.u2f.register(result.appId, [result], [], response => {
console.log(response);
$.post("/register", { registerResponse: response }, result => {
console.log(result);
});
console.log(response);
});
});
} else {
document.write("<p>U2F is not supported</p>");
}
});
It seems like the request is timing out, or is not allowed. I've tried looking for the solution and so on; but there is little to no information regarding this issue.
Any help is much appreciated!
You are using var routes = require("./routes")(app);
before BodyParser
. Middlewares work in the order they are initialised. So, In your case body-parser
in not even used in the routes.
Put the routes after bodyParser
and cors
:
var app = express();
const APP_ID = "https://localhost:3000";
app.use(BodyParser.json());
app.use(BodyParser.urlencoded({ extended: true }));
app.use(session({ secret: "thepolyglotdeveloper", cookie: { secure: true, maxAge: 60000 }, saveUninitialized: true, resave: true }));
app.use(Cors({ origin: [APP_ID], credentials: true }))
var routes = require("./routes")(app);