diff --git a/app/auth/views/fido.py b/app/auth/views/fido.py index b2387a59..710f6eac 100644 --- a/app/auth/views/fido.py +++ b/app/auth/views/fido.py @@ -1,8 +1,7 @@ import json import secrets import webauthn -from app.config import URL as SITE_URL -from urllib.parse import urlparse +from app.config import RP_ID from flask import request, render_template, redirect, url_for, flash, session from flask_login import login_user @@ -40,8 +39,6 @@ def fido(): next_url = request.args.get("next") - RP_ID = urlparse(SITE_URL).hostname - webauthn_user = webauthn.WebAuthnUser( user.fido_uuid, user.email, user.name, False, user.fido_credential_id, user.fido_pk, user.fido_sign_count, RP_ID) diff --git a/app/config.py b/app/config.py index 1ffc40ea..77efb9c2 100644 --- a/app/config.py +++ b/app/config.py @@ -4,6 +4,7 @@ import string import subprocess from dotenv import load_dotenv +from urllib.parse import urlparse SHA1 = subprocess.getoutput("git rev-parse HEAD") ROOT_DIR = os.path.abspath(os.path.dirname(os.path.dirname(__file__))) @@ -38,6 +39,9 @@ DEBUG = os.environ["DEBUG"] if "DEBUG" in os.environ else False URL = os.environ["URL"] print(">>> URL:", URL) +# Calculate RP_ID for WebAuthn +RP_ID = urlparse(URL).hostname + SENTRY_DSN = os.environ.get("SENTRY_DSN") # can use another sentry project for the front-end to avoid noises diff --git a/app/dashboard/views/fido_setup.py b/app/dashboard/views/fido_setup.py index 4609abb9..8deb0f96 100644 --- a/app/dashboard/views/fido_setup.py +++ b/app/dashboard/views/fido_setup.py @@ -2,7 +2,7 @@ import uuid import json import secrets import webauthn -from app.config import URL as SITE_URL +from app.config import RP_ID from urllib.parse import urlparse from flask import render_template, flash, redirect, url_for, session @@ -28,8 +28,6 @@ def fido_setup(): fido_token_form = FidoTokenForm() - RP_ID = urlparse(SITE_URL).hostname - # Handling POST requests if fido_token_form.validate_on_submit(): try: