@@ -74,17 +74,47 @@ export default {
7474 twoFaSecretFieldName : "secret2fa" ,
7575 timeStepWindow : 1 , // optional time step window for 2FA
7676 // optional callback to define which users should be enforced to use 2FA
77- usersFilterToApply : ( adminUser : AdminUser ) => {
78- if ( process . env . NODE_ENV === "development" ) {
79- return false ;
80- }
81- // return true if user should be enforced to use 2FA,
82- // return true;
83- return adminUser . dbUser . email !== "adminforth" ;
84- } ,
85- usersFilterToAllowSkipSetup : ( adminUser : AdminUser ) => {
86- return adminUser . dbUser . email === "adminforth" ;
87- } ,
77+ // usersFilterToApply: (adminUser: AdminUser) => {
78+ // if (process.env.NODE_ENV === "development") {
79+ // return false;
80+ // }
81+ // // return true if user should be enforced to use 2FA,
82+ // // return true;
83+ // return adminUser.dbUser.email !== "adminforth";
84+ // },
85+ // usersFilterToAllowSkipSetup: (adminUser: AdminUser) => {
86+ // return adminUser.dbUser.email === "adminforth";
87+ // },
88+ passkeys : {
89+ credentialResourceID : "passkeys" ,
90+ credentialIdFieldName : "credential_id" ,
91+ credentialMetaFieldName : "meta" ,
92+ credentialUserIdFieldName : "user_id" ,
93+ settings : {
94+ expectedOrigin : "http://localhost:3000" , // important, set it to your backoffice origin (starts from scheme, no slash at the end)
95+ // relying party config
96+ rp : {
97+ name : "New Reality" ,
98+
99+ // optionaly you can set expected id explicitly if you need to:
100+ // id: "localhost",
101+ } ,
102+ user : {
103+ nameField : "email" ,
104+ displayNameField : "email" ,
105+ } ,
106+ authenticatorSelection : {
107+ // impacts a way how passkey will be created
108+ // - platform - using browser internal authenticator (e.g. Google Chrome passkey / Google Password Manager )
109+ // - cross-platform - using external authenticator (e.g. Yubikey, Google Titan etc)
110+ // - both - plging will show both options to the user
111+ // Can be "platform", "cross-platform" or "both"
112+ authenticatorAttachment : "both" ,
113+ requireResidentKey : true ,
114+ userVerification : "required" ,
115+ } ,
116+ } ,
117+ }
88118 } ) ,
89119 ...( process . env . AWS_ACCESS_KEY_ID
90120 ? [
0 commit comments