search

cedarcode / webauthn-ruby

WebAuthn ruby server library ― Make your Ruby/Rails web server become a conformant WebAuthn Relying Party
https://rubygems.org/gems/webauthn
MIT License
658 stars 55 forks source link

support for multiple origins #344

Closed Fivell closed 3 years ago

Fivell commented 3 years ago

Hello first of all thanks for this awesome gem! Is it possible currently to use webauthn-ruby when application have several front-ends on different domains? I noticed that origin should be passed during initialisation process 

WebAuthn.configure do |config|
  # This value needs to match `window.location.origin` evaluated by
  # the User Agent during registration and authentication ceremonies.
  config.origin = "https://auth.example.com"
end

What if i have several possible origins, like admin.example.com and customer.example.com

Thanks

santiagorodriguez96 commented 3 years ago

Hi @Fivell 👋 !

Thank you for opening this issue!

Is it possible currently to use webauthn-ruby when application have several front-ends on different domains?

Actually it is possible to do that! This feature was requested a few times to us – see #285 and #308 – so we decided to take a stab at it some time ago. In fact, this behavior was introduced as part of v3.0.0.alpha1 with the introduction of the RelyingParty class – see #296.

Please take a look at #327 to see the a work in progress documentation on how to use this new approach, and please let us know of any feedback you have on how it works or anything!

We'd be glad to try to help you and answer your questions if you have more after reading that! Thanks!

Fivell commented 3 years ago

@santiagorodriguez96 thanks for pointing to unmerged PR with docs, they are quite good, keep rocking!