Open infinisil opened 3 years ago
I think that running a server locally would be fine too. That's what I did for the prototype, with the localhost domain.
From https://developer.mozilla.org/en-US/docs/Web/Security/Secure_Contexts :
Locally-delivered resources such as those with http://127.0.0.1 URLs, http://localhost and http://*.localhost URLs (e.g. http://dev.whatever.localhost/), and file:// URLs are also considered to have been delivered securely.
@lykahb Yeah we were also thinking that would be enough initially, but in order to end-to-end test TouchID, we have to access the server running on my desktop from my phone over the local network, at which point it's not localhost
anymore, but the IP from the local network -> No secure context anymore.
Having a domain is also nice for demos :)
With #18 we now have a server we can use to test it during development
Before we close this issue, it would be ideal to have a demo running where people could test the library.
Trying to test the current implementation on my iPhone by connecting to the server running on the local network, I've noticed that this doesn't work because
navigator.credentials
is only available in secure contexts, which this is not.We should have a server with DNS and a valid TLS certificate, so that we can do proper testing of the implementation. This doesn't need to be very complicated, for now just having a server we can ssh into should be enough.