Enhance WebAuthn authentication verification with detailed logging an…

…d config

app/routes/resources+/webauthn+/verify-authentication.ts

@@ -6,7 +6,7 @@ import {
 import { z } from 'zod'
 import { prisma } from '#app/utils/prisma.server.ts'
 import { getSession } from '#app/utils/session.server.ts'
-import { passkeyCookie } from '#app/utils/webauthn.server.ts'
+import { getWebAuthnConfig, passkeyCookie } from '#app/utils/webauthn.server.ts'
 
 const AuthenticationResponseSchema = z.object({
 	id: z.string(),
@@ -52,11 +52,38 @@ export async function action({ request }: ActionFunctionArgs) {
 			throw new Error('Passkey not found')
 		}
 
+		const config = getWebAuthnConfig(request)
+
+		// TODO: remove this log
+		const decodedResponseData = {
+			id: result.data.id,
+			rawId: result.data.rawId,
+			response: {
+				authenticatorData: result.data.response.authenticatorData,
+				clientDataJSON: JSON.parse(
+					Buffer.from(
+						result.data.response.clientDataJSON,
+						'base64url',
+					).toString(),
+				),
+				signature: Buffer.from(
+					result.data.response.signature,
+					'base64url',
+				).toString('hex'),
+				userHandle: result.data.response.userHandle
+					? Buffer.from(result.data.response.userHandle, 'base64url').toString()
+					: undefined,
+			},
+			type: result.data.type,
+			clientExtensionResults: result.data.clientExtensionResults,
+		}
+		console.log('Decoded authentication response:', decodedResponseData)
+
 		const verification = await verifyAuthenticationResponse({
 			response: result.data,
 			expectedChallenge: cookie.challenge,
-			expectedOrigin: new URL(request.url).origin,
-			expectedRPID: new URL(request.url).hostname,
+			expectedOrigin: config.origin,
+			expectedRPID: config.rpID,
 			credential: {
 				id: result.data.id,
 				publicKey: passkey.publicKey,