fix: passkey user verification compatibility for v13 (#883)

fix: disable requireUserVerification for passkey auth compatibility @simplewebauthn/server v13 defaults requireUserVerification to true, causing "User verification required, but user could not be verified" errors for existing passkeys and authenticators that don't enforce UV. Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-06 20:32:55 +08:00 · 2026-03-09 03:06:54 +08:00
parent 13c3879033
commit 75236e6a53
1 changed files with 2 additions and 1 deletions
--- a/worker/src/user_api/passkey.ts
+++ b/worker/src/user_api/passkey.ts
@@ -88,7 +88,7 @@ export default {
                return true;
            },
            expectedOrigin: origin,
-            requireUserVerification: true,
+            requireUserVerification: false,
        });
        const { verified, registrationInfo } = verification;

@@ -162,6 +162,7 @@ export default {
            },
            expectedOrigin: origin,
            expectedRPID: domain,
+            requireUserVerification: false,
            credential: {
                id: passkeyData.id,
                publicKey: isoBase64URL.toBuffer(passkeyData.publicKey),