Add ensureValidRpId helper to validate and correct rp.id for WebAuthn
operations, preventing authentication failures when the configured rp.id
doesn't match the current hostname. Also add OAuthProvider type and fix
type casting in LoginPage.
- Store authentication tokens explicitly before setting user state in login
and TOTP verification flows to prevent race conditions
- Add 'credentials: include' to WebAuthn endpoints for proper session
cookie handling
- Add comprehensive debug logging throughout authentication flow to trace
token lifecycle and API requests
- Update WebAuthn completeLogin to use fetch directly instead of request
helper to properly handle session cookies
- Add allowedHosts configuration to Vite dev server
nexgen_mirrors
coryHawkvelt
gpt-engineer-app[bot]