diff --git a/README.md b/README.md
index a0ed8c2..7478d8b 100644
--- a/README.md
+++ b/README.md
@@ -31,14 +31,14 @@ A repository with full stack WebAuthn API examples.
### How to start the project locally?
1. Initialize package manager:
- Make sure you're running Node v20. Then initialize a package manager (corepack) by calling:
+ Make sure you're running Node v20. Then initialize a package manager:
```sh
corepack enable
corepack install
```
- It finds `packageManager` field and install Yarn 4.
+ It finds `packageManager` field and installs Yarn 4.
2. Install dependencies:
diff --git a/examples/simplewebauthn/src/modules/passkeys/components/PasskeysWithFirebasePage/FirebaseExample/LoginWithPasskey/LoginWithPasskey.tsx b/examples/simplewebauthn/src/modules/passkeys/components/PasskeysWithFirebasePage/FirebaseExample/LoginWithPasskey/LoginWithPasskey.tsx
index a31c7f5..c76a2a6 100644
--- a/examples/simplewebauthn/src/modules/passkeys/components/PasskeysWithFirebasePage/FirebaseExample/LoginWithPasskey/LoginWithPasskey.tsx
+++ b/examples/simplewebauthn/src/modules/passkeys/components/PasskeysWithFirebasePage/FirebaseExample/LoginWithPasskey/LoginWithPasskey.tsx
@@ -51,7 +51,7 @@ export const LoginWithPasskey = () => {
>
- name='email' autoComplete='email webauthn' />
+ name='email' autoComplete='username webauthn' />
}>
diff --git a/examples/simplewebauthn/src/pages/_error.jsx b/examples/simplewebauthn/src/pages/_error.jsx
index 46a61d6..2ddb53e 100644
--- a/examples/simplewebauthn/src/pages/_error.jsx
+++ b/examples/simplewebauthn/src/pages/_error.jsx
@@ -1,17 +1,17 @@
-import * as Sentry from "@sentry/nextjs";
-import Error from "next/error";
+import Error from 'next/error';
+import * as Sentry from '@sentry/nextjs';
-const CustomErrorComponent = (props) => {
- return ;
+const CustomErrorComponent = props => {
+ return ;
};
-CustomErrorComponent.getInitialProps = async (contextData) => {
- // In case this is running in a serverless function, await this in order to give Sentry
- // time to send the error before the lambda exits
- await Sentry.captureUnderscoreErrorException(contextData);
+CustomErrorComponent.getInitialProps = async contextData => {
+ // In case this is running in a serverless function, await this in order to give Sentry
+ // time to send the error before the lambda exits
+ await Sentry.captureUnderscoreErrorException(contextData);
- // This will contain the status code of the response
- return Error.getInitialProps(contextData);
+ // This will contain the status code of the response
+ return Error.getInitialProps(contextData);
};
export default CustomErrorComponent;
diff --git a/examples/simplewebauthn/src/pages/api/authentication/with-firebase/login/verify.ts b/examples/simplewebauthn/src/pages/api/authentication/with-firebase/login/verify.ts
index 7f63456..8abb008 100644
--- a/examples/simplewebauthn/src/pages/api/authentication/with-firebase/login/verify.ts
+++ b/examples/simplewebauthn/src/pages/api/authentication/with-firebase/login/verify.ts
@@ -33,12 +33,10 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse<
// This might happen if the user has removed the passkey from the account
// but the private passkey source is still stored in a keychain / password manager.
if (!passkey) {
- /**
- * Or we could return registration options and pass it back with a custom error code,
- * so client can start registration process right away.
- * Depends on a use-case, of course.
- */
- return res.status(400).end('Passkey not found.');
+ // Yes, this message would have been better however it could be a security risk (i.e. username enumeration):
+ // Checkout https://w3c.github.io/webauthn/#sctn-username-enumeration.
+ // return res.status(400).end('Passkey not found.');
+ return res.status(401).end('User not verified.');
}
const { transports, credentialId, credentialPublicKey, credentialCounter } = passkey;