django-multifactor icon indicating copy to clipboard operation
django-multifactor copied to clipboard
verified publisher icon oliwarner

"Error: 'rp.id' cannot be used with the current origin" when using FIDO2 and 127.0.0.1

Open maximbelyayev opened this issue 1 year ago • 1 comments

Receive the following error when attempting to add a FIDO2 device using FIDO_SERVER_ID = '127.0.0.1:

Error: 'rp.id' cannot be used with the current origin

[Try again](javascript:void(0)) or [Go to Multifactor Dashboard](https://127.0.0.1:8000/mfa/multifactor/)

This is of course on url https://127.0.0.1:8000/mfa/multifactor/fido2/new/

maximbelyayev avatar Jun 19 '24 20:06 maximbelyayev

I can't make 127.0.0.1 work but I can make localhost:8000 work (as long as there's a TLS certificate - runserver_plus/Werkzeug helps in dev)

./manage.py runserver_plus --cert-file cert.crt

oliwarner avatar Jun 19 '24 22:06 oliwarner

@maximbelyayev -Is this still an issue after the changes from your other reported issue>=?

StevenMapes avatar Nov 19 '24 09:11 StevenMapes

Closed per #70

IPs will never work with https and therefore not fido2, but localhost can work, as can various other real domain options that you can host locally or through (eg) Cloudflare tunnels.

oliwarner avatar Nov 19 '24 11:11 oliwarner