Description
Bug
When self-hosting EmDash behind a reverse proxy (Traefik, nginx, etc),
the internal request URL is localhost, causing getPasskeyConfig() to
set rpId: "localhost" regardless of the configured rpId.
Root Cause
In packages/auth/src/passkey/config.ts, getPasskeyConfig() derives
rpId from url.hostname instead of reading from config:
```ts
function getPasskeyConfig(url, siteName) {
return {
rpName: siteName || url.hostname,
rpId: url.hostname, // ← ignores config
origin: url.origin
};
}
```
Fix
Read rpId from config when available:
```ts
function getPasskeyConfig(url, siteName, config?) {
return {
rpName: config?.rpName || siteName || url.hostname,
rpId: config?.rpId || url.hostname,
origin: config?.origin || url.origin
};
}
```
Workaround
Patch the built chunk directly and set explicit values.
Environment
- Self-hosted Node.js + SQLite
- Behind Traefik reverse proxy
- Cloudflare DNS proxy
Steps to reproduce
Root Cause
In packages/auth/src/passkey/config.ts, getPasskeyConfig() derives
rpId from url.hostname instead of reading from config:
```ts
function getPasskeyConfig(url, siteName) {
return {
rpName: siteName || url.hostname,
rpId: url.hostname, // ← ignores config
origin: url.origin
};
}
```
Environment
Environment
- Self-hosted Node.js + SQLite
- Behind Traefik reverse proxy
- Cloudflare DNS proxy
Logs / error output
Description
Bug
When self-hosting EmDash behind a reverse proxy (Traefik, nginx, etc),
the internal request URL is
localhost, causinggetPasskeyConfig()toset
rpId: "localhost"regardless of the configured rpId.Root Cause
In
packages/auth/src/passkey/config.ts,getPasskeyConfig()derivesrpId from
url.hostnameinstead of reading from config:```ts
function getPasskeyConfig(url, siteName) {
return {
rpName: siteName || url.hostname,
rpId: url.hostname, // ← ignores config
origin: url.origin
};
}
```
Fix
Read rpId from config when available:
```ts
function getPasskeyConfig(url, siteName, config?) {
return {
rpName: config?.rpName || siteName || url.hostname,
rpId: config?.rpId || url.hostname,
origin: config?.origin || url.origin
};
}
```
Workaround
Patch the built chunk directly and set explicit values.
Environment
Steps to reproduce
Root Cause
In
packages/auth/src/passkey/config.ts,getPasskeyConfig()derivesrpId from
url.hostnameinstead of reading from config:```ts
function getPasskeyConfig(url, siteName) {
return {
rpName: siteName || url.hostname,
rpId: url.hostname, // ← ignores config
origin: url.origin
};
}
```
Environment
Environment
Logs / error output