From 1f63a8e0a2675e9ef110dfeb4360ec3255061faa Mon Sep 17 00:00:00 2001 From: Andrew Min Date: Tue, 28 Nov 2023 13:47:46 -0500 Subject: [PATCH] feedback --- Dockerfile | 2 ++ README.md | 15 ++++++--------- auth/index.html | 4 ++-- 3 files changed, 10 insertions(+), 11 deletions(-) diff --git a/Dockerfile b/Dockerfile index 68857b7..e17a92e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -7,6 +7,8 @@ LABEL org.opencontainers.image.source https://github.com/tkhq/frames COPY nginx.conf /etc/nginx/nginx.conf +# maintain recovery for backwards compatibility +COPY auth /usr/share/nginx/recovery COPY auth /usr/share/nginx/auth COPY export /usr/share/nginx/export diff --git a/README.md b/README.md index 404d8c2..5393292 100644 --- a/README.md +++ b/README.md @@ -1,22 +1,19 @@ # Frames -This repository contains code for the recovery, export, and auth components of Turnkey. These components can be embedded as iframes by users to support end-users. +This repository contains code for the auth (which includes recovery) and export components of Turnkey. These components can be embedded as iframes by users to support end-users. -## Email Recovery -This self-contained HTML page is meant to be used as a standalone document to help first-party Turnkey root users. It's also going to be embedded as an iframe to help with sub-org root recovery. +## Auth +This self-contained HTML page is meant to be used for the following use cases: +- As a standalone document to enable first-party Turnkey root users to perform recovery and auth +- Embedded as an iframe for sub-org root recovery and auth -This page is hosted at https://auth.turnkey.com/ +This page is hosted at https://auth.turnkey.com/, but we will retain https://recovery.turnkey.com/for compatibility. ## Key and Wallet Export This self-contained HTML page is meant to be used as either a standalone document or to be embedded as an iframe. This page is hosted at https://export.turnkey.com/ -## Auth (via Email) -This self-contained HTML page is meant to be used as either a standalone document or to be embedded as an iframe. - -This page is also hosted at https://auth.turnkey.com/ - # Getting Started Clone the repo: diff --git a/auth/index.html b/auth/index.html index 142a166..f135357 100644 --- a/auth/index.html +++ b/auth/index.html @@ -864,7 +864,7 @@

Message log

// TODO: find a way to filter messages and ensure they're coming from the parent window? // We do not want to arbitrarily receive messages from all origins. window.addEventListener("message", async function(event) { - if (event.data && event.data["type"] == "INJECT_CREDENTIAL_BUNDLE") { + if (event.data && (event.data["type"] == "INJECT_CREDENTIAL_BUNDLE" || event.data["type"] == "INJECT_RECOVERY_BUNDLE")) { TKHQ.logMessage(`⬇️ Received message ${event.data["type"]}: ${event.data["value"]}`); try { await onInjectBundle(event.data["value"]) @@ -891,7 +891,7 @@

Message log

}, false); /** - * Event handlers to power the recovery flow in standalone mode + * Event handlers to power the recovery and auth flows in standalone mode * Instead of receiving events from the parent page, forms trigger them. * This is useful for debugging as well. */