From 52628a54ad82b02f8d577649b8f1b19672902ed7 Mon Sep 17 00:00:00 2001 From: Andrew Min Date: Tue, 28 Nov 2023 13:47:46 -0500 Subject: [PATCH] feedback --- Dockerfile | 1 + README.md | 13 +++++-------- auth/index.html | 2 +- 3 files changed, 7 insertions(+), 9 deletions(-) diff --git a/Dockerfile b/Dockerfile index 68857b7..23337a9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -7,6 +7,7 @@ LABEL org.opencontainers.image.source https://github.com/tkhq/frames COPY nginx.conf /etc/nginx/nginx.conf +COPY auth /usr/share/nginx/recovery COPY auth /usr/share/nginx/auth COPY export /usr/share/nginx/export diff --git a/README.md b/README.md index 404d8c2..79e6522 100644 --- a/README.md +++ b/README.md @@ -2,21 +2,18 @@ This repository contains code for the recovery, export, and auth components of Turnkey. These components can be embedded as iframes by users to support end-users. -## Email Recovery -This self-contained HTML page is meant to be used as a standalone document to help first-party Turnkey root users. It's also going to be embedded as an iframe to help with sub-org root recovery. +## Email Recovery and Auth +This self-contained HTML page is meant to be used for the following use cases: +- As a standalone document to enable first-party Turnkey root users to perform recovery and auth +- Embedded as an iframe for sub-org root recovery and auth -This page is hosted at https://auth.turnkey.com/ +This page is hosted at https://auth.turnkey.com/, but we will retain https://recovery.turnkey.com/for compatibility. ## Key and Wallet Export This self-contained HTML page is meant to be used as either a standalone document or to be embedded as an iframe. This page is hosted at https://export.turnkey.com/ -## Auth (via Email) -This self-contained HTML page is meant to be used as either a standalone document or to be embedded as an iframe. - -This page is also hosted at https://auth.turnkey.com/ - # Getting Started Clone the repo: diff --git a/auth/index.html b/auth/index.html index 142a166..b58d5af 100644 --- a/auth/index.html +++ b/auth/index.html @@ -864,7 +864,7 @@

Message log

// TODO: find a way to filter messages and ensure they're coming from the parent window? // We do not want to arbitrarily receive messages from all origins. window.addEventListener("message", async function(event) { - if (event.data && event.data["type"] == "INJECT_CREDENTIAL_BUNDLE") { + if (event.data && (event.data["type"] == "INJECT_CREDENTIAL_BUNDLE" || event.data["type"] == "INJECT_RECOVERY_BUNDLE")) { TKHQ.logMessage(`⬇️ Received message ${event.data["type"]}: ${event.data["value"]}`); try { await onInjectBundle(event.data["value"])