feat: require discoverable credentials and prefer user verification in WebAuthnService
This commit is contained in:
parent
8aebd04d2a
commit
2ffe968342
2 changed files with 44 additions and 1 deletions
|
|
@ -10,6 +10,8 @@ from fido2.webauthn import (
|
|||
PublicKeyCredentialRpEntity,
|
||||
PublicKeyCredentialUserEntity,
|
||||
RegistrationResponse,
|
||||
ResidentKeyRequirement,
|
||||
UserVerificationRequirement,
|
||||
)
|
||||
|
||||
|
||||
|
|
@ -36,6 +38,8 @@ class WebAuthnService:
|
|||
options, state = self._server.register_begin(
|
||||
user=user,
|
||||
credentials=existing_credentials,
|
||||
resident_key_requirement=ResidentKeyRequirement.REQUIRED,
|
||||
user_verification=UserVerificationRequirement.PREFERRED,
|
||||
)
|
||||
return dict(options), state
|
||||
|
||||
|
|
@ -58,7 +62,10 @@ class WebAuthnService:
|
|||
|
||||
Returns (options_dict, state_dict).
|
||||
"""
|
||||
options, state = self._server.authenticate_begin(credentials=credentials)
|
||||
options, state = self._server.authenticate_begin(
|
||||
credentials=credentials,
|
||||
user_verification=UserVerificationRequirement.PREFERRED,
|
||||
)
|
||||
return dict(options), state
|
||||
|
||||
def complete_authentication(
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue