github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-30 15:28:37 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

DEV: Refactor webauthn to support passkeys (1/3) (#23586)

Browse Source 
This is part 1 of 3, split up of PR #23529. This PR refactors the
webauthn code to support passkey authentication/registration.

Passkeys aren't used yet, that is coming in PRs 2 and 3.

Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com>
This commit is contained in:
Penar Musaraj
2023-10-03 14:59:28 -04:00
committed by GitHub
parent f3c2f148c8
commit 0af6c5efdc
17 changed files with 354 additions and 102 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
app/controllers/users_controller.rb
View File

@ -1578,13 +1578,12 @@ class UsersController < ApplicationController
params.require(:attestation)
params.require(:clientData)
::DiscourseWebauthn::SecurityKeyRegistrationService.new(
::DiscourseWebauthn::RegistrationService.new(
current_user,
params,
challenge: DiscourseWebauthn.challenge(current_user, secure_session),
rp_id: DiscourseWebauthn.rp_id,
origin: Discourse.base_url,
).register_second_factor_security_key
session: secure_session,
factor_type: UserSecurityKey.factor_types[:second_factor],
).register_security_key
render json: success_json
rescue ::DiscourseWebauthn::SecurityKeyError => err
render json: failed_json.merge(error: err.message)
@ -1631,7 +1630,7 @@ class UsersController < ApplicationController
def disable_second_factor
# delete all second factors for a user
current_user.user_second_factors.destroy_all
current_user.security_keys.destroy_all
current_user.second_factor_security_keys.destroy_all
Jobs.enqueue(
:critical_user_email,