diff options
author | Truong Nguyen <truongnmt.dev@gmail.com> | 2021-08-26 23:51:22 +0900 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-08-26 09:51:22 -0500 |
commit | 7283a5d3b94b655172744996ffa43ec80aff0e08 (patch) | |
tree | 60af89149d26d049e25dfe829ae54376a873c2b7 | |
parent | 94bcf453219da73015cc977835717516b9dc0a67 (diff) |
Explicitly set userVerification to discoraged (#16545)
-rw-r--r-- | app/controllers/auth/sessions_controller.rb | 5 | ||||
-rw-r--r-- | app/controllers/settings/two_factor_authentication/webauthn_credentials_controller.rb | 3 |
2 files changed, 6 insertions, 2 deletions
diff --git a/app/controllers/auth/sessions_controller.rb b/app/controllers/auth/sessions_controller.rb index 7afd09e10..2c3d510cb 100644 --- a/app/controllers/auth/sessions_controller.rb +++ b/app/controllers/auth/sessions_controller.rb @@ -45,7 +45,10 @@ class Auth::SessionsController < Devise::SessionsController user = find_user if user&.webauthn_enabled? - options_for_get = WebAuthn::Credential.options_for_get(allow: user.webauthn_credentials.pluck(:external_id)) + options_for_get = WebAuthn::Credential.options_for_get( + allow: user.webauthn_credentials.pluck(:external_id), + user_verification: 'discouraged' + ) session[:webauthn_challenge] = options_for_get.challenge diff --git a/app/controllers/settings/two_factor_authentication/webauthn_credentials_controller.rb b/app/controllers/settings/two_factor_authentication/webauthn_credentials_controller.rb index 1c557092b..a50d30f06 100644 --- a/app/controllers/settings/two_factor_authentication/webauthn_credentials_controller.rb +++ b/app/controllers/settings/two_factor_authentication/webauthn_credentials_controller.rb @@ -21,7 +21,8 @@ module Settings display_name: current_user.account.username, id: current_user.webauthn_id, }, - exclude: current_user.webauthn_credentials.pluck(:external_id) + exclude: current_user.webauthn_credentials.pluck(:external_id), + authenticator_selection: { user_verification: 'discouraged' } ) session[:webauthn_challenge] = options_for_create.challenge |