more verify
This commit is contained in:
parent
ec91d280bb
commit
419aa95f1f
|
@ -40,21 +40,6 @@ def fido():
|
|||
|
||||
next_url = request.args.get("next")
|
||||
|
||||
fido_model = FIDO.filter_by(uuid=user.fido_uuid).all()
|
||||
webauthn_users = []
|
||||
for record in fido_model:
|
||||
webauthn_users.append(
|
||||
webauthn.WebAuthnUser(
|
||||
user.fido_uuid,
|
||||
user.email,
|
||||
user.name if user.name else user.email,
|
||||
False,
|
||||
record.credential_id,
|
||||
record.public_key,
|
||||
record.sign_count,
|
||||
RP_ID,
|
||||
)
|
||||
)
|
||||
|
||||
# Handling POST requests
|
||||
if fido_token_form.validate_on_submit():
|
||||
|
@ -66,11 +51,23 @@ def fido():
|
|||
|
||||
challenge = session["fido_challenge"]
|
||||
|
||||
webauthn_assertion_response = webauthn.WebAuthnAssertionResponse(
|
||||
webauthn_users, sk_assertion, challenge, URL, uv_required=False
|
||||
)
|
||||
|
||||
try:
|
||||
fido_key = FIDO.get_by(
|
||||
uuid=user.fido_uuid, credential_id=sk_assertion["id"]
|
||||
)
|
||||
webauthn_user = webauthn.WebAuthnUser(
|
||||
user.fido_uuid,
|
||||
user.email,
|
||||
user.name if user.name else user.email,
|
||||
False,
|
||||
fido_key.credential_id,
|
||||
fido_key.public_key,
|
||||
fido_key.sign_count,
|
||||
RP_ID,
|
||||
)
|
||||
webauthn_assertion_response = webauthn.WebAuthnAssertionResponse(
|
||||
webauthn_user, sk_assertion, challenge, URL, uv_required=False
|
||||
)
|
||||
new_sign_count = webauthn_assertion_response.verify()
|
||||
except Exception as e:
|
||||
LOG.error(f"An error occurred in WebAuthn verification process: {e}")
|
||||
|
@ -98,6 +95,22 @@ def fido():
|
|||
|
||||
session["fido_challenge"] = challenge.rstrip("=")
|
||||
|
||||
fido_model = FIDO.filter_by(uuid=user.fido_uuid).all()
|
||||
webauthn_users = []
|
||||
for record in fido_model:
|
||||
webauthn_users.append(
|
||||
webauthn.WebAuthnUser(
|
||||
user.fido_uuid,
|
||||
user.email,
|
||||
user.name if user.name else user.email,
|
||||
False,
|
||||
record.credential_id,
|
||||
record.public_key,
|
||||
record.sign_count,
|
||||
RP_ID,
|
||||
)
|
||||
)
|
||||
|
||||
webauthn_assertion_options = webauthn.WebAuthnAssertionOptions(
|
||||
webauthn_users, challenge
|
||||
)
|
||||
|
|
|
@ -154,9 +154,9 @@ def fake_data():
|
|||
sign_count=1,
|
||||
)
|
||||
FIDO.create(
|
||||
credential_id="1mR9q5vX61XG7vh7gi8wT0gJ9LkYwHKSzDL5vhtZs3o",
|
||||
credential_id="4SaUPugJ2sAErSnZil6_5_wXIL-Sk6QdFmNm94IL-_g",
|
||||
uuid="59576167-6c37-4d67-943b-4683b24ff821",
|
||||
public_key="1QECAyYgASFYIEjQg3TOuUZJxylLE6gJDNHcNyYVW5hOAZ-vGOY9I_TDIlggfJqIh07bj3n6RVmrEsuozsYPYM6VeJKCeduz0DFp8AY",
|
||||
public_key="pQECAyYgASFYILfse0JIp0a7Gz7n1K8b75_OgV-iliKr52FB-BGzv2R2IlggsPcViY5Dma8XooLWUHtx7X2_px0MsFR_7VRMwT2OHKg",
|
||||
sign_count=1,
|
||||
)
|
||||
db.session.commit()
|
||||
|
|
Loading…
Reference in New Issue