Auto activate WebAuthn authentication

2020-05-11 19:17:51 -07:00 · 2020-05-11 19:17:51 -07:00 · a9967c9a4d
parent 5ce2cca63f
commit a9967c9a4d
3 changed files with 8 additions and 0 deletions
--- a/app/auth/templates/auth/fido.html
+++ b/app/auth/templates/auth/fido.html
@ -62,6 +62,10 @@
        $("#btnVerifyKey").click(verifyKey);
      </script>

+      {% if auto_activate %}
+        <script>$('document').ready(verifyKey());</script>
+      {% endif %}
+        
    </div>
  </div>

--- a/app/auth/views/fido.py
+++ b/app/auth/views/fido.py
@ -35,6 +35,7 @@ def fido():
        flash("Only user with security key linked should go to this page", "warning")
        return redirect(url_for("auth.login"))

+    auto_activate = True
    fido_token_form = FidoTokenForm()

    next_url = request.args.get("next")
@ -69,6 +70,7 @@ def fido():
        except Exception as e:
            LOG.error(f"An error occurred in WebAuthn verification process: {e}")
            flash("Key verification failed.", "warning")
+            auto_activate = False
        else:
            user.fido_sign_count = new_sign_count
            db.session.commit()
@ -101,4 +103,5 @@ def fido():
        fido_token_form=fido_token_form,
        webauthn_assertion_options=webauthn_assertion_options,
        enable_otp=user.enable_otp,
+        auto_activate=auto_activate,
    )
--- a/server.py
+++ b/server.py
@ -136,6 +136,7 @@ def fake_data():
        activated=True,
        is_admin=True,
        otp_secret="base32secret3232",
+        can_use_fido=True,
    )
    db.session.commit()
    user.trial_end = None