1. Advisor
  2. webauthn
  3. functions
  4. webauthn.WebAuthnRegistrationResponse
View all webauthn analysis

How to use the webauthn.WebAuthnRegistrationResponse function in webauthn

To help you get started, we’ve selected a few webauthn examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github mimming / snippets / add-a-cat-to-that / app.py View on Github external
if 'email' in session and session['email'] in admin_users:
        current_user = admin_users[session['email']]

        # Prep options for credential verification
        challenge = session['challenge']
        username = current_user['email']
        display_name = current_user['email']
        ukey = current_user['id']

        registration_response = request.form

        trusted_attestation_cert_required = False
        self_attestation_permitted = True
        none_attestation_permitted = True

        webauthn_registration_response = webauthn.WebAuthnRegistrationResponse(
            RP_ID,   # localhost
            ORIGIN,  # http://localhost:5000
            registration_response,
            challenge,
            './',
            trusted_attestation_cert_required,
            self_attestation_permitted,
            none_attestation_permitted)

        webauthn_credential = webauthn_registration_response.verify()

        # Prepare webauthn_credential for saving in the user 'database'
        clean_webauthn_credential = vars(webauthn_credential)
        clean_webauthn_credential['credential_id'] = str(clean_webauthn_credential['credential_id'])[2:-1] #TODO: Fix this ugly hack

        # Save the key to the admin user database
github Integreat / cms-django / src / cms / views / settings / mfa / mfa.py View on Github external
def register_mfa_key(request):
    webauthn_registration_response = webauthn.WebAuthnRegistrationResponse(
        settings.HOSTNAME,
        settings.BASE_URL,
        json.loads(request.body)["assertion"],
        request.session["mfa_registration_challenge"],
    )

    webauthn_credential = webauthn_registration_response.verify()

    existing_key = request.user.mfa_keys.filter(
        name=json.loads(request.body)["nickname"]
    )
    if existing_key.exists():
        return JsonResponse(
            {"success": False, "error": _("This nickname has already been used")}
        )
github pretix / pretix / src / pretix / control / views / user.py View on Github external
challenge = self.request.session['webauthn_challenge']
            ukey = self.request.session['webauthn_register_ukey']
            resp = json.loads(self.request.POST.get("token"))
            trust_anchor_dir = os.path.normpath(os.path.join(
                os.path.dirname(os.path.abspath(__file__)),
                '../../static/webauthn_trusted_attestation_roots'  # currently does not exist
            ))
            # We currently do not check attestation certificates, since there's no real risk
            # and we do not have any policies specifying what devices can be used. (Also, we
            # didn't get it to work.)
            # Read more: https://fidoalliance.org/fido-technotes-the-truth-about-attestation/
            trusted_attestation_cert_required = False
            self_attestation_permitted = True
            none_attestation_permitted = True

            webauthn_registration_response = webauthn.WebAuthnRegistrationResponse(
                urlparse(settings.SITE_URL).netloc,
                settings.SITE_URL,
                resp,
                challenge,
                trust_anchor_dir,
                trusted_attestation_cert_required,
                self_attestation_permitted,
                none_attestation_permitted,
                uv_required=False
            )
            webauthn_credential = webauthn_registration_response.verify()

            # Check that the credentialId is not yet registered to any other user.
            # If registration is requested for a credential that is already registered
            # to a different user, the Relying Party SHOULD fail this registration
            # ceremony, or it MAY decide to accept the registration, e.g. while deleting
github Integreat / cms-django / backend / cms / views / settings / mfa / mfa.py View on Github external
def register_mfa_key(request):
    webauthn_registration_response = webauthn.WebAuthnRegistrationResponse(
        settings.HOSTNAME,
        settings.BASE_URL,
        json.loads(request.body)['assertion'],
        request.session['mfa_registration_challenge'])

    webauthn_credential = webauthn_registration_response.verify()

    existing_key = request.user.mfa_keys.filter(name=json.loads(request.body)['nickname'])
    if existing_key.exists():
        return JsonResponse({'success': False, 'error': _('This nickname has already been used')})

    existing_key = request.user.mfa_keys.filter(key_id=webauthn_credential.credential_id)
    if existing_key.exists():
        return JsonResponse({'success': False, 'error': _('You already registered this key')})

    new_key = UserMfa(

webauthn

Pythonic WebAuthn

GitHub
BSD-3-Clause
Latest version published 5 months ago

Package Health Score

71 / 100
Full package analysis

Popular webauthn functions

Similar packages