Change challange expiration based on purpose
This commit is contained in:
@@ -18,7 +18,9 @@
|
||||
class ActionPack::Passkey::ChallengesController < ActionController::Base
|
||||
include ActionPack::Passkey::Request
|
||||
|
||||
# Generates a fresh challenge and returns it as JSON.
|
||||
# Generates a fresh challenge and returns it as JSON. Accepts an optional
|
||||
# +purpose+ parameter ("registration" or "authentication") to select the
|
||||
# appropriate challenge expiration. Defaults to "authentication".
|
||||
def create
|
||||
render json: { challenge: create_passkey_challenge }
|
||||
end
|
||||
@@ -26,7 +28,17 @@ class ActionPack::Passkey::ChallengesController < ActionController::Base
|
||||
private
|
||||
def create_passkey_challenge
|
||||
ActionPack::WebAuthn::PublicKeyCredential::Options.new(
|
||||
challenge_expiration: Rails.configuration.action_pack.web_authn.request_challenge_expiration
|
||||
challenge_expiration: challenge_expiration
|
||||
).challenge
|
||||
end
|
||||
|
||||
def challenge_expiration
|
||||
config = Rails.configuration.action_pack.web_authn
|
||||
|
||||
if params[:purpose] == "registration"
|
||||
config.creation_challenge_expiration
|
||||
else
|
||||
config.request_challenge_expiration
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
Reference in New Issue
Block a user