def validate_webauthn_provision(self):
form = ProvisionWebAuthnForm(
**self.request.POST,
user_service=self.user_service,
user_id=self.request.user.id,
challenge=self.request.session.get_webauthn_challenge(),
rp_id=self.request.domain,
origin=self.request.host_url,
)
self.request.session.clear_webauthn_challenge()
if form.validate():
self.user_service.add_webauthn(
self.request.user.id,
label=form.label.data,
credential_id=form.validated_credential.credential_id.decode(),
public_key=form.validated_credential.public_key.decode(),
sign_count=form.validated_credential.sign_count,
)
self.request.session.flash("WebAuthn successfully provisioned.",
queue="success")
return {"success": "WebAuthn successfully provisioned"}
errors = [
str(error) for error_list in form.errors.values()
for error in error_list
]
return {"fail": {"errors": errors}}
def validate_webauthn_provision(self):
form = ProvisionWebAuthnForm(
**self.request.POST,
user_service=self.user_service,
user_id=self.request.user.id,
challenge=self.request.session.get_webauthn_challenge(),
rp_id=self.request.domain,
origin=self.request.host_url,
)
self.request.session.clear_webauthn_challenge()
if form.validate():
self.user_service.add_webauthn(
self.request.user.id,
label=form.label.data,
credential_id=form.validated_credential.credential_id.decode(),
public_key=form.validated_credential.public_key.decode(),
sign_count=form.validated_credential.sign_count,
)
self.user_service.record_event(
self.request.user.id,
tag="account:two_factor:method_added",
ip_address=self.request.remote_addr,
additional={"method": "webauthn", "label": form.label.data},
)
self.request.session.flash(
"Security device successfully set up", queue="success"
)
return {"success": "Security device successfully set up"}
errors = [
str(error) for error_list in form.errors.values() for error in error_list
]
return {"fail": {"errors": errors}}