def delete_webauthn(self): if len(self.request.user.webauthn) == 0: self.request.session.flash("There is no security device to delete", queue="error") return HTTPSeeOther(self.request.route_path("manage.account")) form = DeleteWebAuthnForm( **self.request.POST, username=self.request.user.username, user_service=self.user_service, user_id=self.request.user.id, ) if form.validate(): self.request.user.webauthn.remove(form.webauthn) self.user_service.record_event( self.request.user.id, tag="account:two_factor:method_removed", ip_address=self.request.remote_addr, additional={ "method": "webauthn", "label": form.label.data }, ) self.request.session.flash("Security device removed", queue="success") else: self.request.session.flash("Invalid credentials", queue="error") return HTTPSeeOther(self.request.route_path("manage.account"))
def delete_webauthn(self): if len(self.request.user.webauthn) == 0: self.request.session.flash("No WebAuthhn device to delete.", queue="error") return HTTPSeeOther(self.request.route_path("manage.account")) form = DeleteWebAuthnForm( **self.request.POST, username=self.request.user.username, user_service=self.user_service, user_id=self.request.user.id, ) if form.validate(): self.request.user.webauthn.remove(form.webauthn) self.request.session.flash("WebAuthn device deleted.", queue="success") else: self.request.session.flash("Invalid credentials.", queue="error") return HTTPSeeOther(self.request.route_path("manage.account"))