luckyimnotanigger/forgejo
1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2025-05-31 11:52:10 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 8

[FEAT] Add support for webauthn credential level 3

Browse source 
- For WebAuthn Credential level 3, the `backup_eligible` and
`backup_state` flags are checked if they are consistent with the values
given on login. Forgejo never stored this data, so add a database
migration that makes all webauthn credentials 'legacy' and on the next
first use capture the values of `backup_eligible` and `backup_state`.
As suggested in https://github.com/go-webauthn/webauthn/discussions/219#discussioncomment-10429662
- Adds unit tests.
- Add E2E test.
This commit is contained in:
Gusted 2024-08-28 07:40:40 +02:00
parent 28c3f1e254
commit 63736e8301
No known key found for this signature in database
GPG key ID: FD821B732837125F
7 changed files with 131 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

17
models/forgejo_migrations/v22.go Normal file
View file

@ -0,0 +1,17 @@
// Copyright 2024 The Forgejo Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package forgejo_migrations //nolint:revive
import "xorm.io/xorm"
func AddLegacyToWebAuthnCredential(x *xorm.Engine) error {
type WebauthnCredential struct {
ID int64 `xorm:"pk autoincr"`
BackupEligible bool `xorm:"NOT NULL DEFAULT false"`
BackupState bool `xorm:"NOT NULL DEFAULT false"`
Legacy bool `xorm:"NOT NULL DEFAULT true"`
}
return x.Sync(&WebauthnCredential{})
}