MyFavMirrors/MeshCentral
1
0
Fork 0
mirror of https://github.com/Ylianst/MeshCentral.git synced 2025-11-07 04:42:54 -05:00
Code Issues Packages Projects Releases Wiki Activity

allow fido to not ask for pin (fidopininput) #7115

Browse Source 
Signed-off-by: si458 <simonsmith5521@gmail.com>
This commit is contained in:
si458
2025-07-02 16:11:36 +01:00
parent 1383df3f4e
commit 11eee2f5eb
5 changed files with 11 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
webserver.js
View File

@@ -1105,6 +1105,8 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
if (webAuthnKeys.length > 0) {
// Generate a Webauthn challenge, this is really easy, no need to call any modules to do this.
var authnOptions = { type: 'webAuthn', keyIds: [], timeout: 60000, challenge: obj.crypto.randomBytes(64).toString('base64') };
// userVerification: 'preferred' use security pin if possible (default), 'required' always use security pin, 'discouraged' do not use security pin.
authnOptions.userVerification = (domain.passwordrequirements && domain.passwordrequirements.fidopininput) ? domain.passwordrequirements.fidopininput : 'preferred'; // Use the domain setting if it exists, otherwise use 'preferred'.{
for (var i = 0; i < webAuthnKeys.length; i++) { authnOptions.keyIds.push(webAuthnKeys[i].keyId); }
sec.u2f = authnOptions.challenge;
req.session.e = parent.encryptSessionData(sec);