Handle login with multiple keys configured

Question

Handle login with multiple keys configured

Natim opened this issue 5 years ago · 1 comments

Now we are just trying the first key, but the goal would be to try the assertion until one works.

Answer 1 · 2019-08-16T15:32:29.000Z

The Python side looks good, we need to call the verify_assertion for each keys on the client side.

Also maybe, we want to create a different challenge for each key. We can do that by prefixing the session challenge key with the credential_id of the webauthn_key

session[f"challenge_{credential_id}"]