Manage mutiple token

Question

Manage mutiple token

matsprea opened this issue 10 years ago · 3 comments

At the moment is possible to perform login using only one U2F device, but multiple U2F devices can be enrolled.

In ProcessSignResponse we must select the right Security Key, not just the first one.

Answer 1 · 2014-12-03T16:47:20.000Z

I have managed to overcome this by adding a KeyHandle property with the SignResponse class. It actually makes sense, since u2f.sign(...) also returns the key handle used for signing. It's the only way you can know which token was chosen by the browser from all the enrolled ones.

Having that property set, it's easy to pick the right Security Key in ProcessSignResponse.

Answer 2 · 2014-12-03T19:06:49.000Z

Thanks for the suggestion, I will work on it in the next days.

Answer 3 · 2014-12-17T22:50:53.000Z

commit 4a35d80 close this.

Many thanks to @caracostea !