[pbs-devel] [PATCH proxmox-backup 0/3] improving webauthn handling
Dominik Csapak
d.csapak at proxmox.com
Mon Feb 22 10:42:58 CET 2021
it seems my gui patch for setting the userverification was a bit
hasty, since the rust crate has some options for that
this series reverts the gui part, and sets the backend
to 'discourage' userVerification, since 'Preferred' is not more secure
and makes logging in harder (on some devices)
in the future (when [0] is solved), we could expose a server
setting (either per instance or per user) that sets either always
'Discouraged' or 'Required'
0: https://github.com/kanidm/webauthn-rs/pull/49
Dominik Csapak (3):
config/tfa: set UserVerificationPolicy to Discouraged
Revert "ui: window/Settings / WebAuthn: add browser setting for
userVerificationo"
config/tfa: webauthn: disallow registering a token twice
src/config/tfa.rs | 19 ++++++++++++++++---
www/LoginView.js | 5 -----
www/window/AddWebauthn.js | 14 +++++++-------
www/window/Settings.js | 30 +-----------------------------
4 files changed, 24 insertions(+), 44 deletions(-)
--
2.20.1
More information about the pbs-devel
mailing list