diff --git a/src/util/config/types/subconfigurations/security/TwoFactor.ts b/src/util/config/types/subconfigurations/security/TwoFactor.ts
index 75757124..dfa493a7 100644
--- a/src/util/config/types/subconfigurations/security/TwoFactor.ts
+++ b/src/util/config/types/subconfigurations/security/TwoFactor.ts
@@ -18,4 +18,6 @@
export class TwoFactorConfiguration {
generateBackupCodes: boolean = true;
+ webauthnAttestation: "none" | "indirect" | "direct" = "none";
+ webauthnTimeout: number = 60000;
}
diff --git a/src/util/entities/User.ts b/src/util/entities/User.ts
index c6582b00..25586793 100644
--- a/src/util/entities/User.ts
+++ b/src/util/entities/User.ts
@@ -85,6 +85,12 @@ export interface UserPrivate extends Pick<User, PrivateUserKeys> {
locale: string;
}
+export enum AuthenticatorType {
+ WEBAUTHN = 1,
+ TOTP = 2,
+ SMS = 3,
+}
+
@Entity("users")
export class User extends BaseClass {
@Column()
@@ -231,6 +237,9 @@ export class User extends BaseClass {
@OneToMany(() => SecurityKey, (key: SecurityKey) => key.user)
security_keys: SecurityKey[];
+ @Column({ type: "simple-array", select: false })
+ authenticator_types: AuthenticatorType[] = [];
+
// TODO: I don't like this method?
validate() {
if (this.discriminator) {
diff --git a/src/util/util/WebAuthn.ts b/src/util/util/WebAuthn.ts
index b0027b13..599efe33 100644
--- a/src/util/util/WebAuthn.ts
+++ b/src/util/util/WebAuthn.ts
@@ -33,6 +33,15 @@ export const WebAuthn: {
init: function () {
this.fido2 = new Fido2Lib({
challengeSize: 128,
+ rpName: Config.get().general.instanceName,
+ rpId:
+ Config.get().general.frontPage ??
+ Config.get().general.instanceName.toLowerCase(),
+ attestation: Config.get().security.twoFactor.webauthnAttestation,
+ // rpIcon:
+ timeout: Config.get().security.twoFactor.webauthnTimeout,
+ authenticatorRequireResidentKey: false,
+ authenticatorUserVerification: "preferred",
});
},
};
|
