3 files changed, 20 insertions, 0 deletions

diff --git a/src/util/config/types/subconfigurations/security/TwoFactor.ts b/src/util/config/types/subconfigurations/security/TwoFactor.ts
index 75757124..dfa493a7 100644
--- a/src/util/config/types/subconfigurations/security/TwoFactor.ts
+++ b/src/util/config/types/subconfigurations/security/TwoFactor.ts
@@ -18,4 +18,6 @@
 
 export class TwoFactorConfiguration {
 	generateBackupCodes: boolean = true;
+	webauthnAttestation: "none" | "indirect" | "direct" = "none";
+	webauthnTimeout: number = 60000;
 }
diff --git a/src/util/entities/User.ts b/src/util/entities/User.ts
index c6582b00..25586793 100644
--- a/src/util/entities/User.ts
+++ b/src/util/entities/User.ts
@@ -85,6 +85,12 @@ export interface UserPrivate extends Pick<User, PrivateUserKeys> {
 	locale: string;
 }
 
+export enum AuthenticatorType {
+	WEBAUTHN = 1,
+	TOTP = 2,
+	SMS = 3,
+}
+
 @Entity("users")
 export class User extends BaseClass {
 	@Column()
@@ -231,6 +237,9 @@ export class User extends BaseClass {
 	@OneToMany(() => SecurityKey, (key: SecurityKey) => key.user)
 	security_keys: SecurityKey[];
 
+	@Column({ type: "simple-array", select: false })
+	authenticator_types: AuthenticatorType[] = [];
+
 	// TODO: I don't like this method?
 	validate() {
 		if (this.discriminator) {
diff --git a/src/util/util/WebAuthn.ts b/src/util/util/WebAuthn.ts
index b0027b13..599efe33 100644
--- a/src/util/util/WebAuthn.ts
+++ b/src/util/util/WebAuthn.ts
@@ -33,6 +33,15 @@ export const WebAuthn: {
 	init: function () {
 		this.fido2 = new Fido2Lib({
 			challengeSize: 128,
+			rpName: Config.get().general.instanceName,
+			rpId:
+				Config.get().general.frontPage ??
+				Config.get().general.instanceName.toLowerCase(),
+			attestation: Config.get().security.twoFactor.webauthnAttestation,
+			// rpIcon:
+			timeout: Config.get().security.twoFactor.webauthnTimeout,
+			authenticatorRequireResidentKey: false,
+			authenticatorUserVerification: "preferred",
 		});
 	},
 };