templates/navigations/afis.html

+<div class="icnml_navigation">
+</div>

views/newuser/__init__.py

@@ -152,15 +152,24 @@ def do_validate_signin():
     
     user_id = session[ "user_id" ]
     
-    key = config.db.query_fetchone( "SELECT * FROM webauthn WHERE user_id = %s AND usage_counter > 0 ORDER BY last_usage DESC LIMIT 1", ( user_id, ) )
-    
-    webauthn_user = webauthn.WebAuthnUser( 
-        key[ "ukey" ], session[ "username" ], session[ "username" ], None,
-        key[ "credential_id" ], key[ "pub_key" ], key[ "sign_count" ], config.RP_ID
-    )
-    webauthn_assertion_options = webauthn.WebAuthnAssertionOptions( webauthn_user, challenge )
-    assertion_dict = webauthn_assertion_options.assertion_dict
-    assertion_dict[ "userVerification" ] = "discouraged"
+    key_list = config.db.query_fetchall( "SELECT * FROM webauthn WHERE user_id = %s AND active = true", ( user_id, ) )
+    
+    credential_id_list = []
+    for key in key_list:
+        credential_id_list.append( {
+            "type": "public-key",
+            "id": key[ "credential_id" ],
+            "transports": [ "usb", "nfc", "ble", "internal" ]
+        } )
+        current_app.logger.debug( "key '{}' added to the usable keys".format( key[ "credential_id" ] ) )
+    
+    assertion_dict = {
+        "challenge": challenge,
+        "timeout": 60000,
+        "allowCredentials": credential_id_list,
+        "rpId": config.RP_ID,
+        "userVerification": "discouraged"
+    }
     
     return jsonify( {
         "error": False,