dkam/clinch
1
0
Fork 0
Code Issues 2 Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Add webauthn
Some checks failed
CI / scan_ruby (push) Has been cancelled
Details
CI / scan_js (push) Has been cancelled
Details
CI / lint (push) Has been cancelled
Details
CI / test (push) Has been cancelled
Details
CI / system-test (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Dan Milne
2025-11-04 16:20:11 +11:00
parent 19bfc21f11
commit 57abc0b804
14 changed files with 1211 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
db/migrate/20251104042206_add_webauthn_to_users.rb Normal file
View File

@@ -0,0 +1,16 @@
class AddWebauthnToUsers < ActiveRecord::Migration[8.1]
def change
# WebAuthn user handle - stable, opaque identifier for the user
# Must be unique and never change once assigned
add_column :users, :webauthn_id, :string
add_index :users, :webauthn_id, unique: true
# Policy enforcement - whether this user MUST use WebAuthn
# Can be set by admins for high-security accounts
add_column :users, :webauthn_required, :boolean, default: false, null: false
# User preference for 2FA method (if both TOTP and WebAuthn are available)
# :totp, :webauthn, or nil for system default
add_column :users, :preferred_2fa_method, :string
end
end