Closed grzuy closed 5 years ago
@grzuy I addition to the list above. In the current registration flow a user is persisted in the create method of the registrations controller. Is it not a good idea to persist the user when the registration succeeds? The challenge could be stored in a session.
@grzuy I addition to the list above. In the current registration flow a user is persisted in the create method of the registrations controller. Is it not a good idea to persist the user when the registration succeeds? The challenge could be stored in a session.
Agree.
Created new issue for that https://github.com/cedarcode/webauthn-rails-demo-app/issues/59.
Thanks for bringing that to our attention.
Handle gracefully exception and error conditions in registration/authentication flow and inform the user with clear message so that it can take action to recover from the error and proceed successfully.
Scenarios: