When navigator.credentials.get() throws an error, the server clears session variables (challenge and username in the specific demo). In webauthn.authn.js (in static), line 70 we send a sendWebAuthnResponse({}) with an empty object. The server (webauthn.js file in routes) makes checks for the presence of the fields and before responding with a status error in clears session variables.
For example, the navigator.credentials.get() can throw an error when clicking 'cancel' on the box that appears to select the authenticator.
When navigator.credentials.get() throws an error, the server clears session variables (challenge and username in the specific demo). In webauthn.authn.js (in static), line 70 we send a sendWebAuthnResponse({}) with an empty object. The server (webauthn.js file in routes) makes checks for the presence of the fields and before responding with a status error in clears session variables.
For example, the navigator.credentials.get() can throw an error when clicking 'cancel' on the box that appears to select the authenticator.