darkhelm/notifications-api
1
0
Fork 0
mirror of https://github.com/GSA/notifications-api.git synced 2026-02-03 09:51:11 -05:00
Code Issues Packages Projects Releases Wiki Activity

tweak webauthn rest errors

Browse Source 
simplify logic by changing the dao function to require a user id and a
webauthn cred id. Note that this changes the response from a 400 to a
404 if the cred is for a different user than the supplied id.

give a minimum length to the text fields in POSTS to create/update a
credential to avoid surprising unexpected edge cases involving empty
string names etc.
This commit is contained in:
Leo Hemsted
2021-05-12 15:34:37 +01:00
parent d6fead7c04
commit c190886bfe
4 changed files with 60 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
app/dao/webauthn_credential_dao.py
View File

@@ -3,9 +3,10 @@ from app.dao.dao_utils import autocommit
from app.models import WebauthnCredential
def dao_get_webauthn_credential_by_id(webauthn_credential_id):
return WebauthnCredential.query.filter_by(
id=webauthn_credential_id
def dao_get_webauthn_credential_by_user_and_id(user_id, webauthn_credential_id):
return WebauthnCredential.query.filter(
WebauthnCredential.user_id == user_id,
WebauthnCredential.id == webauthn_credential_id
).one()