WebAuthn (passkey) Recovery Flow #318
Comments
|
I did not go that far about the passkeys so I am more than open to hear how you will implement it! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi there,
I have built a platform which only supports login by WebAuthn (passkey).
I would like to support a passkey-recovery if the user lost access to their passkey they have used to register with. I've been reading (a, b)about this scenario and it can get quite complex regarding best practice / security.
As for nuxt-auth-utils, I added a recovery flow with recovery token on the users table. I would think once verified, I need to update the credentials table with a new passkey. When I call register() with the new passkey I get "duplicate key value violates unique constraint "users_email_unique", which makes sense. So I might have do write handle some steps "manually" based on
nuxt-auth-utils/src/runtime/app/composables/webauthn.ts
Line 13 in ec9b727
Before I do so, I was wondering if there are any thought / recommendations here around that topic?
The text was updated successfully, but these errors were encountered: