Storing userHandle
variable opened this issue · comments
James Lin commented
Based on https://developers.yubico.com/WebAuthn/WebAuthn_Developer_Guide/User_Handle.html
If I understand correctly, currently the Authenticator model stores the user FK, but does not store the userHandle encrypted string, so in the discoverable credential approach we cannot identify the user by using the userHandle provided from the security key.