From 473fa17365f19421bbd591336c38fd2dcb7239a4 Mon Sep 17 00:00:00 2001 From: Matthias Frey Date: Mon, 14 Jun 2021 18:37:02 +0200 Subject: [PATCH] Restrict webauthn to fingerprint only --- apps/api/src/app/auth/web-auth.service.ts | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/apps/api/src/app/auth/web-auth.service.ts b/apps/api/src/app/auth/web-auth.service.ts index 7b3fd813a..e17ffc639 100644 --- a/apps/api/src/app/auth/web-auth.service.ts +++ b/apps/api/src/app/auth/web-auth.service.ts @@ -57,7 +57,8 @@ export class WebAuthService { timeout: 60000, attestationType: 'indirect', authenticatorSelection: { - userVerification: 'preferred', + authenticatorAttachment: 'platform', + userVerification: 'required', requireResidentKey: false } }; @@ -143,7 +144,7 @@ export class WebAuthService { { id: device.credentialId, type: 'public-key', - transports: ['usb', 'ble', 'nfc', 'internal'] + transports: ['internal'] } ], userVerification: 'preferred',