mirror of
https://github.com/gravitational/teleport
synced 2024-10-22 02:03:24 +00:00
b79c4cffba
I know comments are very lacking right now. Once things are stable I will add proper comments. Minimal manual testing of the U2F registration API was done with a hardware U2F key. Some of the code may need to be cleaned up later to remove excessively long variable names... Currently we return an error rightaway if the username/password combo is wrong. It's difficult to do U2F without revealing either whether a user exists or whether the password is correct. Returning error immediately reveals whether the user/password combo is valid, while waiting until we get a signed response from the U2F device to announce whether the user/pass combo is valid can reveal which users exist since we need to return a keyHandle in the U2F SignRequest and generating fake keyHandles for nonexistent users can be difficult to get right since there is no rigid format for keyHandle. |
||
---|---|---|
.. | ||
clt.go | ||
connect.go | ||
cookie.go | ||
sessions.go | ||
sshlogin.go | ||
stream.go | ||
web.go | ||
web_test.go |