mirror of
https://github.com/gravitational/teleport
synced 2024-10-22 02:03:24 +00:00
b79c4cffba
I know comments are very lacking right now. Once things are stable I will add proper comments. Minimal manual testing of the U2F registration API was done with a hardware U2F key. Some of the code may need to be cleaned up later to remove excessively long variable names... Currently we return an error rightaway if the username/password combo is wrong. It's difficult to do U2F without revealing either whether a user exists or whether the password is correct. Returning error immediately reveals whether the user/password combo is valid, while waiting until we get a signed response from the U2F device to announce whether the user/pass combo is valid can reveal which users exist since we need to return a keyHandle in the U2F SignRequest and generating fake keyHandles for nonexistent users can be difficult to get right since there is no rigid format for keyHandle. |
||
|---|---|---|
| .. | ||
| clt.go | ||
| connect.go | ||
| cookie.go | ||
| sessions.go | ||
| sshlogin.go | ||
| stream.go | ||
| web.go | ||
| web_test.go | ||