pub fn auth_finish(
credential: Json<PublicKeyCredential>,
webauthn: &State<Option<WebauthnState>>,
store: &State<CeremonyStore>,
cookies: &CookieJar<'_>,
pool: &State<DbPool>,
) -> Result<Status, Status>Expand description
Sign in, step 2 (POST /admin/passkeys/auth/finish): completes the assertion. On success
opens a passkey session (the unified session model), sets the ADMIN_COOKIE, advances
the matching credential’s signature counter (clone detection), and returns 200 — the browser
then navigates to /admin. 400 on a missing/expired ceremony, 401 if the assertion doesn’t
verify.