Skip to main content

auth_finish

Function auth_finish 

Source
pub fn auth_finish(
    credential: Json<PublicKeyCredential>,
    webauthn: &State<Option<WebauthnState>>,
    store: &State<CeremonyStore>,
    cookies: &CookieJar<'_>,
    pool: &State<DbPool>,
) -> Result<Status, Status>
Expand description

Sign in, step 2 (POST /admin/passkeys/auth/finish): completes the assertion. On success opens a passkey session (the unified session model), sets the ADMIN_COOKIE, advances the matching credential’s signature counter (clone detection), and returns 200 — the browser then navigates to /admin. 400 on a missing/expired ceremony, 401 if the assertion doesn’t verify.