pub fn register_begin(
session: AdminSession,
webauthn: &State<Option<WebauthnState>>,
store: &State<CeremonyStore>,
cookies: &CookieJar<'_>,
pool: &State<DbPool>,
) -> Result<Json<CreationChallengeResponse>, Status>Expand description
Enroll, step 1 (POST /admin/passkeys/register/begin): a signed-in admin starts registering
a new passkey for their own identity. Returns the WebAuthn CreationChallengeResponse JSON for
navigator.credentials.create() and stashes the ceremony state server-side (cookie-keyed).
401 if not signed in, 503 if passkeys are disabled. Already-enrolled credentials are
excluded so the same authenticator isn’t registered twice.