LG 11453 Remove platform device nickname#9657
Conversation
There was a problem hiding this comment.
Is it possible to pass in the device name from the constructor? I think it'd be preferable since the device name from the user agent would be more direct compared to querying the database (and also saves a database query).
Is there concern that the existing unique requirement on name could create issues if it can't be overridden?
There was a problem hiding this comment.
Thanks for that suggestion. I'm still reworking how best to handle that but I'm no longer hitting recent_devices.
There is a method in WebauthnSetupForm that checks if the name is unique. I can try to handle appending to a duplicate name there.
There was a problem hiding this comment.
I think it will need to be handled, yeah
… workflow - autopopulate
kevinsmaster5
force-pushed
the
kmas-lg-11453-remove-platform-device-nickname
branch
from
4cf89d3 to
da16b91
Compare
app/forms/webauthn_setup_form.rb
Outdated
| incrementer = 1 | ||
| while WebauthnConfiguration.exists?(user_id: @user.id, name: @name) | ||
| @name = "#{@name} (#{++incrementer})" | ||
| end |
There was a problem hiding this comment.
-
Ruby has no ++ operator (source link)
-
Since we're re-assigning
@namethis would have like"My Device (1) (2) (3)"
I would also consider counting the number of devices that exist and just appending? We can do a prefix match on the name to see how many of that device already exist
| incrementer = 1 | |
| while WebauthnConfiguration.exists?(user_id: @user.id, name: @name) | |
| @name = "#{@name} (#{++incrementer})" | |
| end | |
| if WebauthnConfiguration.exists?(user_id: @user.id, name: @name) | |
| num_existing_devices = WebauthnConfiguration. | |
| where(user_id: @user.id). | |
| where('name LIKE ?', "#{@name}%"). | |
| count | |
| @name = "#{@name} (#{num_existing_devices + 1})" | |
| end |
There was a problem hiding this comment.
@zachmargolis thank you for that! It was starting with (2) when I tested locally, if I remove the + 1 that should start with (1) and go up from there, right?
There was a problem hiding this comment.
Yup! It's very naive, so for example if a user has "Device", "Device 1", "Device 2" and deletes "Device 1", the next would probably be "Device 2"? it might be fine?
aduth
left a comment
aduth
left a comment
There was a problem hiding this comment.
Tested this locally and it worked as I expected, both in terms of generating the expected automatic nickname, as well as adding an incrementing suffix (I tested with 3 of the same generated name).
Added a comment about a previous review nitpick, but otherwise LGTM 👍
Correct use of class member labeling Co-authored-by: Andrew Duthie <1779930+aduth@users.noreply.github.com>
kevinsmaster5
deleted the
kmas-lg-11453-remove-platform-device-nickname
branch
4 participants
🎫 Ticket
LG-11453
🛠 Summary of changes
On Platform authenticator setup Nickname field is now a hidden field with the decorated device browser name as its value.
📜 Testing Plan
Provide a checklist of steps to confirm the changes.
User.find_with_email('//user email//').webauthn_configurations.create(name: "//browser nice_name//", platform_authenticator: true, transports: ["internal", "hybrid"], credential_id: "123xyz", credential_public_key: "pdq456")For browser nice name use the name that would be injected from your testing system like 'Chrome 120 on macOS 10'
Nickname field should still be present when adding a security key
Incremented number after the automatically generated nickname for duplicate device environment.