Class: Unmagic::Passkeys::ChallengesController

Inherits:

ActionController::Base

Object
ActionController::Base
Unmagic::Passkeys::ChallengesController

show all

Includes:: Request

Defined in:: app/controllers/unmagic/passkeys/challenges_controller.rb

Overview

Action Pack Passkey Challenges Controller

Generates fresh WebAuthn challenges for passkey ceremonies. The companion JavaScript calls this endpoint before initiating a registration or authentication ceremony so that the challenge is issued just-in-time rather than embedded in the initial page load.

The generated challenge is returned in the JSON response body. The challenge is a signed, expiring token that the server can verify on the subsequent form submission without needing server-side state — the challenge is extracted from the authenticator’s clientDataJSON response.

Route

By default mounted at /rails/action_pack/passkey/challenge (configurable via config.unmagic_passkeys.routes_prefix).

Instance Method Summary collapse

#create ⇒ Object

Generates a fresh challenge and returns it as JSON.

Methods included from Request

#passkey_authentication_options, #passkey_authentication_params, #passkey_registration_options, #passkey_registration_params

Instance Method Details

#create ⇒ `Object`

Generates a fresh challenge and returns it as JSON. Accepts an optional purpose parameter (“registration” or “authentication”) to select the appropriate challenge expiration. Defaults to “authentication”.



24
25
26

# File 'app/controllers/unmagic/passkeys/challenges_controller.rb', line 24

def create
  render json: { challenge: create_passkey_challenge }
end