Skip to content

feat: adds list/remove credential endpoints for webauthn #608

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Aug 21, 2025
Merged

feat: adds list/remove credential endpoints for webauthn #608

merged 5 commits into from
Aug 21, 2025

Conversation

@namsnath
Copy link
Contributor

Summary of change

(A few sentences about this PR)

Related issues

  • Link to issue1 here
  • Link to issue1 here

Test Plan

(Write your test plan here. If you changed any code, please provide us with clear instructions on how you verified your changes work. Bonus points for screenshots and videos!)

Documentation changes

(If relevant, please create a PR in our docs repo, or create a checklist here highlighting the necessary changes)

Checklist for important updates

  • Changelog has been updated
  • coreDriverInterfaceSupported.json file has been updated (if needed)
    • Along with the associated array in supertokens_python/constants.py
  • frontendDriverInterfaceSupported.json file has been updated (if needed)
  • Changes to the version if needed
    • In setup.py
    • In supertokens_python/constants.py
  • Had installed and ran the pre-commit hook
  • Issue this PR against the latest non released version branch.
    • To know which one it is, run find the latest released tag (git tag) in the format vX.Y.Z, and then find the latest branch (git branch --all) whose X.Y is greater than the latest released tag.
    • If no such branch exists, then create one from the latest released branch.
  • If have added a new web framework, update the supertokens_python/utils.py file to include that in the FRAMEWORKS variable
  • If added a new recipe that has a User type with extra info, then be sure to change the User type in supertokens_python/types.py
  • Make sure that syncio / asyncio functions are consistent.
  • If access token structure has changed
    • Modified test in tests/sessions/test_access_token_version.py to account for any new claims that are optional or omitted by the core

Remaining TODOs for this PR

  • Item1
  • Item2

@namsnath namsnath self-assigned this Jul 29, 2025
graphite-app[bot]
graphite-app bot reviewed Jul 29, 2025
View reviewed changes
graphite-app[bot]
graphite-app bot reviewed Aug 6, 2025
View reviewed changes
@namsnath namsnath requested review from porcellus and sattvikc August 11, 2025 07:12
@namsnath
feat: adds list/remove credential endpoints for webauthn
9b29afc
@namsnath
update: use common list credentials response class
b115f02
@namsnath
update: FDI and changelog
903c65d
@namsnath
fix: change MFA and Session handling in webauthn
6725133 
- Prevents removal of WebAuthn credentials unless all session claims are satisfied
- Changes how sessions are fetched when listing/removing/registering Webauthn credentials
- Asserts MFA claims during credential registration/removal

ref: supertokens/supertokens-node#1023
@namsnath
fix: webauthn credential listing/removal for non-primary and multiple…
505493b 
… linked users

ref: supertokens/supertokens-node#1024
@namsnath namsnath force-pushed the feat/webauthn/list-remove-endpoints branch from 402ce3a to 505493b Compare August 21, 2025 13:14
@namsnath namsnath merged commit 3e8a48f into 0.31 Aug 21, 2025
20 of 232 checks passed
@namsnath namsnath deleted the feat/webauthn/list-remove-endpoints branch August 21, 2025 14:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@graphite-app graphite-app[bot] graphite-app[bot] left review comments

@sattvikc sattvikc sattvikc approved these changes

@porcellus porcellus Awaiting requested review from porcellus

Assignees

@namsnath namsnath

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@namsnath @sattvikc