25 lines
1.1 KiB
Python
25 lines
1.1 KiB
Python
from django.db import models
|
|
from django.conf import settings
|
|
|
|
|
|
class WebAuthnCredential(models.Model):
|
|
"""Stores a registered WebAuthn (passkey/biometric) credential for a user."""
|
|
user = models.ForeignKey(settings.AUTH_USER_MODEL, on_delete=models.CASCADE, related_name='webauthn_credentials')
|
|
credential_id = models.TextField(unique=True) # base64url-encoded
|
|
public_key = models.BinaryField() # COSE-encoded public key bytes
|
|
sign_count = models.PositiveIntegerField(default=0)
|
|
created_at = models.DateTimeField(auto_now_add=True)
|
|
|
|
def __str__(self):
|
|
return f"WebAuthnCredential(user={self.user.username})"
|
|
|
|
|
|
class WebAuthnChallenge(models.Model):
|
|
"""Temporary storage for a pending WebAuthn challenge (expires after use)."""
|
|
user = models.ForeignKey(settings.AUTH_USER_MODEL, on_delete=models.CASCADE, related_name='webauthn_challenges')
|
|
challenge = models.TextField() # base64url-encoded random bytes
|
|
created_at = models.DateTimeField(auto_now_add=True)
|
|
|
|
class Meta:
|
|
indexes = [models.Index(fields=['user', 'created_at'])]
|