From d957842e3cce1d4a21b9a9805930e9f8fe6af9cc Mon Sep 17 00:00:00 2001
From: Steven Bal <steven@maykinmedia.nl>
Date: Thu, 13 Jun 2024 11:27:32 +0200
Subject: [PATCH] :wrench: Add missing settings for TWO_FACTOR_WEBAUTHN

---
 open_api_framework/conf/base.py | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/open_api_framework/conf/base.py b/open_api_framework/conf/base.py
index b38eac7..93f19d3 100644
--- a/open_api_framework/conf/base.py
+++ b/open_api_framework/conf/base.py
@@ -632,6 +632,11 @@ def init_sentry(before_send: Callable | None = None):
 
 # we run the admin site monkeypatch instead.
 TWO_FACTOR_PATCH_ADMIN = False
+# Relying Party name for WebAuthn (hardware tokens)
+TWO_FACTOR_WEBAUTHN_RP_NAME = f"{PROJECT_DIRNAME} - admin"
+# use platform for fingerprint readers etc., or remove the setting to allow any.
+# cross-platform would limit the options to devices like phones/yubikeys
+TWO_FACTOR_WEBAUTHN_AUTHENTICATOR_ATTACHMENT = "cross-platform"
 # add entries from AUTHENTICATION_BACKENDS that already enforce their own two-factor
 # auth, avoiding having some set up MFA again in the project.
 MAYKIN_2FA_ALLOW_MFA_BYPASS_BACKENDS = [