From 4706d25139eeb7cd0f61be8bf312b297cf5752d6 Mon Sep 17 00:00:00 2001
From: Matthew Miller <mmiller@duosecurity.com>
Date: Thu, 28 Mar 2024 14:29:06 -0700
Subject: [PATCH] Use shorter user ID's for now

Can undo this when https://github.com/MasterKale/SimpleWebAuthn/issues/530 is fixed
---
 _app/homepage/services/registration.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/_app/homepage/services/registration.py b/_app/homepage/services/registration.py
index a502df3..a35b00a 100644
--- a/_app/homepage/services/registration.py
+++ b/_app/homepage/services/registration.py
@@ -1,4 +1,5 @@
 from typing import Union, List, Optional
+import secrets
 
 from django.conf import settings
 from webauthn import (
@@ -110,6 +111,8 @@ def generate_registration_options(
             rp_id=settings.RP_ID,
             rp_name=settings.RP_NAME,
             user_name=username,
+            # TODO: Remove when https://github.com/MasterKale/SimpleWebAuthn/issues/530 gets fixed
+            user_id=secrets.token_bytes(32),
             attestation=_attestation,
             authenticator_selection=authenticator_selection,
             supported_pub_key_algs=supported_pub_key_algs,