fix: accessing keys of session as strings no longer working

cedarcode · Dec 8, 2023 · 5a65d1c · 5a65d1c
1 parent 76fc201
commit 5a65d1c
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 9 deletions.
diff --git a/app/controllers/credentials_controller.rb b/app/controllers/credentials_controller.rb
@@ -21,7 +21,7 @@ def create
   def callback
     webauthn_credential = relying_party.verify_registration(
       params,
-      session["current_registration"]["challenge"],
+      session[:current_registration][:challenge],
       user_verification: true,
     )
 
@@ -41,7 +41,7 @@ def callback
   rescue WebAuthn::Error => e
     render json: "Verification failed: #{e.message}", status: :unprocessable_entity
   ensure
-    session.delete("current_registration")
+    session.delete(:current_registration)
   end
 
   def destroy

diff --git a/app/controllers/registrations_controller.rb b/app/controllers/registrations_controller.rb
@@ -29,12 +29,12 @@ def create
   end
 
   def callback
-    user = User.create!(session["current_registration"]["user_attributes"])
+    user = User.create!(session[:current_registration][:user_attributes])
 
     begin
       webauthn_credential = relying_party.verify_registration(
         params,
-        session["current_registration"]["challenge"],
+        session[:current_registration][:challenge],
         user_verification: true,
       )
 
@@ -55,7 +55,7 @@ def callback
     rescue WebAuthn::Error => e
       render json: "Verification failed: #{e.message}", status: :unprocessable_entity
     ensure
-      session.delete("current_registration")
+      session.delete(:current_registration)
     end
   end
 end
diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
@@ -26,13 +26,13 @@ def create
   end
 
   def callback
-    user = User.find_by(username: session["current_authentication"]["username"])
-    raise "user #{session["current_authentication"]["username"]} never initiated sign up" unless user
+    user = User.find_by(username: session[:current_authentication][:username])
+    raise "user #{session[:current_authentication][:username]} never initiated sign up" unless user
 
     begin
       verified_webauthn_credential, stored_credential = relying_party.verify_authentication(
         params,
-        session["current_authentication"]["challenge"],
+        session[:current_authentication][:challenge],
         user_verification: true,
       ) do |webauthn_credential|
         user.credentials.find_by(external_id: Base64.strict_encode64(webauthn_credential.raw_id))
@@ -45,7 +45,7 @@ def callback
     rescue WebAuthn::Error => e
       render json: "Verification failed: #{e.message}", status: :unprocessable_entity
     ensure
-      session.delete("current_authentication")
+      session.delete(:current_authentication)
     end
   end