would like to have a crack at getting this working with Gitea

[winwisely99]

I saw you had a go at it.

But with this relay it makes it easy to make any golang server support 2FA

[e3b0c442]

Hey, thanks for the offer!

That was actually the plan all along; my difficulties trying to transition to duo-labs/webauthn were the spark that lit the flame that got me to writing this library.

That said, I've already made the change locally but have not pushed yet; I wanted to get a couple more iterations on this library (especially re: attestation) and make sure the high-level API is stable before I integrate it with Gitea; in particular, I'm going to need to figure out the best way to provide for verifying the attestation trust path. I'm working on implementing the fido-u2f and packed attestation statement formats now, once I've finished that I think any necessary API changes will be in place and I'll feel comfortable pushing the Gitea code.

Closing this since it's more about Gitea, but I appreciate the offer!

[winwisely99]

Can you raise an issue I can watch for in my notifications for when it's ready ?

[e3b0c442]

There is a draft PR open for the WebAuthn implementation: go-gitea/gitea#9451