Skip to content

Add WebAuthn.generate_user_handle as an alias for generate_user_id#503

Merged
santiagorodriguez96 merged 2 commits into
cedarcode:masterfrom
ttanimichi:add-generate-user-handle
Jul 3, 2026
Merged

Add WebAuthn.generate_user_handle as an alias for generate_user_id#503
santiagorodriguez96 merged 2 commits into
cedarcode:masterfrom
ttanimichi:add-generate-user-handle

Conversation

@ttanimichi

Copy link
Copy Markdown
Contributor

Follow-up to #502

The value returned by WebAuthn.generate_user_id is actually a user handle, not a user id — it's an opaque, randomly generated value that the spec recommends not to contain any personally identifying information. The name generate_user_id is misleading because it suggests using an application's own user identifier.

This PR adds WebAuthn.generate_user_handle as a clearer, spec-aligned name and updates the README to use it. WebAuthn.generate_user_id is kept as an alias, so this is fully backwards compatible.

Follow-up to cedarcode#502

The value returned by `WebAuthn.generate_user_id` is actually a
[user handle](https://www.w3.org/TR/webauthn-2/#user-handle), not a user id —
it's an opaque, randomly generated value that the spec recommends to *not*
contain any personally identifying information. The name `generate_user_id`
is misleading because it suggests using an application's own user identifier.

This PR adds `WebAuthn.generate_user_handle` as a clearer, spec-aligned name
and updates the README to use it. `WebAuthn.generate_user_id` is kept as an
alias, so this is fully backwards compatible.
@santiagorodriguez96

santiagorodriguez96 commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

Looks good! Thanks for your contribution ❤️

Just one minor styling comment 🙂

Comment thread lib/webauthn.rb Outdated
configuration.encoder.encode(SecureRandom.random_bytes(64))
end

singleton_class.send(:alias_method, :generate_user_handle, :generate_user_id)

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think I'd prefer to do:

class << self
  def generate_user_id
    configuration.encoder.encode(SecureRandom.random_bytes(64))
  end  
  alias_method :generate_user_handle, :generate_user_id
end

🙂

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed e9fac49

@santiagorodriguez96

Copy link
Copy Markdown
Contributor

Looks good! Thank you so much @ttanimichi ❤️

@santiagorodriguez96 santiagorodriguez96 merged commit 87af3c6 into cedarcode:master Jul 3, 2026
47 checks passed
@ttanimichi ttanimichi deleted the add-generate-user-handle branch July 4, 2026 01:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants