Use specific error for missing or invalid state

geldata · Feb 20, 2024 · 3dd2036 · 3dd2036
1 parent 40d6362
commit 3dd2036
Showing 1 changed file with 10 additions and 1 deletion.
diff --git a/edb/server/protocol/auth_ext/webauthn.py b/edb/server/protocol/auth_ext/webauthn.py
@@ -284,8 +284,17 @@ async def create_authentication_options_for_email(
             cached_globally=True,
         )
         result_json = json.loads(result.decode())
+        if len(result_json) == 0:
+            raise errors.WebAuthnAuthenticationFailed(
+                "No WebAuthn credentials found for the email."
+            )
+
         user_handles: set[str] = {x["user_handle"] for x in result_json}
-        assert len(user_handles) == 1
+        if len(user_handles) > 1:
+            raise errors.WebAuthnAuthenticationFailed(
+                "Multiple user handles found for the email."
+            )
+
         user_handle = base64.b64decode(result_json[0]["user_handle"])
 
         credential_ids = [