From 3dd2036c8a88156e7448c54adb1ce15a7bc24fd8 Mon Sep 17 00:00:00 2001
From: Scott Trinh <scott@scotttrinh.com>
Date: Tue, 20 Feb 2024 15:08:05 -0500
Subject: [PATCH] Use specific error for missing or invalid state

---
 edb/server/protocol/auth_ext/webauthn.py | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/edb/server/protocol/auth_ext/webauthn.py b/edb/server/protocol/auth_ext/webauthn.py
index d45822d8a1c..41d0054f6d3 100644
--- a/edb/server/protocol/auth_ext/webauthn.py
+++ b/edb/server/protocol/auth_ext/webauthn.py
@@ -284,8 +284,17 @@ async def create_authentication_options_for_email(
             cached_globally=True,
         )
         result_json = json.loads(result.decode())
+        if len(result_json) == 0:
+            raise errors.WebAuthnAuthenticationFailed(
+                "No WebAuthn credentials found for the email."
+            )
+
         user_handles: set[str] = {x["user_handle"] for x in result_json}
-        assert len(user_handles) == 1
+        if len(user_handles) > 1:
+            raise errors.WebAuthnAuthenticationFailed(
+                "Multiple user handles found for the email."
+            )
+
         user_handle = base64.b64decode(result_json[0]["user_handle"])
 
         credential_ids = [