From fd6d17285e23551e15550b8deba15abddc48099c Mon Sep 17 00:00:00 2001 From: Tsukuru Tanimichi Date: Sun, 28 Jun 2026 20:10:03 +0900 Subject: [PATCH 1/2] Add `WebAuthn.generate_user_handle` as an alias for `generate_user_id` MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Follow-up to #502 The value returned by `WebAuthn.generate_user_id` is actually a [user handle](https://www.w3.org/TR/webauthn-2/#user-handle), not a user id — it's an opaque, randomly generated value that the spec recommends to *not* contain any personally identifying information. The name `generate_user_id` is misleading because it suggests using an application's own user identifier. This PR adds `WebAuthn.generate_user_handle` as a clearer, spec-aligned name and updates the README to use it. `WebAuthn.generate_user_id` is kept as an alias, so this is fully backwards compatible. --- README.md | 8 +++++--- lib/webauthn.rb | 2 ++ 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 9fb0d6cd..9785dae5 100644 --- a/README.md +++ b/README.md @@ -171,7 +171,7 @@ end ```ruby # Generate and store the WebAuthn User ID the first time the user registers a credential if !user.webauthn_id - user.update!(webauthn_id: WebAuthn.generate_user_id) + user.update!(webauthn_id: WebAuthn.generate_user_handle) end options = WebAuthn::Credential.options_for_create( @@ -327,14 +327,16 @@ A list of all currently defined extensions: ## API -#### `WebAuthn.generate_user_id` +#### `WebAuthn.generate_user_handle` Generates a [WebAuthn User Handle](https://www.w3.org/TR/webauthn-2/#user-handle) that follows the WebAuthn spec recommendations. ```ruby -WebAuthn.generate_user_id # "lWoMZTGf_ml2RoY5qPwbwrkxrvTqWjGOxEoYBgxft3zG-LlrICvE-y8bxFi06zMyIOyNsJoWx4Fa2TOqoRmnxA" +WebAuthn.generate_user_handle # "lWoMZTGf_ml2RoY5qPwbwrkxrvTqWjGOxEoYBgxft3zG-LlrICvE-y8bxFi06zMyIOyNsJoWx4Fa2TOqoRmnxA" ``` +> `WebAuthn.generate_user_id` is also available as an alias. + #### `WebAuthn::Credential.options_for_create(options)` Helper method to build the necessary [PublicKeyCredentialCreationOptions](https://www.w3.org/TR/webauthn-2/#dictdef-publickeycredentialcreationoptions) diff --git a/lib/webauthn.rb b/lib/webauthn.rb index ee2bd098..0ea90939 100644 --- a/lib/webauthn.rb +++ b/lib/webauthn.rb @@ -13,4 +13,6 @@ module WebAuthn def self.generate_user_id configuration.encoder.encode(SecureRandom.random_bytes(64)) end + + singleton_class.send(:alias_method, :generate_user_handle, :generate_user_id) end From e9fac49e2aa73b706afdce9cab3ce4f2bf688b3b Mon Sep 17 00:00:00 2001 From: Tsukuru Tanimichi Date: Fri, 3 Jul 2026 17:24:46 +0900 Subject: [PATCH 2/2] Use class << self block with alias_method --- lib/webauthn.rb | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/lib/webauthn.rb b/lib/webauthn.rb index 0ea90939..f966b10d 100644 --- a/lib/webauthn.rb +++ b/lib/webauthn.rb @@ -10,9 +10,10 @@ module WebAuthn TYPE_PUBLIC_KEY = "public-key" - def self.generate_user_id - configuration.encoder.encode(SecureRandom.random_bytes(64)) + class << self + def generate_user_id + configuration.encoder.encode(SecureRandom.random_bytes(64)) + end + alias_method :generate_user_handle, :generate_user_id end - - singleton_class.send(:alias_method, :generate_user_handle, :generate_user_id) end