Add expiration to webauthn challenges

src/constants.rs

@@ -56,4 +56,8 @@ pub const OPEN_ID_AUTHORIZATION_CODE_TIMEOUT: u64 = 300;
 pub const OPEN_ID_ACCESS_TOKEN_LEN: usize = 50;
 pub const OPEN_ID_ACCESS_TOKEN_TIMEOUT: u64 = 3600;
 pub const OPEN_ID_REFRESH_TOKEN_LEN: usize = 120;
-pub const OPEN_ID_REFRESH_TOKEN_TIMEOUT: u64 = 360000;
+pub const OPEN_ID_REFRESH_TOKEN_TIMEOUT: u64 = 360000;
+
+/// Webauthn constants
+pub const WEBAUTHN_REGISTER_CHALLENGE_EXPIRE: u64 = 3600;
+pub const WEBAUTHN_LOGIN_CHALLENGE_EXPIRE: u64 = 3600;