Do not use username for PublicKeyCredentialUserEntity

[alfonsrv]

Overwriting the user model (dropping the username field in favor of email) causes registrations to not work. Admin fails with "An unexpected error occurred".

Instead, the username field should be derived from the registered User model's constant USERNAME_FIELD to support custom username fields.

Using either username or email however can lead to undesirable results. A change of name due to marriage, causing both a username and/or email change would cause FIDO2 auths to fail for intransparent reasons for an administrator and could cause some frustration. Might be a thing to consider.

Frankly, I'm not an expert on the matter and am sure there's cryptographic reason either field is used. Reading the W3 specs for id / user handle, it states the following though regarding the field in question:

The user handle MUST NOT contain personally identifying information about the user, such as a username or e-mail address; see § 14.6.1 User Handle Contents for details. The user handle MUST NOT be empty, though it MAY be null.

[tpazderka]

@MichalPham please have a look as part of the changes you are implementing.

[MichalPham]

will add

• get_user_display_name,
• get_username,
• get_user_id

with current implementation which can be overridden by a setting callables

• DJANGO_FIDO_GET_USER_DISPLAY_NAME,
• DJANGO_FIDO_GET_USERNAME,
• DJANGO_FIDO_GET_USER_ID