Clarify some example comments

author: Matthew Miller <matthew@millerti.me> 2020-05-25 10:27:48 -0700
committer: Matthew Miller <matthew@millerti.me> 2020-05-25 10:27:48 -0700
commit: 44faf5672492710c602325b83492990c0ada01e1 (patch)
tree: a680a57f3c848533e727f040c5a4f6b71d9ff8d0 /example/index.js
parent: fd5aeab4ab1fed92c8d7b0c3c738f65316b5696d (diff)
1 files changed, 4 insertions, 3 deletions
diff --git a/example/index.js b/example/index.js
index 3173d41..1f1c0b8 100644
--- a/example/index.js
+++ b/example/index.js
@@ -45,17 +45,18 @@ const loggedInUserId = 'webauthntineInternalUserId';
  *
  * 1. Users
  *
- * You'll need to be able to associate attestations and assertions to a specific user
+ * You'll need to be able to associate attestation and assertions challenges, and authenticators to
+ * a specific user
  *
  * 2. Challenges
  *
  * The totally-random-unique-every-time values you pass into every execution of
  * `generateAttestationOptions()` or `generateAssertionOptions()` MUST be stored until
  * `verifyAttestationResponse()` or `verifyAssertionResponse()` (respectively) is called to verify
- * a response.
+ * that the response contains the signed challenge.
  *
  * These values only need to be persisted for `timeout` number of milliseconds (see the `generate`
- * methods.)
+ * methods and their optional `timeout` parameter)
  *
  * 3. Authenticator Devices
  *
author	Matthew Miller <matthew@millerti.me>	2020-05-25 10:27:48 -0700
committer	Matthew Miller <matthew@millerti.me>	2020-05-25 10:27:48 -0700
commit	44faf5672492710c602325b83492990c0ada01e1 (patch)
tree	a680a57f3c848533e727f040c5a4f6b71d9ff8d0 /example/index.js
parent	fd5aeab4ab1fed92c8d7b0c3c738f65316b5696d (diff)