FEATURE: Webauthn authenticator management with 2FA login (Security Keys) (#8099)

Adds 2 factor authentication method via second factor security keys over [web authn](https://developer.mozilla.org/en-US/docs/Web/API/Web_Authentication_API). Allows a user to authenticate a second factor on login, login-via-email, admin-login, and change password routes. Adds registration area within existing user second factor preferences to register multiple security keys. Supports both external (yubikey) and built-in (macOS/android fingerprint readers).
2025-05-23 20:21:25 +08:00 · 2019-10-02 12:08:41 +10:00
parent 45ff119f27
commit 68d35b14f4
50 changed files with 2041 additions and 161 deletions
--- a/test/javascripts/helpers/create-pretender.js.es6
+++ b/test/javascripts/helpers/create-pretender.js.es6
@ -330,6 +330,20 @@ export default function() {
        });
      }

+      if (data.password === "need-security-key") {
+        if (data.securityKeyCredential) {
+          return response({ username: "eviltrout" });
+        }
+
+        return response({
+          error: "Invalid Security Key",
+          reason: "invalid_security_key",
+          backup_enabled: true,
+          sent_to_email: "eviltrout@example.com",
+          current_email: "current@example.com"
+        });
+      }
+
      return response(400, { error: "invalid login" });
    });