MiauRizius/MiauInv
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases 4 Wiki Activity

added passkey support (closes #6) #14

Merged
MiauRizius merged 1 commits from feature/6-passkey-support into main 2026-06-10 03:30:41 +02:00
Conversation 0 Commits 1 Files Changed 18 +1680 -61
MiauRizius commented 2026-06-10 03:27:30 +02:00
Owner
Copy Link

Description

Add WebAuthn passkey authentication support and related account security improvements.

This PR introduces:

  • WebAuthn passkey registration and authentication
  • Discoverable passkey login without requiring a username
  • Passkey management from account settings
  • Individual passkey removal
  • Full passkey disable flow
  • Secure server-side WebAuthn challenge handling
  • SQLite storage for passkey credentials
  • Session revocation after passkey security changes
  • Updated authentication, database, security and contribution documentation
  • Improved account settings UI
  • Inline password visibility toggles with icon-based controls
  • Removal of the unused avatar placeholder UI
  • Simplified passkey login flow by treating verified passkey authentication as a complete sign-in

Security improvements include:

  • Direct session issuance after successful passkey authentication
  • Discoverable credential support
  • Additional validation around passkey registration and management flows

Closes #6

Type of Change

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Chore / Refactoring (code cleanup or configuration updates)

Testing Environment

  • Verified via local development server
  • Verified compilation inside the Docker container
  • All unit tests passing successfully
## Description Add WebAuthn passkey authentication support and related account security improvements. This PR introduces: * WebAuthn passkey registration and authentication * Discoverable passkey login without requiring a username * Passkey management from account settings * Individual passkey removal * Full passkey disable flow * Secure server-side WebAuthn challenge handling * SQLite storage for passkey credentials * Session revocation after passkey security changes * Updated authentication, database, security and contribution documentation * Improved account settings UI * Inline password visibility toggles with icon-based controls * Removal of the unused avatar placeholder UI * Simplified passkey login flow by treating verified passkey authentication as a complete sign-in Security improvements include: * Direct session issuance after successful passkey authentication * Discoverable credential support * Additional validation around passkey registration and management flows Closes #6 ## Type of Change * [ ] Bug fix (non-breaking change which fixes an issue) * [x] New feature (non-breaking change which adds functionality) * [ ] Chore / Refactoring (code cleanup or configuration updates) ## Testing Environment * [x] Verified via local development server * [x] Verified compilation inside the Docker container * [ ] All unit tests passing successfully
MiauRizius self-assigned this 2026-06-10 03:27:30 +02:00
MiauRizius added 1 commit 2026-06-10 03:27:31 +02:00
added passkey support (closes #6)
All checks were successful
test-and-lint / test-and-lint (pull_request) Successful in 2m50s
Details
fb3be56959
MiauRizius merged commit c080c51aec into main 2026-06-10 03:30:41 +02:00
MiauRizius deleted branch feature/6-passkey-support 2026-06-10 03:30:41 +02:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
Clear labels
Compat/Breaking
Breaking change that won't be backward compatible
Kind/Bug
Something is not working
Kind/Documentation
Documentation changes
Kind/Enhancement
Improve existing functionality
Kind/Feature
New functionality
Kind/Security
This is security issue
Kind/Testing
Issue or pull request related to testing
Priority
Critical
1
The priority is critical
Priority
High
2
The priority is high
Priority
Low
4
The priority is low
Priority
Medium
3
The priority is medium
Reviewed
Confirmed
1
Issue has been confirmed
Reviewed
Duplicate
2
This issue or pull request already exists
Reviewed
Invalid
3
Invalid issue
Reviewed
Won't Fix
3
This issue won't be fixed
Status
Abandoned
3
Somebody has started to work on this but abandoned work
Status
Blocked
1
Something is blocking this issue or pull request
Status
Need More Info
2
Feedback is required to reproduce issue or to continue work
No Label
Kind/Documentation
Kind/Feature
Kind/Security
Priority
Critical
1
Reviewed
Confirmed
1
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
MiauRizius
No Assignees MiauRizius
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: MiauRizius/MiauInv#14
No description provided.
Delete Branch "feature/6-passkey-support"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?