discourse

github-mirror/discourse

Fork 0

mirror of https://github.com/discourse/discourse.git synced 2024-11-23 21:10:17 +08:00

Commit Graph

Author	SHA1	Message	Date
Martin Brennan	66f2db4ea4	SECURITY: 2FA with U2F / TOTP	2020-01-15 11:27:12 +01:00
Martin Brennan	c031434b86	FIX: Catch error when unknown COSE algorithm is supplied for Security Key (#8649 ) Added a fix to gracefully error with a Webauthn::SecurityKeyError if somehow a user provides an unkown COSE algorithm when logging in with a security key. If `COSE::Algorithm.find` returns nil we now fail gracefully and log the algorithm used along with the user ID and the security key params for debugging, as this will help us find other common algorithms to implement for webauthn	2020-01-02 10:14:22 +10:00
Martin Brennan	68d35b14f4	FEATURE: Webauthn authenticator management with 2FA login (Security Keys) (#8099 ) Adds 2 factor authentication method via second factor security keys over [web authn](https://developer.mozilla.org/en-US/docs/Web/API/Web_Authentication_API). Allows a user to authenticate a second factor on login, login-via-email, admin-login, and change password routes. Adds registration area within existing user second factor preferences to register multiple security keys. Supports both external (yubikey) and built-in (macOS/android fingerprint readers).	2019-10-01 19:08:41 -07:00

Author

SHA1

Message

Date

Martin Brennan

66f2db4ea4

SECURITY: 2FA with U2F / TOTP

2020-01-15 11:27:12 +01:00

Martin Brennan

c031434b86

FIX: Catch error when unknown COSE algorithm is supplied for Security Key (#8649 )

Added a fix to gracefully error with a Webauthn::SecurityKeyError if somehow a user provides an unkown COSE algorithm when logging in with a security key.

If `COSE::Algorithm.find` returns nil we now fail gracefully and log the algorithm used along with the user ID and the security key params for debugging, as this will help us find other common algorithms to implement for webauthn

2020-01-02 10:14:22 +10:00

Martin Brennan

68d35b14f4

FEATURE: Webauthn authenticator management with 2FA login (Security Keys) (#8099 )

Adds 2 factor authentication method via second factor security keys over [web authn](https://developer.mozilla.org/en-US/docs/Web/API/Web_Authentication_API).

Allows a user to authenticate a second factor on login, login-via-email, admin-login, and change password routes. Adds registration area within existing user second factor preferences to register multiple security keys. Supports both external (yubikey) and built-in (macOS/android fingerprint readers).

2019-10-01 19:08:41 -07:00

3 Commits