github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-11-23 07:30:16 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
e2e30788b9
discourse/config
History
Penar Musaraj e3e73a3091
DEV: Add routes and controller actions for passkeys (2/3) (#23587) 
This is part 2 (of 3) for passkeys support.

This adds a hidden site setting plus routes and controller actions.

1. registering passkeys

Passkeys are registered in a two-step process. First, `create_passkey`
returns details for the browser to create a passkey. This includes
- a challenge
- the relying party ID and Origin
- the user's secure identifier
- the supported algorithms
- the user's existing passkeys (if any)

Then the browser creates a key with this information, and submits it to
the server via `register_passkey`.

2. authenticating passkeys

A similar process happens here as well. First, a challenge is created
and sent to the browser. Then the browser makes a public key credential
and submits it to the server via `passkey_auth_perform`.

3. renaming/deleting passkeys

These routes allow changing the name of a key and deleting it.

4. checking if session is trusted for sensitive actions

Since a passkey is a password replacement, we want to make sure to confirm the user's identity before allowing adding/deleting passkeys. The u/trusted-session GET route returns success if user has confirmed their session (and failed if user hasn't). In the frontend (in the next PR), we're using these routes to show the password confirmation screen. 

The `/u/confirm-session` route allows the user to confirm their session with a password. The latter route's functionality already existed in core, under the 2FA flow, but it has been abstracted into its own here so it can be used independently.


Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com>
2023-10-11 14:36:54 -04:00
..
cloud/cloud66 DEV: Apply syntax_tree formatting to config/* 2023-01-09 11:13:29 +00:00
environments PERF: Strict loading for SidebarSection queries (#21717) 2023-05-25 09:10:32 +08:00
initializers FEATURE: Add webhooks for user suspend and unsuspend (#23684) 2023-09-28 10:51:05 +02:00
locales Update translations (#23873) 2023-10-11 11:18:02 +02:00
application.rb DEV: Remove dependence on dartsass-sprockets (#23665) 2023-09-26 16:25:07 +01:00
boot.rb DEV: Apply syntax_tree formatting to config/* 2023-01-09 11:13:29 +00:00
cdn.yml.sample
database.yml DEV: Remove db_timeout setting (#22912) 2023-08-01 14:17:43 -05:00
deploy.rb.sample
dev_defaults.yml DEV: Convert admin-incoming-email modal to component-based API (#22701) 2023-07-20 16:31:20 -05:00
discourse_defaults.conf DEV: relative_url_root is used for subfolder installs add comment (#23403) 2023-09-05 17:06:31 +10:00
discourse.config.sample
discourse.pill.sample
environment.rb DEV: Apply syntax_tree formatting to config/* 2023-01-09 11:13:29 +00:00
logrotate.conf
multisite.yml.production-sample DEV: Remove db_id from sample multisite config. 2020-05-29 10:48:29 +08:00
nginx.global.conf
nginx.sample.conf FEATURE: Add support for AVIF images (#21680) 2023-05-24 16:13:36 -03:00
projections.json DEV: Use .hbr for raw template file extension (#8883) 2020-02-11 13:38:12 -06:00
puma.rb DEV: Apply syntax_tree formatting to config/* 2023-01-09 11:13:29 +00:00
routes.rb DEV: Add routes and controller actions for passkeys (2/3) (#23587) 2023-10-11 14:36:54 -04:00
sidekiq.yml
site_settings.yml DEV: Add routes and controller actions for passkeys (2/3) (#23587) 2023-10-11 14:36:54 -04:00
spring.rb DEV: Apply syntax_tree formatting to config/* 2023-01-09 11:13:29 +00:00
thin.yml.sample
unicorn_launcher
unicorn_upstart.conf
unicorn.conf.rb DEV: Revert syntax-tree line change in unicorn.conf.rb listen (#19874) 2023-01-16 13:17:23 +10:00