Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enhance the sign-in functionality by FIDO2 #80

Closed
3 tasks done
arealclimber opened this issue Apr 8, 2024 · 7 comments · Fixed by #89, #105 or #132
Closed
3 tasks done

Enhance the sign-in functionality by FIDO2 #80

arealclimber opened this issue Apr 8, 2024 · 7 comments · Fixed by #89, #105 or #132
Assignees
@arealclimber
Labels
5 hard level 5 enhancement New feature or request
Milestone
v0.8.0 Alpha Release

Comments

@arealclimber
Copy link
Member

arealclimber commented Apr 8, 2024
edited
Loading

  • 手機登入會失敗,要看遠端機器 log
  • 在 cookie 到期前,讓用戶下次進網站保持登入
  • verify cookie (FIDO2) 內容跟過期時間 -> comment
  • 確認用戶不論用 mac 或 iphone 登入都是用同一對公鑰私鑰

ref:
@arealclimber arealclimber mentioned this issue Apr 8, 2024
Open
35 tasks
@arealclimber arealclimber self-assigned this Apr 8, 2024
@arealclimber arealclimber added enhancement New feature or request 5 hard level 5 labels Apr 8, 2024
@arealclimber
Copy link
Member Author

image

@arealclimber arealclimber linked a pull request Apr 8, 2024 that will close this issue
fix: accept diff origin to sign-in with FIDO2 #89
Merged
arealclimber added a commit that referenced this issue Apr 8, 2024
@arealclimber
feat: 🎸 bind cookie with login status
8ec0344 
Closes: #80
@arealclimber arealclimber linked a pull request Apr 8, 2024 that will close this issue
feat: 🎸 login, logout on login page #105
Merged
@arealclimber
Copy link
Member Author

taking 2 hrs
remaining 3 hrs

@arealclimber
Copy link
Member Author

註冊 (Passwordless by webauthn) sequence diagram

註冊 (Passwordless by webauthn)

arealclimber added a commit that referenced this issue Apr 10, 2024
@arealclimber
test: 💍 sign in with webauthn
85db7f4 
Closes: #80
@arealclimber
Copy link
Member Author

arealclimber commented Apr 10, 2024
edited
Loading

#129

@arealclimber arealclimber linked a pull request Apr 10, 2024 that will close this issue
feat: 🎸 login workaround when there's no db for registration info and prevent duplicate registration account #128
Merged
@arealclimber
Copy link
Member Author

arealclimber commented Apr 10, 2024
edited
Loading

  • 用 mac 的 keychain 註冊 username 為 register on mac 之後,用 iPhone 掃 QR code ,一樣使用 keychain 的 register on mac,獲得一樣的 credential data
  • 透過固定 client.register(userHandle) 讓用戶可以用 keychain 重複註冊,並且讓新的用戶名稱覆蓋舊的用戶名
  • 在 mac 上重新註冊 username 之後,原本在 keychain 的 username 也會跟著改,確保只有一個帳號
Screen.Recording.2024-04-10.at.15.15.16.mov

arealclimber added a commit that referenced this issue Apr 10, 2024
@arealclimber
feat: 🎸 login by WebAuthn without validating from server
de6b6eb 
Closes: #80 #129
arealclimber added a commit that referenced this issue Apr 11, 2024
@arealclimber
feat: 🎸 consistent login workaround when there's no db to
0a6917d 
store user crendential generated by FIDO2 (webauthn)

✅ Closes: #80
@arealclimber
Copy link
Member Author

taking 1 hr

  • 沒有保留用戶註冊的資料,就無法取得用戶的 credential (public key),所以現階段不去檢查 cookie validity ,只要有 cookie 就讓用戶保持登入狀態

remaining 2 hrs

@arealclimber arealclimber linked a pull request Apr 11, 2024 that will close this issue
feat: 🎸 consistent login workaround when there's no db to store user crendential generated by FIDO2 (webauthn) AND dashboard page with no data and dashboard bookmark component, AddBookmarkModal component controlled by global ctx #132
Merged
@Luphia Luphia closed this as completed in c93662d Apr 14, 2024
@arealclimber arealclimber reopened this Apr 15, 2024
@arealclimber
Copy link
Member Author

雖然現在沒有 verify cookie,但是cookie過期會自動刪除,算是達成當前目標:用 FIDO2 / webauthn 達成不用密碼也能登入登出功能,實際登入功能需要伴隨真實後端跟DB以及實際註冊功能才能達到用戶 public key 去 verify,這些是只有前端的情況下無法達成的條件,所以這張 issue 先關閉

@deedeelin deedeelin removed a link to a pull request Jun 6, 2024
feat: 🎸 login workaround when there's no db for registration info and prevent duplicate registration account #128
Merged
@Luphia Luphia added this to the v0.8.0 Alpha Release milestone Jul 5, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@arealclimber arealclimber

Labels
5 hard level 5 enhancement New feature or request
Projects
None yet
Milestone
v0.8.0 Alpha Release
2 participants
@Luphia @arealclimber