-
-
Notifications
You must be signed in to change notification settings - Fork 3.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: test webauthn platform auth #6065
Conversation
The latest updates on your projects. Learn more about Vercel for Git ↗︎
|
in case you haven't seen it, this library made it fairly easy to implement into my app via Cloudflare sqlite and provides good conventions for some of the confusing aspects |
Yeah thanks for pointing that out! I did stumble upon that during my research, but wanted to give it a shot implementing it from scratch myself, because it seem(ed) to be just a few Web APIs. Do you have any additional experience with webauthn/passkeys? Is this route looking correct at least? 😅 |
WebAuthN is notoriously ... not fun to work with :-) especially when it first came out! I implemented it out of curiosity to see if it was as cool as it seemed using that package. I haven't reviewed your code yet but I will take a look. It worked great! There are a few caveats though that can cause the UX to not display things properly which is annoying IIRC the main one was because a critical piece is still behind a feature flag on chrome: chrome://flags/#webauthn-conditional-ui It also seemed to conflict a lot with Oh wow that demo is so nice! |
As for the code here - it seems to be only the UX -- the hardest part tends to be serializing the binary values over the wire properly and such (which You should definitely implement conditional mediation - it makes the process a LOT cleaner https://chromestatus.com/feature/5144633101778944 Chrome also has: https://developer.chrome.com/docs/devtools/webauthn/ |
@bradennapier alright awesome, thanks a ton for all the info! I'll probably just end up pulling in that lib then 😅 Since you do seem to have a good amt of experience with it, do you mind if I ping you for a review later when this is closer to being ready? 🙏 |
Ofc - I am eager to see the result! I think pass keys will be insanely transformative ! |
19c6807
to
3be7bb7
Compare
* feat: map Account before saving to database * document `acconut()`, explain default behaviour * generate `expires_at` based on `expires_in` Fixes #6538 * rename * strip undefined on `defaultProfile` * don't forward defaults to account callback * improve internal namings, types, docs
* JWT Token -> JWT * document some errors * improve errors, docs
9784f29
to
37bb6eb
Compare
fa96b45
to
65aa467
Compare
Closing in favor of the work done here: #8808 |
☕️ Reasoning
Big time WIP
Note:
Screenshot:
🧢 Checklist
🎫 Affected issues
Please scout and link issues that might be solved by this PR.
Fixes: INSERT_ISSUE_LINK_HERE
📌 Resources