diff --git a/internal/start/start.go b/internal/start/start.go index 72f34b8e7..5814d209c 100644 --- a/internal/start/start.go +++ b/internal/start/start.go @@ -518,6 +518,8 @@ EOF fmt.Sprintf("GOTRUE_MFA_PHONE_VERIFY_ENABLED=%v", utils.Config.Auth.MFA.Phone.VerifyEnabled), fmt.Sprintf("GOTRUE_MFA_TOTP_ENROLL_ENABLED=%v", utils.Config.Auth.MFA.TOTP.EnrollEnabled), fmt.Sprintf("GOTRUE_MFA_TOTP_VERIFY_ENABLED=%v", utils.Config.Auth.MFA.TOTP.VerifyEnabled), + fmt.Sprintf("GOTRUE_MFA_WEB_AUTHN_ENROLL_ENABLED=%v", utils.Config.Auth.MFA.WebAuthn.EnrollEnabled), + fmt.Sprintf("GOTRUE_MFA_WEB_AUTHN_VERIFY_ENABLED=%v", utils.Config.Auth.MFA.WebAuthn.VerifyEnabled), fmt.Sprintf("GOTRUE_MFA_MAX_ENROLLED_FACTORS=%v", utils.Config.Auth.MFA.MaxEnrolledFactors), } diff --git a/pkg/config/config.go b/pkg/config/config.go index 7fc8942b5..51be3c122 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -309,6 +309,7 @@ type ( mfa struct { TOTP factorTypeConfiguration `toml:"totp"` Phone phoneFactorTypeConfiguration `toml:"phone"` + WebAuthn factorTypeConfiguration `toml:"web_authn"` MaxEnrolledFactors uint `toml:"max_enrolled_factors"` } diff --git a/pkg/config/constants.go b/pkg/config/constants.go index 0b2edfcf3..e3d5f4769 100644 --- a/pkg/config/constants.go +++ b/pkg/config/constants.go @@ -15,7 +15,7 @@ const ( edgeRuntimeImage = "supabase/edge-runtime:v1.59.0" vectorImage = "timberio/vector:0.28.1-alpine" supavisorImage = "supabase/supavisor:1.1.56" - gotrueImage = "supabase/gotrue:v2.158.1" + gotrueImage = "supabase/gotrue:v2.163.2" realtimeImage = "supabase/realtime:v2.30.34" storageImage = "supabase/storage-api:v1.11.13" logflareImage = "supabase/logflare:1.4.0" diff --git a/pkg/config/templates/config.toml b/pkg/config/templates/config.toml index 112237748..5c8dedadc 100644 --- a/pkg/config/templates/config.toml +++ b/pkg/config/templates/config.toml @@ -187,6 +187,11 @@ verify_enabled = true # template = "Your code is {{ `{{ .Code }}` }} ." # max_frequency = "10s" +# Configure Multi-factor-authentication via WebAuthn +# [auth.mfa.web_authn] +# enroll_enabled = true +# verify_enabled = true + # Use an external OAuth provider. The full list of providers are: `apple`, `azure`, `bitbucket`, # `discord`, `facebook`, `github`, `gitlab`, `google`, `keycloak`, `linkedin_oidc`, `notion`, `twitch`, # `twitter`, `slack`, `spotify`, `workos`, `zoom`. diff --git a/pkg/config/testdata/config.toml b/pkg/config/testdata/config.toml index 2f1a8e90d..b956abe76 100644 --- a/pkg/config/testdata/config.toml +++ b/pkg/config/testdata/config.toml @@ -187,6 +187,11 @@ otp_length = 6 template = "Your code is {{ `{{ .Code }}` }} ." max_frequency = "10s" +# Configure Multi-factor-authentication via Phone Messaging +[auth.mfa.web_authn] +enroll_enabled = true +verify_enabled = true + # Use an external OAuth provider. The full list of providers are: `apple`, `azure`, `bitbucket`, # `discord`, `facebook`, `github`, `gitlab`, `google`, `keycloak`, `linkedin_oidc`, `notion`, `twitch`, # `twitter`, `slack`, `spotify`, `workos`, `zoom`.