Frontend: Enable WebAuthn device registration without TOTP
Compare changes
Files
2- Eduardo Sanz García authored
@@ -20,7 +20,7 @@ export const I18N_REGISTRATION = {
This MR enables the posibility of register a WebAuthn device without the need to set up TOTP as 2FA and resolves Frontend: Enable WebAuthn device registration w... (!111659 - merged)
Replaced the JQuery application to register WebAuthn devices by a Vue component.
Made the WebAuthn device registration possible without TOTP. Therefore,
the Set up new device
button is always available.
Increased security by adding a required password field to be able to register a new device.
We also introduced a few minor UI improvements.
A new set of tests are needed in spec/features/webauthn_spec.rb
when the webauthn_without_totp
is enable. However, I will do that in a follow-up so it doesn't clash with the changes made in that file in the backend MR.
Changelog: changed
before | after |
---|---|
![]() |
![]() |
![]() |
![]() |
![]() |
![]() |
![]() |
|
![]() |
![]() |
The whole process using Chrome:
Screen_Recording_2023-02-13_at_21.01.36
Feature.enable(:webauthn_without_totp)
Set up new device
. It should be available even if the two-factor authentication using TOTP is disabled.This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.