feat: add WebAuthN support for passwordless login and 2fa (#966)

* at least registration prompt works

* in memory test for login

* buttons to start webauthn process

* begin eventstore impl

* begin eventstore impl

* serialize into bytes

* fix: u2f, passwordless types

* fix for localhost

* fix script

* fix: u2f, passwordless types

* fix: add u2f

* fix: verify u2f

* fix: session data in event store

* fix: u2f credentials in eventstore

* fix: webauthn pkg handles business models

* feat: tests

* feat: append events

* fix: test

* fix: check only ready webauthn creds

* fix: move u2f methods to authrepo

* frontend improvements

* fix return

* feat: add passwordless

* feat: add passwordless

* improve ui / error handling

* separate call for login

* fix login

* js

* feat: u2f login methods

* feat: remove unused session id

* feat: error handling

* feat: error handling

* feat: refactor user eventstore

* feat: finish webauthn

* feat: u2f and passwordlss in auth.proto

* u2f step

* passwordless step

* cleanup js

* EndpointPasswordLessLogin

* migration

* update mfaChecked test

* next step test

* token name

* cleanup

* attribute

* passwordless as tokens

* remove sms as otp type

* add "user" to amr for webauthn

* error handling

* fixes

* fix tests

* naming

* naming

* fixes

* session handler

* i18n

* error handling in login

* Update internal/ui/login/static/i18n/de.yaml

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

* Update internal/ui/login/static/i18n/en.yaml

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

* improvements

* merge fixes

* fixes

* fixes

Co-authored-by: Fabiennne <fabienne.gerschwiler@gmail.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

pkg/grpc/management/proto/management.proto

@@ -2033,8 +2033,8 @@ message UserMultiFactor {
 
 enum MfaType {
   MFATYPE_UNSPECIFIED = 0;
-  MFATYPE_SMS = 1;
-  MFATYPE_OTP = 2;
+  MFATYPE_OTP = 1;
+  MFATYPE_U2F = 2;
 }
 
 enum MFAState {
@@ -3064,6 +3064,7 @@ message LoginPolicy {
   google.protobuf.Timestamp creation_date = 4;
   google.protobuf.Timestamp change_date = 5;
   bool force_mfa = 6;
+  PasswordlessType passwordless_type = 7;
 }
 
 message LoginPolicyRequest {
@@ -3071,6 +3072,12 @@ message LoginPolicyRequest {
   bool allow_register = 2;
   bool allow_external_idp = 3;
   bool force_mfa = 4;
+  PasswordlessType passwordless_type = 5;
+}
+
+enum PasswordlessType {
+  PASSWORDLESSTYPE_NOT_ALLOWED = 0;
+  PASSWORDLESSTYPE_ALLOWED = 1;
 }
 
 message IdpProviderID {
@@ -3095,6 +3102,7 @@ message LoginPolicyView {
   google.protobuf.Timestamp creation_date = 5;
   google.protobuf.Timestamp change_date = 6;
   bool force_mfa = 7;
+  PasswordlessType passwordless_type = 8;
 }
 
 message IdpProviderView {