TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-12-12 07:53:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix passkey retry, cleanup mfa set

Browse Source
This commit is contained in:
peintnermax
2024-09-17 10:12:03 +02:00
parent fdb2711af0
commit 424bdf42f2
4 changed files with 151 additions and 122 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
apps/login/readme.md
View File

@@ -158,13 +158,19 @@ After updating the session, the user is signed in.
<img src="./screenshots/mfaset.png" alt="/mfa/set" width="400px" />
This page requests a webAuthN challenge for the user and updates the session afterwards.
This page loads login Settings and the authentication methods for a user and shows setup options.
Requests to the APIs made:
- `getBrandingSettings(org?)`
- `getLoginSettings(user.org)`
- `getSession()`
- `updateSession()`
- `listAuthenticationMethodTypes()`
- `getUserByID()`
When updating the session for the webAuthN challenge, we set `userVerificationRequirement` to `UserVerificationRequirement.REQUIRED` as this will request the webAuthN method as primary method to login.
After updating the session, the user is signed in.
If a user has already setup a certain method, a checkbox is shown alongside the button and the button is disabled.
OTP Email and OTP SMS only show up if the user has verified email or phone.
If the user chooses a method he is redirected to one of `/otp/time-based/set`, `/u2f/set`, `/otp/email/set`, or `/otp/sms/set`.
At the moment, U2F methods are hidden if a method is already added on the users resource. Reasoning is that the page should only be invoked for prompts. A self service page which shows up multiple u2f factors is implemented at a later stage.
> NOTE: The session and therefore the user factor defines which login settings are checked for available options.