fix(login): generate code for passkey (#10966)

# Which Problems Are Solved

When the passkey registration page (/passkey/set) is accessed externally
with only a loginName parameter, users encounter a "Missing code in
response" error. This occurs because the registration code is only
generated for invalid sessions, but external calls typically have valid
sessions.

# How the Problems Are Solved

- Moved registration code generation outside the session validity check
in `registerPasskeyLink()`
- Code is now generated for both valid and invalid sessions when not
provided
- Simplified logic: use provided code if available, otherwise generate a
new one

apps/login/src/lib/server/passkeys.ts

@@ -107,20 +107,25 @@ export async function registerPasskeyLink(
       if (!hasValidUserVerificationCheck) {
         return { error: "User Verification Check has to be done" };
       }
+    }
 
-      if (!command.code) {
-        // request a new code if no code is provided
-        const codeResponse = await createPasskeyRegistrationLink({
-          serviceUrl,
-          userId: currentUserId,
-        });
+    // Generate registration code if not provided
+    if (command.code && command.codeId) {
+      registerCode = {
+        id: command.codeId,
+        code: command.code,
+      };
+    } else {
+      const codeResponse = await createPasskeyRegistrationLink({
+        serviceUrl,
+        userId: currentUserId,
+      });
 
-        if (!codeResponse?.code?.code) {
-          return { error: "Could not create registration link" };
-        }
-
-        registerCode = codeResponse.code;
+      if (!codeResponse?.code?.code) {
+        return { error: "Could not create registration link" };
       }
+
+      registerCode = codeResponse.code;
     }
   } else if (command.userId && command.code && command.codeId) {
     currentUserId = command.userId;