fix: passwordless (#1116)

* fix passwordless session handling

* only check passwordless when enabled in policy

* set preferred user name in webauthn

* fix tests

* add passwordless in setup

* fix(console): exclude credentials for passwordless (#1115)

* fix: exclude creds

* fix i18n type loginpolicy

* fix enter on dialog input

* remove arg

Co-authored-by: Max Peintner <max@caos.ch>

internal/auth/repository/eventsourcing/eventstore/auth_request.go

@@ -643,7 +643,7 @@ func (repo *AuthRequestRepo) firstFactorChecked(request *model.AuthRequest, user
 		return &model.InitUserStep{PasswordSet: user.PasswordSet}
 	}
 
-	if user.IsPasswordlessReady() {
+	if request.LoginPolicy.PasswordlessType != iam_model.PasswordlessTypeNotAllowed && user.IsPasswordlessReady() {
 		if !checkVerificationTime(userSession.PasswordlessVerification, repo.MultiFactorCheckLifeTime) {
 			return &model.PasswordlessStep{}
 		}
@@ -815,9 +815,8 @@ func userSessionByIDs(ctx context.Context, provider userSessionViewProvider, eve
 		case es_model.UserRemoved:
 			return nil, errors.ThrowPreconditionFailed(nil, "EVENT-dG2fe", "Errors.User.NotActive")
 		}
-		if err := sessionCopy.AppendEvent(event); err != nil {
-			return user_view_model.UserSessionToModel(&sessionCopy), nil
-		}
+		err := sessionCopy.AppendEvent(event)
+		logging.Log("EVENT-qbhj3").OnError(err).WithField("traceID", tracing.TraceIDFromCtx(ctx)).Warn("error appending event")
 	}
 	return user_view_model.UserSessionToModel(&sessionCopy), nil
 }