diff --git a/apps/login/cypress/integration/login.cy.ts b/apps/login/cypress/integration/login.cy.ts
index 1d6472d5e66..a286e00d44d 100644
--- a/apps/login/cypress/integration/login.cy.ts
+++ b/apps/login/cypress/integration/login.cy.ts
@@ -111,7 +111,7 @@ describe("login", () => {
cy.get('button[type="submit"]').click();
cy.location("pathname", { timeout: 10_000 }).should(
"eq",
- "/passkey/add",
+ "/passkey/set",
);
});
});
diff --git a/apps/login/cypress/integration/register.cy.ts b/apps/login/cypress/integration/register.cy.ts
index 4cad0dbd81f..9eb4e8be155 100644
--- a/apps/login/cypress/integration/register.cy.ts
+++ b/apps/login/cypress/integration/register.cy.ts
@@ -17,6 +17,6 @@ describe("register", () => {
cy.get('input[type="checkbox"][value="privacypolicy"]').check();
cy.get('input[type="checkbox"][value="tos"]').check();
cy.get('button[type="submit"]').click();
- cy.location("pathname", { timeout: 10_000 }).should("eq", "/passkey/add");
+ cy.location("pathname", { timeout: 10_000 }).should("eq", "/passkey/set");
});
});
diff --git a/apps/login/readme.md b/apps/login/readme.md
index e2d809767a9..6b07e30e690 100644
--- a/apps/login/readme.md
+++ b/apps/login/readme.md
@@ -45,11 +45,11 @@ This is going to be our next UI for the hosted login. It's based on Next.js 13 a
### /loginname
-
-
This page shows a loginname field and Identity Providers to login or register.
If `loginSettings(org?).allowRegister` is `true`, if will also show a link to jump to /register
+
+
Requests to the APIs made:
- `getLoginSettings(org?)`
@@ -85,11 +85,11 @@ If no previous condition is met we throw an error stating the user was not found
### /password
-
-
This page shows a password field to hydrate the current session with password as a factor.
Below the password field, a reset password link is shown which allows to send a reset email.
+
+
Requests to the APIs made:
- `getLoginSettings(org?)`
@@ -103,16 +103,16 @@ If the user has set up an additional **single** second factor, it is redirected
**NO MFA, FORCE MFA:** If no MFA method is available, and the settings force MFA, the user is sent to `/mfa/set` which prompts to setup a second factor.
-**PROMPT PASSKEY** If the settings do not enforce MFA, we check if passkeys are allowed with `loginSettings?.passkeysType === PasskeysType.ALLOWED` and redirect the user to `/passkey/add` if no passkeys are setup. This step can be skipped.
+**PROMPT PASSKEY** If the settings do not enforce MFA, we check if passkeys are allowed with `loginSettings?.passkeysType === PasskeysType.ALLOWED` and redirect the user to `/passkey/set` if no passkeys are setup. This step can be skipped.
If none of the previous conditions apply, we continue to sign in.
### /otp/[method]
-![/otp/[method]](./screenshots/otp.png)
-
This page shows a code field to check an otp method. The session of the user is then hydrated with the respective factor. Supported methods are `time-based`, `sms` and `email`.
+
+
Requests to the APIs made:
- `getBrandingSettings(org?)`
@@ -126,10 +126,10 @@ The submission of the code updates the session and continues to sign in the user
### /u2f
-
-
This page requests a webAuthN challenge for the user and updates the session afterwards.
+
+
Requests to the APIs made:
- `getBrandingSettings(org?)`
@@ -141,10 +141,10 @@ After updating the session, the user is signed in.
### /passkey
-
-
This page requests a webAuthN challenge for the user and updates the session afterwards.
+
+
Requests to the APIs made:
- `getBrandingSettings(org?)`
@@ -156,10 +156,10 @@ After updating the session, the user is signed in.
### /mfa/set
-
-
This page loads login Settings and the authentication methods for a user and shows setup options.
+
+
Requests to the APIs made:
- `getBrandingSettings(org?)`
@@ -177,6 +177,17 @@ At the moment, U2F methods are hidden if a method is already added on the users
### /passkey/set
+
+
+This page sets a passkey method for a user. This page can be either enforced, or optional depending on the Login Settings.
+
+Requests to the APIs made:
+
+- `getBrandingSettings(org?)`
+- `getSession()`
+- `registerPasskeyLink()`
+- `verifyPasskey()`
+
### /otp/[method]/set
### /u2f/set
diff --git a/apps/login/src/app/(login)/passkey/add/page.tsx b/apps/login/src/app/(login)/passkey/set/page.tsx
similarity index 100%
rename from apps/login/src/app/(login)/passkey/add/page.tsx
rename to apps/login/src/app/(login)/passkey/set/page.tsx
diff --git a/apps/login/src/ui/PasswordForm.tsx b/apps/login/src/ui/PasswordForm.tsx
index 919e56c7748..1c1870e7ba6 100644
--- a/apps/login/src/ui/PasswordForm.tsx
+++ b/apps/login/src/ui/PasswordForm.tsx
@@ -102,7 +102,7 @@ export default function PasswordForm({
setInfo("");
// if user has mfa -> /otp/[method] or /u2f
// if mfa is forced and user has no mfa -> /mfa/set
- // if no passwordless -> /passkey/add
+ // if no passwordless -> /passkey/set
// exclude password and passwordless
if (
@@ -194,7 +194,7 @@ export default function PasswordForm({
params.append("organization", organization);
}
- return router.push(`/passkey/add?` + params);
+ return router.push(`/passkey/set?` + params);
} else if (authRequestId && submitted.sessionId) {
const params = new URLSearchParams({
sessionId: submitted.sessionId,
diff --git a/apps/login/src/ui/RegisterFormWithoutPassword.tsx b/apps/login/src/ui/RegisterFormWithoutPassword.tsx
index 64999f75f41..c7ba74cabcc 100644
--- a/apps/login/src/ui/RegisterFormWithoutPassword.tsx
+++ b/apps/login/src/ui/RegisterFormWithoutPassword.tsx
@@ -109,7 +109,7 @@ export default function RegisterFormWithoutPassword({
params.set("authRequestId", authRequestId);
}
- return router.push(`/passkey/add?` + new URLSearchParams(params));
+ return router.push(`/passkey/set?` + new URLSearchParams(params));
}
}