healthchecks

15 MiB

Tree: c196dc16d7

Author	SHA1	Message	Date
Pēteris Caune	f85aec225d	Fix redirect-after-login when using TOTP If user has both WebAuthn and TOTP configured, when logging in, they will be asked to choose between "Use security keys" and "Use authenticator app". The "Use authenticator app" is a link to a different page (/accounts/login/two_factor/totp/). This commit makes sure the ?next= query parameter is preserved when navigating to that page. For reference, the ?next= query parameter is the URL we should redirect to after a successful login. Use case: User is logged out. They click on a bookmarked "Check Details" link. They get redirected to the login form. After entering username & password and completing 2FA, they get redirected to the "Check Details" page they originally wanted to visit.	3 years ago
Pēteris Caune	ca3afa33f9	Add auth method selection step This has dual purpose: * if user has both WebAuthn and TOTP set up, they can choose between the two as equal options. * we initiate WebAuthn flow only after an explicit user action (button press). This may help with authentication failures on recent MacOS, iOS and iPadOS versions [1] [1] https://support.yubico.com/hc/en-us/articles/360022004600-No-reaction-when-using-WebAuthn-on-macOS-iOS-and-iPadOS	3 years ago
Pēteris Caune	222722569e	Add support for 2FA using TOTP Fixes: #354	3 years ago
Pēteris Caune	3cfc31610a	Add extra security checks in the login_webauthn view	4 years ago
Pēteris Caune	8dbf9e02af	Fix capitalization, Webauthn -> WebAuthn	4 years ago
Pēteris Caune	7124383a53	Add checks for RP_ID, add a 2FA section in README	4 years ago
Pēteris Caune	adb7702f39	Rename login_tfa to login_webauthn	4 years ago
Pēteris Caune	7639f0dd69	Add test cases for the login_tfa view	4 years ago

7 Commits (c196dc16d7528e8ca57145f173df1db642c8d6a1)