Add webauthn

2025-11-04 16:20:11 +11:00
parent 19bfc21f11
commit 57abc0b804
14 changed files with 1211 additions and 14 deletions
--- a/app/views/sessions/new.html.erb
+++ b/app/views/sessions/new.html.erb
@@ -1,4 +1,4 @@
-<div class="mx-auto md:w-2/3 w-full">
+<div class="mx-auto md:w-2/3 w-full" data-controller="webauthn" data-webauthn-check-url-value="/webauthn/check">
  <div class="mb-8">
    <h1 class="font-bold text-4xl">Sign in to Clinch</h1>
  </div>
@@ -13,26 +13,138 @@
          autocomplete: "username",
          placeholder: "your@email.com",
          value: params[:email_address],
+          data: { action: "blur->webauthn#checkWebAuthnSupport change->webauthn#checkWebAuthnSupport" },
          class: "block shadow-sm rounded-md border border-gray-400 focus:outline-blue-600 px-3 py-2 mt-2 w-full" %>
    </div>

-    <div class="my-5">
-      <%= form.label :password, class: "block font-medium text-sm text-gray-700" %>
-      <%= form.password_field :password,
-          required: true,
-          autocomplete: "current-password",
-          placeholder: "Enter your password",
-          maxlength: 72,
-          class: "block shadow-sm rounded-md border border-gray-400 focus:outline-blue-600 px-3 py-2 mt-2 w-full" %>
+    <!-- WebAuthn section - initially hidden -->
+    <div id="webauthn-section" class="my-5 hidden">
+      <div class="bg-green-50 border border-green-200 rounded-lg p-4 mb-4">
+        <div class="flex items-center">
+          <svg class="w-5 h-5 text-green-600 mr-2" fill="none" stroke="currentColor" viewBox="0 0 24 24">
+            <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M9 12l2 2 4-4m6 2a9 9 0 11-18 0 9 9 0 0118 0z"></path>
+          </svg>
+          <p class="text-sm text-green-800">
+            <strong>Passkey detected!</strong> You can sign in without a password.
+          </p>
+        </div>
+      </div>
+
+      <button type="button"
+              data-action="click->webauthn#authenticate"
+              class="w-full rounded-md px-3.5 py-2.5 bg-green-600 hover:bg-green-500 text-white font-medium cursor-pointer flex items-center justify-center">
+        <svg class="w-5 h-5 mr-2" fill="none" stroke="currentColor" viewBox="0 0 24 24">
+          <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M15 7a2 2 0 012 2m4 0a6 6 0 01-7.743 5.743L11 17H9v2H7v2H4a1 1 0 01-1-1v-2.586a1 1 0 01.293-.707l5.964-5.964A6 6 0 1121 9z"></path>
+        </svg>
+        Continue with Passkey
+      </button>
    </div>

-    <div class="my-5">
-      <%= form.submit "Sign in",
-          class: "w-full rounded-md px-3.5 py-2.5 bg-blue-600 hover:bg-blue-500 text-white font-medium cursor-pointer" %>
+    <!-- Password section - shown by default, hidden if WebAuthn is required -->
+    <div id="password-section">
+      <div class="my-5">
+        <%= form.label :password, class: "block font-medium text-sm text-gray-700" %>
+        <%= form.password_field :password,
+            required: true,
+            autocomplete: "current-password",
+            placeholder: "Enter your password",
+            maxlength: 72,
+            class: "block shadow-sm rounded-md border border-gray-400 focus:outline-blue-600 px-3 py-2 mt-2 w-full" %>
+      </div>
+
+      <div class="my-5">
+        <%= form.submit "Sign in",
+            class: "w-full rounded-md px-3.5 py-2.5 bg-blue-600 hover:bg-blue-500 text-white font-medium cursor-pointer" %>
+      </div>
    </div>

    <div class="mt-4 text-sm text-gray-600 text-center">
      <%= link_to "Forgot your password?", new_password_path, class: "text-blue-600 hover:text-blue-500 underline" %>
    </div>
  <% end %>
+
+  <!-- Loading overlay -->
+  <div id="loading-overlay" class="hidden fixed inset-0 bg-gray-600 bg-opacity-50 flex items-center justify-center z-50">
+    <div class="bg-white rounded-lg p-6 flex items-center">
+      <svg class="animate-spin -ml-1 mr-3 h-5 w-5 text-blue-600" fill="none" viewBox="0 0 24 24">
+        <circle class="opacity-25" cx="12" cy="12" r="10" stroke="currentColor" stroke-width="4"></circle>
+        <path class="opacity-75" fill="currentColor" d="M4 12a8 8 0 018-8V0C5.373 0 0 5.373 0 12h4zm2 5.291A7.962 7.962 0 014 12H0c0 3.042 1.135 5.824 3 7.938l3-2.647z"></path>
+      </svg>
+      <span>Authenticating...</span>
+    </div>
+  </div>
+
+  <!-- Status messages -->
+  <div id="status-message" class="hidden mt-4 p-3 rounded-md"></div>
 </div>
+
+<script>
+document.addEventListener('DOMContentLoaded', function() {
+  const webauthnController = document.querySelector('[data-controller="webauthn"]');
+
+  if (webauthnController) {
+    // Listen for WebAuthn availability events
+    webauthnController.addEventListener('webauthn:webauthn-available', function(event) {
+      console.debug("Received webauthn-available event:", event.detail);
+      const detail = event.detail;
+      const webauthnSection = document.getElementById('webauthn-section');
+      const passwordSection = document.getElementById('password-section');
+
+      if (detail.hasWebauthn) {
+        console.debug("Showing WebAuthn section");
+        webauthnSection.classList.remove('hidden');
+
+        // If WebAuthn is required, hide password section
+        if (detail.requiresWebauthn) {
+          passwordSection.classList.add('hidden');
+        } else {
+          // Show both options
+          passwordSection.classList.add('border-t pt-4 mt-4');
+
+          // Add an "or" divider
+          const orDiv = document.createElement('div');
+          orDiv.className = 'relative my-4';
+          orDiv.innerHTML = `
+            <div class="absolute inset-0 flex items-center">
+              <div class="w-full border-t border-gray-300"></div>
+            </div>
+            <div class="relative flex justify-center text-sm">
+              <span class="px-2 bg-white text-gray-500">Or</span>
+            </div>
+          `;
+          webauthnSection.parentNode.insertBefore(orDiv, webauthnSection);
+        }
+      } else {
+        console.debug("WebAuthn not available, keeping section hidden");
+      }
+    });
+
+    // Listen for WebAuthn registration events (from profile page)
+    webauthnController.addEventListener('webauthn:passkey-registered', function(event) {
+      // Show success message
+      const statusMessage = document.getElementById('status-message');
+      statusMessage.className = 'mt-4 p-3 rounded-md bg-green-50 text-green-800 border border-green-200';
+      statusMessage.textContent = 'Passkey registered successfully!';
+      statusMessage.classList.remove('hidden');
+
+      // Hide after 3 seconds
+      setTimeout(() => {
+        statusMessage.classList.add('hidden');
+      }, 3000);
+    });
+  }
+
+  // Loading overlay management
+  function showLoading() {
+    document.getElementById('loading-overlay').classList.remove('hidden');
+  }
+
+  function hideLoading() {
+    document.getElementById('loading-overlay').classList.add('hidden');
+  }
+
+  // Show loading when WebAuthn authentication starts
+  document.addEventListener('webauthn:authenticate-start', showLoading);
+  document.addEventListener('webauthn:authenticate-end', hideLoading);
+});
+</script>