dkam/clinch
1
0
Fork 0
Code Issues 2 Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
57abc0b8045de63468dde7a19b4749d1d111d9d5
clinch/app/views/sessions/new.html.erb
Dan Milne 57abc0b804
Some checks failed
CI / scan_ruby (push) Has been cancelled
Details
CI / scan_js (push) Has been cancelled
Details
CI / lint (push) Has been cancelled
Details
CI / test (push) Has been cancelled
Details
CI / system-test (push) Has been cancelled
Details
Add webauthn
2025-11-04 16:20:11 +11:00

151 lines
6.5 KiB
Plaintext
Raw Blame History

<div class="mx-auto md:w-2/3 w-full" data-controller="webauthn" data-webauthn-check-url-value="/webauthn/check">
<div class="mb-8">
<h1 class="font-bold text-4xl">Sign in to Clinch</h1>
</div>
<%= form_with url: signin_path, class: "contents" do |form| %>
<%= hidden_field_tag :rd, params[:rd] if params[:rd].present? %>
<div class="my-5">
<%= form.label :email_address, "Email Address", class: "block font-medium text-sm text-gray-700" %>
<%= form.email_field :email_address,
required: true,
autofocus: true,
autocomplete: "username",
placeholder: "your@email.com",
value: params[:email_address],
data: { action: "blur->webauthn#checkWebAuthnSupport change->webauthn#checkWebAuthnSupport" },
class: "block shadow-sm rounded-md border border-gray-400 focus:outline-blue-600 px-3 py-2 mt-2 w-full" %>
</div>
<!-- WebAuthn section - initially hidden -->
<div id="webauthn-section" class="my-5 hidden">
<div class="bg-green-50 border border-green-200 rounded-lg p-4 mb-4">
<div class="flex items-center">
<svg class="w-5 h-5 text-green-600 mr-2" fill="none" stroke="currentColor" viewBox="0 0 24 24">
<path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M9 12l2 2 4-4m6 2a9 9 0 11-18 0 9 9 0 0118 0z"></path>
</svg>
<p class="text-sm text-green-800">
<strong>Passkey detected!</strong> You can sign in without a password.
</p>
</div>
</div>
<button type="button"
data-action="click->webauthn#authenticate"
class="w-full rounded-md px-3.5 py-2.5 bg-green-600 hover:bg-green-500 text-white font-medium cursor-pointer flex items-center justify-center">
<svg class="w-5 h-5 mr-2" fill="none" stroke="currentColor" viewBox="0 0 24 24">
<path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M15 7a2 2 0 012 2m4 0a6 6 0 01-7.743 5.743L11 17H9v2H7v2H4a1 1 0 01-1-1v-2.586a1 1 0 01.293-.707l5.964-5.964A6 6 0 1121 9z"></path>
</svg>
Continue with Passkey
</button>
</div>
<!-- Password section - shown by default, hidden if WebAuthn is required -->
<div id="password-section">
<div class="my-5">
<%= form.label :password, class: "block font-medium text-sm text-gray-700" %>
<%= form.password_field :password,
required: true,
autocomplete: "current-password",
placeholder: "Enter your password",
maxlength: 72,
class: "block shadow-sm rounded-md border border-gray-400 focus:outline-blue-600 px-3 py-2 mt-2 w-full" %>
</div>
<div class="my-5">
<%= form.submit "Sign in",
class: "w-full rounded-md px-3.5 py-2.5 bg-blue-600 hover:bg-blue-500 text-white font-medium cursor-pointer" %>
</div>
</div>
<div class="mt-4 text-sm text-gray-600 text-center">
<%= link_to "Forgot your password?", new_password_path, class: "text-blue-600 hover:text-blue-500 underline" %>
</div>
<% end %>
<!-- Loading overlay -->
<div id="loading-overlay" class="hidden fixed inset-0 bg-gray-600 bg-opacity-50 flex items-center justify-center z-50">
<div class="bg-white rounded-lg p-6 flex items-center">
<svg class="animate-spin -ml-1 mr-3 h-5 w-5 text-blue-600" fill="none" viewBox="0 0 24 24">
<circle class="opacity-25" cx="12" cy="12" r="10" stroke="currentColor" stroke-width="4"></circle>
<path class="opacity-75" fill="currentColor" d="M4 12a8 8 0 018-8V0C5.373 0 0 5.373 0 12h4zm2 5.291A7.962 7.962 0 014 12H0c0 3.042 1.135 5.824 3 7.938l3-2.647z"></path>
</svg>
<span>Authenticating...</span>
</div>
</div>
<!-- Status messages -->
<div id="status-message" class="hidden mt-4 p-3 rounded-md"></div>
</div>
<script>
document.addEventListener('DOMContentLoaded', function() {
const webauthnController = document.querySelector('[data-controller="webauthn"]');
if (webauthnController) {
// Listen for WebAuthn availability events
webauthnController.addEventListener('webauthn:webauthn-available', function(event) {
console.debug("Received webauthn-available event:", event.detail);
const detail = event.detail;
const webauthnSection = document.getElementById('webauthn-section');
const passwordSection = document.getElementById('password-section');
if (detail.hasWebauthn) {
console.debug("Showing WebAuthn section");
webauthnSection.classList.remove('hidden');
// If WebAuthn is required, hide password section
if (detail.requiresWebauthn) {
passwordSection.classList.add('hidden');
} else {
// Show both options
passwordSection.classList.add('border-t pt-4 mt-4');
// Add an "or" divider
const orDiv = document.createElement('div');
orDiv.className = 'relative my-4';
orDiv.innerHTML = `
<div class="absolute inset-0 flex items-center">
<div class="w-full border-t border-gray-300"></div>
</div>
<div class="relative flex justify-center text-sm">
<span class="px-2 bg-white text-gray-500">Or</span>
</div>
`;
webauthnSection.parentNode.insertBefore(orDiv, webauthnSection);
}
} else {
console.debug("WebAuthn not available, keeping section hidden");
}
});
// Listen for WebAuthn registration events (from profile page)
webauthnController.addEventListener('webauthn:passkey-registered', function(event) {
// Show success message
const statusMessage = document.getElementById('status-message');
statusMessage.className = 'mt-4 p-3 rounded-md bg-green-50 text-green-800 border border-green-200';
statusMessage.textContent = 'Passkey registered successfully!';
statusMessage.classList.remove('hidden');
// Hide after 3 seconds
setTimeout(() => {
statusMessage.classList.add('hidden');
}, 3000);
});
}
// Loading overlay management
function showLoading() {
document.getElementById('loading-overlay').classList.remove('hidden');
}
function hideLoading() {
document.getElementById('loading-overlay').classList.add('hidden');
}
// Show loading when WebAuthn authentication starts
document.addEventListener('webauthn:authenticate-start', showLoading);
document.addEventListener('webauthn:authenticate-end', hideLoading);
});
</script>
Reference in New Issue View Git Blame Copy Permalink