feat: add back support for non-discoverable credential WebAuthn login and display WebAuthn ID again (#3998)

2025-09-05 16:50:29 +08:00 · 2025-07-25 18:34:37 +08:00
parent 5f702ca418
commit fea6317430
4 changed files with 67 additions and 14 deletions
--- a/web/src/auth/LoginPage.js
+++ b/web/src/auth/LoginPage.js
@@ -637,9 +637,6 @@ class LoginPage extends React.Component {
      )
      ;
    } else if (signinItem.name === "Username") {
-      if (this.state.loginMethod === "webAuthn") {
-        return null;
-      }
      return (
        <div key={resultItemKey}>
          <div dangerouslySetInnerHTML={{__html: ("<style>" + signinItem.customCss?.replaceAll("<style>", "").replaceAll("</style>", "") + "</style>")}} />
@@ -649,7 +646,7 @@ class LoginPage extends React.Component {
            label={signinItem.label ? signinItem.label : null}
            rules={[
              {
-                required: true,
+                required: this.state.loginMethod !== "webAuthn",
                message: () => {
                  switch (this.state.loginMethod) {
                  case "verificationCodeEmail":
@@ -1093,7 +1090,8 @@ class LoginPage extends React.Component {
    const oAuthParams = Util.getOAuthGetParameters();
    this.populateOauthValues(values);
    const application = this.getApplicationObj();
-    return fetch(`${Setting.ServerUrl}/api/webauthn/signin/begin?owner=${application.organization}`, {
+    const usernameParam = `&name=${encodeURIComponent(username)}`;
+    return fetch(`${Setting.ServerUrl}/api/webauthn/signin/begin?owner=${application.organization}${username ? usernameParam : ""}`, {
      method: "GET",
      credentials: "include",
    })
@@ -1105,6 +1103,12 @@ class LoginPage extends React.Component {
        }
        credentialRequestOptions.publicKey.challenge = UserWebauthnBackend.webAuthnBufferDecode(credentialRequestOptions.publicKey.challenge);

+        if (username) {
+          credentialRequestOptions.publicKey.allowCredentials.forEach(function(listItem) {
+            listItem.id = UserWebauthnBackend.webAuthnBufferDecode(listItem.id);
+          });
+        }
+
        return navigator.credentials.get({
          publicKey: credentialRequestOptions.publicKey,
        });
--- a/web/src/backend/UserWebauthnBackend.js
+++ b/web/src/backend/UserWebauthnBackend.js
@@ -31,6 +31,7 @@ export function registerWebauthnCredential() {
          credentialCreationOptions.publicKey.excludeCredentials[i].id = webAuthnBufferDecode(credentialCreationOptions.publicKey.excludeCredentials[i].id);
        }
      }
+
      return navigator.credentials.create({
        publicKey: credentialCreationOptions.publicKey,
      });
--- a/web/src/table/WebauthnCredentialTable.js
+++ b/web/src/table/WebauthnCredentialTable.js
@@ -42,8 +42,9 @@ class WebAuthnCredentialTable extends React.Component {
    const columns = [
      {
        title: i18next.t("general:Name"),
-        dataIndex: "ID",
-        key: "ID",
+        dataIndex: "id",
+        key: "id",
+        ellipsis: true,
      },
      {
        title: i18next.t("general:Action"),
@@ -60,7 +61,7 @@ class WebAuthnCredentialTable extends React.Component {
    ];

    return (
-      <Table rowKey={"ID"} columns={columns} dataSource={this.props.table} size="middle" bordered pagination={false}
+      <Table rowKey={"id"} columns={columns} dataSource={this.props.table} size="middle" bordered pagination={false}
        title={() => (
          <div>
            {i18next.t("user:WebAuthn credentials")}&nbsp;&nbsp;&nbsp;&nbsp;