feat: add passkeys (#989)

## Description Add support to login with passkeys. Passkeys can be added via the user security settings page. Note: Currently left out adding the type of authentication method for the 'user security audit logs' because we're using the `signIn` next-auth event which doesn't appear to provide the context. Will look into it at another time. ## Changes Made - Add passkeys to login - Add passkeys feature flag - Add page to manage passkeys - Add audit logs relating to passkeys - Updated prisma schema to support passkeys & anonymous verification tokens ## Testing Performed To be done. MacOS: - Safari ✅ - Chrome ✅ - Firefox ✅ Windows: - Chrome [Untested] - Firefox [Untested] Linux: - Chrome [Untested] - Firefox [Untested] iOS: - Safari ✅ ## Checklist   - [X] I have tested these changes locally and they work as expected.  ## Summary by CodeRabbit - **New Features** - Introduced Passkey authentication, including creation, sign-in, and management of passkeys. - Added a Passkeys section in Security Settings for managing user passkeys. - Implemented UI updates for Passkey authentication, including a new dialog for creating passkeys and a data table for managing them. - Enhanced security settings with server-side feature flags to conditionally display new security features. - **Bug Fixes** - Improved UI consistency in the Settings Security Activity Page. - Updated button styling in the 2FA Recovery Codes component for better visibility. - **Refactor** - Streamlined authentication options to include WebAuthn credentials provider. - **Chores** - Updated database schema to support passkeys and related functionality. - Added new audit log types for passkey-related activities. - Enhanced server-only authentication utilities for passkey registration and management.
2025-11-21 20:21:38 +10:00 · 2024-03-26 21:11:59 +08:00
parent 3eddfcc805
commit 5210fe2963
25 changed files with 1706 additions and 27 deletions
--- a/apps/web/src/app/(dashboard)/settings/security/page.tsx
+++ b/apps/web/src/app/(dashboard)/settings/security/page.tsx
@ -2,6 +2,7 @@ import type { Metadata } from 'next';
 import Link from 'next/link';

 import { getRequiredServerComponentSession } from '@documenso/lib/next-auth/get-server-component-session';
+import { getServerComponentFlag } from '@documenso/lib/server-only/feature-flags/get-server-component-feature-flag';
 import { Alert, AlertDescription, AlertTitle } from '@documenso/ui/primitives/alert';
 import { Button } from '@documenso/ui/primitives/button';

@ -18,6 +19,8 @@ export const metadata: Metadata = {
 export default async function SecuritySettingsPage() {
  const { user } = await getRequiredServerComponentSession();

+  const isPasskeyEnabled = await getServerComponentFlag('app_passkey');
+
  return (
    <div>
      <SettingsHeader
@ -73,6 +76,25 @@ export default async function SecuritySettingsPage() {
        </Alert>
      )}

+      {isPasskeyEnabled && (
+        <Alert
+          className="mt-6 flex flex-col justify-between p-6 sm:flex-row sm:items-center"
+          variant="neutral"
+        >
+          <div className="mb-4 sm:mb-0">
+            <AlertTitle>Passkeys</AlertTitle>
+
+            <AlertDescription className="mr-4">
+              Allows authenticating using biometrics, password managers, hardware keys, etc.
+            </AlertDescription>
+          </div>
+
+          <Button asChild variant="outline" className="bg-background">
+            <Link href="/settings/security/passkeys">Manage passkeys</Link>
+          </Button>
+        </Alert>
+      )}
+
      <Alert
        className="mt-6 flex flex-col justify-between p-6 sm:flex-row sm:items-center"
        variant="neutral"
@ -85,7 +107,7 @@ export default async function SecuritySettingsPage() {
          </AlertDescription>
        </div>

-        <Button asChild>
+        <Button asChild variant="outline" className="bg-background">
          <Link href="/settings/security/activity">View activity</Link>
        </Button>
      </Alert>