From 06165f80db3391ab9070e8d3de3c86790a7b9ca6 Mon Sep 17 00:00:00 2001 From: xiaomai Date: Mon, 27 Apr 2026 13:25:05 +0800 Subject: [PATCH] feat(auth): make passkey enrollment optional on first login Remove passkey requirement from user onboarding flow Update UI badges to show passkeys as optional rather than pending Update documentation to reflect the new behavior --- README.md | 7 ++++--- app/pages/management/users/index.vue | 4 ++-- app/pages/security/index.vue | 4 ++-- shared/auth.ts | 6 +++--- 4 files changed, 11 insertions(+), 10 deletions(-) diff --git a/README.md b/README.md index 1f7c6d0..2a6e9e0 100644 --- a/README.md +++ b/README.md @@ -8,7 +8,7 @@ Nuxt 4 app with: - Redis-backed sessions and WebAuthn challenge storage - Seeded `xiaomai` super-admin account - Super-admin user creation and password reset flow -- First-login enforcement: temporary password change plus passkey enrollment +- First-login enforcement: temporary password change ## Environment @@ -47,7 +47,7 @@ The backend bootstraps its schema automatically on startup and seeds this initia - Username: `xiaomai` - Temporary password: `123456` -On first login, the user is forced to change that temporary password and register a passkey before accessing the protected area. +On first login, the user is forced to change that temporary password before accessing the protected area. Passkey enrollment is available from Security, but optional. ## Production @@ -136,7 +136,8 @@ docker compose -f docker-compose.yml -f docker-compose.dev.yml restart app - Password login with Redis-backed session cookie - Passkey login using WebAuthn discoverable credentials - Super admin creates users with default password `123456` -- Users must change password and set a passkey after first login +- Users must change password after first login +- Users can optionally register a passkey from Security - Users can change their own password from Security - Super admin can reset a user's password back to `123456` diff --git a/app/pages/management/users/index.vue b/app/pages/management/users/index.vue index 9dfbde6..009838f 100644 --- a/app/pages/management/users/index.vue +++ b/app/pages/management/users/index.vue @@ -93,8 +93,8 @@ size="sm" /> diff --git a/app/pages/security/index.vue b/app/pages/security/index.vue index a2c80df..f94c7b1 100644 --- a/app/pages/security/index.vue +++ b/app/pages/security/index.vue @@ -59,8 +59,8 @@ diff --git a/shared/auth.ts b/shared/auth.ts index 04b17e5..58b7fb3 100644 --- a/shared/auth.ts +++ b/shared/auth.ts @@ -93,13 +93,13 @@ export interface PasskeySummary { } export function needsUserOnboarding( - user: Pick | null | undefined + user: Pick | null | undefined ) { - return Boolean(user && (user.mustChangePassword || user.needsPasskeySetup)) + return Boolean(user?.mustChangePassword) } export function getDefaultAuthenticatedPath( - user: Pick + user: Pick ) { if (needsUserOnboarding(user)) { return '/security'