feat(auth): make passkey enrollment optional on first login
Remove passkey requirement from user onboarding flow Update UI badges to show passkeys as optional rather than pending Update documentation to reflect the new behavior
This commit is contained in:
@@ -8,7 +8,7 @@ Nuxt 4 app with:
|
||||
- Redis-backed sessions and WebAuthn challenge storage
|
||||
- Seeded `xiaomai` super-admin account
|
||||
- Super-admin user creation and password reset flow
|
||||
- First-login enforcement: temporary password change plus passkey enrollment
|
||||
- First-login enforcement: temporary password change
|
||||
|
||||
## Environment
|
||||
|
||||
@@ -47,7 +47,7 @@ The backend bootstraps its schema automatically on startup and seeds this initia
|
||||
- Username: `xiaomai`
|
||||
- Temporary password: `123456`
|
||||
|
||||
On first login, the user is forced to change that temporary password and register a passkey before accessing the protected area.
|
||||
On first login, the user is forced to change that temporary password before accessing the protected area. Passkey enrollment is available from Security, but optional.
|
||||
|
||||
## Production
|
||||
|
||||
@@ -136,7 +136,8 @@ docker compose -f docker-compose.yml -f docker-compose.dev.yml restart app
|
||||
- Password login with Redis-backed session cookie
|
||||
- Passkey login using WebAuthn discoverable credentials
|
||||
- Super admin creates users with default password `123456`
|
||||
- Users must change password and set a passkey after first login
|
||||
- Users must change password after first login
|
||||
- Users can optionally register a passkey from Security
|
||||
- Users can change their own password from Security
|
||||
- Super admin can reset a user's password back to `123456`
|
||||
|
||||
|
||||
Reference in New Issue
Block a user