gitea.git - Git with a cup of tea! Painless self-hosted all-in-one software development service, including Git hosting, code review, team collaboration, package registry and CI/CD: https://github.com/go-gitea/gitea

summary refs log tree commit diff stats

path: root/web_src/js/features/user-auth-webauthn.js

	Commit message (Collapse)	Author	Age	Files	Lines
*	Refactor hiding-methods, remove jQuery show/hide, remove `.hide` class, ↵	wxiaoguang	2023-02-19	1	-4/+7
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	remove inline style=display:none (#22950) Close #22847 This PR: * introduce Gitea's own `showElem` and related functions * remove jQuery show/hide * remove .hide class * remove inline style=display:none From now on: do not use: * "[hidden]" attribute: it's too weak, can not be applied to an element with "display: flex" * ".hidden" class: it has been polluted by Fomantic UI in many cases * inline style="display: none": it's difficult to tweak * jQuery's show/hide/toggle: it can not show/hide elements with "display: xxx !important" only use: * this ".gt-hidden" class * showElem/hideElem/toggleElem functions in "utils/dom.js" cc: @silverwind , this is the all-in-one PR
*	Fix bugs with WebAuthn preventing sign in and registration. (#22651)	zeripath	2023-02-01	1	-15/+22
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	This PR fixes two bugs with Webauthn support: * There was a longstanding bug within webauthn due to the backend using URLEncodedBase64 but the javascript using decoding using plain base64. This causes intermittent issues with users reporting decoding errors. * Following the recent upgrade to webauthn there was a change in the way the library expects RPOrigins to be configured. This leads to the Relying Party Origin not being configured and prevents registration. Fix #22507 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
*	Prevent security failure due to bad APP_ID (#18678)	zeripath	2022-02-09	1	-0/+13
\| \| \| \| \| \| \| \| \| \| \|	WebAuthn may cause a security exception if the provided APP_ID is not allowed for the current origin. Therefore we should reattempt authentication without the appid extension. Also we should allow [u2f] as-well as [U2F] sections. Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
*	Use explicit jQuery import, remove unused eslint globals (#18435)	silverwind	2022-01-28	1	-1/+1
\| \| \| \| \|	- Don't rely on globals (window.$) for jQuery import - Remove eslint globals no longer in use
*	Prevent showing webauthn error for every time visiting ↵	wxiaoguang	2022-01-24	1	-4/+3
\| \| \| \|	`/user/settings/security` (#18385)
*	Webauthn nits (#18284)	zeripath	2022-01-15	1	-8/+11
\| \| \| \| \| \| \|	This contains some additional fixes and small nits related to #17957 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
*	Support webauthn (#17957)	Lunny Xiao	2022-01-14	1	-0/+197
	Migrate from U2F to Webauthn Co-authored-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>