Commit Graph

45 Commits

Author SHA1 Message Date
Stanko K.R. 017bcc9ce1 Polish up Passkey interface
- Fix indentation
- Split awkward initializer into separate methods
- Rename credentials to passkeys
- Simplify authenticator registry loading
- Flatten nested errors under ActionPack::WebAuthn
- Set passkey current params only requests that use it
- Inline anemic methods
- Replace custom validation with ActiveModel::Validation
- Rename identity to holder in Passkey
- Rename credentials to passkeys in JS
- Extract framework library out of controllers
- Pass params hashes down to ActionPack
- Attempt to simplify public interface
- Push data decoding down to the classes representing the data
- Introduce has_passkeys
- Add CBOR bigint support
- Rename ActionPack::WebAuthn::Passkey to ActionPack::Passkey
- Add create_passkey_button helper
- Rename public-key to creation-options
- Add sign_in_with_passkey_button helper
- Dispatch events for the whole Passkey lifecycle
- Add ED25519 support
- Prevent crash on missing meta tag
- Validate resident key options
- Don't clobber existing ActionPack config options
- Validate cryptographic params
- Move CurrentWebAuthnRequest into ActionPack::Passkey
- Use ActiveModel::Attributes for Options objects
- Implement expiring challanges
- Add lifecycle events
- Extract param helpers into Request
- Add passkey_creation_options and passkey_request_options helpers
- Add create_passkey_challenge to make it easier to override the create method if needed
- Prefix all view helpers with passkey_
- Auto-include ActionPack::Passkey::Holder
- Make the passkey challange url configurable
- Add a reminder about Passkeys to the magic link email
2026-03-18 11:51:10 +01:00
Stanko K.R. da69039476 Implement Passkey authentication 2026-03-18 11:49:23 +01:00
Stanko K.R. 6c58fd9bdd Implement Passkey registration
- Create Identity credentials
- Add management UI and registration flow
2026-03-18 11:48:52 +01:00
Adam Haris eb8655dc8e refactor: use MULTI_TENANT env variable, model concern instead of controller (#accepting_signups?) 2025-12-10 15:14:22 +01:00
Adam Haris 0780b5168f add env variable to disable multi-tenancy 2025-12-09 15:40:01 +01:00
Jason Zimdars 235c20f3aa Capitalize sentence 2025-12-01 09:54:57 -06:00
Stanko K.R. 354dd1e95a Update signup with the design from signin 2025-11-29 11:58:48 +01:00
Jason Zimdars 13dce732b2 Fussy punctuation 2025-11-17 17:01:08 -06:00
Jason Fried 8534584052 Small copy adjustment on the new or sign in screen. 2025-11-17 13:14:12 -08:00
Jason Zimdars bdde877de3 Apply the new hotkey and style to all back buttons
Also updates design for email address change screens
2025-11-11 15:13:30 -06:00
Jason Zimdars 1190ae101d Ensure sign-in screens adapt on mobile 2025-11-11 14:14:49 -06:00
Jason Zimdars e7646fab96 More copy and design edits 2025-11-07 07:08:24 +01:00
Jason Zimdars 2fee728392 Copy and design 2025-11-07 07:08:24 +01:00
Jason Zimdars 7a58c23e55 Copy edits for unified flow 2025-11-07 07:06:28 +01:00
Jason Zimdars 5652e5699f Update design, logo, and copy 2025-10-31 16:26:08 +01:00
Mike Dalessio a429f05503 Fix logo references 2025-10-31 16:26:08 +01:00
Jason Zimdars c0b4205b3c Fix missing images 2025-10-31 16:24:30 +01:00
Jason Zimdars 193d8bd9b5 Style email and magic link code screens 2025-10-31 16:22:12 +01:00
Stanko K.R. 5cef4ffeb0 Add sign in flow using magic links 2025-10-31 16:22:12 +01:00
Jason Zimdars f5384baf63 Boxcar -> BOXCAR 2025-10-23 15:05:36 -07:00
Jason Zimdars 49e87310d7 Rename Fizzy, Boxcar 2025-10-22 13:42:41 -07:00
Mike Dalessio 3399e45130 Introduce an "Identity" model to ease login
- New untenanted Identity and Membership models
- New `identity_token` cookie with path "/" holds state across tenants

We're not sure whether the untenanted database will be sqlite or
MySQL, and so I've been careful to minimize

- database reads, placing them behind etags and caching
- database writes, only writing when a new Session is created (login)

Note that we track two things in the identity_token cookie: a signed
id, and the updated_at for the underlying Identity object. This allows
us to effectively cache on the Identity without having to hit the
database, by using an Identity::Mock object that is compatible with
etag and cache methods.

The new integration test shows the desired user-facing behavior, which
is to make it easy to login without a tenanted URL and to jump between
tenants.

- the untenanted "login_help" page shows all linked memberships
- the jump menu shows all linked memberships (except the current)

Also introduced a utility script to populate existing employee
Identities, grouping accounts by email address.
2025-10-10 10:12:25 -04:00
Mike Dalessio 57269b1b9c Allow local authentication with LOCAL_AUTHENTICATION=1
You can touch `tmp/local-auth.txt` to persist this setting.
2025-08-06 17:05:35 -04:00
Mike Dalessio fa1c5f7279 Remove session controller actions other than delete
and do some general cleanup around sessions controllers and the
sign_in_as test helper
2025-07-02 15:03:28 -04:00
Jason Zimdars 60890b10ee Remove translations feature 2025-04-09 14:11:32 -05:00
Andy Smith 51d907fca3 Replace stray image_tag instances and remove colorize class 2025-04-02 14:32:21 -05:00
David Heinemeier Hansson de6f782ca3 Extract icon_tag helper to reduce repetition 2025-03-29 17:22:51 +01:00
Mike Dalessio 1a4e2fdea4 Remove unnecessary "turbo: false" from forms
because the turbo responses have been moved from EventsController to
Events::PagesController, we can now redirect to the Events index page
within a turbo session.
2025-03-26 07:47:01 -04:00
Jason Zimdars 28a569c49b Tickets 2025-03-17 21:24:08 -05:00
Jason Zimdars c4bc9242e2 Fix sign-in logo 2025-02-21 10:49:27 -06:00
Jason Zimdars 1d0562f905 Refactor 2025-02-21 10:44:40 -06:00
Jason Zimdars 0d4dc9f474 Use new bubble shape 2024-11-19 09:52:50 -06:00
Jeffrey Hardy 7863bb5862 Prompt for first-run setup when no accounts exist 2024-09-30 13:17:31 -04:00
Jason Zimdars 0c2fb156a7 Polish logo placeholder 2024-09-18 12:55:36 -05:00
Jason Zimdars bcfba64c69 Polish sign-in screen 2024-09-11 16:27:15 -05:00
Jason Zimdars 925247acfc Rework main layout, comments layout, and list layout 2024-09-09 17:53:13 -05:00
Jeffrey Hardy 40863453e0 Recast categories as tags 2024-09-05 17:36:48 -04:00
Jeffrey Hardy 5aae70298b Rename Splat to Bubble 2024-09-04 14:54:11 -04:00
Jeffrey Hardy 84e586ff65 Render the assigned page title 2024-08-20 14:17:08 -04:00
Jeffrey Hardy c36831c0ed Remove default username input value from params until needed 2024-08-20 14:17:08 -04:00
Jeffrey Hardy e3983d5bbe Use Rails' new sessions generator to replace the existing setup
Ref: https://github.com/rails/rails/pull/52328
2024-08-20 14:17:05 -04:00
Jason Zimdars 81abde2849 Some polish and name change stuff 2024-08-08 18:06:19 -05:00
Jason Zimdars 7bb16e0bcc Refine new splat shape 2024-08-05 17:10:38 -05:00
Jason Zimdars ac38edd49e Design sign-in flow 2024-07-24 17:42:43 -05:00
Kevin McConnell c4fb1bdc76 Add minimal authentication flow to get started 2024-06-21 16:45:29 +01:00