Allow to login using a Phone

[aalmenar]

Hi, tha plugin works beautifully but only on desktop browsers. I have tried login in on a mobile device (Which i use to login on sites using my NFC key) but it doesn't start the process of asking for the key on it.

I will try to check how it's done and help to be able to implement it here.

[bartnv]

I've never tried this before and indeed it doesn't work. But with NFC keys it should be possible yeah.

I've used the PHP/JS code from https://github.com/davidearl/webauthn/ to get this working. They have a test page for the code that also doesn't work on my mobile phone. Unfortunately it doesn't seem to be actively developed, so we'll have to fix this ourselves.

If you can have a first go at it, that's great. Otherwise I'll look into it some time.

[Steltek]

Maybe this library would work better (seems to be maintained at least)? https://github.com/lbuchs/WebAuthn I guess it would require a major re-write of the plugin though.

[gurnec]

FWIW, Webauthn is working for me, both via NFC and USB.

Pixel 5 Android 12 Chrome 96 YubiKey 5C NFC YubiKey NEO (only tried NFC with this one)

[sporian-smckown]

Android phones also working here with various Yubikeys, via NFC and USB:

• Moto G7, Android 10, Chrome browser, various yubikeys via USB. This phone has no NFC hardware.
• Samsung Galaxy S21, Android 12, Chrome browser, Yubico Security Key C NFC. Success via both USB and NFC. Samsung's browser doesn't work.

Partial success on an iPhone 8, iOS 15.2.1, Safari browser. Able to register a Security Key C NFC via NFC. But the "test" option was greyed out, and attempting to log in after activating two-factor for the account resulted in a timeout with no apparent NFC activity by the phone.

If it helps, demo.yubico.com has a webauthn test link that works correctly with the iPhone. The page lists out the request/reply/response information between the client and server.