search

craftcms / cms

Build bespoke content experiences with Craft.
https://craftcms.com
Other
3.22k stars 625 forks source link

[5.x]: Passkey login doesn't work #15416

Open matthewstick opened 1 month ago

matthewstick commented 1 month ago

What happened?

Description

Can't log in using passkey

Steps to reproduce

  1. Add apasskey to my user account.
  2. I use the keychain to do a thumbprint from my laptop. It works and gets added.
  3. Go into the CMS login screen and click "log in via passkey". I click it. It prompts me for my thumbnail. It says you will be signed into domain name via the passkey saved in email address
  4. It does not work.

Site is on Craft Cloud btw, but not sure if that matters.

Expected behavior

It should log me in.

Actual behavior

I don't get logged in.

Console log: Failed to load resource: the server responded with a status of 400 ()

https://atomicarcade.com/admin/actions/users/login-with-passkey?v=1721923669497 {"errorCode":"invalid_credentials","message":"Invalid username or password."}

Craft CMS version

5.2.8

PHP version

8.2.20

Operating system and version

Linux 5.10.219-229.866.amzn2.x86_64

Database type and version

MySQL 8.0.32

Image driver and version

GD 8.2.18

Installed plugins and versions

- CKEditor - 4.1.0 Super Table - 4.0.1

brandonkelly commented 1 month ago
matthewstick commented 1 month ago

I tried both the latest chrome and latest Safari right now Chrome: Version 126.0.6478.183 (Official Build) (arm64) Safari: Version 17.5 (19618.2.12.11.6) Mac: MacBook Pro, 14-inch, 2021, Apple M1 Max, OS Sonoma 14.5 (23F79)

I enter my email -- no password obviously -- click "sign in with a passkey" -- then I use the built in thumbprint button to authenticate. Its a button in the top right of the keyboard. The thumbprint button gives me a check like it worked (step 2), but it then doesn't work on the Craft CMS side and gives me those errors (step 3)

I've attached screen shots, obfuscating my email and the domain.

Step 1 v1

Step 2 v2

Step 3 v3

Here is my user profile. It says "last used" this morning, but really it never got used. That's when I added it via keychain and it put my thumb and it worked. I kept the default title "Chome on Mac," which is the browser I was using when I added it.

image
brandonkelly commented 1 month ago

So not Linux then 🙃

Just tested on Safari and was able to sign in successfully.

Couple things to try: