Show warning in browsers that don't support WebAuthn

justinmayer / kagi

WebAuthn security keys and TOTP multi-factor authentication for Django

BSD 2-Clause "Simplified" License

91 stars 10 forks source link

Show warning in browsers that don't support WebAuthn #36

Closed justinmayer closed 5 years ago

justinmayer commented 5 years ago

WebAuthn is built upon the PublicKeyCredential part of the Credentials Management API. We now check for PublicKeyCredential, and if undefined, we show a warning as well as hide certain buttons and links when related pages are loaded in browsers that lack WebAuthn support.

Fixes #35

justinmayer commented 5 years ago

I wasn't sure where the best place to put the JS might be (existing webauthn.js file, separate JS file, inside template <script> tag, etc.). I put it in the existing webauthn.js file for now. If that's not optimal, alternative suggestions are of course welcome, preferably along with rationale so I can learn. 😊

Natim commented 5 years ago

I wasn't sure where the best place to put the JS might be

I like the webauthn.js option. Maybe we should document the div ids' that we are managing in that file so that people can integrate them easily with their app.

justinmayer commented 5 years ago

Many thanks for the quick review. I documented the <div> IDs in https://github.com/justinmayer/kagi/pull/36/commits/aff229f3cb5ae34cf35e09fa78efa664f8ee295e.

Any other thoughts?