Webauthn support

[sbrl]

Now that I've got a hardware security key, it would be really cool if Pepperminty Wiki supported passwordless login with Webauthn. We'll have to get our crypto hat on though, because it's sure to be a bit of a challenge to work with.

Thankfully, @My1 on Twitter has provided some sample code for us to analyse as a starting point: https://gist.github.com/My1/7ab5c4b154164331ac2ef18a65fd8a64

[My1]

to be honest it is kinda dirty and meant to be as easy as possible for me (no object classes outside the one(s) from the library and unneeded functions, just a "pull the trigger and go" thing

also since it was for a sandbox implementation that isnt meant to be abused I do not have any exception checking yet and so on just a VERY basic limitation on the userid and check on the credentialid to stop the most obvious sql injection ideas

[sbrl]

Thanks for the info, @My1!

Indeed, as part of the analysis and implementation I'll look at extensively improving and refactoring it, so get it to fit with Pepperminty Wiki's programming style - and to handle all the edge cases.

I'm quite busy at the moment though, so it may have to wait a while :confused: