feat: add MFA for WebAuthn

J0 commented 2 months ago

What kind of change does this PR introduce?

Adds MFA for WebAuthn and supporting migrations

What is the current behavior?

MFA for Phone and MFA for TOTP is supported

What is the new behavior?

Developers can use MFA For WebAuthn to sign in

J0 commented 2 months ago

Not quite ready yet, please check back after 12pm CEST tomorrow..

coveralls commented 2 months ago

Pull Request Test Coverage Report for Build 11293653315

Warning: This coverage report may be inaccurate.

This pull request's base commit is no longer the HEAD commit of its target branch. This means it includes changes from outside the original pull request, including, potentially, unrelated coverage changes.

For more information on this, see Tracking coverage changes with pull request builds.
To avoid this issue with future PRs, see these Recommended CI Configurations.
For a quick fix, rebase this PR at GitHub. Your next report should be accurate.

Details

141 of 360 (39.17%) changed or added relevant lines in 5 files are covered.
76 unchanged lines in 4 files lost coverage.
Overall coverage decreased (-0.4%) to 57.577%

Changes Missing Coverage	Covered Lines	Changed/Added Lines	%
internal/models/user.go	9	18	50.0%
internal/models/challenge.go	16	37	43.24%
internal/models/factor.go	10	46	21.74%
internal/api/mfa.go	105	258	40.7%
<!--	Total:	141	360	39.17%	-->

Files with Coverage Reduction	New Missed Lines	%
internal/api/mfa.go	2	57.97%
cmd/serve_cmd.go	10	0.0%
internal/api/api.go	19	84.21%
internal/api/middleware.go	45	80.37%
<!--	Total:	76	-->

Totals
Change from base Build 11256757764:	-0.4%
Covered Lines:	9499
Relevant Lines:	16498

💛 - Coveralls

J0 commented 1 month ago

Merging first but let's not release until we do a full test with the updated frontend bindings. I will follow up on that front.

None of the code below should be active since it's flagged behind MFA_WEB_AUTHN_*_ENABLED

supabase / auth