Implement passkey recovery feature, including email link requests and registration options. Update login and registration pages to support passkey authentication, with UI enhancements for user experience. Add server-side handling for passkey registration and login, including account activation checks. Update environment configuration for passkey recovery TTL settings.

2026-01-07 18:37:01 +01:00
parent a8423f9c39
commit fde25d92c5
13 changed files with 843 additions and 5 deletions
--- a/server/api/auth/passkeys/login.post.js
+++ b/server/api/auth/passkeys/login.post.js
@@ -44,6 +44,14 @@ export default defineEventHandler(async (event) => {
    throw createError({ statusCode: 401, statusMessage: 'Passkey unbekannt' })
  }

+  if (user.active === false) {
+    await writeAuditLog('auth.passkey.login.failed', { ip, userId: user.id, reason: 'inactive' })
+    throw createError({
+      statusCode: 403,
+      statusMessage: 'Ihr Konto wurde noch nicht freigeschaltet. Bitte warten Sie auf die Bestätigung des Vorstands.'
+    })
+  }
+
  const { origin, rpId, requireUV } = getWebAuthnConfig()

  const authenticator = {