Skip to content

feat: implement passkey authentication#643

Open
naveenkash wants to merge 12 commits intocrbnos:mainfrom
naveenkash:naveen/feat-add-passkeys
Open

feat: implement passkey authentication#643
naveenkash wants to merge 12 commits intocrbnos:mainfrom
naveenkash:naveen/feat-add-passkeys

Conversation

@naveenkash
Copy link
Copy Markdown
Contributor

@naveenkash naveenkash commented Apr 7, 2026
edited
Loading

What does this PR do?

Adds passkey (WebAuthn) support as a passwordless authentication method. Users can register passkeys secured by Face ID, Touch ID, or their device PIN and use them to sign in instead of a magic link. Passkeys also appear in the browser's native autofill dropdown on the login email field (conditional UI).

Visual Demo (For contributors especially)

compressO-Screen.Recording.2026-04-08.at.2.15.51.PM.mp4

Video Demo (if applicable):

  • Show screen recordings of the issue or feature.
  • Demonstrate how to reproduce the issue, the behavior before and after the change.

Image Demo (if applicable):

  • Add side-by-side screenshots of the original and updated change.
  • Highlight any significant change(s).

Mandatory Tasks (DO NOT REMOVE)

  • I have self-reviewed the code (A decent size PR without self-review might be rejected).
  • I confirm automated tests are in place that prove my fix is effective or that my feature works.

How should this be tested?

registration:

  1. Sign in with email/magic link.
  2. Go to Account → Profile → Passkeys → "Add Passkey".
  3. Complete the biometric prompt.
  4. Passkey appears in the list with a generated name (e.g. "iCloud Keychain").
    authentication:
  5. Sign out.
  6. On the login page, click "Sign in with Passkey" (or tap the passkey suggestion in the email autofill).
  7. Complete the biometric prompt.
  8. You are signed in and redirected to the app.
  • Are there environment variables that should be set?
  • What are the minimal test data to have?
  • What is expected (happy path) to have (input and output)?
  • Any other important info that could help to test that PR

Checklist

  • I haven't read the contributing guide
  • My code doesn't follow the style guidelines of this project
  • I haven't commented my code, particularly in hard-to-understand areas
  • I haven't checked if my changes generate no new warnings

@naveenkash
feat: implement passkey authentication and registration
11a6319 
- Added support for passkey registration and authentication using WebAuthn.
- Introduced new API routes for handling passkey options and verification.
- Updated login and profile components to integrate passkey functionality.
- Included necessary dependencies for passkey handling in package.json.
- Enhanced user experience with passkey sign-in options and management.
@naveenkash
feat: add passkey renaming and deletion functionality
3e1cd7a 
- Implemented modal dialogs for editing and confirming deletion of passkeys.
- Added logic to handle renaming of passkeys with validation for input fields.
- Enhanced user experience by allowing passkey selection and management through a drawer interface.
- Updated UI components to support new functionality and improve interaction.
@vercel
Copy link
Copy Markdown

vercel Bot commented Apr 7, 2026

@naveenkash is attempting to deploy a commit to the Carbon Team on Vercel.

A member of the Team first needs to authorize it.

naveenkash
naveenkash commented Apr 7, 2026
View reviewed changes
Comment thread packages/auth/src/services/passkey.server.ts
// and model of the authenticator. We use it to display a friendly name like
// "iCloud Keychain" instead of a raw credential ID.
//
// Source: https://passkeydeveloper.github.io/passkey-authenticator-aaguids/
Copy link
Copy Markdown
Contributor Author

@naveenkash naveenkash Apr 7, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

https://passkeydeveloper.github.io/passkey-authenticator-aaguids/explorer/

@naveenkash
chore: update passkey handling and dependencies
cd977e2 
- Refactored passkey authentication and registration logic to use WebAuthnCredential type.
- Updated publicKey encoding to use base64url format.
- Enhanced error handling for userHandle mismatch and credential state persistence.
- Added validation for passkey name length in profile management.
- Included @simplewebauthn/types as a dependency in package.json.
@naveenkash
Merge branch 'main' into naveen/feat-add-passkeys
4c8be12
@naveenkash
update spacing
1686f67
barbinbrad
barbinbrad reviewed Apr 9, 2026
View reviewed changes
Comment thread apps/erp/app/routes/_public+/login.tsx Outdated
barbinbrad
barbinbrad reviewed Apr 9, 2026
View reviewed changes
Comment thread apps/erp/app/routes/_public+/login.tsx Outdated
@naveenkash
Merge branch 'main' into naveen/feat-add-passkeys
c2f6a50
@naveenkash
feat: add passkey authentication support
bad0379 
- Updated .env.example to include passkey as an authentication provider.
- Refactored login routes to utilize isAuthProviderEnabled for passkey support.
- Implemented passkey authentication options in the API routes.
- Enhanced user interface to conditionally display passkey sign-in button based on support.
- Added checks for passkey availability in account profile and login components.
@naveenkash
fix: remove passkey from default authentication providers
64c8f68
@sidwebworks sidwebworks force-pushed the main branch 4 times, most recently from 0ab4bea to 53d1388 Compare April 14, 2026 18:18
@naveenkash
update gitignore
424b754
@naveenkash
merge main
a4ec093
@naveenkash
chore: update dependencies and improve environment configuration
335c4a2 
- Updated @simplewebauthn/browser to version ^13.3.0 in package.json files for both apps (erp and mes).
- Added AUTH_PROVIDERS to environment configuration in root.tsx files for both apps.
- Updated tool-metadata.json with a new generated timestamp.
- Adjusted layout and spacing in account-related components for better UI consistency.
@jeebeez
Copy link
Copy Markdown
Collaborator

jeebeez commented Apr 23, 2026

This looks sick.

@vercel
Copy link
Copy Markdown

vercel Bot commented Apr 24, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
academy Ready Ready Preview, Comment Apr 24, 2026 9:03pm

Request Review

@naveenkash
fix: standardize error messages for sign-in failures
339d989 
- Updated error responses in passkey authentication to provide a consistent message:Sign-in failed. Please try again. for various failure scenarios.
- Adjusted user verification requirements in passkey server functions to enforce stricter verification policies.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@barbinbrad barbinbrad barbinbrad left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@naveenkash @jeebeez @barbinbrad