Add WebAuthn / Passkey integration

This is a rebase of #1618 in which @dave-atx added WebAuthn support.

Closes #1618

internal/template/templates/common/layout.html

@@ -44,12 +44,22 @@
 
     <script src="{{ route "javascript" "name" "app" "checksum" .app_js_checksum }}" defer></script>
     <script src="{{ route "javascript" "name" "service-worker" "checksum" .sw_js_checksum }}" defer id="service-worker-script"></script>
+    {{ if .webAuthnEnabled }}
+    <script src="{{ route "javascript" "name" "webauthn" "checksum" .webauthn_js_checksum }}" defer></script>
+    {{ end }}
 </head>
 <body
     {{ if .csrf }}data-csrf-token="{{ .csrf }}"{{ end }}
     data-add-subscription-url="{{ route "addSubscription" }}"
     data-entries-status-url="{{ route "updateEntriesStatus" }}"
     data-refresh-all-feeds-url="{{ route "refreshAllFeeds" }}"
+    {{ if .webAuthnEnabled }}
+    data-webauthn-register-begin-url="{{ route "webauthnRegisterBegin" }}"
+    data-webauthn-register-finish-url="{{ route "webauthnRegisterFinish" }}"
+    data-webauthn-login-begin-url="{{ route "webauthnLoginBegin" }}"
+    data-webauthn-login-finish-url="{{ route "webauthnLoginFinish" }}"
+    data-webauthn-delete-all-url="{{ route "webauthnDeleteAll" }}"
+    {{ end }}
     {{ if .user }}{{ if not .user.KeyboardShortcuts }}data-disable-keyboard-shortcuts="true"{{ end }}{{ end }}>
 
     {{ if .user }}

internal/template/templates/views/login.html

@@ -19,6 +19,14 @@
             <button type="submit" class="button button-primary" data-label-loading="{{ t "form.submit.loading" }}">{{ t "action.login" }}</button>
         </div>
     </form>
+    {{ if .webAuthnEnabled }}
+    <div class="alert alert-error hidden" id="webauthn-error">
+        {{ t "page.login.webauthn_login.error" }}
+    </div>
+    <div class="buttons">
+        <button class="button" id="webauthn-login" disabled>{{ t "page.login.webauthn_login" }}</button>
+    </div>
+    {{ end }}
     {{ if hasOAuth2Provider "google" }}
     <div class="oauth2">
         <a href="{{ route "oauth2Redirect" "provider" "google" }}">{{ t "page.login.google_signin" }}</a>

internal/template/templates/views/settings.html

@@ -46,7 +46,56 @@
         <div class="buttons">
             <button type="submit" class="button button-primary" data-label-loading="{{ t "form.submit.saving" }}">{{ t "action.update" }}</button>
         </div>
+        </fieldset>
+
+
+        {{ if .webAuthnEnabled }}
+        <fieldset>
+            <legend>{{ t "page.settings.webauthn.passkeys" }}</legend>
+        <div class="alert alert-error hidden" id="webauthn-error">
+            {{ t "page.settings.webauthn.register.error" }}
+        </div>
+        <div class="buttons">
+            <button class="button" id="webauthn-register" disabled>
+                {{ t "page.settings.webauthn.register" }}
+            </button>
+            {{ if gt .countWebAuthnCerts 0}}
+            <button class="button" id="webauthn-delete">
+                {{ plural "page.settings.webauthn.delete" .countWebAuthnCerts .countWebAuthnCerts }}
+            </button>
+            {{ end }}
+        </div>
+            {{ if .webAuthnCerts}}
+            <div class="details-content">
+            <table>
+                <tr>
+                    <th>{{ t "page.settings.webauthn.passkey_name" }}</th>
+                    <th>{{ t "page.settings.webauthn.added_on" }}</th>
+                    <th>{{ t "page.settings.webauthn.last_seen_on" }}</th>
+                    <th>{{ t "page.settings.webauthn.actions" }}</th>
+                </tr>
+                {{ range .webAuthnCerts }}
+                <tr>
+                    <td>{{ .Name }}</td>
+                    <td>{{ elapsed $.user.Timezone .AddedOn }}</td>
+                    <td>{{ elapsed $.user.Timezone .LastSeenOn }}</td>
+                    <td>
+                        <a href="#"
+                            data-confirm="true"
+                            data-label-question="{{ t "confirm.question" }}"
+                            data-label-yes="{{ t "confirm.yes" }}"
+                            data-label-no="{{ t "confirm.no" }}"
+                            data-label-loading="{{ t "confirm.loading" }}"
+                            data-url="{{ route "webauthnDelete" "credentialHandle" .HandleEncoded }}">{{ icon "delete" }}{{ t "action.remove" }}</a>
+                        <a href="{{ route "webauthnRename" "credentialHandle" .HandleEncoded }}">{{ icon "edit" }} {{ t "action.edit" }}</a>
+                    </td>
+                </tr>
+                {{ end }}
+            </table>
+            </div>
+            {{ end }}
     </fieldset>
+        {{ end }}
 
     <fieldset>
         <legend>{{ t "form.prefs.fieldset.reader_settings" }}</legend>

internal/template/templates/views/webauthn_rename.html

@@ -0,0 +1,22 @@
+{{ define "title"}}{{ t "page.webauthn_rename.title" }}{{ end }}
+
+{{ define "content"}}
+<section class="page-header">
+    <h1>{{ t "page.webauthn_rename.title" }}</h1>
+</section>
+
+<form action="{{ route "webauthnSave" "credentialHandle" .cred.HandleEncoded }}" method="post" autocomplete="off">
+    <input type="hidden" name="csrf" value="{{ .csrf }}">
+
+    {{ if .errorMessage }}
+        <div class="alert alert-error">{{ .errorMessage }}</div>
+    {{ end }}
+
+    <label for="form-title">{{ t "page.settings.webauthn.passkey_name" }}</label>
+    <input type="text" name="name" id="form-title" value="{{ .form.Name }}" autofocus>
+
+    <div class="buttons">
+        <button type="submit" class="button button-primary" data-label-loading="{{ t "form.submit.saving" }}">{{ t "action.update" }}</button>
+    </div>
+</form>
+{{ end }}