website/docs: fix passwordless docs, cross-link both
closes #3803 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
e9eede5a80
commit
bb43c49b1e
5
Makefile
5
Makefile
|
@ -151,7 +151,7 @@ web-extract:
|
|||
## Website
|
||||
#########################
|
||||
|
||||
website: website-lint-fix
|
||||
website: website-lint-fix website-build
|
||||
|
||||
website-install:
|
||||
cd website && npm ci
|
||||
|
@ -159,6 +159,9 @@ website-install:
|
|||
website-lint-fix:
|
||||
cd website && npm run prettier
|
||||
|
||||
website-build:
|
||||
cd website && npm run build
|
||||
|
||||
website-watch:
|
||||
cd website && npm run watch
|
||||
|
||||
|
|
|
@ -35,7 +35,7 @@ You can configure this stage to only ask for MFA validation if the user hasn't a
|
|||
Requires authentik 2021.12.4
|
||||
:::
|
||||
|
||||
Passwordless authentication currently only supports WebAuthn devices, like security keys and biometrics.
|
||||
Passwordless authentication currently only supports WebAuthn devices, like security keys and biometrics. For an alternate passwordless setup, see [Password stage](../password/index.md#passwordless-login), which supports other types.
|
||||
|
||||
To configure passwordless authentication, create a new Flow with the delegation set to _Authentication_.
|
||||
|
||||
|
|
|
@ -6,7 +6,7 @@ This is a generic password prompt which authenticates the current `pending_user`
|
|||
|
||||
## Passwordless login
|
||||
|
||||
To achieve a "passwordless" experience; authenticating users based only on TOTP/WebAuthn/Duo, create an expression policy and optionally skip the password stage.
|
||||
There are two different ways to configure passwordless authentication; you can follow the instructions [here](../authenticator_validate/index.md#passwordless-authentication) to allow users to directly authenticate with their authenticator (only supported for WebAuthn devices), or dynamically skip the password stage depending on the users device, which is documented here.
|
||||
|
||||
Depending on what kind of device you want to require the user to have:
|
||||
|
||||
|
@ -14,14 +14,14 @@ Depending on what kind of device you want to require the user to have:
|
|||
|
||||
```python
|
||||
from authentik.stages.authenticator_webauthn.models import WebAuthnDevice
|
||||
return WebAuthnDevice.objects.filter(user=request.user, confirmed=True).exists()
|
||||
return WebAuthnDevice.objects.filter(user=request.context['pending_user'], confirmed=True).exists()
|
||||
```
|
||||
|
||||
#### Duo
|
||||
|
||||
```python
|
||||
from authentik.stages.authenticator_duo.models import DuoDevice
|
||||
return DuoDevice.objects.filter(user=request.user, confirmed=True).exists()
|
||||
return DuoDevice.objects.filter(user=request.context['pending_user'], confirmed=True).exists()
|
||||
```
|
||||
|
||||
Afterwards, bind the policy you've created to the stage binding of the password stage.
|
||||
|
|
Reference in New Issue