rodauth 2.36.0 → 2.37.0

data/doc/two_factor_base.rdoc

@@ -1,70 +0,0 @@
-= Documentation for Two Factor Base Feature
-
-The two_factor_base feature implements shared functionality for the other
-multifactor authentication features.
-
-To handle multiple and potentially different multifactor authentication setups
-per user, this feature implements disambiguation pages for multifactor
-authentication and manage.  If only a single multifactor authentication is
-available to setup, the manage page will redirect to the appropriate page.
-Likewise, if only a single multifactor authentication method is available,
-the authentication page will redirect to the appropriate page.  Otherwise,
-the authentication and manage pages will show links to the available pages.
-Additionally, there is a separate page for disabling all multifactor
-authentication methods and reverting to single factor authentication,
-so users do not have to disable each multifactor authentication method
-individually.
-
-== Auth Value Methods
-
-two_factor_already_authenticated_error_flash :: The flash error to show if going to a multifactor authentication page when already multifactor authenticated.
-two_factor_already_authenticated_error_status :: The response status to use if going to a multifactor authentication page when already multifactor authenticated, 403 by default.
-two_factor_already_authenticated_redirect :: Where to redirect if going to a multifactor authentication page when already multifactor authenticated.
-two_factor_auth_notice_flash :: The flash notice to show after a successful multifactor authentication.
-two_factor_auth_page_title :: The page title to use on the page linking to other multifactor authentication pages.
-two_factor_auth_redirect :: Where to redirect after a successful multifactor authentication.
-two_factor_auth_redirect_session_key :: The key in the session hash storing the location to redirect to after successful multifactor authentication.
-two_factor_auth_required_redirect :: Where to redirect if going to a page requiring multifactor authentication when not multifactor authenticated (the multifactor auth page by default).
-two_factor_auth_return_to_requested_location? :: Whether to redirect to the originally requested location after successful multifactor authentication when +require_two_factor_authenticated+ was used, false by default.
-two_factor_auth_route :: The route to the multifactor authentication page. Defaults to +multifactor-auth+.
-two_factor_disable_additional_form_tags :: HTML fragment containing additional form tags when disabling all multifactor authentication.
-two_factor_disable_button :: Text to use for button on the form to disable all multifactor authentication.
-two_factor_disable_error_flash :: The flash error to show if unable to disable all multifactor authentication.
-two_factor_disable_link_text :: The text to use for the link to disable all multifactor authentication from the multifactor manage page.
-two_factor_disable_notice_flash :: The flash notice to show after a successfully disabling all multifactor authentication.
-two_factor_disable_page_title :: The page title to use on the page for disabling all multifactor authentication.
-two_factor_disable_redirect :: Where to redirect after a successfully disabling all multifactor authentication.
-two_factor_disable_route :: The route to the page to disable all multifactor authentication. Defaults to +multifactor-disable+.
-two_factor_manage_page_title :: The page title to use on the page linking to other multifactor setup and remove pages.
-two_factor_manage_route :: The route to the page to manage multifactor authentication. Defaults to +multifactor-manage+.
-two_factor_modifications_require_password? :: Whether modifications to multifactor authentication require the inputing the user's password.
-two_factor_need_authentication_error_flash :: The flash error to show if going to a page that requires multifactor authentication when not authenticated.
-two_factor_need_authentication_error_status :: The response status to use if going to a page that requires multifactor authentication when not authenticated, 401 by default.
-two_factor_need_setup_redirect :: Where to redirect if going to a multifactor authentication page when multifactor authentication has not been setup (the multifactor manage page by default).
-two_factor_not_setup_error_flash :: The flash error to show if going to a multifactor authentication page when multifactor authentication has not been setup.
-two_factor_not_setup_error_status :: The response status to use if going to a multifactor authentication page when multifactor authentication has not been setup, 403 by default.
-two_factor_remove_heading :: The HTML to use above the remove links on the multifactor manage page.
-two_factor_setup_heading :: The HTML to use above the setup links on the multifactor manage page.
-two_factor_setup_session_key :: The session key used for storing whether multifactor authentication has been setup for the current account.
-
-== Auth Methods
-
-after_two_factor_authentication :: Any actions to take after successful multifactor authentication.
-after_two_factor_disable :: Any actions to take after successful disabling of all multifactor authentication.
-before_two_factor_auth_route :: Run arbitrary code before handling the multifactor auth route.
-before_two_factor_disable :: Any actions to take before disabling of all multifactor authentication.
-before_two_factor_disable_route :: Run arbitrary code before handling the multifactor disable route.
-before_two_factor_manage_route :: Run arbitrary code before handling the multifactor manage route.
-two_factor_auth_links :: An array of entries for links to show on the multifactor auth page.  Each entry is an array of three elements, sort order (integer), link href, and link text.
-two_factor_auth_response :: Return a response after successful multifactor authentication. By default, redirects to +two_factor_auth_redirect+  (or the requested location if +two_factor_auth_return_to_requested_location?+ is true).
-two_factor_auth_view :: The HTML to use for the page linking to other multifactor authentication pages.
-two_factor_authenticated? :: Whether the current session has already been multifactor authenticated.
-two_factor_disable_response :: Return a response after successfully disabling multifactor authentication. By default, redirects to +two_factor_disable_redirect+.
-two_factor_disable_view :: The HTML to use for the page for disabling all multifactor authentication.
-two_factor_manage_view :: The HTML to use for the page linking to other multifactor setup and remove pages.
-two_factor_remove :: Any action to take to remove multifactor authentication, called when closing accounts.
-two_factor_remove_auth_failures :: Any action to take to remove multifactor authentication failures, called after a successful multifactor authentication.
-two_factor_remove_links :: An array of entries for remove links to show on the multifactor manage page.  Each entry is an array of three elements, sort order (integer), link href, and link text.
-two_factor_remove_session :: What actions to take to remove multifactor authentication status from the session, called when disabling multifactor authentication when authenticated using the factor being removed.
-two_factor_setup_links :: An array of entries for setup links to show on the multifactor manage page.  Each entry is an array of three elements, sort order (integer), link href, and link text.
-two_factor_update_session(type) :: How to update the session to reflect a successful multifactor authentication.

data/doc/update_password_hash.rdoc

@@ -1,7 +0,0 @@
-= Documentation for Update Password Hash Feature
-
-The update password hash feature updates the hash for the password whenever
-the hash cost changes.  For example, if you have a cost of 8, and later
-increase the cost to 10, anytime the user authenticates correctly with
-their password, their password hash will change from one that uses a cost
-of 8 to one that uses a cost of 10.

data/doc/verify_account.rdoc

@@ -1,67 +0,0 @@
-= Documentation for Verify Account Feature
-
-The verify account feature implements account verification after account
-creation.  After account creation, users are sent an email containing
-a link to verify the account. Users cannot login to the account until
-after verifying the account. Depends on the login and create account features.
-
-== Auth Value Methods
-
-attempt_to_create_unverified_account_error_flash :: The flash error message to show when attempting to create an account awaiting verification.
-attempt_to_login_to_unverified_account_error_flash :: The flash error message to show when attempting to login to an account awaiting verification.
-no_matching_verify_account_key_error_flash :: The flash error message to show when an invalid verify account key is used.
-resend_verify_account_page_title :: The page title to use on page requesting resending the verify account email.
-verify_account_additional_form_tags :: HTML fragment containing additional form tags to use on the verify account form.
-verify_account_autologin? :: Whether to autologin the user after successful account verification, true by default.
-verify_account_button :: The text to use for the verify account button.
-verify_account_email_last_sent_column :: The email last sent column in the +verify_account_table+. Set to nil to always send a verify account email when requested.
-verify_account_email_recently_sent_error_flash :: The flash error to show if not sending verify account email because one has been sent recently.
-verify_account_email_recently_sent_redirect :: Where to redirect if not sending verify account email because one has been sent recently.
-verify_account_email_sent_notice_flash :: The flash notice to set after sending the verify account email.
-verify_account_email_sent_redirect :: Where to redirect after sending the verify account email.
-verify_account_email_subject :: The subject to use for the verify account email.
-verify_account_error_flash :: The flash error to show if no matching key is submitted when verifying an account.
-verify_account_id_column :: The id column in the +verify_account_table+, should be a foreign key referencing the accounts table.
-verify_account_key_column :: The verify account key/token column in the +verify_account_table+.
-verify_account_key_param :: The parameter name to use for the verify account key.
-verify_account_notice_flash :: The flash notice to show after verifying the account.
-verify_account_page_title :: The page title to use on the verify account form.
-verify_account_redirect :: Where to redirect after verifying the account.
-verify_account_resend_additional_form_tags :: HTML fragment containing additional form tags to use on the page requesting resending the verify account email.
-verify_account_resend_button :: The text to use for the verify account resend button.
-verify_account_resend_error_flash :: The flash error to show if unable to resend a verify account email.
-verify_account_resend_explanatory_text :: The text to display above the button to resend the verify account email.
-verify_account_resend_link_text :: The text to use for a link to the page to request the account verification email be resent.
-verify_account_resend_route :: The route to the verify account resend action.  Defaults to +verify-account-resend+.
-verify_account_route :: The route to the verify account action. Defaults to +verify-account+.
-verify_account_session_key :: The key in the session to hold the verify account key temporarily.
-verify_account_set_password? :: Whether to ask for a password to be set on the verify account form.  True by default. If set to false, will ask for password when creating the account instead of when verifying.
-verify_account_skip_resend_email_within :: The number of seconds before sending another verify account email, if +verify_account_email_last_sent_column+ is set.
-verify_account_table :: The name of the verify account keys table.
-
-== Auth Methods
-
-account_from_verify_account_key(key) :: Retrieve the account using the given verify account key, or return nil if no account matches.
-after_verify_account :: Run arbitrary code after verifying the account.
-after_verify_account_email_resend :: Run arbitrary code after resending a verify account email.
-allow_resending_verify_account_email? :: Whether to allow sending the verify account email for the account, true by default only if the account has not been verified.
-before_verify_account :: Run arbitrary code before verifying the account.
-before_verify_account_email_resend :: Run arbitrary code before resending a verify account email.
-before_verify_account_resend_route :: Run arbitrary code before handling a verify account resend route.
-before_verify_account_route :: Run arbitrary code before handling a verify account route.
-create_verify_account_email :: A Mail::Message for the verify account email.
-create_verify_account_key :: Add the verify account key data to the database.
-get_verify_account_email_last_sent :: Get the last time a verify account email is sent, or nil if there is no last sent time.
-get_verify_account_key(id) :: Get the verify account key for the given account id from the database.
-remove_verify_account_key :: Remove the verify account key for the current account, run after successful account verification.
-resend_verify_account_view :: The HTML to use for page requesting resending the verify account email.
-send_verify_account_email :: Send the verify account email.
-set_verify_account_email_last_sent :: Set the last time a verify account email is sent.
-verify_account :: Verify the account by changing the status from unverified to open.
-verify_account_email_body :: The body to use for the verify account email.
-verify_account_email_link :: The link to the verify account form in the verify account email.
-verify_account_email_sent_response :: Return a response after successfully sending an verify account email. By default, redirects to +verify_account_email_sent_redirect+.
-verify_account_key_insert_hash :: The hash to insert into the +verify_account_table+.
-verify_account_key_value :: The value of the verify account key.
-verify_account_response :: Return a response after successfully verifying an account. By default, redirects to +verify_account_redirect+.
-verify_account_view :: The HTML to use for the verify account form.

data/doc/verify_account_grace_period.rdoc

@@ -1,19 +0,0 @@
-= Documentation for Verify Account Grace Period Feature
-
-The verify account grace period feature allows users to login for
-a given period of time (1 day by default) before their account is
-verified.  Depends on the verify account feature.  This switches
-the +verify_account_set_password?+ to false so that user can login
-with a password during the grace period.
-
-== Auth Value Methods
-
-unverified_account_session_key :: The session key set if the logged in account has not been unverified.
-unverified_change_login_error_flash :: The flash error to show when an unverified accounts accesses a change login route.
-unverified_change_login_redirect :: Where to redirect when an unverified accounts accesses a change login route.
-verification_requested_at_column :: The column in the +verify_account_table+ table that holds the verification requested timestamp.
-verify_account_grace_period :: The amount of seconds after an account creation that a user will be able to login without verifying (86400 by default).
-
-== Auth Methods
-
-account_in_unverified_grace_period? :: Whether the current account is in an unverified grace period.

data/doc/verify_login_change.rdoc

@@ -1,59 +0,0 @@
-= Documentation for Verify Login Change Feature
-
-The verify login change feature implements verification of login
-changes.  With this feature, login changes do not take effect
-until after the user has verified the new login.  Until the new
-login has been verified, the old login continues to work.
-
-Any time you use the verify account and change login features together,
-you should probably use this, otherwise it is trivial for users to work
-around account verification by creating an account with an email address
-they control, and the changing the login to an email address they don't
-control.  Depends on the change login and email base features.
-
-== Auth Value Methods
-
-no_matching_verify_login_change_key_error_flash :: The flash error message to show when an invalid verify login change key is used.
-change_login_needs_verification_notice_flash :: The flash notice to show after changing a login when using this feature, if +change_login_notice_flash+ is not overridden.
-verify_login_change_additional_form_tags :: HTML fragment containing additional form tags to use on the verify login change form.
-verify_login_change_autologin? :: Whether to autologin the user after successful login change verification, false by default.
-verify_login_change_button :: The text to use for the verify login change button.
-verify_login_change_deadline_column :: The column name in the +verify_login_change_table+ storing the deadline after which the token will be ignored.
-verify_login_change_deadline_interval :: The amount of time for which to allow users to verify login changes, 1 day by default.
-verify_login_change_duplicate_account_error_flash :: The flash error message to show when attempting to verify a login change when the login is already taken.
-verify_login_change_duplicate_account_redirect :: Where to redirect if not changing a login during verification because the new login is already taken.
-verify_login_change_email_subject :: The subject to use for the verify login change email.
-verify_login_change_error_flash :: The flash error to show if no matching key is submitted when verifying login change.
-verify_login_change_id_column :: The id column in the +verify_login_change_table+, should be a foreign key referencing the accounts table.
-verify_login_change_key_column :: The verify login change key/token column in the +verify_login_change_table+.
-verify_login_change_key_param :: The parameter name to use for the verify login change key.
-verify_login_change_login_column :: The login column in the +verify_login_change_table+, containing the new login.
-verify_login_change_notice_flash :: The flash notice to show after verifying the login change.
-verify_login_change_page_title :: The page title to use on the verify login change form.
-verify_login_change_redirect :: Where to redirect after verifying the login change.
-verify_login_change_route :: The route to the verify login change action. Defaults to +verify-login-change+.
-verify_login_change_session_key :: The key in the session to hold the verify login change key temporarily.
-verify_login_change_table :: The name of the verify login change keys table.
-
-== Auth Methods
-
-account_from_verify_login_change_key(key) :: Retrieve the account using the given verify account key, or return nil if no account matches.  Should also override verify_login_change_new_login if overriding this method.
-after_verify_login_change :: Run arbitrary code after verifying the login change.
-after_verify_login_change_email :: Run arbitrary code after sending verify login change email.
-before_verify_login_change :: Run arbitrary code before verifying the login change.
-before_verify_login_change_email :: Run arbitrary code before sending verify login change email.
-before_verify_login_change_route :: Run arbitrary code before handling a verify login change route.
-create_verify_login_change_email(login) :: A Mail::Message for the verify login change email.
-create_verify_login_change_key(login) :: Add the verify login change key data to the database.
-get_verify_login_change_login_and_key(id) :: Get the verify login change login and key for the given account id from the database.
-remove_verify_login_change_key :: Remove the verify login change key for the current account, run after successful login change verification.
-send_verify_login_change_email(login) :: Send the verify login change email.
-verify_login_change :: Change the login for the given account to the new login.
-verify_login_change_email_body :: The body to use for the verify login change email.
-verify_login_change_email_link :: The link to the verify login change form in the verify login change email.
-verify_login_change_key_insert_hash(login) :: The hash to insert into the +verify_login_change_table+.
-verify_login_change_key_value :: The value of the verify login change key.
-verify_login_change_new_login :: The new login to use when the login change is verified.
-verify_login_change_old_login :: The old login to display in the verify login change email.
-verify_login_change_response :: Return a response after successfully verifying a login change. By default, redirects to +verify_login_change_redirect+.
-verify_login_change_view :: The HTML to use for the verify login change form.

data/doc/webauthn.rdoc

@@ -1,118 +0,0 @@
-= Documentation for WebAuthn Feature
-
-The webauthn feature implements multifactor authentication via WebAuthn.
-It supports registering WebAuthn authenticators, using them for
-multifactor authentication, and removing WebAuthn authenticators.
-This feature supports multiple WebAuthn authenticators per user,
-and users are encouraged to have multiple WebAuthn authenticators
-so that they have a backup if one is not available.
-
-WebAuthn authentication requires javascript to work in
-browsers, for the browser to communicate with the authenticator.
-This feature offers routes that return the appropriate javascript.
-However, the javascript works by setting a hidden form field and
-using normal form submission.  This allows testing the feature
-without using javascript.  See Rodauth's tests for how testing
-without javascript works.
-
-The webauthn feature requires the webauthn gem.
-
-== Auth Value Methods
-
-authenticated_webauthn_id_session_key :: The session key used for storing which WebAuthn ID was used during authentication.
-webauthn_attestation :: The value of the WebAuthn attestation option when registering a new WebAuthn authenticator.
-webauthn_auth_additional_form_tags :: HTML fragment containing additional form tags when authenticating via WebAuthn.
-webauthn_auth_button :: Text to use for button on the form to authenticate via WebAuthn.
-webauthn_auth_challenge_hmac_param :: The parameter name for the HMAC of the WebAuthn challenge during authentication.
-webauthn_auth_challenge_param :: The parameter name for the WebAuthn challenge during authentication.
-webauthn_auth_error_flash :: The flash error to show if unable to authenticate via WebAuthn.
-webauthn_auth_js :: The javascript code to execute on the page to authenticate via WebAuthn.
-webauthn_auth_js_route :: The route to the webauthn auth javascript file.
-webauthn_auth_link_text :: The text to use for the link from the multifactor auth page.
-webauthn_auth_page_title :: The page title to use on the page for authenticating via WebAuthn.
-webauthn_auth_param :: The parameter name for the WebAuthn authentication data.
-webauthn_auth_route :: The route to the webauthn auth action.
-webauthn_auth_timeout :: The number of milliseconds to wait when authenticating using a WebAuthn authenticator.
-webauthn_authenticator_selection ::  The value of the WebAuthn authenticatorSelection option when registering a new WebAuthn authenticator.
-webauthn_duplicate_webauthn_id_message :: The error message to when there is an attempt to insert a duplicate WebAuthn authenticator. 
-webauthn_extensions :: The value of the WebAuthn extensions option when registering a new WebAuthn authenticator or authenticating via WebAuthn.
-webauthn_invalid_auth_param_message :: The error message to show when invalid or missing WebAuthn authentication data is provided.
-webauthn_invalid_remove_param_message :: The error message to show when invalid WebAuthn ID is provided when removing a WebAuthn authenticator.
-webauthn_invalid_setup_param_message :: The error message to show when invalid or missing WebAuthn registration data is provided.
-webauthn_invalid_sign_count_message :: The error message to when there is an attempt to authenticate with WebAuthn authenticator with an invalid sign count.
-webauthn_js_host :: The protocol and domain if using a separate host for the WebAuthn setup and auth javascript files.
-webauthn_keys_account_id_column :: The column in the +webauthn_keys_table+ containing the account id.
-webauthn_keys_last_use_column :: The column in the +webauthn_keys_table+ containing the last time the WebAuthn credential was used.
-webauthn_keys_public_key_column :: The column in the +webauthn_keys_table+ containing the public key for the WebAuthn credential.
-webauthn_keys_sign_count_column :: The column in the +webauthn_keys_table+ containing the sign count for the WebAuthn credential.
-webauthn_keys_table :: The table name containing the WebAuthn public keys.
-webauthn_keys_webauthn_id_column :: The column in the +webauthn_keys_table+ containing the WebAuthn ID for the WebAuthn credential.
-webauthn_not_setup_error_flash :: The flash error to show if going to the WebAuthn authentication page without having registered a WebAuthn authenticator.
-webauthn_not_setup_error_status :: The status code to use if going to the WebAuthn authentication page without having registered a WebAuthn authenticator.
-webauthn_origin :: The origin to use when verifying a WebAuthn authenticator.
-webauthn_remove_additional_form_tags :: HTML fragment containing additional form tags when removing an existing WebAuthn authenticator.
-webauthn_remove_button :: Text to use for button on the form to remove an existing WebAuthn authenticator.
-webauthn_remove_error_flash :: The flash error to show if unable to remove an existing WebAuthn authenticator.
-webauthn_remove_link_text :: The text to use for the remove link from the multifactor manage page.
-webauthn_remove_notice_flash :: The flash notice to show after removing an existing WebAuthn authenticator.
-webauthn_remove_page_title :: The page title to use on the page for removing an existing WebAuthn authenticator.
-webauthn_remove_param :: The parameter name for the WebAuthn ID to remove.
-webauthn_remove_redirect :: Where to redirect after successfully removing an existing WebAuthn authenticator.
-webauthn_remove_route :: The route to the webauthn remove action.
-webauthn_rp_id :: The relying party ID to use when registering a WebAuthn authenticator or authenticating via WebAuthn.
-webauthn_rp_name :: The relying party name to use when registering a WebAuthn authenticator.
-webauthn_setup_additional_form_tags :: HTML fragment containing additional form tags when registering a new WebAuthn authenticator.
-webauthn_setup_button :: Text to use for button on the form to register a new WebAuthn authenticator.
-webauthn_setup_challenge_hmac_param :: The parameter name for the HMAC of the WebAuthn challenge during registration.
-webauthn_setup_challenge_param :: The parameter name for the WebAuthn challenge during registration.
-webauthn_setup_error_flash :: The flash error to show if unable to register a new WebAuthn authenticator.
-webauthn_setup_js :: The javascript code to execute on the page to register a new WebAuthn credential.
-webauthn_setup_js_route :: The route to the webauthn setup javascript file.
-webauthn_setup_link_text :: The text to use for the setup link from the multifactor manage page.
-webauthn_setup_notice_flash :: The flash notice to show after registering a new WebAuthn authenticator.
-webauthn_setup_page_title :: The page title to use on the page for registering a new WebAuthn authenticator.
-webauthn_setup_param :: The parameter name for the WebAuthn registration data.
-webauthn_setup_redirect :: Where to redirect after successfully registering a new WebAuthn authenticator.
-webauthn_setup_timeout :: The number of milliseconds to wait when registering a new WebAuthn authenticator.
-webauthn_setup_route :: The route to the webauthn setup action.
-webauthn_user_ids_account_id_column :: The column in the +webauthn_user_ids_table+ containing the account id.
-webauthn_user_ids_table :: The table name containing the WebAuthn user IDs.
-webauthn_user_ids_webauthn_id_column :: The column in the +webauthn_user_ids_table+ containing the accounts WebAuthn user ID.
-webauthn_user_verification :: The value of the WebAuthn userVerification option when registering a new WebAuthn authenticator.
-
-== Auth Methods
-
-account_webauthn_ids :: An array of WebAuthn IDs for registered WebAuthn credentials for the current account.
-account_webauthn_usage :: A hash mapping WebAuthn IDs to the time of their last use for registered WebAuthn credentials for the current account.
-account_webauthn_user_id :: The WebAuthn User ID for the current account.
-add_webauthn_credential(webauthn_credential) :: Register the given WebAuthn credential to current account.
-after_webauthn_auth_failure :: Any actions to take after a WebAuthn authentication failure.
-after_webauthn_remove :: Any actions to take after removing an existing WebAuthn authenticator.
-after_webauthn_setup :: Any actions to take after registering a new WebAuthn authenticator.
-authenticated_webauthn_id :: The WebAuthn ID for the credential used to authenticate via WebAuthn for the current session.
-before_webauthn_auth :: Any actions to take before authenticating via WebAuthn.
-before_webauthn_auth_js_route :: Run arbitrary code before handling a webauthn auth javascript route.
-before_webauthn_auth_route :: Run arbitrary code before handling a webauthn auth route.
-before_webauthn_remove :: Any actions to take before removing an existing WebAuthn authenticator.
-before_webauthn_remove_route :: Run arbitrary code before handling a webauthn remove route.
-before_webauthn_setup :: Any actions to take before registering a new WebAuthn authenticator.
-before_webauthn_setup_js_route :: Run arbitrary code before handling a webauthn setup javascript route.
-before_webauthn_setup_route :: Run arbitrary code before handling a webauthn setup route.
-handle_webauthn_sign_count_verification_error :: What actions to take if there is an invalid sign count when authenticating. The default results in an error, but overriding without calling super will result in successful WebAuthn authentication.
-new_webauthn_credential :: WebAuthn credential options to provide to the client during WebAuthn registration.
-remove_all_webauthn_keys_and_user_ids :: Remove all WebAuthn credentials and the WebAuthn user ID from the current account.
-remove_webauthn_key(webauthn_id) :: Remove the WebAuthn credential with the given WebAuthn ID from the current account.
-valid_new_webauthn_credential?(webauthn_credential) :: Check wheck the WebAuthn credential provided by the client during registration is valid.
-valid_webauthn_credential_auth?(webauthn_credential) :: Check wheck the WebAuthn credential provided by the client during authentication is valid.
-webauthn_auth_js_path :: The path to the WebAuthn authentication javascript.
-webauthn_auth_view :: The HTML to use for the page for authenticating via WebAuthn.
-webauthn_credential_options_for_get :: WebAuthn credential options to provide to the client during WebAuthn authentication.
-webauthn_key_insert_hash(webauthn_credential) :: The hash to insert into the +webauthn_keys_table+.
-webauthn_remove_authenticated_session :: Remove the authenticated WebAuthn ID, used when removing the WebAuthn credential with the ID after authenticating with it.
-webauthn_remove_response :: Return a response after successfully removing a WebAuthn authenticator. By default, redirects to +webauthn_remove_redirect+.
-webauthn_remove_view :: The HTML to use for the page for removing an existing WebAuthn authenticator.
-webauthn_setup_js_path :: The path to the WebAuthn registration javascript.
-webauthn_setup_response :: Return a response after successfully setting up a WebAuthn authenticator. By default, redirects to +webauthn_setup_redirect+.
-webauthn_setup_view :: The HTML to use for the page for registering a new WebAuthn authenticator.
-webauthn_update_session(webauthn_id) :: Set the authenticated WebAuthn ID after authenticating via WebAuthn.
-webauthn_user_name :: The user name to use when registering a new WebAuthn credential, the user's email by default.

data/doc/webauthn_autofill.rdoc

@@ -1,19 +0,0 @@
-= Documentation for WebAuthn Autofill Feature
-
-The webauthn_autofill feature enables autofill UI (aka "conditional mediation")
-for WebAuthn credentials, logging the user in on selection. It depends on the
-webauthn_login feature.
-
-This feature allows generating WebAuthn credential options and submitting a
-WebAuthn login request without providing a login, which can be used
-independently from the autofill UI.
-
-== Auth Value Methods
-
-webauthn_autofill_js :: The javascript code to execute on the login page to enable autofill UI.
-webauthn_autofill_js_route :: The route to the webauthn autofill javascript file.
-webauthn_invalid_webauthn_id_message :: The error message to show when provided WebAuthn ID wasn't found in the database.
-
-== Auth Methods
-
-before_webauthn_autofill_js_route :: Run arbitrary code before handling a webauthn autofill javascript route.

data/doc/webauthn_login.rdoc

@@ -1,16 +0,0 @@
-= Documentation for WebAuthn Login Feature
-
-The webauthn_login feature implements passwordless authentication via
-WebAuthn. It depends on the login and webauthn features.
-
-== Auth Value Methods
-
-webauthn_login_user_verification_additional_factor? :: Whether passwordless login via WebAuthn should consider user verification as 2nd factor when using multifactor authentication, false by default. Setting this to true means that the app trusts the user verification done by the authenticator is strong enough to be considered an additional factor.
-webauthn_login_error_flash :: The flash error to show if there is a failure during passwordless login via WebAuthn.
-webauthn_login_failure_redirect :: Whether to redirect if there is a failure during passwordless login via WebAuthn.
-webauthn_login_route :: The route to the webauthn login action.
-
-== Auth Methods
-
-before_webauthn_login :: Any actions to take before passwordless login via WebAuthn.
-before_webauthn_login_route :: Run arbitrary code before handling a webauthn login route.

data/doc/webauthn_modify_email.rdoc

@@ -1,19 +0,0 @@
-= Documentation for WebAuthn Modify Email Feature
-
-The webauthn_modify_email feature emails users when a WebAuthn authenticator is added to or removed from their account.
-
-The webauthn_modify_email feature depends on the webauthn and email_base features.
-
-== Auth Value Methods
-
-webauthn_authenticator_added_email_body :: Body to use for the email notifying user that a WebAuthn authenticator has been added to their account.
-webauthn_authenticator_added_email_subject :: Subject to use for the email notifying user that a WebAuthn authenticator has been added to their account.
-webauthn_authenticator_removed_email_body :: Body to use for the email notifying user that a WebAuthn authenticator has been removed from their account.
-webauthn_authenticator_removed_email_subject :: Subject to use for the email notifying user that a WebAuthn authenticator has been removed from their account.
-
-== Auth Methods
-
-create_webauthn_authenticator_added_email :: A Mail::Message for the email notifying user that a WebAuthn authenticator has been added to their account.
-create_webauthn_authenticator_removed_email :: A Mail::Message for the email notifying user that a WebAuthn authenticator has been removed from their account.
-send_webauthn_authenticator_added_email :: Send the email notifying user that a WebAuthn authenticator has been added to their account.
-send_webauthn_authenticator_removed_email :: Send the email notifying user that a WebAuthn authenticator has been removed from their account.

data/doc/webauthn_verify_account.rdoc

@@ -1,9 +0,0 @@
-= Documentation for WebAuthn Verify Account Feature
-
-The webauthn_verify_account feature implements setting up an WebAuthn authenticator
-during the account verification process, and making such setup
-a requirement for account verification.  By default, it disables
-asking for a password during account creation and verification,
-allowing for completely passwordless designs, where the only
-authentication option is WebAuthn. It depends on the verify_account
-and webauthn features.