fizzy icon indicating copy to clipboard operation
fizzy copied to clipboard
Published 2 weeks ago verified publisher icon basecamp

Add passkey authentication as alternative to magic links

Open dpshade opened this issue 2 weeks ago • 0 comments

Summary

Implements WebAuthn passkey support for passwordless authentication, addressing the request in Discussion #1919 where maintainers indicated preference for passkeys over traditional passwords.

Features

  • Sign in with passkey from the login page (discoverable credentials)
  • Sign up with passkey or fall back to email verification
  • Manage passkeys from Settings menu (add/remove)
  • Choice screen for users with passkeys (passkey or email)

Technical Details

  • Uses webauthn gem (~> 3.0) for WebAuthn/FIDO2 protocol
  • Passkeys stored with Identity (not account-scoped)
  • Supports discoverable credentials (resident keys)
  • Per-request relying party configuration for multi-domain support

Screenshots

image image

Testing

  • Unit tests for Passkey model
  • Controller tests for all new endpoints
  • Fixtures for passkey data
  • Tested locally with Proton Pass

Acknowledgments

This implementation was largely developed with assistance from Claude Code (Opus 4.5 from Anthropic).

Refs: https://github.com/basecamp/fizzy/discussions/1919#discussioncomment-15178062

dpshade avatar Dec 09 '25 06:12 dpshade