v0.2.3

Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    action_auth (0.2.2)
+    action_auth (0.2.3)
       bcrypt (~> 3.1.0)
       rails (~> 7.1)
 

app/assets/javascripts/action_auth/application.js

@@ -12,7 +12,7 @@ const Credential = {
     }
   },
 
-  callback: function (url, body) {
+  callback: function (url, body, redirectUrl) {
     const token = this.getCRFSToken();
     fetch(url, {
       method: "POST",
@@ -25,7 +25,8 @@ const Credential = {
       credentials: 'same-origin'
     }).then(function (response) {
       if (response.ok) {
-        window.location.replace("/");
+        console.log("Credential created", response);
+        window.location.replace(redirectUrl);
       } else if (response.status < 500) {
         response.text();
       }
@@ -34,16 +35,17 @@ const Credential = {
 
   create: function (callbackUrl, credentialOptions) {
     const self = this;
+    const webauthnRedirectUrl = document.querySelector('meta[name="webauthn_redirect_url"]').getAttribute("content");
     WebAuthnJSON.create({ "publicKey": credentialOptions }).then(function (credential) {
-      self.callback(callbackUrl, credential);
+      self.callback(callbackUrl, credential, webauthnRedirectUrl);
     });
   },
 
   get: function (credentialOptions) {
     const self = this;
     const webauthnUrl = document.querySelector('meta[name="webauthn_auth_url"]').getAttribute("content");
     WebAuthnJSON.get({ "publicKey": credentialOptions }).then(function (credential) {
-      self.callback(webauthnUrl, credential);
+      self.callback(webauthnUrl, credential, "/");
     });
   }
 };

app/assets/stylesheets/action_auth/application.css

@@ -154,3 +154,7 @@ input[type="password"] {
 .action-auth--table td {
   transition: background-color 0.3s;
 }
+
+.action-auth--text-center {
+  text-align: center !important;
+}

app/controllers/action_auth/webauthn_credential_authentications_controller.rb

@@ -1,7 +1,7 @@
 class ActionAuth::WebauthnCredentialAuthenticationsController < ApplicationController
   before_action :ensure_user_not_authenticated
   before_action :ensure_login_initiated
-  layout "action_auth/application-full-width"
+  layout "action_auth/application"
 
   def new
     get_options = WebAuthn::Credential.options_for_get(allow: user.action_auth_webauthn_credentials.pluck(:external_id))

app/controllers/action_auth/webauthn_credentials_controller.rb

@@ -1,6 +1,6 @@
 class ActionAuth::WebauthnCredentialsController < ApplicationController
   before_action :authenticate_user!
-  layout "action_auth/application-full-width"
+  layout "action_auth/application"
 
   def new
   end

app/views/action_auth/webauthn_credential_authentications/new.html.erb

@@ -1,12 +1,18 @@
-<h2 class="">Use one of your security keys to sign in</h2>
+<h2 class="action-auth--text-center">Use a passkey to sign in</h2>
 
 <%= content_tag :div,
   id: "webauthn_credential_form",
-  data: { controller: "credential-authenticator",
-  "credential-authenticator-options-value": @options } do %>
+  data: {
+    controller: "credential-authenticator",
+    "credential-authenticator-options-value": @options
+  },
+  class: "action-auth--text-center" do %>
 
-  <div class="mb-3">
-    If it's an USB key be sure to insert it and, if necessary, tap it.
+  <div class="mb-3 action-auth--text-center">
+    Insert a USB key, if necessary, and tap it.
   </div>
 <% end %>
 
+<%= content_for :cancel_path do %>
+  <%= link_to "Cancel", action_auth.sign_in_path %>
+<% end %>

app/views/action_auth/webauthn_credentials/new.html.erb

@@ -1,4 +1,4 @@
-<h2 class="">Add a security key:</h2>
+<h2 class="action-auth--text-center">Add a security key</h2>
 <%= form_with scope: :webauthn_credential,
               url: options_for_webauthn_credentials_path,
               id: "webauthn_credential_form",
@@ -11,11 +11,15 @@
     <%= form.text_field :nickname, autofocus: true, placeholder: "New Security Key nickname", required: true %>
   </div>
 
-  <div class="mb-3">
+  <div class="mb-3 action-auth--text-center">
     <%= form.submit "Add Security Key", class: "btn btn-primary" %>
   </div>
 
-  <div class="">
-    <span class="">If it's an USB key be sure to insert it and, if necessary, tap it.</span>
+  <div class="mb-3 action-auth--text-center">
+    Insert a USB key, if necessary, and tap it.
   </div>
 <% end %>
+
+<%= content_for :cancel_path do %>
+  <%= link_to "Cancel", action_auth.sessions_path %>
+<% end %>

app/views/layouts/action_auth/application-full-width.html.erb

@@ -9,6 +9,7 @@
   <% if ActionAuth.configuration.webauthn_enabled? %>
     <%= tag :meta, name: :webauthn_auth_url, content: action_auth.webauthn_credential_authentications_url %>
     <%= tag :meta, name: :webauthn_cred_url, content: action_auth.webauthn_credentials_url %>
+    <%= tag :meta, name: :webauthn_redirect_url, content: action_auth.sessions_url %>
   <% end %>
 </head>
 <body class="bg-light">

app/views/layouts/action_auth/application.html.erb

@@ -6,10 +6,18 @@
   <%= csp_meta_tag %>
   <%= stylesheet_link_tag "action_auth/application", media: "all" %>
   <%= javascript_include_tag "action_auth/application", "data-turbo-track": "reload", type: "module" %>
+  <% if ActionAuth.configuration.webauthn_enabled? %>
+    <%= tag :meta, name: :webauthn_auth_url, content: action_auth.webauthn_credential_authentications_url %>
+    <%= tag :meta, name: :webauthn_cred_url, content: action_auth.webauthn_credentials_url %>
+    <%= tag :meta, name: :webauthn_redirect_url, content: action_auth.sessions_url %>
+  <% end %>
 </head>
 <body class="bg-light">
   <div class="container bg-white border pb-3">
     <%= yield %>
   </div>
+  <div class="action-auth--text-center">
+    <%= yield(:cancel_path) %>
+  </div>
 </body>
 </html>

lib/action_auth/version.rb

@@ -1,3 +1,3 @@
 module ActionAuth
-  VERSION = "0.2.2"
+  VERSION = "0.2.3"
 end