github-starred/vaultwarden
2
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2026-05-24 17:12:43 -05:00
Code Issues 307 Packages Projects Releases 83 Wiki Activity

[PR #6160] [MERGED] make webauthn more optional #21927

New Issue
Closed
opened 2026-04-30 08:17:26 -05:00 by GiteaMirror · 0 comments
GiteaMirror commented 2026-04-30 08:17:26 -05:00
Owner
Copy Link

📋 Pull Request Information

Original PR: https://github.com/dani-garcia/vaultwarden/pull/6160
Author: @stefan0xC
Created: 8/9/2025
Status: Merged
Merged: 8/26/2025
Merged by: @dani-garcia

Base: mainHead: make-webauthn-optional

📝 Commits (2)

  • 792499b make webauthn optional
  • 1e36d8e hide passkey if domain is not set

📊 Changes

6 files changed (+33 additions, -57 deletions)

View changed files

📝 src/api/core/two_factor/webauthn.rs (+13 -39)
📝 src/api/identity.rs (+8 -16)
📝 src/api/web.rs (+1 -0)
📝 src/config.rs (+4 -0)
📝 src/main.rs (+0 -2)
📝 src/static/templates/scss/vaultwarden.scss.hbs (+7 -0)

📄 Description

I don't think that we need initialize webauthn on startup (which currently fails if you set DOMAIN to an IP address because webauthn requires a domain name as rp_id). I've also hidden it as an option if you have setup the domain to be an IP address.

This won't touch on the other issues that were reported but I do think that it's important that Vaultwarden can start with something like DOMAIN=http://127.0.0.1:8000.

🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/dani-garcia/vaultwarden/pull/6160 **Author:** [@stefan0xC](https://github.com/stefan0xC) **Created:** 8/9/2025 **Status:** ✅ Merged **Merged:** 8/26/2025 **Merged by:** [@dani-garcia](https://github.com/dani-garcia) **Base:** `main` ← **Head:** `make-webauthn-optional` --- ### 📝 Commits (2) - [`792499b`](https://github.com/dani-garcia/vaultwarden/commit/792499b1c1931aec09388ea8498301c16c85c407) make webauthn optional - [`1e36d8e`](https://github.com/dani-garcia/vaultwarden/commit/1e36d8e72279d0c9c2fedf5752502ecfb7eac8c9) hide passkey if domain is not set ### 📊 Changes **6 files changed** (+33 additions, -57 deletions) <details> <summary>View changed files</summary> 📝 `src/api/core/two_factor/webauthn.rs` (+13 -39) 📝 `src/api/identity.rs` (+8 -16) 📝 `src/api/web.rs` (+1 -0) 📝 `src/config.rs` (+4 -0) 📝 `src/main.rs` (+0 -2) 📝 `src/static/templates/scss/vaultwarden.scss.hbs` (+7 -0) </details> ### 📄 Description I don't think that we need initialize webauthn on startup (which currently fails if you set `DOMAIN` to an IP address because [webauthn requires a domain name as `rp_id`](https://www.w3.org/TR/webauthn-2/#relying-party-identifier)). I've also hidden it as an option if you have setup the [domain](https://docs.rs/url/2.5.4/url/struct.Url.html#method.domain) to be an IP address. This won't touch on the other issues that were reported but I do think that it's important that Vaultwarden can start with something like `DOMAIN=http://127.0.0.1:8000`. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
GiteaMirror added the pull-request label 2026-04-30 08:17:26 -05:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
better for forum
bug
documentation
duplicate
enhancement
future Vault
good first issue
help wanted
low priority
notes
pull-request
Mirrored from GitHub Pull Request
 question
SSO
Third party
troubleshooting
wontfix
No Label pull-request
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/vaultwarden#21927
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?