feat(auth): web multi-step bridge — resume MFA after usernameless approve/QR (#2,#6) [WIP]#204
Closed
ahmetabdullahgultekin wants to merge 2 commits into
Closed
feat(auth): web multi-step bridge — resume MFA after usernameless approve/QR (#2,#6) [WIP]#204ahmetabdullahgultekin wants to merge 2 commits into
ahmetabdullahgultekin wants to merge 2 commits into
Conversation
…n hosted page The hosted login page (verify.fivucsas.com) resolved its initial login-config by OAuth clientId, which maps to the client's bound tenant — the dashboard/mobile client lives on the `system` sentinel tenant, so a fivucsas user saw the SYSTEM flow shape (and 'system' branding) until they submitted. LoginMfaFlow already called /auth/login/preflight at the identifier step but discarded the resolved LoginConfig; now it hands it up via onPreflightResolved and HostedLoginApp swaps the displayed config to the user's ACTUAL tenant flow (step list / methods / branding). Display-only: the backend already enforces the user's flow at /auth/login. Enumeration-safe (unknown email -> platform-default config) and fallback-preserving (null/older API leaves the config untouched). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…rove/QR (#2,#6) [WIP — integrate onto fix/predemo-web-2026-06-03 + verify before deploy] ApproveLoginPanel onMfaPending + LoginMfaFlow resumeSession inject the approved mfaSessionToken+availableMethods into the step-up flow instead of dead-ending at 'continue here'. Additive/reversible. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Contributor
Author
|
Superseded by #220 (fix/login-flow-triage-2026-06-12), which implements the full usernameless Layer-1 → MFA continuation bridge (shared Layer1Continuation + onMfaRequired threading mfaSessionToken+availableMethods across LoginPage/HostedLoginApp/LoginMfaFlow) plus F4 regroup, F7 picker gating, F6, F10 — CI-green and tested (1211 vitest). This 2026-06-03 WIP is fully covered there. Branch retained (not deleted) in case any unique approach needs salvage. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
ApproveLoginPanel onMfaPending + LoginMfaFlow resumeSession inject the approved mfaSessionToken+availableMethods into the step-up flow instead of dead-ending. Additive/reversible; typechecks. DRAFT — verify with backend bridge + 2 devices before merge.
🤖 Generated with Claude Code