[PR #1065] [MERGED] feat: add passkey and 2FA document action auth options #1356

New issue

Closed

opened 2026-02-26 19:32:54 +03:00 by kerem · 0 comments

kerem commented 2026-02-26 19:32:54 +03:00

Owner

Copy link

📋 Pull Request Information

Original PR: https://github.com/documenso/documenso/pull/1065
Author: @dguyen
Created: 3/28/2024
Status: ✅ Merged
Merged: 3/31/2024
Merged by: @dguyen

Base: main ← Head: feat/add-document-2fa-passkey

---

📝 Commits (4)

• 6e78d1a feat: add document auth passkey and 2FA
• 671ce93 fix: migration
• 4092539 fix: tests
• d37f549 fix: tests

📊 Changes

27 files changed (+966 additions, -243 deletions)

View changed files

📝 apps/web/src/app/(dashboard)/settings/security/passkeys/create-passkey-dialog.tsx (+3 -1)
➕ apps/web/src/app/(signing)/sign/[token]/document-action-auth-2fa.tsx (+172 -0)
➕ apps/web/src/app/(signing)/sign/[token]/document-action-auth-account.tsx (+79 -0)
📝 apps/web/src/app/(signing)/sign/[token]/document-action-auth-dialog.tsx (+28 -179)
➕ apps/web/src/app/(signing)/sign/[token]/document-action-auth-passkey.tsx (+252 -0)
📝 apps/web/src/app/(signing)/sign/[token]/document-auth-provider.tsx (+68 -6)
📝 apps/web/src/app/(signing)/sign/[token]/form.tsx (+4 -4)
📝 apps/web/src/components/forms/2fa/enable-authenticator-app-dialog.tsx (+8 -2)
📝 apps/web/src/components/forms/signin.tsx (+1 -1)
📝 packages/app-tests/e2e/document-auth/action-auth.spec.ts (+3 -3)
📝 packages/app-tests/e2e/pr-718-add-stepper-component.spec.ts (+17 -5)
📝 packages/lib/constants/document-auth.ts (+8 -13)
📝 packages/lib/next-auth/auth-options.ts (+2 -2)
➕ packages/lib/server-only/auth/create-passkey-authentication-options.ts (+76 -0)
📝 packages/lib/server-only/auth/create-passkey-registration-options.ts (+2 -2)
📝 packages/lib/server-only/auth/create-passkey-signin-options.ts (+2 -2)
📝 packages/lib/server-only/auth/create-passkey.ts (+2 -2)
📝 packages/lib/server-only/auth/find-passkeys.ts (+7 -2)
📝 packages/lib/server-only/document/is-recipient-authorized.ts (+134 -7)
📝 packages/lib/types/document-auth.ts (+36 -4)

...and 7 more files

📄 Description

Description

Add the following document action auth options:

• 2FA
• Passkey

If the user does not have the required auth setup, we onboard them directly.

Changes made

Note: Added secondaryId to the VerificationToken schema

Testing Performed

Tested locally, pending preview tests

Checklist

• I have tested these changes locally and they work as expected.
• I have added/updated tests that prove the effectiveness of these changes.
• I have followed the project's coding style guidelines.

Summary by CodeRabbit

• New Features
  • Introduced components for 2FA, account, and passkey authentication during document signing.
  • Added "Require passkey" option to document settings and signer authentication settings.
  • Enhanced form submission and loading states for improved user experience.
• Refactor
  • Optimized authentication components to efficiently support multiple authentication methods.
• Chores
  • Updated and renamed functions and components for clarity and consistency across the authentication system.
  • Refined sorting options and database schema to support new authentication features.
• Bug Fixes
  • Adjusted SignInForm to verify browser support for WebAuthn before proceeding.

---

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/documenso/documenso/pull/1065 **Author:** [@dguyen](https://github.com/dguyen) **Created:** 3/28/2024 **Status:** ✅ Merged **Merged:** 3/31/2024 **Merged by:** [@dguyen](https://github.com/dguyen) **Base:** `main` ← **Head:** `feat/add-document-2fa-passkey` --- ### 📝 Commits (4) - [`6e78d1a`](https://github.com/documenso/documenso/commit/6e78d1ae458ad9a9cb02e72afcfc7e37028de157) feat: add document auth passkey and 2FA - [`671ce93`](https://github.com/documenso/documenso/commit/671ce931df360a27cdfc088f06b4a6b33997e60a) fix: migration - [`4092539`](https://github.com/documenso/documenso/commit/4092539efa29580dc6f79c38cf7960af4d26be3e) fix: tests - [`d37f549`](https://github.com/documenso/documenso/commit/d37f549a09ab749f208f91ba593032b5e705b87f) fix: tests ### 📊 Changes **27 files changed** (+966 additions, -243 deletions) <details> <summary>View changed files</summary> 📝 `apps/web/src/app/(dashboard)/settings/security/passkeys/create-passkey-dialog.tsx` (+3 -1) ➕ `apps/web/src/app/(signing)/sign/[token]/document-action-auth-2fa.tsx` (+172 -0) ➕ `apps/web/src/app/(signing)/sign/[token]/document-action-auth-account.tsx` (+79 -0) 📝 `apps/web/src/app/(signing)/sign/[token]/document-action-auth-dialog.tsx` (+28 -179) ➕ `apps/web/src/app/(signing)/sign/[token]/document-action-auth-passkey.tsx` (+252 -0) 📝 `apps/web/src/app/(signing)/sign/[token]/document-auth-provider.tsx` (+68 -6) 📝 `apps/web/src/app/(signing)/sign/[token]/form.tsx` (+4 -4) 📝 `apps/web/src/components/forms/2fa/enable-authenticator-app-dialog.tsx` (+8 -2) 📝 `apps/web/src/components/forms/signin.tsx` (+1 -1) 📝 `packages/app-tests/e2e/document-auth/action-auth.spec.ts` (+3 -3) 📝 `packages/app-tests/e2e/pr-718-add-stepper-component.spec.ts` (+17 -5) 📝 `packages/lib/constants/document-auth.ts` (+8 -13) 📝 `packages/lib/next-auth/auth-options.ts` (+2 -2) ➕ `packages/lib/server-only/auth/create-passkey-authentication-options.ts` (+76 -0) 📝 `packages/lib/server-only/auth/create-passkey-registration-options.ts` (+2 -2) 📝 `packages/lib/server-only/auth/create-passkey-signin-options.ts` (+2 -2) 📝 `packages/lib/server-only/auth/create-passkey.ts` (+2 -2) 📝 `packages/lib/server-only/auth/find-passkeys.ts` (+7 -2) 📝 `packages/lib/server-only/document/is-recipient-authorized.ts` (+134 -7) 📝 `packages/lib/types/document-auth.ts` (+36 -4) _...and 7 more files_ </details> ### 📄 Description ## Description Add the following document action auth options: - 2FA - Passkey If the user does not have the required auth setup, we onboard them directly. ## Changes made Note: Added secondaryId to the VerificationToken schema ## Testing Performed Tested locally, pending preview tests ## Checklist - [X] I have tested these changes locally and they work as expected. - [X] I have added/updated tests that prove the effectiveness of these changes. - [X] I have followed the project's coding style guidelines. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - **New Features** - Introduced components for 2FA, account, and passkey authentication during document signing. - Added "Require passkey" option to document settings and signer authentication settings. - Enhanced form submission and loading states for improved user experience. - **Refactor** - Optimized authentication components to efficiently support multiple authentication methods. - **Chores** - Updated and renamed functions and components for clarity and consistency across the authentication system. - Refined sorting options and database schema to support new authentication features. - **Bug Fixes** - Adjusted SignInForm to verify browser support for WebAuthn before proceeding. <!-- end of auto-generated comment: release notes by coderabbit.ai --> --- _{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

kerem 2026-02-26 19:32:54 +03:00

• closed this issue
• added the
  pull-request
  label

kerem referenced this issue 2026-02-26 19:33:51 +03:00

[PR #1355] [MERGED] feat: add french #1580

kerem referenced this issue 2026-02-26 19:33:52 +03:00

[PR #1356] [MERGED] chore: add translations #1583

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

chore/translations

feat/signing-required-field-colors

feat/add-field-overflow-settings

chore/extract-translations

release

feat/public-completed-document-access

feat/bulk-download

docs/signing-reminders

feat/document-file-conversion

feat/prefetch-intent-navigation-links

fix/lint-project

fix/replace-linter-with-biome

fix/security-improvements

perf/dynamic-import-posthog

deps/vite-8

chore/migrate-eslint-prettier-to-oxlint-oxfmt

chore/migrate-to-pnpm

feat/add-pdf-image-renderer

feat/add-embed-v2

fix/extract-emails

feat/table-toolbar-filters

copilot/sub-pr-2478

fix/recipients-send-500

feat/external-2fa-codes

feat/protect-signing-urls

fix/checkbox-checked-values

duncan/legacy-api-endpoints

chore/block-po-files-locally

fix/default-embed-v2-document-rejection-to-false

fix/fields-dialog-title-description

copilot/sub-pr-2323

copilot/sub-pr-2267

exp/autoplace-fields

chore/server-hostname-config

fix/template-add-signers

fix/add-field-drag-drop-colors

fix/envelope-updates

feat/allow-formdata

archive/1.13.2

copilot/add-billing-section-account-page

fix/field-coordinate-bounds

feat/update-user-via-admin-dashboard

feat/expiry-links

feat/team-dashboard

feat/change-radio-direction

feat/admin-create-user-with-org

archive/v1.12.11

feat/envelopes-polish

feat/add-attachments-reworked

fix/font-size-fields

feat/improve-resend-dialog

fix/download-certificate-audit-log-safari

fix/duplicate-document-by-id

feat/document-table-filters

fix/template-migration

exp/effect

fix/migrate-template-metadata

exp/keyboard-signature

feat/document-2fa-redo

feat/add-attachments

feat/billing-redirect-flow

fix/add-api-logging

fix/duplicate-document-template-review

feat/handle-redirectto-param

feat/document-processing-status-indicator

feat/customize-doc-audit-log-certificate

feat/document-2fa

feat/organisations-backup-pls

feat/audit-logs-on-completed-document

chore/webhook-trigger-multiselect

exp/bg

chore/single-signer-wording

fix/template-uploading

feat/bin-tab

fix/staging-test

feat/rr7

squish/rr7

archive/nextjs

power-signer

fix/field-placements

fix/team-member-invites

fix/checkbox-field-bugs

fix/leaderboard-query

fix/zapier-list-documents-endpoint

feat/dictate-signers

feat/allow-same-signer-email-multiple-times

wip/rr7-next

experiment/self-sign

fix/oidc-login-error

feat/document-qrcode

feat/mau

feat/copy-links-audit-logs

chore/december-dep-upgrades

wip/rr7

wip/rr7-auth-package

wip/rr7-better-auth-demo

experiment/what-if-user-ids-were-strings-instead-of-numbers

fix/refactor-api-routes

feat/add-owner-completed-email-setting

fix/embed-whitelabel-colors

feat/delete-archive

fun/sign-with-nose

expiry-links

chore/openpage-viral-metrics

fix/sitemap

feat/signing-reminder

feat/automated-fields-signature

feat/add-polish-translations

staging

fix/open-page

openpage-api-deploy

feat/pulumi

chore/angular-embed-docs

exp/next-15

chore/select-signer

feat/save-data-on-blur

feat/save-recipients-on-blur

feat/signature-color

feat/team-email-template

chore/documenso-url

chore/add-ctas

fix/docker-setup-and-documentation

fix/document-creation-timezone

feat/telemetry

feat/integration-animation

fix/render-deployment

feat/publicProfile

feat/redirect-templates

feat/passkey-dialog

fix/refactor-use-template

chore/resend-onUpdate

chore/subject-onBlur

fix/demo-trpc-duration

fix/self-signer-custom-email-message

fix/benchmark

feat/add-myself-as-signer-temp

feat/checkbox-type

feat/update-marketing-header

experiment/queue

feat/error-demo

feat/add-document-auth-options

feat/document-2fa-test

chore/status-widget

open-page-restructure

feat/document-passkey-test

chore/form-reset

fix/neon-db-migration-test

feat/public-profile

feat/launch-week-content

webhooks_plus_api

exp/custom-field-labels

feat/accept-text-signature

feat/document-version-history

fix/delete-recipient-owners

fix/whitespace-title

feat/refresh

exp/million

feat/doc-comments

ElTimuro-patch-1

feat/teams-slugify

pr/537

date-format-setting

exp/millionjs

feat/runtime-env

chore/next-14

feat/chat-with-documents

feat/plan-limits

fix/467-bugsafari-only-unable-to-copy-document-sharing-link

feat/admin-ui-manage-instance

feat/stripe-free-tier

fix/cascade-delete-share-links

feat/marketing-share-document

feat/single-player-mode-polish

feat/next-13-5-3

chore/github-templates

docs/render-deploy

chore/code-of-conduct

chore/team

feat/add-e2e-testing

docs/minor-readme-updatess

docs/dx

feat-early-adopters

feat/open-early-adopters

fix/432-signee-doc-version-doesnt-have-sticky-signing-area

fix/446-cancel-cta-does-nothing-when-a-signer-opens-the-document

fix/445-signer-name-not-persisting

feat/resend-transport

fix/incorrect-completed-stats

feat/update-email-templates

feat/mania

feat/copy-or-tweet

feat/add-design-system-page

feat/single-player-mode

feat/completed-share-link

feat/designsystem

feat/send-email

feat/custom-emails

blog/upcoming-blog-post

feat/single-player-mode-test

feat/reset-password

blog/selfhosting-blog-post

feat/redirect-signed-document

fix/og-description

feat/universal-upload

chore/readme

chore/blogposts

fix/building-documenso-description

feat/admin-ui-metrics

feat/avatar-fallback

feat/templates

feat/blog-post-next

fix/hide-user-selection

feat/disable-sign

feat/marketing-mobile-nav

chore/remove-console-log-warn

feat/add-email-field

fix/redirect-signin-to-dashboard

feat/blog-og-image

feat/redirect-on-send

feat/billing-page

feat/profile-password-form

fix/signature-color-dark-mode

feat/inbox

feat/promise-safety

readme

chore/reduce-refetch-time

feat/update-document-flow

feat/refactor-shared-components

feat/feature-flag

feat/document-authoring

feat/pie-chart-legend

feat/open-page

docs/add-gitpod-setup

docs/add-render-deploy

docs-coventional-commits

feat/table-actions

minor/updates-google-auth-refresh

feat/add-document-animation

feat/new-email-template

feat/password-reset

fix/send-error-double-send

fix/improve-stripe-webhook-endpoint

feat/support-custom-cert-paths

feat/DOC-170-add-name-field

fix/improve-general-styling

feat/DOC-210-sign-dialog-broken-on-second-opening

bugfix-#71/invalid-email-hint

chore/optimise-deps

test-pr

v2.9.1

v2.9.0

v2.8.1

v2.8.0

v2.7.1

v2.7.0

v2.6.1

v2.6.0

v2.5.1

v2.5.0

v2.4.0

v2.3.2

v2.3.1

v2.3.0

v2.2.8

v2.2.7

v2.2.6

v2.2.5

v2.2.4

v2.2.3

v2.2.2

v2.2.1

v2.2.0

v2.1.0

v2.0.14

v2.0.13

v2.0.12

v2.0.11

v2.0.10

v2.0.9

v2.0.8

v2.0.7

v2.0.6

v2.0.5

v2.0.4

v2.0.3

v2.0.2

v2.0.1

v2.0.0

v1.13.2

v1.13.1

v1.13.0

v1.12.10

v1.12.9

v1.12.8

v1.12.7

v1.12.6

v1.12.5

v1.12.4

v1.12.3

v1.12.2-rc.6

v1.12.2-rc.5

v1.12.2-rc.4

v1.12.2-rc.3

v1.12.2-rc.2

v1.12.2-rc.1

v1.12.2-rc.0

v1.12.1

v1.12.0

v1.12.0-rc.8

v1.12.0-rc.7

v1.12.0-rc.6

v1.12.0-rc.5

v1.12.0-rc.4

v1.12.0-rc.3

v1.12.0-rc.2

v1.12.0-rc.1

v1.12.0-rc.0

v1.11.1

v1.11.0

v1.10.3

v1.10.2

v1.10.1

v1.10.0

v1.10.0-rc.5

v1.10.0-rc.4

v1.10.0-rc.3

v1.10.0-rc.2

v1.10.0-rc.1

v1.10.0-rc.0

v1.9.1-rc.9

v1.9.1

v1.9.1-rc.8

v1.9.1-rc.7

v1.9.1-rc.6

v1.9.1-rc.5

v1.9.1-rc.4

v1.9.1-rc.3

v1.9.1-rc.2

v1.9.1-rc.1

v1.9.1-rc.0

v1.9.0

v1.9.0-rc.12

v1.9.0-rc.11

v1.9.0-rc.10

v1.9.0-rc.9

v1.9.0-rc.8

v1.9.0-rc.7

v1.9.0-rc.6

v1.9.0-rc.5

final-marketing-release

v1.9.0-rc.4

v1.9.0-rc.3

v1.9.0-rc.2

v1.9.0-rc.1

v1.9.0-rc.0

v1.8.1

v1.8.1-rc.9

v1.8.1-rc.8

v1.8.1-rc.7

v1.8.1-rc.6

v1.8.1-rc.5

v1.8.1-rc.4

v1.8.1-rc.3

v1.8.1-rc.2

v1.8.1-rc.1

v1.8.1-rc.0

v1.8.0-rc.4

v1.8.0

v1.8.0-rc.3

v1.8.0-rc.2

v1.8.0-rc.1

v1.8.0-rc.0

v1.7.2

v1.7.2-rc.4

v1.7.2-rc.3

v1.7.2-rc.2

v1.7.2-rc.1

v1.7.2-rc.0

v1.7.1-rc.3

v1.7.1

v1.7.1-rc.2

v1.7.1-rc.1

v1.7.1-rc.0

v1.7.0

v1.7.0-rc.5

v1.7.0-rc.4

v1.7.0-rc.3

v1.7.0-rc.2

v1.7.0-rc.1

v1.7.0-rc.0

v1.6.1

v1.6.1-rc.1

v1.6.1-rc.0

v1.6.0

v1.6.0-rc.3

v1.6.0-rc.2

v1.6.0-rc.1

v1.6.0-rc.0

v1.5.6

v1.5.6-rc.4

v1.5.6-rc.3

v1.5.6-rc.2

v1.5.6-rc.1

v1.5.6-rc.0

v1.5.5-rc.8

v1.5.5

v1.5.5-rc.7

v1.5.5-rc.6

v1.5.5-rc.5

v1.5.5-rc.4

v1.5.5-rc.3

v1.5.5-rc.2

v1.5.5-rc.1

v1.5.5-rc.0

v1.5.4-rc.5

v1.5.4

v1.5.4-rc.4

v1.5.4-rc.3

v1.5.4-rc.2

v1.5.4-rc.1

v1.5.4-rc.0

v1.5.3-rc.1

v1.5.3

v1.5.3-rc.0

v1.5.2-rc.8

v1.5.2

v1.5.2-rc.7

v1.5.2-rc.6

v1.5.2-rc.5

v1.5.2-rc.4

v1.5.2-rc.3

v1.5.2-rc.2

v1.5.2-rc.1

v1.5.2-rc.0

v1.5.1

v1.5.1-rc.0

v1.5.0-rc.6

v1.5.0

v1.5.0-rc.5

v1.5.0-rc.4

v1.5.0-rc.3

v1.5.0-rc.2

v1.5.0-rc.1

v1.5.0-rc.0

v1.4.0-rc.0

v1.4.0

v1.3.2-rc.0

v1.3.1-rc.2

v1.3.1

v1.3.1-rc.1

v1.3.1-rc.0

v1.3.0-rc.2

v1.3.0

v1.3.0-rc.1

v1.3.0-rc.0

v1.2.3

v1.2.2

v1.2.1

v1.2.0

v1.1

v1.0

v0.9

before-prettier

0.9-developer-preview

Labels

Clear labels   

Compliance

  

Stale

  

apps: marketing

  

apps: web

  

community

  

component: api

  

component: integrations

  

component: ui

  

duplicate

  

effort: low

  

effort: medium

  

good first issue

  

hacktoberfest

  

help wanted

  

needs triage

  

needs-replication

  

needs-testing

  

on-hold

  

osshack

  

priority: high

  

priority: low

  

priority: medium

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

roadmap

  

status: assigned

  

status: blocked

  

status: in progress

  

status: triage

  

type: bug

  

type: bug

  

type: bug

  

type: documentation

  

type: enhancement

  

type: feature

  

wontfix

  

💎 Bounty

  

💰 Rewarded

  

💰 Rewarded

No labels

Compliance

Stale

apps: marketing

apps: web

community

component: api

component: integrations

component: ui

duplicate

effort: low

effort: medium

good first issue

hacktoberfest

help wanted

needs triage

needs-replication

needs-testing

on-hold

osshack

priority: high

priority: low

priority: medium

pull-request

question

roadmap

status: assigned

status: blocked

status: in progress

status: triage

type: bug

type: bug

type: bug

type: documentation

type: enhancement

type: feature

wontfix

💎 Bounty

💰 Rewarded

💰 Rewarded

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/documenso#1356

No description provided.