Merge branch 'passkey_support'

internal/config/auth.go

@@ -16,6 +16,11 @@ type Auth struct {
 	OAuth []OAuthProvider `yaml:"oauth"`
 	// Ldap contains a list of LDAP providers.
 	Ldap []LdapProvider `yaml:"ldap"`
+	// Webauthn contains the configuration for the WebAuthn authenticator.
+	WebAuthn WebauthnConfig `yaml:"webauthn"`
+	// MinPasswordLength is the minimum password length for user accounts. This also applies to the admin user.
+	// It is encouraged to set this value to at least 16 characters.
+	MinPasswordLength int `yaml:"min_password_length"`
 }
 
 // BaseFields contains the basic fields that are used to map user information from the authentication providers.
@@ -245,3 +250,9 @@ type OAuthProvider struct {
 	// If LogUserInfo is set to true, the user info retrieved from the OAuth provider will be logged in trace level.
 	LogUserInfo bool `yaml:"log_user_info"`
 }
+
+// WebauthnConfig contains the configuration for the WebAuthn authenticator.
+type WebauthnConfig struct {
+	// Enabled specifies whether WebAuthn is enabled.
+	Enabled bool `yaml:"enabled"`
+}

internal/config/config.go

@@ -101,7 +101,7 @@ func defaultConfig() *Config {
 	cfg := &Config{}
 
 	cfg.Core.AdminUser = "admin@wgportal.local"
-	cfg.Core.AdminPassword = "wgportal"
+	cfg.Core.AdminPassword = "wgportal-default"
 	cfg.Core.AdminApiToken = "" // by default, the API access is disabled
 	cfg.Core.ImportExisting = true
 	cfg.Core.RestoreState = true
@@ -164,6 +164,9 @@ func defaultConfig() *Config {
 	cfg.Webhook.Authentication = ""
 	cfg.Webhook.Timeout = 10 * time.Second
 
+	cfg.Auth.WebAuthn.Enabled = true
+	cfg.Auth.MinPasswordLength = 16
+
 	return cfg
 }