FIDO2 authentication on the forum does not work
Happening on https://
or .onion
version of this forums?
Not sure I’ll be able to fix this. Seems quite complex to debug and upstream isn’t providing much support yet.
It is happening on https://
This might require discourse’s force_https
setting but if I enable this, it could break this forums’s .onion
. With some server config changes, I managed to enable force_https
and yet not break this forums’s .onion
. I hope it does not have any bad site effects discovered later. Does this help?
What you could also try is making an account at https://meta.discourse.org and see if you can reproduce the issue there too. That would actually be good if the bug happens there too because then it’s unspecific to Whonix forums and maybe a bug that upstream could fix more easily.
(Severing discourse on two different domain names, let alone https + onion is already unsupported by upstream. And this was difficult to achieve. → Can I have two domains pointing towards the same IP address without redirect? - support - Discourse Meta)
Yes, FIDO2 auth works now
Excellent!
I mean you could do that. Or you could force a weaker method (TOTP) as a fallback. Neither of which is ideal though.