Add passkey

[ai]

Now we have only user/secret login. But passkey suggest more secure option and UX can be better.

We need to support passkey providers (at least): Chrome/Firefox/Safari built-in password manager, 1password, BitWarden, YubiKey.

Our secret now contains two parts: server’s password and encryption key (which we don’t send to server).

• Review current passkey support to find a way to store encryption key in passkey. The best option is PRF passkey’s extension. But we can also use largeBlob extension to support more passkey providers.
• Find a good server’s library to do all logic.
• Add endpoints to api/.
• Add logic and tests to server/.
• Find a good design to not increase number of clicks for sign-up.
• Add new states/pages to core/ and web/ with tests and stories.

[ai]

Good guides:

https://developers.yubico.com/WebAuthn/Concepts/PRF_Extension/Developers_Guide_to_PRF.html

https://levischuck.com/blog/2023-02-prf-webauthn