mirror of
https://github.com/AvengeMedia/DankMaterialShell.git
synced 2026-04-12 16:52:10 -04:00
feat: Add FIDO2/U2F security key support for lock screen (#1842)
* feat: Add FIDO2/U2F security key support for lock screen Adds hardware security key authentication (e.g. YubiKey) with two modes: Alternative (OR) and Second Factor (AND). Includes settings UI, PAM integration, availability detection, and proper state cleanup. Also fixes persist:false properties being reset on settings file reload. * feat: Add U2F pending timeout and Escape to cancel Cancel U2F second factor after 30s or on Escape key press, returning to password/fingerprint input. * fix: U2F detection honors custom PAM override for non-default key paths
This commit is contained in:
Patrick Fischer
@@ -687,14 +687,24 @@ Item {
|
||||
|
||||
anchors.centerIn: parent
|
||||
name: {
|
||||
if (pam.u2fPending)
|
||||
return "passkey";
|
||||
if (pam.fprint.tries >= SettingsData.maxFprintTries)
|
||||
return "fingerprint_off";
|
||||
if (pam.fprint.active)
|
||||
return "fingerprint";
|
||||
if (pam.u2f.active)
|
||||
return "passkey";
|
||||
return "lock";
|
||||
}
|
||||
size: 20
|
||||
color: pam.fprint.tries >= SettingsData.maxFprintTries ? Theme.error : (passwordField.activeFocus ? Theme.primary : Theme.surfaceVariantText)
|
||||
color: {
|
||||
if (pam.fprint.tries >= SettingsData.maxFprintTries)
|
||||
return Theme.error;
|
||||
if (pam.u2fState !== "")
|
||||
return Theme.tertiary;
|
||||
return passwordField.activeFocus ? Theme.primary : Theme.surfaceVariantText;
|
||||
}
|
||||
opacity: pam.passwd.active ? 0 : 1
|
||||
|
||||
Behavior on opacity {
|
||||
@@ -745,8 +755,7 @@ Item {
|
||||
}
|
||||
}
|
||||
onAccepted: {
|
||||
if (!demoMode && !pam.passwd.active) {
|
||||
console.log("Enter pressed, starting PAM authentication");
|
||||
if (!demoMode && !pam.passwd.active && !pam.u2fPending) {
|
||||
pam.passwd.start();
|
||||
}
|
||||
}
|
||||
@@ -756,6 +765,11 @@ Item {
|
||||
}
|
||||
|
||||
if (event.key === Qt.Key_Escape) {
|
||||
if (pam.u2fPending) {
|
||||
pam.cancelU2fPending();
|
||||
event.accepted = true;
|
||||
return;
|
||||
}
|
||||
clear();
|
||||
}
|
||||
|
||||
@@ -820,6 +834,11 @@ Item {
|
||||
if (root.unlocking) {
|
||||
return "Unlocking...";
|
||||
}
|
||||
if (pam.u2fPending) {
|
||||
if (pam.u2fState === "insert")
|
||||
return "Insert your security key...";
|
||||
return "Touch your security key...";
|
||||
}
|
||||
if (pam.passwd.active) {
|
||||
return "Authenticating...";
|
||||
}
|
||||
@@ -894,7 +913,7 @@ Item {
|
||||
anchors.verticalCenter: parent.verticalCenter
|
||||
iconName: "keyboard"
|
||||
buttonSize: 32
|
||||
visible: !demoMode && !pam.passwd.active && !root.unlocking
|
||||
visible: !demoMode && !pam.passwd.active && !root.unlocking && !pam.u2fPending
|
||||
enabled: visible
|
||||
onClicked: {
|
||||
if (keyboardController.isKeyboardActive) {
|
||||
@@ -995,11 +1014,10 @@ Item {
|
||||
anchors.verticalCenter: parent.verticalCenter
|
||||
iconName: "keyboard_return"
|
||||
buttonSize: 36
|
||||
visible: (demoMode || (!pam.passwd.active && !root.unlocking))
|
||||
visible: (demoMode || (!pam.passwd.active && !root.unlocking && !pam.u2fPending))
|
||||
enabled: !demoMode
|
||||
onClicked: {
|
||||
if (!demoMode) {
|
||||
console.log("Enter button clicked, starting PAM authentication");
|
||||
if (!demoMode && !pam.u2fPending) {
|
||||
pam.passwd.start();
|
||||
}
|
||||
}
|
||||
@@ -1025,6 +1043,12 @@ Item {
|
||||
Layout.fillWidth: true
|
||||
Layout.preferredHeight: 20
|
||||
text: {
|
||||
if (pam.u2fState === "insert" && !pam.u2fPending) {
|
||||
return "Insert your security key...";
|
||||
}
|
||||
if (pam.u2fState === "waiting" && !pam.u2fPending) {
|
||||
return "Touch your security key...";
|
||||
}
|
||||
if (root.pamState === "error") {
|
||||
return "Authentication error - try again";
|
||||
}
|
||||
@@ -1036,10 +1060,10 @@ Item {
|
||||
}
|
||||
return "";
|
||||
}
|
||||
color: Theme.error
|
||||
color: (pam.u2fState === "waiting" || pam.u2fState === "insert") ? Theme.outline : Theme.error
|
||||
font.pixelSize: Theme.fontSizeSmall
|
||||
horizontalAlignment: Text.AlignHCenter
|
||||
opacity: root.pamState !== "" ? 1 : 0
|
||||
opacity: (root.pamState !== "" || ((pam.u2fState === "waiting" || pam.u2fState === "insert") && !pam.u2fPending)) ? 1 : 0
|
||||
|
||||
Behavior on opacity {
|
||||
NumberAnimation {
|
||||
@@ -1607,6 +1631,14 @@ Item {
|
||||
root.passwordBuffer = "";
|
||||
}
|
||||
}
|
||||
onU2fPendingChanged: {
|
||||
if (u2fPending) {
|
||||
passwordField.text = "";
|
||||
root.passwordBuffer = "";
|
||||
if (keyboardController.isKeyboardActive)
|
||||
keyboardController.hide();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Binding {
|
||||
|
||||
Reference in New Issue
Block a user