- Add LOGIN_BIOMETRIC to AuditAction enum
- Import AuditAction and EntityType in AuthService
- Fix loginWithExternalAuth return type to match AuthResponse interface
- Update biometric API client to use correct response structure
- Update login page to access tokens from nested data structure
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add biometric authentication button with Face ID/Touch ID/Windows Hello support
- Check WebAuthn support and platform authenticator availability on mount
- Handle biometric login flow with proper error handling
- Show biometric button only when device supports it
- Add loading states and user-friendly error messages
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Implements MFA verification dialog for login flow:
MFA Verification Features:
- MFAVerificationDialog component for code entry
- TOTP code input (6-digit authenticator app code)
- Email code input with auto-send on dialog open
- Backup code support mentioned in help text
- Resend email code functionality
- Auto-focus on code input field
- Large, centered code input for easy entry
- Real-time validation (6-digit code required)
Login Flow Integration:
- Detect MFA requirement from login API error
- Show MFA dialog when MFA is enabled for user
- Handle MFA verification success with token storage
- Allow cancellation to retry login
- Seamless transition after successful verification
User Experience:
- Email codes sent automatically
- Visual feedback for code sending/verification
- Error alerts for invalid codes
- Loading states for all async operations
- Clean, focused dialog design
- Tip about backup codes
Implementation Details:
- Integrated with existing login page
- Error handling for MFA-required responses
- Token storage after MFA verification
- Navigation after successful MFA
- Support for both TOTP and Email MFA methods
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Backend changes:
- Add password reset token database migration (V011)
- Create email service with Mailgun integration (EU/US regions)
- Implement password reset flow with secure token generation
- Add email verification endpoints and logic
- Create beautiful HTML email templates for reset and verification
- Add password reset DTOs with validation
- Update User entity with email verification fields
Frontend changes:
- Create forgot password page with email submission
- Create reset password page with token validation
- Add email verification banner component
- Integrate verification banner into main dashboard
- Add password requirements and validation UI
Features:
- Mailgun API ready for EU and US regions
- Secure token expiration (1h for reset, 24h for verification)
- Rate limiting on resend (2min interval)
- Protection against email enumeration
- IP address and user agent tracking
- Token reuse prevention
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
