stages: add WebAuthn stage (#550)

* core: add User.uid for globally unique user ID

* admin: fix ?next for Flow list

* stages: add initial webauthn implementation

* web: add ak-flow-submit event to submit flow stage

* web: show error message for webauthn registration

* admin: fix next param not redirecting correctly

* stages/webauthn: remove form

* stages/webauthn: add API

* web: update flow diagram on ak-refresh

* stages/webauthn: add initial authentication

* stages/webauthn: initial authentication implementation

* web: cleanup webauthn utils

* stages: rename otp_* to authenticator and move webauthn to authenticator

* docs: fix broken links

* stages/authenticator_*: fix template paths

* stages/authenticator_validate: add device classes

* stages/authenticator_webauthn: implement django_otp.devices

* stages/authenticator_*: update default stage names

* web: add button to create stage on flow page

* web: don't minify HTML, remove nbsp

* admin: fix typo in stage list

* stages/*: use common base class for stage serializer

* stages/authenticator_*: create default objects after rename

* tests/e2e: adjust stage order

website/docs/flow/stages/authenticator_static/index.md

@@ -1,5 +1,5 @@
 ---
-title: OTP Static stage
+title: Static Authenticator stage
 ---
 
 This stage configures static OTP Tokens, which can be used as a backup method to time-based OTP tokens.

website/docs/flow/stages/authenticator_totp/index.md

@@ -1,5 +1,5 @@
 ---
-title: OTP Time stage
+title: TOTP stage
 ---
 
 This stage configures a time-based OTP Device, such as Google Authenticator or Authy.

website/docs/flow/stages/authenticator_validate/index.md

@@ -0,0 +1,8 @@
+---
+title: Authenticator Validation Stage
+---
+
+This stage validates an already configured OTP Device. This device has to be configured using any of the other authenticator stages:
+
+- [TOTP authenticator stage](../authenticator_totp/index.md)
+- [Static authenticator stage](../authenticator_static/index.md).

website/docs/flow/stages/otp_validation/index.md

@@ -1,5 +0,0 @@
----
-title: OTP Validation stage
----
-
-This stage validates an already configured OTP Device. This device has to be configured using an [OTP Time stage](../otp_time/index.md) or [OTP Static stage](../otp_static/index.md).

website/sidebars.js

@@ -46,14 +46,14 @@ module.exports = {
             type: "category",
             label: "Stages",
             items: [
+                "flow/stages/authenticator_static/index",
+                "flow/stages/authenticator_totp/index",
+                "flow/stages/authenticator_validate/index",
                 "flow/stages/captcha/index",
                 "flow/stages/dummy/index",
                 "flow/stages/email/index",
                 "flow/stages/identification/index",
                 "flow/stages/invitation/index",
-                "flow/stages/otp_static/index",
-                "flow/stages/otp_time/index",
-                "flow/stages/otp_validation/index",
                 "flow/stages/password/index",
                 "flow/stages/prompt/index",
                 "flow/stages/prompt/validation",

website/static/flows/login-2fa.pbflow

@@ -41,7 +41,7 @@
                 "pk": "37f709c3-8817-45e8-9a93-80a925d293c2",
                 "name": "default-authentication-flow-totp"
             },
-            "model": "authentik_stages_otp_validate.otpvalidatestage",
+            "model": "authentik_stages_authenticator_validate.AuthenticatorValidateStage",
             "attrs": {}
         },
         {