refactor: remove passkey login

2026-05-27 22:32:42 +08:00
parent 89cb98233f
commit 0443c976fc
105 changed files with 410 additions and 2505 deletions
--- a/app.py
+++ b/app.py
@@ -212,7 +212,7 @@ def enforce_csrf_protection():
        return
    if request.path.startswith("/static/"):
        return
-    # 登录挑战相关路由豁免 CSRF（会话尚未建立前需要可用）
+    # 登录和第三方回调相关路由豁免 CSRF（会话尚未建立前需要可用）
    csrf_exempt_paths = {
        "/yuyx/api/login",
        "/api/login",
@@ -221,10 +221,6 @@ def enforce_csrf_protection():
        "/api/auth/social/login-url",
        "/api/auth/social/poll",
        "/api/auth/social/callback",
-        "/yuyx/api/passkeys/login/options",
-        "/yuyx/api/passkeys/login/verify",
-        "/api/passkeys/login/options",
-        "/api/passkeys/login/verify",
    }
    if request.path in csrf_exempt_paths:
        return