feat(core): add passkey via account api

[wangsijie]

Summary

New feature: add WebAuthn (Passkey) via account API.

1. Get registraction info from POST /verifications/web-authn/registration
2. Get webauthn response from local device
3. Verify response by POST /verifications/web-authn/registration/verify and get "verification record id".
4. Use this id to complete binding POST /my-account/mfa-verifications

Please notice that some APIs are not covered by integration tests, because we dont' have an easy way to generate mock webauthn response to pass the verification.

Testing

Integration tests & local test.

Checklist

• .changeset
• unit tests
• integration tests
• necessary TSDoc comments

[github-actions]

COMPARE TO master

Total Size Diff ⚠️ 📈 +11.59 KB

Diff by File

Name	Diff
packages/core/src/routes/account/index.openapi.json	📈 +1000 Bytes
packages/core/src/routes/account/index.ts	📈 +196 Bytes
packages/core/src/routes/account/mfa-verifications.ts	📈 +2.7 KB
packages/core/src/routes/verification/index.openapi.json	📈 +1.79 KB
packages/core/src/routes/verification/index.ts	📈 +1.97 KB
packages/integration-tests/src/api/verification-record.ts	📈 +691 Bytes
packages/integration-tests/src/helpers/index.ts	📈 +1 Bytes
packages/integration-tests/src/helpers/sign-in-experience.ts	📈 +209 Bytes
packages/integration-tests/src/tests/api/account/mfa.test.ts	📈 +3.03 KB
packages/schemas/src/foundations/jsonb-types/account-centers.ts	📈 +50 Bytes

[Copilot]

Pull Request Overview

This PR adds a new WebAuthn (Passkey) feature via the account API by introducing endpoints for generating and verifying WebAuthn registration options, and by updating support for MFA verifications.

• Added a new "mfa" field to the account center schema.
• Introduced integration tests for the WebAuthn registration and verification endpoints.
• Added and wired new API routes and their OpenAPI documentation for WebAuthn registration and MFA verifications.

Reviewed Changes

Copilot reviewed 10 out of 10 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
packages/schemas/src/foundations/jsonb-types/account-centers.ts	Added a new "mfa" control using a native enum.
packages/integration-tests/src/tests/api/account/mfa.test.ts	Added tests for generating and verifying WebAuthn registration options.
packages/integration-tests/src/helpers/sign-in-experience.ts	Introduced a combined MFA enabling method for TOTP and WebAuthn.
packages/integration-tests/src/helpers/index.ts	Updated ExpectedErrorInfo type to optionally include "code".
packages/integration-tests/src/api/verification-record.ts	Added new functions for handling WebAuthn registration options and verification.
packages/core/src/routes/verification/index.ts	Added new endpoints for generating and verifying WebAuthn registration.
packages/core/src/routes/verification/index.openapi.json	Provided OpenAPI definitions for the new WebAuthn endpoints.
packages/core/src/routes/account/mfa-verifications.ts	Created a new route to bind a verified WebAuthn registration to a user MFA verification.
packages/core/src/routes/account/index.ts	Imported and conditionally enabled the new MFA verifications route.
packages/core/src/routes/account/index.openapi.json	Added OpenAPI definitions for the new MFA verifications endpoint.

Comments suppressed due to low confidence (1)

packages/core/src/routes/account/mfa-verifications.ts:41

• Typo in error message: 'filed_not_editable' should be 'field_not_editable'.

assertThat(fields.mfa === AccountCenterControlValue.Edit, 'account_center.filed_not_editable');