[4.1] webauthn rename/delete

[brianteeman]

Testing Instructions

• This is for webauthn so you must be testing on a site with https
• This fixes an error that is only in nightly/current branch

Set up a webauthn authenticator.
save and close the user
go back to the user and rename the authenticator
save and close the user
go back to the user and delete the authenticator

Actual result BEFORE applying this Pull Request

Edit Name and Remove buttons dont do anything

Expected result AFTER applying this Pull Request

Buttons work as epxected

Documentation Changes Required

[MacJoom]

I have tested this item ✅ successfully on 0aac831

Works! Had to upload the media/plg_system_webauthn/js directory from a local installation where i could run npm to a hosted installation where i have https...

---

_{This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/37676.}

[heelc29]

I have tested this item ✅ successfully on 0aac831

---

_{This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/37676.}

[richard67]

RTC

---

_{This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/37676.}

[nikosdion]

@bembelimen This is a bug about which I notified the project before you released Joomla 4.1.3, on April 26th, 2022. Yet, you published 4.1.3 on May 10th, 2022 — two weeks after my bug report — with a broken WebAuthn implementation. Unfortunate as it may be, I thought that maybe you didn't want to merge it after you released an RC (even though I see other merges, but whatever).

Now I see that Joomla 4.1.4 is released on May 24th, 2022 — four weeks after I reported this bug — and WebAuthn is still broken even though this PR is marked RTC 4 days prior to the 4.1.4 release. Good grief!

Sure, I can register authenticators but I cannot edit or remove them. At this point it's completely dead in the water and it's becoming an issue on my own site as I want to remove a key I added 3 weeks ago but is not protected with a PIN. I guess I have to edit my database, something I can do as a developer but not exactly the user experience we want to sell to our users, is it?

Before you all tell me that I should have tested this PR — no, I couldn't, for obvious reasons. @brianteeman simply copied my bug fix from my PR against the 4.2-dev branch, as I told him to do when reporting the bug. I cannot be the person who wrote the code and the person who tested it, regardless of what the Git history claims. It would be cheating and a valid reason for not being allowed to contribute to the project.

[bembelimen]

Thx