1. Go to this page and download the library: Download laragear/webauthn library. Choose the download type require.
2. Extract the ZIP file and open the index.php.
3. Add this code to the index.php.
<?php
require_once('vendor/autoload.php');
/* Start to develop here. Best regards https://php-download.com/ */
laragear / webauthn example snippets
// App\Http\Controllers\LoginController.php
use Laragear\WebAuthn\Http\Requests\AssertedRequest;
public function login(AssertedRequest $request)
{
$user = $request->login();
return response()->json(['message' => "Welcome back, $user->name!"]);
}
namespace App;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Laragear\WebAuthn\Contracts\WebAuthnAuthenticatable;
use Laragear\WebAuthn\WebAuthnAuthentication;
class User extends Authenticatable implements WebAuthnAuthenticatable
{
use WebAuthnAuthentication;
// ...
}
// web.php
use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken;
use Illuminate\Support\Facades\Route;
use Laragear\WebAuthn\Http\Routes as WebAuthnRoutes;
Route::view('welcome');
// WebAuthn Routes
WebAuthnRoutes::register()->withoutMiddleware(VerifyCsrfToken::class);
use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken;
use Laragear\WebAuthn\Http\Routes as WebAuthnRoutes;
WebAuthnRoutes::register(
attest: 'auth/register',
assert: 'auth/login'
)->withoutMiddleware(VerifyCsrfToken::class);
// app\Http\Controllers\WebAuthn\WebAuthnRegisterController.php
use Laragear\WebAuthn\Http\Requests\AttestationRequest;
public function createChallenge(AttestationRequest $request)
{
return $request->toCreate();
}
// app\Http\Controllers\WebAuthn\WebAuthnRegisterController.php
use Laragear\WebAuthn\Http\Requests\AttestedRequest;
public function register(AttestedRequest $attestation)
{
$attestation->save();
return 'Now you can login without passwords!';
}
// app\Http\Controllers\WebAuthn\WebAuthnRegisterController.php
use Laragear\WebAuthn\Http\Requests\AttestedRequest;
public function register(AttestedRequest $request)
{
$request->validate(['alias' => 'nullable|string']);
$attestation->save($request->only('alias'));
// Same as:
// $attestation->save(function ($credentials) use ($request) {
// $credentials->alias = $request->input('alias');
// })
}
// app\Http\Controllers\WebAuthn\WebAuthnRegisterController.php
use Laragear\WebAuthn\Http\Requests\AttestationRequest;
public function createChallenge(AttestationRequest $request)
{
return $request->fastRegistration()->toCreate();
}
// app\Http\Controllers\WebAuthn\WebAuthnRegisterController.php
use Laragear\WebAuthn\Http\Requests\AttestationRequest;
public function registerDevice(AttestationRequest $request)
{
return $request->userless()->toCreate();
}
// app\Http\Controllers\WebAuthn\WebAuthnRegisterController.php
use Laragear\WebAuthn\Http\Requests\AttestationRequest;
public function registerDevice(AttestationRequest $request)
{
return $request->allowDuplicates()->make();
}
// app\Http\Controllers\WebAuthn\WebAuthnLoginController.php
use Laragear\WebAuthn\Http\Requests\AssertionRequest;
public function createChallenge(AssertionRequest $request)
{
$request->validate(['email' => 'sometimes|email']);
return $request->toVerify($request->only('email'));
}
// app\Http\Controllers\WebAuthn\WebAuthnLoginController.php
use Laragear\WebAuthn\Http\Requests\AssertedRequest;
public function createChallenge(AssertedRequest $request)
{
$user = $request->login();
return $user
? response("Welcome back, $user->name!");
: response('Something went wrong, try again!');
}
// app\Http\Controllers\WebAuthn\WebAuthnLoginController.php
use Laragear\WebAuthn\Http\Requests\AssertedRequest;
public function createChallenge(AssertedRequest $request)
{
$user = $request->login(callbacks: fn ($user) => $user->isNotBanned());
return $user
? response("Welcome back, $user->name!");
: response('Something went wrong, try again!');
}
// app\Http\Controllers\WebAuthn\WebAuthnLoginController.php
use Laragear\WebAuthn\Http\Requests\AssertionRequest;
public function createChallenge(AssertionRequest $request)
{
$request->validate(['email' => 'sometimes|email']);
return $request->fastLogin()->toVerify($request->only('email'));
}
// app\Http\Controllers\Auth\LoginController.php
use Illuminate\Support\Facades\Auth;
public function login(Request $request)
{
$request->validate(['email' => 'd with these credentials']);
}
use Illuminate\Support\Facades\Event;
use Laragear\WebAuthn\Events\CredentialCloned;
use App\Notifications\SecureYourDevice;
Event::listen(CredentialCloned::class, function ($cloned) {
$notification = new SecureYourDevice($cloned->credential);
$cloned->credential->user->notify($notification);
});
use Laragear\WebAuthn\Assertion\Validator\AssertionValidation;
$assertion = AssertionValidation::fromRequest();
// Same as...
$assertion = new AssertionValidation(
new JsonTransport($request->json(AssertionValidation::REQUEST_KEYS))
);
use Laragear\WebAuthn\Assertion\Validator\AssertionValidation;
use Laragear\WebAuthn\Assertion\Validator\AssertionValidator;
use Illuminate\Support\Facades\Auth;
public function authenticate(Request $request, AssertionValidator $assertion)
{
$credential = $assertion
->send(AssertionValidation::fromRequest($request))
->thenReturn()
->credential;
Auth::login($credential->user);
return "Welcome aboard, {$credential->user->name}!";
}
use Laragear\WebAuthn\Assertion\Validator\AssertionValidator;
use Laragear\WebAuthn\Assertion\Validator\AssertionValidation;
use Exception;
public function authenticate(Request $request, AssertionValidator $assertion)
{
$credential = $assertion
->send(AssertionValidation::fromRequest($request))
// Add new pipes to the validation.
->pipe(function($validation, $next) {
if ($validation->user?->isNotAwesome()) {
throw new Exception('The user is not awesome');
}
return $next($validation);
})
->thenReturn()
->credential;
Auth::login($credential->user);
return "Welcome aboard, {$credential->user->name}!";
}
namespace App\Providers;
use Illuminate\Support\ServiceProvider;
use Laragear\WebAuthn\Assertion\Validator\AssertionValidator;
class AppServiceProvider extends ServiceProvider
{
public function register()
{
$this->app->extend(AssertionValidator::class, function ($pipeline) {
return $pipeline->pipe([
\App\Auth\WebAuthn\CheckIfUserIsCool::class,
\App\Auth\WebAuthn\LoginUser::class,
\App\Auth\WebAuthn\SendLoginNotification::class,
]);
})
}
}
use FIDO\Generator;
use Laragear\WebAuthn\Attestation\Creator\AttestationCreation;
use Laragear\WebAuthn\Attestation\Creator\AttestationCreator;
use Laragear\WebAuthn\Challenge\Challenge;
public function create(Request $request, AttestationCreator $assertion)
{
$byteBuffer = Generator::lowPowerRandom();
$creation = new AttestationCreation(
user: $request->user(),
challenge: Challenge::make($byteBuffer, 60)
);
return $assertion
->send($creation)
->thenReturn()
->json;
}
namespace App\WebAuthn;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Cache;
use Illuminate\Support\Facades\Request;
use Laragear\WebAuthn\Assertion\Creator\AssertionCreation;
use Laragear\WebAuthn\Assertion\Validator\AssertionValidation;
use Laragear\WebAuthn\Attestation\Creator\AttestationCreation;
use Laragear\WebAuthn\Attestation\Validator\AttestationValidation;
use Laragear\WebAuthn\Contracts\WebAuthnChallengeRepository;
use Laragear\WebAuthn\Challenge\Challenge;
class MyRepository implements WebAuthnChallengeRepository
{
/**
* Puts a ceremony challenge into the repository.
*/
public function store(Challenge $challenge, AttestationCreation|AssertionCreation $ceremony): void
{
Cache::store('redis')->put($this->getFingerprint(), $challenge, $challenge->expiresAt())
}
/**
* Pulls a ceremony challenge out from the repository, if it exists.
*/
public function pull(AttestationValidation|AssertionValidation $ceremony): ?Challenge
{
return Cache::store('redis')->pull($this->getFingerprint());
}
/**
* Create a fingerprint as a cache key.
*/
protected function getFingerprint(): string
{
$user = Auth::user();
// Use the IP, the user class and its auth identifier to build the cache key.
// This should ensure the challenge is unique for the IP and the user.
return implode('|', [
'webauthn_challenge', Request::ip(), get_class($user), $user->getAuthIdentifier()
]);
}
}
namespace App\Providers;
use App\WebAuthn\MyRepository;
use Illuminate\Support\ServiceProvider;
use Laragear\WebAuthn\Contracts\WebAuthnChallengeRepository;
class AppServiceProvider extends ServiceProvider
{
public function boot()
{
$this->app->register(WebAuthnChallengeRepository::class, fn () => new MyRepository())
}
}