Basic Usage
Facade Usage
Introduction
The \Rawilk\Webauthn\Facades\Webauthn offers many methods for interacting with the main WebAuthn service provided by this package. We'll detail the most useful methods below.
Methods
webauthnIsEnabled
This returns true if your configuration value for webauthn.enabled is a truthy value.
$enabled = \Rawilk\Webauthn\Facades\Webauthn::webauthnIsEnabled();
enabledFor
This determines if both webauthn is configured to be enabled, and that the given user has at least one security key registered. This method is most useful in your authentication workflows.
$enabled = \Rawilk\Webauthn\Facades\Webauthn::enabledFor($user);
hasKey
This determines if the given user has at least one WebAuthn key registered to their account.
$hasKey = \Rawilk\Webauthn\Facades\Webauthn::hasKey(auth()->user());
keysFor
Retrieves all WebAuthn keys registered to a given user account.
$webauthnKeys = \Rawilk\Webauthn\Facades\Webauthn::keysFor(auth()->user());
keyCountFor
This returns the amount of WebAuthn keys a user has registered to their account.
$count = \Rawilk\Webauthn\Facades\Webauthn::keyCountFor(auth()->user());
prepareAssertion
This will generate a public key credential object for our front-end JavaScript to use. If you use our \Rawilk\Webauthn\Actions\PrepareAssertionData action, we will call this facade method for you.
$publicKey = \Rawilk\Webauthn\Facades\Webauthn::prepareAssertion($user);
validateAssertion
This is what is used to validate a security key belongs to a given user account. This method is what you'll call in your two-factor challenge workflow. It requires a user instance and the public key credentials generated by our JavaScript. See authentication for more info.
$valid = \Rawilk\Webauthn\Facades\Webauthn::validateAssertion(
$user,
$credentials,
);
prepareAttestation
This will prepare a public key credential object for our front-end JavaScript. In most cases you should be using the \Rawilk\Webauthn\Actions\PrepareKeyCreationData action instead of calling this method on the facade. Behind-the-scenes, the action calls this facade method for you.
$publicKey = \Rawilk\Webauthn\Facades\Webauthn::prepareAttestation(auth()->user());
{tip} You may pass in a second parameter for the attachment type (
platformorcross-platform) if you are providing a separate registration area in the UI for each kind of security key.
registerAttestation
This will validate and register a new WebAuthn key for a given user. In most cases, you do not need to call this facade method, as the \Rawilk\Webauthn\RegisterNewKeyAction will do that for you.
$webauthnKey = \Rawilk\Webauthn\Facades\Webauthn::registerAttestation(auth()->user(), $credentials, $newKeyName);
See register key for more information.
username
This is just a shortcut method to retrieve the config value for the webauthn.username field for a user. By default, this is set to email.
\Rawilk\Webauthn\Facades\Webauthn::username();