Basic Usage

Facade Usage

The \Rawilk\Webauthn\Facades\Webauthn offers many methods for interacting with the main WebAuthn service provided by this package. We'll detail the most useful methods below.

This returns true if your configuration value for webauthn.enabled is a truthy value.

$enabled = \Rawilk\Webauthn\Facades\Webauthn::webauthnIsEnabled();

This determines if both webauthn is configured to be enabled, and that the given user has at least one security key registered. This method is most useful in your authentication workflows.

$enabled = \Rawilk\Webauthn\Facades\Webauthn::enabledFor($user);

This determines if the given user has at least one WebAuthn key registered to their account.

$hasKey = \Rawilk\Webauthn\Facades\Webauthn::hasKey(auth()->user());

Retrieves all WebAuthn keys registered to a given user account.

$webauthnKeys = \Rawilk\Webauthn\Facades\Webauthn::keysFor(auth()->user());

This returns the amount of WebAuthn keys a user has registered to their account.

$count = \Rawilk\Webauthn\Facades\Webauthn::keyCountFor(auth()->user());

This will generate a public key credential object for our front-end JavaScript to use. If you use our \Rawilk\Webauthn\Actions\PrepareAssertionData action, we will call this facade method for you.

$publicKey = \Rawilk\Webauthn\Facades\Webauthn::prepareAssertion($user);

This is what is used to validate a security key belongs to a given user account. This method is what you'll call in your two-factor challenge workflow. It requires a user instance and the public key credentials generated by our JavaScript. See authentication for more info.

$valid = \Rawilk\Webauthn\Facades\Webauthn::validateAssertion(

This will prepare a public key credential object for our front-end JavaScript. In most cases you should be using the \Rawilk\Webauthn\Actions\PrepareKeyCreationData action instead of calling this method on the facade. Behind-the-scenes, the action calls this facade method for you.

$publicKey = \Rawilk\Webauthn\Facades\Webauthn::prepareAttestation(auth()->user());

{tip} You may pass in a second parameter for the attachment type (platform or cross-platform) if you are providing a separate registration area in the UI for each kind of security key.

This will validate and register a new WebAuthn key for a given user. In most cases, you do not need to call this facade method, as the \Rawilk\Webauthn\RegisterNewKeyAction will do that for you.

$webauthnKey = \Rawilk\Webauthn\Facades\Webauthn::registerAttestation(auth()->user(), $credentials, $newKeyName);

See register key for more information.

This is just a shortcut method to retrieve the config value for the webauthn.username field for a user. By default, this is set to email.

Model Usage
Caught a mistake? Suggest an edit on GitHub