Facade Usage

• Introduction
• Methods
  • webauthnIsEnabled
  • enabledFor
  • hasKey
  • keysFor
  • keyCountFor
  • prepareAssertion
  • validateAssertion
  • prepareAttestation
  • registerAttestation
  • username

#Introduction

The \Rawilk\Webauthn\Facades\Webauthn offers many methods for interacting with the main WebAuthn service provided by this package. We'll detail the most useful methods below.

#Methods

#webauthnIsEnabled

This returns true if your configuration value for webauthn.enabled is a truthy value.

$enabled = \Rawilk\Webauthn\Facades\Webauthn::webauthnIsEnabled();

#enabledFor

This determines if both webauthn is configured to be enabled, and that the given user has at least one security key registered. This method is most useful in your authentication workflows.

$enabled = \Rawilk\Webauthn\Facades\Webauthn::enabledFor($user);

#hasKey

This determines if the given user has at least one WebAuthn key registered to their account.

$hasKey = \Rawilk\Webauthn\Facades\Webauthn::hasKey(auth()->user());

#keysFor

Retrieves all WebAuthn keys registered to a given user account.

$webauthnKeys = \Rawilk\Webauthn\Facades\Webauthn::keysFor(auth()->user());

#keyCountFor

This returns the amount of WebAuthn keys a user has registered to their account.

$count = \Rawilk\Webauthn\Facades\Webauthn::keyCountFor(auth()->user());

#prepareAssertion

This will generate a public key credential object for our front-end JavaScript to use. If you use our \Rawilk\Webauthn\Actions\PrepareAssertionData action, we will call this facade method for you.

$publicKey = \Rawilk\Webauthn\Facades\Webauthn::prepareAssertion($user);

#validateAssertion

This is what is used to validate a security key belongs to a given user account. This method is what you'll call in your two-factor challenge workflow. It requires a user instance and the public key credentials generated by our JavaScript. See authentication for more info.

$valid = \Rawilk\Webauthn\Facades\Webauthn::validateAssertion(
    $user,
    $credentials,
);

#prepareAttestation

This will prepare a public key credential object for our front-end JavaScript. In most cases you should be using the \Rawilk\Webauthn\Actions\PrepareKeyCreationData action instead of calling this method on the facade. Behind-the-scenes, the action calls this facade method for you.

$publicKey = \Rawilk\Webauthn\Facades\Webauthn::prepareAttestation(auth()->user());

{tip} You may pass in a second parameter for the attachment type (platform or cross-platform) if you are providing a separate registration area in the UI for each kind of security key.

#registerAttestation

This will validate and register a new WebAuthn key for a given user. In most cases, you do not need to call this facade method, as the \Rawilk\Webauthn\RegisterNewKeyAction will do that for you.

$webauthnKey = \Rawilk\Webauthn\Facades\Webauthn::registerAttestation(auth()->user(), $credentials, $newKeyName);

See register key for more information.

#username

This is just a shortcut method to retrieve the config value for the webauthn.username field for a user. By default, this is set to email.

\Rawilk\Webauthn\Facades\Webauthn::username();