Implement U2F authentication option

Open itismadness opened this issue 7 years ago • 1 comments

Nov 02 '18 03:11 itismadness

FYI, BioGazelle has a robust WebAuthn/FIDO2 implementation. I'll link the backend library documentation, the frontend library documentation, and the source for the various files:

Gazelle\WebAuthn\Base
Gazelle\WebAuthn\CredentialSourceRepository
Gazelle\WebAuthn\UserEntityRepository
webAuthnAssert.js
webAuthnCreate.js
Database migration for credentials

Basically, the main components are the base class (common implementation) and a couple of small classes to store and retrieve credentials in the database (specific implementations). Then there's some JavaScript that hits your API to interact with the backend classes, do the handshakes, and communicate the results to the user.

Depending on where you decide to call webAuthnAssert.js in your login flow, you can use WebAuthn either as passwordless single-factor authentication or as multi-factor authentication with or without TOTP. I'm using the passwordless option to limit logins to one request.

Sep 22 '23 14:09 pjc09h