generated from Firehed/php-library-template
-
-
Notifications
You must be signed in to change notification settings - Fork 3
Expand file tree
/
Copy pathreadmeLoginStep3.php
More file actions
55 lines (43 loc) · 1.5 KB
/
readmeLoginStep3.php
File metadata and controls
55 lines (43 loc) · 1.5 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
<?php
require __DIR__ . '/vendor/autoload.php';
use Firehed\WebAuthn\{
Codecs,
ResponseParser,
};
session_start();
$pdo = getDatabaseConnection();
$json = file_get_contents('php://input');
assert($json !== false);
$data = json_decode($json, true);
assert(is_array($data));
$parser = new ResponseParser();
$getResponse = $parser->parseGetResponse($data);
$rp = getRelyingParty();
$credentialContainer = getCredentialsForUserId($pdo, $_SESSION['authenticating_user_id']);
$challengeManager = getChallengeManager();
try {
$updatedCredential = $getResponse->verify($challengeManager, $rp, $credentialContainer);
} catch (Throwable) {
// Verification failed. Send an error to the user?
header('HTTP/1.1 403 Unauthorized');
return;
}
// Authenticating has succeeded!
// Update the credential
$codec = new Codecs\Credential();
$encodedCredential = $codec->encode($updatedCredential);
$stmt = $pdo->prepare('UPDATE user_credentials SET credential = :encoded WHERE id = :id AND user_id = :user_id');
$result = $stmt->execute([
'id' => $updatedCredential->getStorageId(),
'user_id' => $_SESSION['authenticating_user_id'],
'encoded' => $encodedCredential,
]);
header('HTTP/1.1 200 OK');
// Send back whatever your webapp needs to finish authentication on the client
// side and update any additional state
header('Content-type: application/json');
echo json_encode([
'success' => true,
'user_id' => $_SESSION['authenticating_user_id'],
'newCredId' => $updatedCredential->getStorageId(),
]);