webauthn-php/examples/readmeRegisterStep1.php at 75a59865869d4a254f5f5f10de40932f374f8f1d · Firehed/webauthn-php · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
<?php

require __DIR__ . '/vendor/autoload.php';

use Firehed\WebAuthn\ExpiringChallenge;

session_start();

// Normally this would come from something like a) a user already logged-in
// with a password or b) a user that was just created and wants to set up
// a WebAuthn credential (who may not have a password at all!)
$user = createUser(getDatabaseConnection(), $_POST['username']);
$_SESSION['user_id'] = $user['id'];

// Generate challenge
$challengeManager = getChallengeManager();
$challenge = $challengeManager->createChallenge();

// Send to user
header('Content-type: application/json');
echo json_encode([
    'challengeB64' => $challenge->getBase64(),
    'user' => $user,
]);