guardian / play-passkeyauth   0.1.0

Apache License 2.0 GitHub

A Scala 3 library that enables a Play framework app to authenticate with passkeys.

Scala versions: 3.x

Play Passkey Authentication

Build Status

Scala Version Play Version

A library that integrates webauthn4j in a Play framework app,
providing the server-side registration and verification services of the Web Authentication standard.

Structure

This library provides a PasskeyAuth class, which gives you:

  1. a verification action that can be composed with other action builders
  2. a controller that can be included in a Play routes file to perform standard passkey operations.

The library is storage-agnostic. You must decide how best to store passkey data in your infrastructure. Consequently, the integration depends on the implementation of some service traits.

Installation

Add to your build.sbt:

libraryDependencies += "com.gu" %% "play-passkey-auth" % "<version>"

Integration steps

  1. Define a PasskeyUser instance for your user type.
  2. Implement a PasskeyRepository.
  3. Implement a PasskeyChallengeRepository.
  4. Implement a CreationDataExtractor.
  5. Implement an AuthenticationDataExtractor.
  6. Implement a PasskeyNameExtractor.
  7. Implement a UserExtractor.
  8. Pass these as arguments into a PasskeyAuth.

Integration examples

show actual Scala/Play code how to handle common failure cases how it fits into existing Play apps

Statistics

5 Dependencies

No Dependent