- Creating (user registration), retrieving (user login), linking multiple, and removing passkeys.
- Issuing a JWT token via Firebase Auth once user is authenticated.
- Passkeys are stored in Firebase Firestore.
- Formatting and parsing of WebAuthn API request / responses done via SimpleWebAuthn library.
Assuming you've already finished those steps in the main README, let's proceed:
-
Setup Firebase:
-
Create a new Firebase project
-
Copy
.env.template.local
to.env.local
:- Fill up all those
NEXT_PUBLIC_FIREBASE_
env. vars.
- Fill up all those
-
Copy
.env.template.server
to.env.server
:- Create a new private key in
Firebase > Project settings > Service accounts
. - Fill up all those
FIREBASE_
env. vars.
- Create a new private key in
-
Don't forget to add
localhost
as Authorized domain in Firebase:- Firebase > Authentication > Settings > Authorised domains.
-
Create a Firebase firestore database
- Don't forget to set security
Rules
:
rules_version = '2'; service cloud.firestore { match /databases/{database}/documents { // Deny all access by default match /{document=**} { allow read, write: if false; } // Match for users collection match /users/{uid} { allow read: if request.auth != null && request.auth.uid == uid; } // Match for passkeys collection match /passkeys/{passkeyId} { allow read: if request.auth != null && resource.data.userId == request.auth.uid; } } }
- Don't forget to set security
-
-
Run
yarn dev
in root repository and checkouthttp://localhost:3000
URL. -
Hey mate, welcome to the WebAuthn world. 🙌
Let me share with you a developer guide to passkeys in my Welcome to the world of passkeys blog post (česky Vítejte ve světě passkeys).