Skip to content

Latest commit

 

History

History
67 lines (45 loc) · 2.33 KB

File metadata and controls

67 lines (45 loc) · 2.33 KB

Authenticate with passkeys example - Passkeys with SimpleWebAuthn & Firebase

  • Creating (user registration), retrieving (user login), linking multiple, and removing passkeys.
  • Issuing a JWT token via Firebase Auth once user is authenticated.
  • Passkeys are stored in Firebase Firestore.
  • Formatting and parsing of WebAuthn API request / responses done via SimpleWebAuthn library.

👉 Check out the demo.

Development

How to start it locally?

Assuming you've already finished those steps in the main README, let's proceed:

  1. Setup Firebase:

    1. Create a new Firebase project

    2. Copy .env.template.local to .env.local:

      • Fill up all those NEXT_PUBLIC_FIREBASE_ env. vars.
    3. Copy .env.template.server to .env.server:

      • Create a new private key in Firebase > Project settings > Service accounts.
      • Fill up all those FIREBASE_ env. vars.
    4. Don't forget to add localhost as Authorized domain in Firebase:

      • Firebase > Authentication > Settings > Authorised domains.
    5. Create a Firebase firestore database

      • Don't forget to set security Rules:
      rules_version = '2';
      
      service cloud.firestore {
          match /databases/{database}/documents {
              // Deny all access by default
              match /{document=**} {
                  allow read, write: if false;
              }
      
              // Match for users collection
              match /users/{uid} {
                  allow read: if request.auth != null && request.auth.uid == uid;
              }
      
              // Match for passkeys collection
              match /passkeys/{passkeyId} {
                  allow read: if request.auth != null && resource.data.userId == request.auth.uid;
              }
          }
      }
      
  2. Run yarn dev in root repository and checkout http://localhost:3000 URL.

  3. Hey mate, welcome to the WebAuthn world. 🙌


💡 Are you want to learn more about WebAuthn and passkeys?

Let me share with you a developer guide to passkeys in my Welcome to the world of passkeys blog post (česky Vítejte ve světě passkeys).