Webauthn Framework
v4.8
v4.8
  • WebAuthn: Strong Authentication for your PHP applications
  • The project
    • What is Webauthn?
    • Web Browser Support
    • Installation
    • Contributing
  • Webauthn In A Nutshell
    • Authenticators
    • Ceremonies
    • User Verification
    • Metadata Statement
    • Extensions
  • Prerequisites
    • The Relying Party
    • Credential Source
    • User Entity
    • Javascript
  • Pure PHP
    • Webauthn Server
    • Input Loading
    • Input Validation
    • Register Authenticators
    • Authenticate Your Users
    • Advanced Behaviours
      • Debugging
      • User Verification
      • Authenticator Selection Criteria
      • Authentication without username
      • Authenticator Algorithms
      • Attestation and Metadata Statement
      • Extensions
      • Authenticator Counter
      • Dealing with “localhost”
  • Symfony Bundle
    • Bundle Installation
    • Credential Source Repository
    • User Entity Repository
    • Firewall
    • Configuration References
    • Advanced Behaviors
      • Register Additional Authenticators
      • Debugging
      • User Verification
      • Attestation and Metadata Statement
      • Authenticator Selection Criteria
      • Authentication without username
      • Extensions
      • Authenticator Counter
      • Dealing with “localhost”
  • Migration
    • From v3.x to v4.0
    • From 4.x to 5.0
  • Symfony UX
    • Installation
    • Integration
Powered by GitBook
On this page
  • User Entity
  • Registration Capability

Was this helpful?

Edit on GitHub
Export as PDF
  1. Symfony Bundle

User Entity Repository

User Entity

Your application certainly has a user repository. Good news: there is no need to modify it!

The User Entity Repository can be completely decoupled from the user entity used by your application.

This repository should be declared as a Symfony service and shall implement Webauthn\Bundle\Repository\PublicKeyCredentialUserEntityRepositoryInterface.

Hereafter an example where the application User Repository is injected. This repository uses Doctrine and provides findOneBy* methods.

src/Repository/WebauthnUserEntityRepository.php
<?php

declare(strict_types=1);

namespace App\Repository;

use App\Entity\User;
use Webauthn\Bundle\Repository\PublicKeyCredentialUserEntityRepositoryInterface;
use Webauthn\PublicKeyCredentialUserEntity;

final class WebauthnUserEntityRepository implements PublicKeyCredentialUserEntityRepositoryInterface
{
    /**
     * The UserRepository $userRepository is the repository
     * that already exists in the application
     */
    public function __construct(private UserRepository $userRepository)
    {
    }

    public function findOneByUsername(string $username): ?PublicKeyCredentialUserEntity
    {
        /** @var User|null $user */
        $user = $this->userRepository->findOneBy([
            'username' => $username,
        ]);

        return $this->getUserEntity($user);
    }

    public function findOneByUserHandle(string $userHandle): ?PublicKeyCredentialUserEntity
    {
        /** @var User|null $user */
        $user = $this->userRepository->findOneBy([
            'id' => $userHandle,
        ]);

        return $this->getUserEntity($user);
    }

    /**
     * Converts a Symfony User (if any) into a Webauthn User Entity
     */
    private function getUserEntity(null|User $user): ?PublicKeyCredentialUserEntity
    {
        if ($user === null) {
            return null;
        }

        return new PublicKeyCredentialUserEntity(
            $user->getUsername(),
            $user->getUserIdentifier(),
            $user->getDisplayName(),
            null
        );
    }
}

Registration Capability

By default, the User Entity Repository is not able to register any user account. You can add this behaviour by implementing the following interfaces:

  • Webauthn\Bundle\Repository\CanRegisterUserEntity

  • Webauthn\Bundle\Repository\CanGenerateUserEntity

PreviousCredential Source RepositoryNextFirewall

Last updated 1 year ago

Was this helpful?