Skip to content

feat: add passkey (WebAuthn) authentication support#5

Merged
jimmitchell merged 3 commits intomainfrom
feature/passkeys
Mar 28, 2026
Merged

feat: add passkey (WebAuthn) authentication support#5
jimmitchell merged 3 commits intomainfrom
feature/passkeys

Conversation

@jimmitchell
Copy link
Copy Markdown
Owner

@jimmitchell jimmitchell commented Mar 28, 2026

Summary

  • Adds passwordless login via device biometrics or PIN as an alternative to username/password
  • Supports multiple named passkeys (one per device) managed from the Account page
  • Uses lbuchs/webauthn ^2.2 for server-side WebAuthn verification
  • Bumps version to v1.1.0

Changes

  • composer.json — adds lbuchs/webauthn ^2.2
  • src/Database.php — schema v12 migration adds passkeys table
  • src/Auth.php — adds hasPasskeys, getPasskeys, passkeyRegisterOptions, passkeyRegisterComplete, passkeyAuthOptions, passkeyAuthVerify, and webAuthn methods
  • admin/passkey-api.php — new session-based JSON API for WebAuthn registration and authentication
  • admin/index.php — adds "Sign in with a passkey" button above the password form (shown only when passkeys are registered)
  • admin/account.php — adds passkey management panel with list, register, and remove actions
  • admin/assets/admin.css — adds .btn--passkey and .login-divider styles

Test plan

  • Log in with password → Account → Register a passkey (browser prompts for biometric/PIN)
  • Log out → "Sign in with a passkey" button appears → click → authenticate
  • Verify passkey appears in account page with name, registered date, and last-used date
  • Register a second passkey with a different name — both appear in the list
  • Remove a passkey — it disappears and can no longer be used to log in
  • Check login log — passkey_login, passkey_add, and passkey_remove entries appear

🤖 Generated with Claude Code

jimmitchell and others added 3 commits March 27, 2026 21:44
@jimmitchell @claude
feat: add passkey (WebAuthn) authentication support
7f61518 
Adds passwordless login via device biometrics or PIN as an alternative
to username/password. Supports multiple named passkeys (one per device),
passkey management on the account page, and activity logging for
passkey add/remove/login events.

- Add lbuchs/webauthn ^2.2 dependency
- Add passkeys table via schema v12 migration
- Add WebAuthn methods to Auth (register, verify, list, remove)
- Add passkey-api.php JSON API (session-based, not Basic Auth)
- Add "Sign in with a passkey" button to login page
- Add passkey management panel to account page

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@jimmitchell @claude
feat: bump version to v1.1.0
bcc5817 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@jimmitchell @claude
feat: bump composer.json version to v1.1.0
dc5e77e 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@jimmitchell jimmitchell merged commit 8595986 into main Mar 28, 2026
@jimmitchell jimmitchell deleted the feature/passkeys branch March 28, 2026 18:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jimmitchell