PHPackages gienielab/silverstripe-passkey-auth - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. gienielab/silverstripe-passkey-auth ActiveSilverstripe-vendormodule[Authentication & Authorization](/categories/authentication) gienielab/silverstripe-passkey-auth =================================== A comprehensive passkey (WebAuthn) authentication module for SilverStripe with secure, passwordless authentication using biometrics, security keys, or device authentication. 6.0.3(4mo ago)2109↓88.9%[1 issues](https://github.com/GienieLab/silverstripe-passkey-auth/issues)BSD-3-ClausePHPPHP ^8.3 Since Aug 7Pushed 3mo agoCompare [ Source](https://github.com/GienieLab/silverstripe-passkey-auth)[ Packagist](https://packagist.org/packages/gienielab/silverstripe-passkey-auth)[ Docs](https://github.com/gienielab/silverstripe-passkey-auth)[ RSS](/packages/gienielab-silverstripe-passkey-auth/feed)WikiDiscussions main Synced 3w ago READMEChangelog (3)Dependencies (6)Versions (22)Used By (0) SilverStripe Passkey Authentication Module ========================================== [](#silverstripe-passkey-authentication-module) [![Latest Stable Version](https://camo.githubusercontent.com/d6df8c0b8b2d5054f16e589783382faf75162249a7379c05585de7ac1a26b550/68747470733a2f2f706f7365722e707567782e6f72672f6769656e69656c61622f73696c7665727374726970652d706173736b65792d617574682f762f737461626c65)](https://packagist.org/packages/gienielab/silverstripe-passkey-auth)[![Total Downloads](https://camo.githubusercontent.com/a2a9a1f18b83dad14d631fdc7ed554c8e130eecdcb48f9ab41531ffd93e51935/68747470733a2f2f706f7365722e707567782e6f72672f6769656e69656c61622f73696c7665727374726970652d706173736b65792d617574682f646f776e6c6f616473)](https://packagist.org/packages/gienielab/silverstripe-passkey-auth)[![License](https://camo.githubusercontent.com/9180a6872b2706db0e57a6d155fb5b7419e75fdecc684db7cb4db312b2437529/68747470733a2f2f706f7365722e707567782e6f72672f6769656e69656c61622f73696c7665727374726970652d706173736b65792d617574682f6c6963656e7365)](https://packagist.org/packages/gienielab/silverstripe-passkey-auth) A comprehensive passkey (WebAuthn) authentication module for SilverStripe that provides secure, passwordless authentication using biometrics, security keys, or device authentication. ✨ Features ---------- [](#-features) - 🔐 **Enterprise Security**: 6-layer security protection with comprehensive threat mitigation - 👆 **Multiple Authentication Methods**: Fingerprint, face recognition, security keys - 🔄 **Dual Login System**: Works alongside traditional password authentication - 📱 **Cross-Platform**: Works on desktop and mobile devices - 🛡️ **Advanced Protection**: Rate limiting, CSRF protection, bot filtering, comprehensive logging - 🛠️ **Admin Management**: Full admin interface for credential management - 👤 **User Self-Service**: Users can manage their own passkeys - 🎨 **Customizable Styling**: YAML-based theming and modern CSS - 🏢 **Enterprise Ready**: MFA compatibility, subsites support, performance optimized 📋 Requirements -------------- [](#-requirements) - SilverStripe ^5.0 || ^6.0 - PHP ^8.3 - HTTPS enabled (required for WebAuthn) - Modern browser with WebAuthn support 🚀 Quick Installation -------------------- [](#-quick-installation) ### 1. Install via Composer [](#1-install-via-composer) ``` composer require gienielab/silverstripe-passkey-auth ``` ### 2. Run Database Build [](#2-run-database-build) ``` vendor/bin/sake dev/build flush=1 ``` ### 3. Configure Domains [](#3-configure-domains) Add to your `.env` file: ``` SS_ALLOWED_HOSTS="yourdomain.com,www.yourdomain.com" ``` ### 4. Basic Configuration [](#4-basic-configuration) Create `app/_config/passkey-config.yml`: ``` --- Name: passkey-config --- GienieLab\PasskeyAuth\Service\PasskeyService: extensions: - GienieLab\PasskeyAuth\Extension\PasskeyHostExtension rp_name: 'Your Application Name' ``` That's it! 🎉 Your passkey authentication is ready to use. 📚 Documentation --------------- [](#-documentation) ### Essential Guides [](#essential-guides) - **[📖 Usage Guide](docs/USAGE.md)** - Complete user and admin guide - **🔒 [Security Guide](docs/SECURITY.md)** - Multi-layer security implementation - **⚙️ [Configuration](docs/HOST_BASED_CONFIG.md)** - Detailed configuration options - **🎨 [Theming & Customization](docs/RP_NAME_CONFIGURATION.md)** - Styling and branding - **📑 [Full Documentation Index](docs/README.md)** - All available documentation ### Quick Links [](#quick-links) - **[🔧 Advanced Configuration](docs/OPTIMIZATION_GUIDE.md)** - Performance, MFA, subsites - **🏗️ [Multiple Domains Setup](docs/MULTIPLE_DOMAINS.md)** - Complex domain configurations - **🔍 [Troubleshooting](docs/USAGE.md#troubleshooting)** - Common issues and solutions 🎯 How It Works -------------- [](#-how-it-works) ### For Users [](#for-users) 1. **Register**: Log in with password, then register your passkey (fingerprint/face/security key) 2. **Login**: Next time, just click "Sign in with Passkey" and authenticate 3. **Manage**: Visit `/passkey-management` to add/remove passkeys ### For Admins [](#for-admins) - **Overview**: Visit `/admin/passkey-credentials` to manage all passkeys - **Configuration**: Check `/admin/passkey-hosts` for domain setup - **Monitoring**: Track usage and security across your organization 🔒 Security & Browser Support -------------------------------- [](#-security--browser-support) ### Enterprise-Grade Security [](#enterprise-grade-security) The module implements **6 layers of security protection**: 1. **🛡️ User-Agent Filtering** - Blocks bots and automated attacks 2. **⚡ Rate Limiting** - Prevents brute force attacks (5 req/hour default) 3. **📏 Request Size Limits** - Stops payload attacks (1KB limit) 4. **🌐 Origin Validation** - Prevents CSRF attacks 5. **🔑 CSRF Token Protection** - Secures state-changing operations 6. **📊 Comprehensive Logging** - Monitors all security events **See [Security Guide](docs/SECURITY.md) for complete implementation details and testing.** ### HTTPS Required [](#https-required) Passkeys require HTTPS in production. Localhost and development domains are automatically allowed. ### Browser Compatibility [](#browser-compatibility) BrowserSupportNotesChrome 67+✅ FullBest supportFirefox 60+✅ FullGood supportSafari 14+✅ FulliOS 14+ requiredEdge 18+✅ FullChromium-based🛠️ Development -------------- [](#️-development) ### Prerequisites [](#prerequisites) - Node.js (v18+) - Yarn - PHP ^8.3 ### Building Assets [](#building-assets) ``` # Install dependencies yarn install # Production build yarn build # Development with watch yarn watch # Development server yarn dev ``` ### Build Features [](#build-features) - **Modern ES6+ Support**: Babel transpilation - **SCSS Compilation**: PostCSS optimization - **Code Splitting**: Performance optimization - **Source Maps**: Development debugging - **Hot Module Replacement**: Instant feedback ### Project Structure [](#project-structure) ``` ├── _config/ # SilverStripe configuration ## 🤝 Contributing 1. Fork the repository 2. Create a feature branch 3. Make your changes 4. Add tests for new functionality 5. Submit a pull request See [Development Documentation](docs/USAGE.md#development--contribution) for detailed guidelines. ## 📄 License This module is released under the MIT license. See [LICENSE](LICENSE) file for details. ## 🙏 Credits Built with: - [web-auth/webauthn-lib](https://github.com/web-auth/webauthn-lib) - WebAuthn server library - [SilverStripe Framework](https://silverstripe.org) - CMS/Framework - WebAuthn specification by [W3C](https://w3c.github.io/webauthn/) ## 🆘 Support - **📖 Documentation**: [Complete documentation](docs/README.md) - **🐛 Bug Reports**: [GitHub Issues](https://github.com/gienielab/silverstripe-passkey-auth/issues) - **💬 Questions**: [SilverStripe Community](https://forum.silverstripe.org) - **🔒 Security Issues**: Email maintainers directly --- **Ready to get started?** Check out the [Usage Guide](docs/USAGE.md) for detailed instructions! 🚀 ``` ### Health Score 41 — FairBetter than 87% of packages Maintenance70 Regular maintenance activity Popularity12 Limited adoption so far Community8 Small or concentrated contributor base Maturity61 Established project with proven stability Bus Factor1 Top contributor holds 85% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~10 days Recently: every ~48 days Total 20 Last Release 129d ago Major Versions v1.1 → 6.0.12026-02-17 PHP version history (2 changes)v1.0.0PHP ^8.1 v1.0.1PHP ^8.3 ### Community Maintainers ![](https://www.gravatar.com/avatar/0ecfd0ca2e9738d8a51df1a37010fd78c2cf60b803ebc55022c03716e6b6543c?d=identicon)[pyap22](/maintainers/pyap22) --- Top Contributors [![priscillay-toast](https://avatars.githubusercontent.com/u/92568971?v=4)](https://github.com/priscillay-toast "priscillay-toast (17 commits)")[![pyap22](https://avatars.githubusercontent.com/u/20524832?v=4)](https://github.com/pyap22 "pyap22 (3 commits)") --- Tags securityAuthenticationsilverstripeFIDO2webauthnPasswordlesspasskeybiometric ### Code Quality TestsPHPUnit Code StylePHP\_CodeSniffer ### Embed Badge ![Health badge](/badges/gienielab-silverstripe-passkey-auth/health.svg) ``` [![Health](https://phpackages.com/badges/gienielab-silverstripe-passkey-auth/health.svg)](https://phpackages.com/packages/gienielab-silverstripe-passkey-auth) ``` ### Alternatives [web-auth/webauthn-lib FIDO2/Webauthn Support For PHP 1237.8M120](/packages/web-auth-webauthn-lib)[web-auth/webauthn-framework FIDO2/Webauthn library for PHP and Symfony Bundle. 51390.8k2](/packages/web-auth-webauthn-framework)[asbiin/laravel-webauthn Laravel Webauthn support 312608.8k](/packages/asbiin-laravel-webauthn)[web-auth/webauthn-symfony-bundle FIDO2/Webauthn Security Bundle For Symfony 65474.5k9](/packages/web-auth-webauthn-symfony-bundle)[silverstripe/mfa Enable multi-factor authentication with fallback codes 10358.1k11](/packages/silverstripe-mfa)[rawilk/profile-filament-plugin Profile & MFA starter kit for filament. 3913.7k](/packages/rawilk-profile-filament-plugin) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)