AshAuthentication.Phoenix.LiveSession.RequireWebAuthn
(ash_authentication_phoenix v3.0.0-rc.6)
View Source
A LiveView on_mount hook that enforces WebAuthn second-factor verification
for live routes.
Mirrors AshAuthentication.Phoenix.Plug.RequireWebAuthn for LiveView. With
no current user, falls through. Otherwise:
- If the user has no registered passkeys, redirects to the setup path
(default
"/webauthn-setup"). - If the request lacks
:webauthn_verified_at(or it's older than:max_age), redirects to the verify path (default"/webauthn-verify"). - Otherwise, continues.
Usage
live_session :secure,
on_mount: [
{AshAuthentication.Phoenix.LiveSession, :default},
{AshAuthentication.Phoenix.LiveSession.RequireWebAuthn, :require_webauthn}
] do
live "/admin", AdminLive
endPass options as a tuple to override defaults:
on_mount: [
{AshAuthentication.Phoenix.LiveSession.RequireWebAuthn,
{:require_webauthn, max_age: 300, verify_path: "/step-up"}}
]Options
:strategy— WebAuthn strategy name. Defaults to the first WebAuthn strategy on the user's resource.:setup_path— defaults to"/webauthn-setup".:verify_path— defaults to"/webauthn-verify".:max_age— maximum age (seconds) of:webauthn_verified_at.:current_user_assign— defaults to:current_user.:setup_error_message/:verify_error_message— flash text.
Summary
Functions
LiveView on_mount/4 callback that requires WebAuthn verification.
Checks the socket against the WebAuthn requirements and either continues or redirects.
Functions
LiveView on_mount/4 callback that requires WebAuthn verification.
Use as {AshAuthentication.Phoenix.LiveSession.RequireWebAuthn, :require_webauthn}
or {module, {:require_webauthn, opts}}.
@spec require_webauthn( Phoenix.LiveView.Socket.t(), keyword() ) :: {:cont, Phoenix.LiveView.Socket.t()} | {:halt, Phoenix.LiveView.Socket.t()}
Checks the socket against the WebAuthn requirements and either continues or redirects.