Repository files navigation

This is a sample implementation of theCorbado passkeys-first authentication solution usingPHP Laravel. The following packages are being used:

• Corbado web-js
• Corbado PHP SDK

• app/Http/Controllers: contains the controllers for handling HTTP requests
• config: contains the configuration files
• database/migrations: contains the database migration files, including our custom user table
• public: contains the publicly accessible files, such as assets
• resources/views: contains the Blade templates
• routes/web.php: contains the route definitions
• .env: environment variables configuration file

Please follow the steps inGetting started to create and configurea project in theCorbado developer panel.

You need to havePHP andComposer installed to run it.

Use the values you obtained inPrerequisites to configure the following variables inside a.envfile you create in the root folder of this project:

CORBADO_PROJECT_ID=pro-XXXCORBADO_API_SECRET=corbado1_XXXCORBADO_FRONTEND_API=https://${CORBADO_PROJECT_ID}.frontendapi.cloud.corbado.ioCORBADO_BACKEND_API=https://backendapi.cloud.corbado.io

Run

composer install

to install all dependencies.

Then generate the Laravel application key and run the database migrations:

php artisan key:generatephp artisan migrate

Finally, you can run the project locally with

php artisan serve

Laravel uses theAPP_KEY (set byphp artisan key:generate) to secure encrypted data. This key is critical for:

• Encrypting and decrypting cookies and session data
• Generating/validating signed URLs and CSRF tokens
• Protecting other framework-encrypted payloads

Without a validAPP_KEY, the framework cannot safely encrypt or validate data, which can cause authentication/session issues and security risks.

• Community for Developer Support:https://bit.ly/passkeys-community
• Passkeys Debugger:https://www.passkeys-debugger.io/
• Passkey Subreddit:https://www.reddit.com/r/passkey/

This example application uses telemetry. By gathering telemetry data, we gain a more comprehensive understanding of how our SDKs, components, and example applications are utilized across various scenarios. This information is crucial in helping us prioritize features that are beneficial and impactful for the majority of our users. Read ourofficial documentation for more details.

To disable telemetry, add the following line to your.env file:

CORBADO_TELEMETRY_DISABLED=true