Expand description
Server-side passkey plugin for RustAuth.
The plugin is server-only. It exposes Better Auth-inspired HTTP endpoints
under /passkey/*, contributes a passkeys table to the RustAuth schema,
and uses webauthn-rs for WebAuthn ceremony generation and verification.
use rustauth_core::options::RustAuthOptions;
use rustauth_passkey::{passkey, PasskeyOptions};
let options = RustAuthOptions::new()
.secret("secret-a-at-least-32-chars-long!!")
.base_url("https://app.example.com")
.plugin(passkey(PasskeyOptions::default()));WebAuthn registration and authentication state is persisted server-side in
RustAuth’s verification storage and keyed by a signed short-lived cookie.
This is why the crate enables webauthn-rs state serialization: the state is
not trusted from the client and is deleted after successful verification.
Structs§
- After
Authentication Verification Input - After
Registration Verification Input - Authenticator
Selection - Authenticator selection hints for generated registration options.
- Passkey
- Passkey
Advanced Options - Advanced passkey plugin settings.
- Passkey
Authentication Options - Passkey
Authentication Rejected - Rejection returned by authentication
after_verificationhooks to abort login after WebAuthn proof verification without updating the passkey counter or minting a session. - Passkey
Authentication Start - Passkey
Challenge Rate Limit - Per signed challenge cookie rate limits for passkey verify endpoints.
- Passkey
Extensions Input - Passkey
Management Options - Passkey management mutation settings (delete, rename).
- Passkey
Options - Passkey plugin settings.
- Passkey
Rate Limit - Rate limit settings for passkey ceremony endpoints (challenge generation and verification).
- Passkey
Registration Options - Passkey
Registration Start - Passkey
Registration User - User identity used for passkey registration.
- Passkey
Schema Options - Database schema naming overrides for the passkey model.
- Registration
WebAuthn Options - WebAuthn option customizations resolved for one registration request.
- Resolve
Registration User Input - Verified
Authentication - Verified
Passkey Credential - WebAuthn
Config
Enums§
- Authenticator
Attachment - Browser authenticator attachment hint.
- Resident
KeyRequirement - Resident key preference used in registration options.
- User
Verification Requirement - User verification preference used in WebAuthn options.
Constants§
- PASSKEY_
ERROR_ CODES - RATE_
LIMITED_ CEREMONY_ PATHS - Ceremony endpoints that mint or consume WebAuthn challenges.
- UPSTREAM_
PLUGIN_ ID
Functions§
- passkey
- Build the server-side passkey plugin.