Passkeys authentication for Flutter

A flutter plugin for integrating the Blisache passwordless authentication web service.

Call flow

Here is an overview of the passwordless authentication workflow :

Blisache sequence diagram for flutter

Getting started

This plugin requires :

  • An account on Blisache with a registered domain
  • App association files (assetlinks.json on android, apple-app-site-association on ios/macos) hosted at your domain's website

You can find more on how to integrate this plugin on Blisache reference documentation.

Usage

Creating an account

import 'dart:convert';
import 'package:blisache/blisache.dart';
import 'package:http/http.dart' as http;

// Create an instance of the plugin
final yourDomain = 'example.com';
final blisachePlugin = Blisache(domainForAll: yourDomain);

// Call `register()` with user login and name
final registerSignedResponse = await blisachePlugin.register(login: "mylogin", name: "my user name");

// Forward `registerSignedResponse` to your backend's register endpoint for further validations
// See https://github.com/Blisache/blisache/blob/main/flutter%2Bnodejs/server.js
// See https://blisache.com/documentation/guide/integration/server_side_validation.html
final registerResponse = await http.post(
    Uri.https(yourDomain, '/server/register'),
    headers: { "Content-Type": "application/json" },
    body: jsonEncode(registerSignedResponse.toJson())
);

// Assert registration success
assert(registerResponse.statusCode == 200);
print("registered");

Authenticating a user

import 'dart:convert';
import 'package:blisache/blisache.dart';
import 'package:http/http.dart' as http;

// Create an instance of the plugin
final yourDomain = 'example.com';
final blisachePlugin = Blisache(domainForAll: yourDomain);

// Call `authenticate()` with optional login (null for resident keys)
final authenticateSignedResponse = await blisachePlugin.authenticate(login: "mylogin");

// Forward `authenticateSignedResponse` to your backend's authenticate endpoint for further validations
// See https://github.com/Blisache/blisache/blob/main/flutter%2Bnodejs/server.js
// See https://blisache.com/documentation/guide/integration/server_side_validation.html
final authenticateResponse = await http.post(
    Uri.https(yourDomain, '/server/authenticate'),
    headers: { "Content-Type": "application/json" },
    body: jsonEncode(authenticateSignedResponse.toJson())
);

// Assert authentication success
assert(authenticateResponse.statusCode == 200);
print("authenticated");

Libraries

blisache
blisache_method_channel
blisache_platform_interface
blisache_web
model/attestation_conveyance_preference
model/attestation_public_key_credential
model/authenticate_complete_request
model/authenticate_init_request
model/authenticate_init_response
model/authentication_public_key_credential
model/authenticator_assertion_response
model/authenticator_attachment
model/authenticator_attestation_response
model/blisache_action
model/blisache_error_response
model/blisache_response
model/blisache_result
model/credential_revoke_init_request
model/register_complete_request
model/register_init_request
model/register_init_response
model/resident_key_requirement
model/signed_response
model/user_id_validation_constraint
model/user_verification_requirement
uint8list_json_converter