Skip to content

UserPasskey

Jump to bottom
Viames Marino edited this page Feb 24, 2026 · 1 revision

Pair framework: UserPasskey

Pair\Models\UserPasskey is the ActiveRecord model for WebAuthn credentials (users_passkeys table).

It stores the credential identifier, public key, signature counter, and lifecycle metadata (usage/revocation timestamps).

Key fields

  • id
  • userId
  • credentialId (base64url)
  • publicKey (PEM)
  • signCount
  • label
  • transports (JSON string)
  • lastUsedAt
  • revokedAt
  • createdAt
  • updatedAt

Static helpers

getActiveByCredentialId(string $credentialId): ?self

Returns one active credential by ID (revoked_at IS NULL).

getActiveByUserId(int $userId): Collection

Returns all active credentials for a user, ordered by newest first.

Instance helpers

getTransports(): array

Returns decoded transport list ([] when missing/invalid).

isRevoked(): bool

Returns true when revokedAt is set.

markUsed(int $signCount): bool

Updates lastUsedAt and updatedAt, and increases stored counter when the new value is higher.

revoke(): bool

Sets revokedAt and updatedAt.

setTransports(array $transports): void

Normalizes and stores transports as JSON.

Typical usage

// list active user passkeys
$items = \Pair\Models\UserPasskey::getActiveByUserId($user->id);

// revoke one credential
$passkey = new \Pair\Models\UserPasskey($id);
if ($passkey->isLoaded() && !$passkey->isRevoked()) {
    $passkey->revoke();
}

See also: PasskeyAuth, PasskeyController, ActiveRecord, Collection.

Clone this wiki locally