My name is Florent Morselli (flɔʁɑ̃ mɔʁseli). I am a French web developer and project manager passionate about PHP, ReactJS and Free, Libre & Open-Source Software. As far as possible, I contribute to projects or publish my own work.

🧡 Since early 2025, I am proud to be a . This allows me to help shape the future of the framework I use and love daily.

The projects I am working on are mainly related to security over web applications. In particular, you will find useful libraries of Symfony bundles for

• One-Time Passwords (TOTP/HOTP) => see https://github.com/Spomky-Labs/otphp,
• Json Web Tokens (JWT, including signed and encrypted ones) => see https://github.com/web-token,
• Web Push => see https://github.com/Spomky-Labs/web-push,
• Concise Binary Object Representation (CBOR) => see https://github.com/Spomky-Labs/cbor-php,
• Webauthn => see https://github.com/web-auth.

Among all of these projects, let me encourage you to read more about Webauthn, a PHP implementation I am working on since end of 2018 and that will help you to get rid of passwords.

In addition, I had the opportunity to share my knowledge during the following events:

• September 2022: I presented the possibilities offered by this technology during the second edition of ApiPlatformCon in September 2022 in Lille, France.
• March 2023, I gave two 1-day workshops during the Symfony Live Paris 2023.
• December 2023, I gave a 1-day workshop during the Symfony Con Brussels 2023.
• March 2024, I presented my feedback on the Progressive Web Apps and gave a 1-day workshop during the Symfony Live 2024.
• March 2025, I gave a 1-day workshop during the Symfony Live 2025

Feel free to ask me about all of these FLOSS projects or reach me on any other topics you may want to discuss.

Hereafter an overview of my involvement in the Open-Source ecosystem. If you wish, you can sponsor me. The GitHub Sponsors page or the Patreon page are made for that purpose. Any help is greatly appreciated and allows me to spend time on these projects.

• web-auth/webauthn-framework - FIDO-U2F / FIDO2 / Webauthn Framework (1 day ago)
• web-auth/doc - Documentation (2 days ago)
• web-auth/cose-lib - Cose Key and Algorithms support (4 days ago)
• web-auth/webauthn-symfony-bundle - [READ ONLY] Webauthn Symfony Bundle (6 days ago)
• web-auth/webauthn-lib - [READ ONLY] Webauthn library (6 days ago)
• Spomky-Labs/web-push-doc - (1 month ago)
• Spomky-Labs/phpwa-doc - This is the repository for the GitBook documentation available at the website below (1 month ago)
• Spomky-Labs/cbor-php - CBOR Encoder/Decoder for PHP (1 month ago)
• web-token/jwt-doc - Documentation for the JWT Framework (1 month ago)
• symfony/symfony - The Symfony PHP framework (1 month ago)

• fix(creation-options): default rp.name to rpId for browser compatibility on web-auth/webauthn-framework (1 day ago)
• Document withExtensions(array) on the options helpers on web-auth/doc (1 day ago)
• refactor(helpers): withExtensions(array) instead of AuthenticationExtensions on web-auth/webauthn-framework (1 day ago)
• Update doc snippets to the array form (no variadic) on web-auth/doc (1 day ago)
• refactor(helpers): drop variadic, take an explicit array argument on web-auth/webauthn-framework (1 day ago)
• Document the typed ClientOverrideRule + fromRules() factory on web-auth/doc (1 day ago)
• feat(policy): typed ClientOverrideRule + fromRules() factory on web-auth/webauthn-framework (1 day ago)
• Document the per-call DI service ID overrides on the helpers on web-auth/doc (1 day ago)
• feat(helpers): per-call overrides for the bundle's DI service IDs on web-auth/webauthn-framework (1 day ago)
• Document the DI service ID YAML node deprecations on web-auth/doc (1 day ago)

• symfony/symfony (v8.1.0-BETA1, 1 day ago) - The Symfony PHP framework
• symfony/http-foundation (v8.1.0-BETA1, 1 day ago) - Defines an object-oriented layer for the HTTP specification
• symfony/security-core (v8.1.0-BETA1, 1 day ago) - Symfony Security Component - Core Library
• symfony/validator (v8.1.0-BETA1, 1 day ago) - Provides tools to validate values
• symfony/html-sanitizer (v8.1.0-BETA1, 1 day ago) - Provides an object-oriented API to sanitize untrusted HTML input for safe insertion into a document's DOM.
• web-auth/webauthn-framework (5.3.2, 3 days ago) - FIDO-U2F / FIDO2 / Webauthn Framework
• web-auth/cose-lib (4.5.2, 4 days ago) - Cose Key and Algorithms support
• api-platform/core (v4.3.4, 1 week ago) - The server component of API Platform: hypermedia and GraphQL APIs in minutes
• symfony/ai (v0.8.1, 2 weeks ago) - Symfony AI is a set of components that integrate AI capabilities into PHP applications
• symfony/ai-platform (v0.8.1, 2 weeks ago) - PHP library for interacting with AI platform provider.

• tacman (2 years ago)
• YousignAdmin (3 years ago)
• passbolt (5 years ago)