{"id":16417386,"url":"https://github.com/justinmayer/kagi","last_synced_at":"2025-04-09T23:15:59.054Z","repository":{"id":53104056,"uuid":"201248997","full_name":"justinmayer/kagi","owner":"justinmayer","description":"WebAuthn security keys and TOTP multi-factor authentication for Django","archived":false,"fork":false,"pushed_at":"2024-05-14T15:29:20.000Z","size":282,"stargazers_count":95,"open_issues_count":13,"forks_count":12,"subscribers_count":5,"default_branch":"main","last_synced_at":"2025-04-09T23:15:54.044Z","etag":null,"topics":["2fa","authentication","django","multi-factor-authentication","security","totp","u2f","webauthn"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-2-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/justinmayer.png","metadata":{"files":{"readme":"README.rst","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.rst","funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.rst","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":"justinmayer"}},"created_at":"2019-08-08T11:59:32.000Z","updated_at":"2025-03-13T20:57:10.000Z","dependencies_parsed_at":"2023-02-13T21:46:14.330Z","dependency_job_id":"dd2ef2e0-560c-4b59-9c6f-5ff700ec41bd","html_url":"https://github.com/justinmayer/kagi","commit_stats":{"total_commits":192,"total_committers":6,"mean_commits":32.0,"dds":0.375,"last_synced_commit":"ab901d2b7b1e17dc48d1acef0fcc9b91dc3cacf4"},"previous_names":[],"tags_count":4,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/justinmayer%2Fkagi","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/justinmayer%2Fkagi/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/justinmayer%2Fkagi/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/justinmayer%2Fkagi/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/justinmayer","download_url":"https://codeload.github.com/justinmayer/kagi/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248125592,"owners_count":21051770,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["2fa","authentication","django","multi-factor-authentication","security","totp","u2f","webauthn"],"created_at":"2024-10-11T07:11:28.903Z","updated_at":"2025-04-09T23:15:59.028Z","avatar_url":"https://github.com/justinmayer.png","language":"Python","funding_links":["https://github.com/sponsors/justinmayer"],"categories":["Python"],"sub_categories":[],"readme":"Kagi\n====\n\n|coc| |build-status| |coverage| |readthedocs| |pypi|\n\n\n.. |coc| image:: https://img.shields.io/badge/%E2%9D%A4-code%20of%20conduct-blue.svg\n    :target: https://github.com/justinmayer/kagi/blob/master/CODE_OF_CONDUCT.rst\n    :alt: Code of Conduct\n\n.. |build-status| image:: https://img.shields.io/github/actions/workflow/status/justinmayer/kagi/main.yml?branch=main\n    :target: https://github.com/justinmayer/kagi/actions\n    :alt: Build Status\n\n.. |coverage| image:: https://img.shields.io/badge/coverage-100%25-brightgreen\n    :target: https://github.com/justinmayer/kagi\n    :alt: Code Coverage\n\n.. |readthedocs| image:: https://readthedocs.org/projects/kagi/badge/?version=latest\n    :target: https://kagi.readthedocs.io/en/latest/\n    :alt: Documentation Status\n\n.. |pypi| image:: https://img.shields.io/pypi/v/kagi.svg\n    :target: https://pypi.org/project/kagi/\n    :alt: PyPI Version\n\n\nKagi provides support for FIDO WebAuthn security keys and TOTP tokens in Django.\n\nKagi is a relatively young project and has not yet been fully battle-tested.\nIts use in a high-impact environment should be accompanied by a thorough\nunderstanding of how it works before relying on it.\n\n`Full documentation is hosted on Read the Docs`_. \n\nInstallation\n------------\n\n::\n\n    python -m pip install kagi\n\nAdd ``kagi`` to ``INSTALLED_APPS`` and include ``kagi.urls`` somewhere in your\nURL patterns. Set: ``LOGIN_URL = \"kagi:login\"``\n\nMake sure that Django’s built-in login view does not have a\n``urlpattern``, because it will authenticate users without their second\nfactor. Kagi provides its own login view to handle that.\n\nDemo\n----\n\nTo see a demo, use the test project included in this repository and perform the\nfollowing steps (creating and activating a virtual environment first is optional).\n\nFirst, install Poetry_::\n\n    curl -sSL https://install.python-poetry.org/ | python -\n\nClone the Kagi source code and switch to its directory::\n\n    git clone https://github.com/justinmayer/kagi.git \u0026\u0026 cd kagi\n\nInstall dependencies, run database migrations, create a user, and serve the demo::\n\n    poetry install\n    poetry shell\n    invoke migrate\n    python testproj/manage.py createsuperuser\n    invoke serve\n\nYou should now be able to see the demo project login page in your browser at:\nhttp://localhost:8000/kagi/login\n\nSupported browsers and versions can be found here: https://caniuse.com/webauthn\nFor domains other than ``localhost``, WebAuthn requires that the site is served\nover a secure (HTTPS) connection.\n\nSince you haven’t added any security keys yet, you will be logged in with just a\nusername and password. Once logged in and on the multi-factor settings page,\nchoose “Manage WebAuthn keys” and then “Add another key” and follow the provided\ninstructions. Once WebAuthn and/or TOTP has been successfully configured, your\naccount will be protected by multi-factor authentication, and when you log in\nthe next time, your WebAuthn key or TOTP token will be required.\n\nYou can manage the keys attached to your account on the key management page at:\nhttp://localhost:8000/kagi/keys\n\n\nUsing WebAuthn Keys on Linux\n============================\n\nSome distros don’t come with udev rules to make USB HID /dev/\nnodes accessible to normal users. If your key doesn’t light up\nand start flashing when you expect it to, this might be what is\nhappening. See https://github.com/Yubico/libu2f-host/issues/2 and\nhttps://github.com/Yubico/libu2f-host/blob/master/70-u2f.rules for some\ndiscussion of the rule to make it accessible. If you just want a quick\ntemporary fix, you can run ``sudo chmod 666 /dev/hidraw*`` every time\nafter you plug in your key (the files disappear after unplugging).\n\n\nGratitude\n=========\n\nThis project would not exist without the significant contributions made by\n`Rémy HUBSCHER \u003chttps://github.com/natim\u003e`_.\n\nThanks to Gavin Wahl for `django-u2f \u003chttps://github.com/gavinwahl/django-u2f\u003e`_,\nwhich served as useful initial scaffolding for this project.\n\n\n.. _Poetry: https://python-poetry.org/docs/#installation\n.. _Full documentation is hosted on Read the Docs: https://kagi.readthedocs.io\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjustinmayer%2Fkagi","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjustinmayer%2Fkagi","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjustinmayer%2Fkagi/lists"}