{"id":13703078,"url":"https://github.com/wallix/webauthn","last_synced_at":"2025-06-23T08:41:01.893Z","repository":{"id":56246536,"uuid":"176747632","full_name":"wallix/webauthn","owner":"wallix","description":"node.js webauthn framework","archived":false,"fork":false,"pushed_at":"2024-01-09T00:23:26.000Z","size":1478,"stargazers_count":106,"open_issues_count":28,"forks_count":24,"subscribers_count":6,"default_branch":"master","last_synced_at":"2025-04-02T06:07:25.816Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/wallix.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-03-20T14:07:31.000Z","updated_at":"2025-02-06T14:42:27.000Z","dependencies_parsed_at":"2024-01-25T04:47:38.460Z","dependency_job_id":"bbb5f8d9-3a85-4e73-8cf4-4fd0ff9ee2e6","html_url":"https://github.com/wallix/webauthn","commit_stats":{"total_commits":36,"total_committers":8,"mean_commits":4.5,"dds":0.6111111111111112,"last_synced_commit":"6a3d3c54056c9e2550264801dafdc41e37d0a19a"},"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wallix%2Fwebauthn","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wallix%2Fwebauthn/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wallix%2Fwebauthn/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wallix%2Fwebauthn/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/wallix","download_url":"https://codeload.github.com/wallix/webauthn/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248018061,"owners_count":21034048,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-02T21:00:49.983Z","updated_at":"2025-04-09T10:10:09.934Z","avatar_url":"https://github.com/wallix.png","language":"JavaScript","funding_links":[],"categories":["Server Libraries"],"sub_categories":[],"readme":"# webauthn\n\nImplementation of strong authentication with the webauthn standard and FIDO2.\nStrong authentication is an authentication method using a physical key.\n\nFor a more thorough introduction see these two nice articles:\n\n- [introduction](https://medium.com/@herrjemand/introduction-to-webauthn-api-5fd1fb46c285)\n- [verifying fido2 responses](https://medium.com/@herrjemand/verifying-fido2-responses-4691288c8770)\n\n## Installation\n\n```js\nnpm install @webauthn/client\nnpm install @webauthn/server\n```\n\n## usage\n\n`Webauthn` is composed of two parts `@webauthn/client` and `@webauthn/server`\n\n### On the browser\n\n```js\nimport { \n    solveRegistrationChallenge,\n    solveLoginChallenge\n} from '@webauthn/client';\n```\n\n- `solveRegistrationChallenge`:\n    convert the challenge returned by the server on the register route into the response to be returned\n- `solveLoginChallenge`:\n    convert the challenge returned by the server on the login route into the response to be returned\n\nSee an example in example/front\n\n### On the server\n\n```js\nimport {\n    parseRegisterRequest,\n    generateRegistrationChallenge,\n    parseLoginRequest,\n    generateLoginChallenge,\n    verifyAuthenticatorAssertion,\n} from '@webauthn/server';\n```\n\n- `parseRegisterRequest`:\n    Extract challenge and key from the register request body. The challenge allow to retrieve the user, and the key must be stored server side linked to the user.\n- `generateRegistrationChallenge`:\n    Generate a challenge from a relying party and a user `{ relyingParty, user }` to be sent back to the client, in order to register\n- `parseLoginRequest`:\n    Extract challenge and KeyId from the login request.\n- `generateLoginChallenge`:\n    Generate challengeResponse from the key sent by the client during login. challengeResponse.challenge should be stored serverside linked to the corresponding user\n- `verifyAuthenticatorAssertion`:\n    Take the loginChallenge request body and the key stored with the user, and return true if it passes the authenticator assertion\n\nSee an example in example/server\n\n\n## Roadmap\n\nFor now only fido-u2f and packed format are implemented\n\n- Implement android-key format\n- Implement android-safetynet format\n- Implement tpm format\n\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwallix%2Fwebauthn","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fwallix%2Fwebauthn","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwallix%2Fwebauthn/lists"}