Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/duo-labs/webauthn.io

The source code for webauthn.io, a demonstration of WebAuthn.
https://github.com/duo-labs/webauthn.io

authentication demo passkeys python security webauthn

Last synced: 3 months ago
JSON representation

The source code for webauthn.io, a demonstration of WebAuthn.

Host: GitHub
URL: https://github.com/duo-labs/webauthn.io
Owner: duo-labs
License: bsd-3-clause
Created: 2018-11-21T14:52:31.000Z (almost 6 years ago)
Default Branch: master
Last Pushed: 2024-05-22T00:17:41.000Z (6 months ago)
Last Synced: 2024-06-18T13:48:42.014Z (5 months ago)
Topics: authentication, demo, passkeys, python, security, webauthn
Language: Python
Homepage: https://webauthn.io
Size: 4.65 MB
Stars: 631
Watchers: 14
Forks: 116
Open Issues: 5
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

awesome-webauthn - DUO: WebAuthn Demo - A demonstration of the WebAuthn Specification [https://webauthn.io/](https://webauthn.io/). (Demos)

README

# webauthn.io

Duo's introduction to the wonderful world of WebAuthn. Powered by [py_webauthn](https://github.com/duo-labs/py_webauthn).

## Prerequisites

- Docker
- Pipenv
- Make sure Python3 is available
- Enables `pipenv install` to set up libraries locally for the editor to crawl. The Django container also uses Pipenv to install dependencies to encourage use of this new Python package management tool.

## Environmental Variable

- `DJANGO_SECRET_KEY`: A sufficiently random string
- `PROD_HOST_NAME`: The domain name the site will be hosted at
- `RP_ID`: The Relying Party ID, typically the same as `PROD_HOST_NAME`
- `RP_NAME`: A representation of the site's name to be shown to users
- `RP_EXPECTED_ORIGIN`: The domain name plus protocol at which WebAuthn will be invoked (e.g. `https://webauthn.io`)

## Development

Run the following command to get started:

```sh
$> ./start-dev.sh
```

The site will be available at http://localhost/

### CSS

CSS leans on browsers and their [native CSS nesting support](https://blog.logrocket.com/native-css-nesting/), which allows for nicer CSS authoring without pre-processors. Unfortunately for now this means the following command will need to be run after making any changes to CSS to ensure that the changes are served by Caddy on subsequent reloads:

```sh
docker compose run django ./manage.py collectstatic --no-input
```

## Production

Run the following command to start up the website with production-ready settings:

```sh
$> ./start-prod.sh
```

The site will be available for viewing at https://{PROD_HOST_NAME}. The included [Caddy server](https://caddyserver.com/) (as the `caddy` service in **docker-compose.yml**) will handle SSL certificate management.

## Updating Production

Run the following commands to rebuild and restart the `django` service with any new updates:

```sh
$> git pull
$> ./update-prod-django.sh
```

The `django` and `caddy` services will be temporarily stopped during the build, and will restart once the `django` has been rebuilt.