Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/wallix/webauthn

node.js webauthn framework
https://github.com/wallix/webauthn

Last synced: 19 days ago
JSON representation

node.js webauthn framework

Host: GitHub
URL: https://github.com/wallix/webauthn
Owner: wallix
License: apache-2.0
Created: 2019-03-20T14:07:31.000Z (over 5 years ago)
Default Branch: master
Last Pushed: 2024-01-09T00:23:26.000Z (11 months ago)
Last Synced: 2024-11-16T04:03:50.116Z (28 days ago)
Language: JavaScript
Size: 1.41 MB
Stars: 105
Watchers: 7
Forks: 23
Open Issues: 28
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

awesome-webauthn - Wallix: @webauthn/server - A Node.js library containing easy-to-use helpers to integrate FIDO2. Works in pair with [@webauthn/client](https://github.com/wallix/webauthn/tree/master/packages/client). (Server Libraries)

README

        # webauthn

Implementation of strong authentication with the webauthn standard and FIDO2.

Strong authentication is an authentication method using a physical key.

For a more thorough introduction see these two nice articles:

- [introduction](https://medium.com/@herrjemand/introduction-to-webauthn-api-5fd1fb46c285)

- [verifying fido2 responses](https://medium.com/@herrjemand/verifying-fido2-responses-4691288c8770)

## Installation

```js

npm install @webauthn/client

npm install @webauthn/server

```

## usage

`Webauthn` is composed of two parts `@webauthn/client` and `@webauthn/server`

### On the browser

```js

import { 

    solveRegistrationChallenge,

    solveLoginChallenge

} from '@webauthn/client';

```

- `solveRegistrationChallenge`:

    convert the challenge returned by the server on the register route into the response to be returned

- `solveLoginChallenge`:

    convert the challenge returned by the server on the login route into the response to be returned

See an example in example/front

### On the server

```js

import {

    parseRegisterRequest,

    generateRegistrationChallenge,

    parseLoginRequest,

    generateLoginChallenge,

    verifyAuthenticatorAssertion,

} from '@webauthn/server';

```

- `parseRegisterRequest`:

    Extract challenge and key from the register request body. The challenge allow to retrieve the user, and the key must be stored server side linked to the user.

- `generateRegistrationChallenge`:

    Generate a challenge from a relying party and a user `{ relyingParty, user }` to be sent back to the client, in order to register

- `parseLoginRequest`:

    Extract challenge and KeyId from the login request.

- `generateLoginChallenge`:

    Generate challengeResponse from the key sent by the client during login. challengeResponse.challenge should be stored serverside linked to the corresponding user

- `verifyAuthenticatorAssertion`:

    Take the loginChallenge request body and the key stored with the user, and return true if it passes the authenticator assertion

See an example in example/server

## Roadmap

For now only fido-u2f and packed format are implemented

- Implement android-key format

- Implement android-safetynet format

- Implement tpm format