Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/yokwejuste/django-passkeys
How to implement passkey auth in Django
https://github.com/yokwejuste/django-passkeys
django django-passkeys fido2 passkeys
Last synced: 28 days ago
JSON representation
How to implement passkey auth in Django
- Host: GitHub
- URL: https://github.com/yokwejuste/django-passkeys
- Owner: yokwejuste
- License: mit
- Created: 2024-11-16T11:36:26.000Z (about 1 month ago)
- Default Branch: main
- Last Pushed: 2024-11-17T22:16:18.000Z (about 1 month ago)
- Last Synced: 2024-11-17T23:23:43.944Z (about 1 month ago)
- Topics: django, django-passkeys, fido2, passkeys
- Language: Python
- Homepage: https://dj-passkey.yokwejuste.me
- Size: 436 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md
- Security: SECURITY.md
- Support: SUPPORT.md
Awesome Lists containing this project
README
# Django Passkey Authentication
A Django-based web application that implements traditional authentication (username/password) and passkey authentication using the WebAuthn API. Passkey authentication allows users to securely log in without passwords, using biometric or hardware-based authentication methods.
## Features
- **User Registration and Login**:
- Traditional username/password registration and login.
- Integrated Django's built-in authentication system.
- **Passkey Authentication**:
- Users can register and log in using passkeys, enabling passwordless authentication.
- Implements the WebAuthn API for secure authentication.
- **Secure Development Practices**:
- Uses Django's CSRF protection.
- Ready for deployment with HTTPS support for secure contexts.---
## Table of Contents
- [Getting Started](#getting-started)
- [Installation](#installation)
- [Usage](#usage)
- [Endpoints](#endpoints)
- [Project Structure](#project-structure)
- [License](#license)---
## Getting Started
This guide will help you set up and run the Django Passkey Authentication project on your local machine.
### Prerequisites
- Python 3.8 or later
- Django 4.0 or later
- Modern web browser that supports WebAuthn (e.g., Chrome, Firefox, Edge)
- HTTPS for secure passkey functionality (required for production)---
## Installation
### 1. Clone the Repository
```bash
git https://github.com/yokwejuste/django-passkeys.git django-passkey-auth
cd django-passkey-auth
```### 2. Create a Virtual Environment
```bash
python -m venv venv
source venv/bin/activate # On Windows: .\venv\Scripts\activate
```### 3. Install Dependencies
```bash
pip install -r requirements.txt
```### 4. Set Up the Database
```bash
python manage.py migrate
```### 5. Create a Superuser
```bash
python manage.py createsuperuser
```### 6. Run the Development Server
```bash
python manage.py runserver
```Access the app at `http://localhost:8000`.
---
## Usage
### Register a User
1. Navigate to `/register/`.
2. Fill out the registration form to create a user account.### Log In
1. Navigate to `/login/`.
2. Enter your username and password to log in.### Register a Passkey
1. Log in with your username and password.
2. Navigate to `/register-passkey/`.
3. Click "Register Passkey" and follow the prompts to register your passkey.### Log In with a Passkey
1. Navigate to `/login/`.
2. Click "Login with Passkey" and authenticate using your registered passkey.---
## Endpoints
```plaintext
/auth/register/ - Register a new user
/auth/login/ - Login with username/password
/auth/logout/ - Log out the current user
/auth/register-passkey/ - Register a passkey for the user
/auth/login/ (POST) - Log in using passkey authentication
```---
## Project Structure
```plaintext
django-passkey-auth/
├── auth_app/
│ ├── migrations/
│ ├── templates/
│ │ ├── auth_app/
│ │ ├── home.html
│ │ ├── login.html
│ │ ├── register.html
│ ├── forms.py
│ ├── views.py
│ ├── urls.py
├── fido_auth/
│ ├── migrations/
│ ├── templates/
│ │ ├── fido_auth/
│ │ ├── register_passkey.html
│ │ ├── login.html
│ ├── models.py
│ ├── views.py
│ ├── urls.py
├── passkey_auth_project/
│ ├── settings.py
│ ├── urls.py
│ ├── wsgi.py
│ ├── asgi.py
├── manage.py
├── requirements.txt
├── README.md
```---
## Notes for Production
1. **Use HTTPS**: Passkey authentication requires a secure context. Use HTTPS for your deployment.
2. **Configure Allowed Hosts**: Set `ALLOWED_HOSTS` in `settings.py` to include your domain.
3. **Secure Cookies**: Ensure CSRF and session cookies are marked as `Secure`.---
## License
This project is licensed under the MIT License. See the `LICENSE` file for details.