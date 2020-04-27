Implementation of strong authentication with the webauthn standard and FIDO2. Strong authentication is an authentication method using a physical key.
npm install @webauthn/client
npm install @webauthn/server
Webauthn is composed of two parts
@webauthn/client and
@webauthn/server
import {
solveRegistrationChallenge,
solveLoginChallenge
} from '@webauthn/client';
solveRegistrationChallenge:
convert the challenge returned by the server on the register route into the response to be returned
solveLoginChallenge:
convert the challenge returned by the server on the login route into the response to be returned
See an example in example/front
import {
parseRegisterRequest,
generateRegistrationChallenge,
parseLoginRequest,
generateLoginChallenge,
verifyAuthenticatorAssertion,
} from '@webauthn/server';
parseRegisterRequest:
Extract challenge and key from the register request body. The challenge allow to retrieve the user, and the key must be stored server side linked to the user.
generateRegistrationChallenge:
Generate a challenge from a relying party and a user
{ relyingParty, user } to be sent back to the client, in order to register
parseLoginRequest:
Extract challenge and KeyId from the login request.
generateLoginChallenge:
Generate challengeResponse from the key sent by the client during login. challengeResponse.challenge should be stored serverside linked to the corresponding user
verifyAuthenticatorAssertion:
Take the loginChallenge request body and the key stored with the user, and return true if it passes the authenticator assertion
See an example in example/server
For now only fido-u2f and packed format are implemented