This is a working skeleton of a Node.js/Koa application with passwordless login (Web Authentication API, WebAuthN, FIDO2).
Main version (Koa/fido2-lib) live at https://56k.guru/webauthn Deno version (Deno/Opine/fido2-lib) live at https://56k.guru/webauthn-deno
- Tested with Windows Hello, Yubikey or Android lockscreen, more to come.
- Supports adding more than one authentication method to the same account.
- Supports transfering account to another device by a time limited one time link or QR-code.
Using Koa and fido2-lib
There are multiple versions of this demo available in different branches
Runtime | Server framework | Branch | Webauthn-lib | Live at |
---|---|---|---|---|
Node | Koa | main | fido2-lib | 56k.guru/webauthn |
Node | Express | server/express | fido2-lib | - |
Deno | Opine | server/deno | fido2-lib | 56k.guru/webauthn-deno |
First clone this repo, then:
npm install
I repeat, you need to generate keys, certificate and serve using https for webauthn to work
cd keys
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 365 -subj '/CN=localhost'
openssl genrsa -out key.pem
openssl req -new -key key.pem -out csr.pem
openssl x509 -req -days 9999 -in csr.pem -signkey key.pem -out cert.pem
rm csr.pem
cd ..
node app
https://localhost:3000
docker build . --tag="hexagon/webauthn-skeleton"
sudo docker run \
-d \
--restart=always \
-e WAS_ORIGIN="https://localhost:3000" \
-e WAS_RPID="localhost" \
-e WAS_BASE_URL="https://localhost:3000/" \
-e WAS_BASE_URL="https://localhost:3000/orlikethisifservedfromasuburl" \
-e WAS_RPNAME="WebAuthN Demo" \
-e WAS_MODE="development" \
-e WAS_PORT=3000 \
--name webauthndemo \
hexagon/webauthn-skeleton```