github
/
python-fido2
mirror of https://github.com/Yubico/python-fido2
1
Fork 0
Code Releases Activity
python-fido2/examples/server
History
Dain Nilsson 36ddc05785
Update server example Pipfile.lock 		2021-10-14 12:30:35 +02:00
..
static Add U2FFido2Server with updated example. 2018-12-20 13:19:43 +01:00
Pipfile Add U2FFido2Server with updated example. 2018-12-20 13:19:43 +01:00
Pipfile.lock Update server example Pipfile.lock 2021-10-14 12:30:35 +02:00
README.adoc Add U2FFido2Server with updated example. 2018-12-20 13:19:43 +01:00
server-u2f.py examples: turn off debug flag for server example 2020-06-12 14:31:34 +02:00
server.py examples: turn off debug flag for server example 2020-06-12 14:31:34 +02:00

README.adoc 

== WebAuthn Server Example
This example shows a minimal website that uses python-fido2 to implement
WebAuthn credential registration, and use.


=== Running
To run this sample, you will need `pipenv`. For instructions on installing
`pipenv`, see https://docs.pipenv.org.

Run the following command in the `examples/server` directory to set up the
example:

  $ pipenv install

Once the environment has been created, you can run the server by running:

  $ pipenv run server

When the server is running, use a browser supporting WebAuthn and open
https://localhost:5000 to access the website.

NOTE: As this server uses a self-signed certificate, you will get warnings in
your browser about the connection not being secure. This is expected, and you
can safely proceed to the site.

=== Using the website
The site allows you to register a WebAuthn credential, and to authenticate it.
Credentials are only stored in memory, and stopping the server will cause it to
"forget" any registered credentials.

==== Registration
1. Click on the `Register` link to begin credential registration.
2. If not already inserted, insert your U2F/FIDO2 Authenticator now.
3. Touch the button to activate the Authenticator.
4. A popup will indicate whether the registration was successful. Click `OK`.

==== Authentication
NOTE: You must register a credential prior to authentication.

1. Click on the `Authenticate` link to begin authentication.
2. If not already inserted, insert your U2F/FIDO2 Authenticator now.
3. Touch the button to activate the Authenticator.
4. A popup will indicate whether the authentication was successful. Click `OK`.

=== Supporting existing U2F credentials
If you have existing U2F credentials that you wish to support, this library
offers a U2FFido2Server class which can help with this. This directory includes
a slightly altered version of the example server which uses this class to
authenticate U2F credentials as well as WebAuthn credentials. To run this
version of the server, run:

  $ pipenv run server-u2f

This version allows registration both using the newer WebAuthn APIs and by using
the legacy U2F APIs, so that you can test authentication using both credential
types. The source code for this version of the server is in `server-u2f.py`.

NOTE: There should be no need to support registration of new U2F credentials as
new registrations should be using the WebAuthn APIs, even for existing users.