Skip to main content

Using user's browser fingerprint for authentication in your web application.

Project description

Browser fingerprint authenticate

This package allows you to obtain and use a user browser fingerprint for your web application as an authenticator.

In action

If you want to test this method by yourself, check our demo site.

Content

Install

You can install package by:

pip install bfa

Usage

At the moment, django and flask support is provided, in the future it is planned to add other frameworks.

Django

Add 'bfa' to your list of INSTALLED_APPS in settings.py:

INSTALLED_APPS = [
    ...
    'bfa'
]
  • You can get user fingerprint by:

    bfa.fingerprint.get(request)

  • In template paste inside <form></form>:

    {% load bfa %}{% fingerprint_input %}

For example:

login.html

...
<form method="post">
    {% csrf_token %}

    <input name="username">

    {% load bfa %}
    {% fingerprint_input %}

    <button type="submit">Log in</button>
</form>
...

views.py

import bfa
from django.http import HttpResponse
from django.shortcuts import render

...


def login(request):
    if request.method == 'POST':
        # Getting a username
        username = request.POST.get('username')

        # Getting a fingerprint
        try:
            fp = bfa.fingerprint.get(request)
        except (ConnectionError, ValueError):
            return HttpResponse("Can't get fingerprint")

        # Here is the part where you process the 
        # username and fingerprint, according to the database
        ...

        return HttpResponse("You're logged in")

    return render(request, 'login.html')


...

Flask

Add bfa context processor to your app.py:

...
import bfa
from flask import Flask

app = Flask(__name__)


@app.context_processor
# Don't change name of this function
def bfa_flask():
    return bfa.templatetags.bfa.fingerprint_input()


...
  • You can get user fingerprint by:

    bfa.fingerprint.get(request)

  • In template paste inside <form></form>:

    {{ fingerprint_input }}

For example:

login.html

...
<form method="post">
    <input name="username">

    {{ fingerprint_input }}

    <button type="submit">Log in</button>
</form>
...

app.py

import bfa
from flask import Flask, request

app = Flask(__name__)

...


@app.route('/login/', methods=['POST', 'GET'])
def login():
    if request.method == 'POST':
        # Getting a username
        username = request.form['username']

        # Getting a fingerprint
        try:
            fp = bfa.fingerprint.get(request)
        except (ConnectionError, ValueError):
            return "Can't get fingerprint"

        # Here is the part where you process the 
        # username and fingerprint, according to the database
        ...

        return "You're logged in"

    else:
        return "Login page"


...

Also

You can salt fingerprints by:

bfa.fingerprint.get(request, use_salt=True)

For example:

views.py

import bfa
from django.http import HttpResponse
from django.shortcuts import render

...


def login(request):
    if request.method == 'POST':
        # Getting a username
        username = request.POST.get('username')

        # Getting a fingerprint
        try:
            fp_data = bfa.fingerprint.get(request, use_salt=True)
        except (ConnectionError, ValueError):
            return HttpResponse("Can't get fingerprint")

        fp = fp_data['fp']
        salt = fp_data['salt']

        # Here is the part where you process the 
        # username, fingerprint and salt, according to the database
        ...

        return HttpResponse("You're logged in")

    return render(request, 'login.html')


...

Using

This project uses:

Supported python

BFA working on python >=3.5 only.

License

This project is under Apache 2.0 license.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Filename, size & hash SHA256 hash help File type Python version Upload date
bfa-1.2.1-py3-none-any.whl (10.7 kB) Copy SHA256 hash SHA256 Wheel py3
bfa-1.2.1.tar.gz (5.3 kB) Copy SHA256 hash SHA256 Source None

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN SignalFx SignalFx Supporter DigiCert DigiCert EV certificate StatusPage StatusPage Status page