A Django Authentication Backend for Passkeys
Project description
django-passkeys
An extension to Django ModelBackend to support passkeys.
Passkeys is an extension to Web Authentication API that will allow the user to login to a service using another device.
This app is a slim-down version of django-mfa2
Passkeys are now supported on
- Apple Ecosystem (iPhone 16.0+, iPadOS 16.1, Mac OS X Ventura)
- Chromium based browsers (on PC and Laptop) allows picking up credentials from Android and iPhone/iPadOS.
- Android Credentials creation for ResidentKeys is currently in Beta.
Installation
pip install django-passkeys
Currently, it support Django 2.0+, Python 3.7+
Usage
-
in your settings.py add the application to your installed apps
INSTALLED_APPS=( '......', 'passkeys', '......')
-
Collect Static Files
python manage.py collectstatic
-
Add the following settings to your file
AUTHENTICATION_BACKENDS = ['passkeys.backend.PasskeyModelBackend'] # Change your authentication backend FIDO_SERVER_ID="localhost" # Server rp id for FIDO2, it the full domain of your project FIDO_SERVER_NAME="TestApp" import passkeys KEY_ATTACHMENT = NONE | passkeys.Attachment.CROSS_PLATFORM | passkeys.Attachment.PLATFORM
-
Add passkeys to urls.py
urls_patterns= [ '...', url(r'^passkeys/', include('passkeys.urls')), '....', ]
-
To match the look and feel of your project, Passkeys includes
base.html
but it needs blocks namedhead
&content
to added its content to it. Note: You can overridePassKeys_base.html
which is used byPasskeys.html
so you can control the styling better and currentPasskeys_base.html
extendsbase.html
-
Somewhere in your app, add a link to 'passkeys:home'
<li><a href="{% url 'passkeys:home' %}">Passkeys</a> </li>
-
Finally, In your
login.html
- Give an id to your login form e.g 'loginForm'
- Inside the form, add
<input type="hidden" name="passkeys" id="passkeys"/> <button class="btn btn-block btn-dark" type="button" onclick="authn('loginForm')"><img src="{% static 'passkeys/imgs/FIDO-Passkey_Icon-White.png' %}" style="width: 24px"> {%include 'passkeys.js' %}
-
In authentication view, just pass the request as first parameter in authenticate
user=authenticate(request, username=request.POST["username"],password=request.POST["password"])
For Example, See 'example' app and look at EXAMPLE.md to see how to set it up.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.