Passkey Auth made easy: all sites and APIs can be guarded even without any changes on the protected site.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for leovasanko from gravatar.com leovasanko

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • Author: Leo Vasanko
  • Tags FastAPI , auth_request , forward_auth
  • Requires: Python >=3.11
  • Provides-Extra: dev
Report project as malware

Project description

Paskia

Screenshot

An easy to install passkey-based authentication service that protects any web application with strong passwordless login.

What is Paskia?

  • Easy to use fully featured auth&auth system (login and permissions)
  • Organization and role-based access control (optional)
    • Org admins control their users and roles
    • Master admin can create multiple independent orgs
    • Master admin makes permissions available for orgs to assign
  • User Profile and Administration by API and web interface. under /auth/ or auth.example.com
  • Reset tokens and additional device linking via QR code or codewords.
  • Pure Python, FastAPI, packaged with prebuilt Vue frontend

Two interfaces:

  • API fetch: auth checks and login without leaving your app
  • Forward-auth proxy: protect any unprotected site or service (Caddy, Nginx)

The API mode is useful for applications that can be customized to run with Paskia. Forward auth can also protect your javascript and other assets. Each provides fine-grained permission control and reauthentication requests where needed, and both can be mixed where needed.

Single Sign-On (SSO): Users register once and authenticate across all applications under your domain name (configured rp-id).

Quick Start

Install UV and run:

uvx paskia --rp-id example.com

On the first run it downloads the software and prints a registration link for the Admin. The server starts on localhost:4401, serving authentication for *.example.com. For local testing, leave out --rp-id.

For production you need a web server such as Caddy to serve HTTPS on your actual domain names and proxy requests to Paskia and your backend apps (see documentation below).

For a permanent install of paskia CLI command, not needing uvx:

uv tool install paskia

Configuration

There is no config file. All settings are passed as CLI options:

paskia [options]
paskia reset [user]     # Generate passkey reset link
Option Description Default
-l, --listen endpoint Listen address: host:port, :port (all interfaces), or /path.sock localhost:4401
--rp-id domain Main/top domain for passkeys localhost
--rp-name "text" Name shown during passkey registration Same as rp-id
--origin url Restrict allowed origins for WebSocket auth (repeatable) All under rp-id
--auth-host url Dedicated authentication site, e.g. auth.example.com Use /auth/ path on each site

Further Documentation

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for leovasanko from gravatar.com leovasanko

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • Author: Leo Vasanko
  • Tags FastAPI , auth_request , forward_auth
  • Requires: Python >=3.11
  • Provides-Extra: dev

Release history Release notifications | RSS feed

1.3.4

1.3.3

1.3.2

1.3.1

1.3.0

1.2.4

1.2.3

1.2.2

1.2.1

1.2.0

1.1.0

1.0.0

0.13.1

0.13.0

0.12.3

0.12.2

0.12.1

0.12.0

0.11.1

This version

0.11.0

0.10.2

0.10.0

0.9.1

0.9.0

0.8.1

0.8.0

0.7.2

0.7.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

paskia-0.11.0.tar.gz (1.8 MB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

paskia-0.11.0-py3-none-any.whl (1.9 MB view details)

Uploaded Python 3

File details

Details for the file paskia-0.11.0.tar.gz.

File metadata

  • Download URL: paskia-0.11.0.tar.gz
  • Upload date:
  • Size: 1.8 MB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: uv/0.9.21 {"installer":{"name":"uv","version":"0.9.21","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":null}

File hashes

Hashes for paskia-0.11.0.tar.gz
Algorithm Hash digest
SHA256 3e151d0cf5a37959323d3ed8b0632dbc6c5f84853906136114cc01308d6d7dda
MD5 a60971e51be13ba2b3b7625476e8d2ec
BLAKE2b-256 f440f357217a4a91f8664704387976b7aa8adae1fe23bca7e049edd170454e07

See more details on using hashes here.

File details

Details for the file paskia-0.11.0-py3-none-any.whl.

File metadata

  • Download URL: paskia-0.11.0-py3-none-any.whl
  • Upload date:
  • Size: 1.9 MB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: uv/0.9.21 {"installer":{"name":"uv","version":"0.9.21","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":null}

File hashes

Hashes for paskia-0.11.0-py3-none-any.whl
Algorithm Hash digest
SHA256 ae22c65c30946d5009afa0d9f5edb535502c38eba080285cbb07fa572317aaf8
MD5 cdd313d603a2075e06ac7fd96d76bc9c
BLAKE2b-256 f8d5b1a6cf53e0673fc54e6de55bb99598ed7ff473fdda1e7b34336ab68c646d

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page