Passkey Auth made easy: all sites and APIs can be guarded even without any changes on the protected site.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for leovasanko from gravatar.com leovasanko

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • Author: Leo Vasanko
  • Tags FastAPI , auth_request , forward_auth
  • Requires: Python >=3.11
  • Provides-Extra: dev , migrate
Report project as malware

Project description

Paskia

An easy to install passkey-based authentication service that protects any web application with strong passwordless login.

What is Paskia?

  • Easy to use fully featured auth&auth system (login and permissions)
  • Organization and role-based access control (optional)
    • Org admins control their users and roles
    • Master admin can create multiple independent orgs
    • Master admin makes permissions available for orgs to assign
  • User Profile and Administration by API and web interface. under /auth/ or auth.example.com
  • Reset tokens and additional device linking via QR code or codewords.
  • Pure Python, FastAPI, packaged with prebuilt Vue frontend

Two interfaces:

  • API fetch: auth checks and login without leaving your app
  • Forward-auth proxy: protect any unprotected site or service (Caddy, Nginx)

The API mode is useful for applications that can be customized to run with Paskia. Forward auth can also protect your javascript and other assets. Each provides fine-grained permission control and reauthentication requests where needed, and both can be mixed where needed.

Single Sign-On (SSO): Users register once and authenticate across all applications under your domain name (configured rp-id).

Quick Start

Install UV and run:

uvx paskia serve --rp-id example.com

On the first run it downloads the software and prints a registration link for the Admin. The server will start up on localhost:4401 for authentication required, serving for *.example.com. If you are going to be connecting localhost directly, for testing, leave out the rp-id.

Otherwise you will need a web server such as Caddy to serve HTTPS on your actual domain names and proxy requests to Paskia and your backend apps (see documentation below).

For a permanent install of paskia CLI command, not needing uvx:

uv tool install paskia

Configuration

There is no config file. Pass only the options on CLI:

paskia serve [options]
Option Description Default
Listen address One of host**:**port (default all hosts, port 4401) or unix:path/paskia.socket (Unix socket) localhost:4401
--rp-id domain Main/top domain localhost
--rp-name "text" Name of your company or site Same as rp-id
--origin url Explicitly list the domain names served https://rp-id
--auth-host domain Dedicated authentication site (e.g., auth.example.com) Unspecified: we use /auth/ on every site under rp-id.

Further Documentation

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for leovasanko from gravatar.com leovasanko

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • Author: Leo Vasanko
  • Tags FastAPI , auth_request , forward_auth
  • Requires: Python >=3.11
  • Provides-Extra: dev , migrate

Release history Release notifications | RSS feed

1.3.4

1.3.3

1.3.2

1.3.1

1.3.0

1.2.4

1.2.3

1.2.2

1.2.1

1.2.0

1.1.0

1.0.0

0.13.1

0.13.0

0.12.3

0.12.2

0.12.1

0.12.0

0.11.1

0.11.0

0.10.2

0.10.0

0.9.1

0.9.0

This version

0.8.1

0.8.0

0.7.2

0.7.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

paskia-0.8.1.tar.gz (1.8 MB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

paskia-0.8.1-py3-none-any.whl (1.8 MB view details)

Uploaded Python 3

File details

Details for the file paskia-0.8.1.tar.gz.

File metadata

  • Download URL: paskia-0.8.1.tar.gz
  • Upload date:
  • Size: 1.8 MB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: uv/0.9.21 {"installer":{"name":"uv","version":"0.9.21","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":null}

File hashes

Hashes for paskia-0.8.1.tar.gz
Algorithm Hash digest
SHA256 2b2adeee77ec2503b2fe878f2dfd833733213462f821a757e9344989cdd1dcb8
MD5 e6babb265ac9d91cb5e687a9576f2365
BLAKE2b-256 92fd0a8645979ff8fdda3a6c25907e5042245272a0170f9ac705a4903b3a93ac

See more details on using hashes here.

File details

Details for the file paskia-0.8.1-py3-none-any.whl.

File metadata

  • Download URL: paskia-0.8.1-py3-none-any.whl
  • Upload date:
  • Size: 1.8 MB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: uv/0.9.21 {"installer":{"name":"uv","version":"0.9.21","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":null}

File hashes

Hashes for paskia-0.8.1-py3-none-any.whl
Algorithm Hash digest
SHA256 2f5f7f52f737888dadf1e3fa5595d7f23d648a2286990547978382d86f520472
MD5 1e52de076f80c0622353533f14c5c884
BLAKE2b-256 53eefd9db8d3d2a1a76956168bde8854b0f46436ba32f707d792311bf18761b5

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page