Simple WebAuthn demo

Implementation of WebAuthn API written in React and Express.
Demo that shows the future of passwordless authentication.
Users register with a username and one of the supported authenticators.
Login process requires matching username and authenticator pair.

Demo link:

https://web-auth-n-demo.herokuapp.com/

Installation

Requirements

  • Node.js
  • MongoDB (local or remote cluster)

Setup

  • Clone this repo git clone https://github.com/tonijukica/webauthn.git
  • Run npm install in cloned repo.
  • Configure environment variables in .env file, use .env.example as guide. MongoDB connection is required for the app to run.
    If the app is run locally then it’s not necessary to provide RP Id(Relaying Party ID) as it defaults to localhost, else you must provide RP Id to match your origin e.g.RP_ID=https://web-auth-n-demo.herokuapp.com/

Launch

Development

  • Client: npm run dev:client
  • Server npm run dev:server

Production

  • First run npm run build
  • Then run npm start to start the server.

Notes

Supported Attestation formats

  • Packed
  • Fido-U2F
  • Android SafetyNet
  • Android Key store (Needs testing)

License

  • MIT

Implemented following Ackermann Yuriy examples.

GitHub

View Github