@firstdorsal/webauthn-server

this is a fix/update to the server version of

https://github.com/wallix/webauth

webauthn

Implementation of strong authentication with the webauthn standard and FIDO2. Strong authentication is an authentication method using a physical key.

For a more thorough introduction see these two nice articles:

• introduction
• verifying fido2 responses

Installation

npm install @webauthn/client
npm install @webauthn/server

usage

Webauthn is composed of two parts @webauthn/client and @webauthn/server

On the browser

import { solveRegistrationChallenge, solveLoginChallenge } from "@webauthn/client";

• solveRegistrationChallenge: convert the challenge returned by the server on the register route into the response to be returned
• solveLoginChallenge: convert the challenge returned by the server on the login route into the response to be returned

See an example in example/front

On the server

import { parseRegisterRequest, generateRegistrationChallenge, parseLoginRequest, generateLoginChallenge, verifyAuthenticatorAssertion } from "@webauthn/server";

• parseRegisterRequest: Extract challenge and key from the register request body. The challenge allow to retrieve the user, and the key must be stored server side linked to the user.
• generateRegistrationChallenge: Generate a challenge from a relying party and a user { relyingParty, user } to be sent back to the client, in order to register
• parseLoginRequest: Extract challenge and KeyId from the login request.
• generateLoginChallenge: Generate challengeResponse from the key sent by the client during login. challengeResponse.challenge should be stored serverside linked to the corresponding user
• verifyAuthenticatorAssertion: Take the loginChallenge request body and the key stored with the user, and return true if it passes the authenticator assertion

See an example in example/server

Roadmap

For now only fido-u2f and packed format are implemented

• Implement android-key format
• Implement android-safetynet format
• Implement tpm format