WebAuthnEx
WebAuthn library for Elixir inspired by https://github.com/cedarcode/webauthn-ruby
What is WebAuthn?
- WebAuthn article with Google IO 2018 talk
- Web Authentication API draft article by Mozilla
- WebAuthn W3C Candidate Recommendation
- WebAuthn W3C Editor's Draft
Prerequisites
This package will help your Elixir server act as a conforming Relying-Party, in WebAuthn terminology. But for the Registration and Authentication ceremonies to work, you will also need
A conforming User Agent
Currently supporting Web Authentication API:
- Mozilla Firefox 60+
- Google Chrome 67+
- Google Chrome for Android 70+
A conforming Authenticator
Roaming authenticators
Platform authenticators
- Android's Fingerprint Scanner
- MacBook Touch ID
NOTE: Firefox states (Firefox 60 release notes) they only support USB FIDO2 or FIDO U2F enabled devices in their current implementation (version 60). It's up to the gem's user to verify user agent compatibility if any other device wants to be used as the authenticator component.
Installation
If available in Hex, the package can be installed
by adding web_authn_ex
to your list of dependencies in mix.exs
:
def deps do
[
{:web_authn_ex, "~> 0.1.0"}
]
end
Documentation can be generated with ExDoc and published on HexDocs. Once published, the docs can be found at https://hexdocs.pm/web_authn_ex.
Usage
NOTE: You can find a working example on how to use this package in a Phoenix app in https://github.com/sandergroen/webauthn_phoenix_demo
Contributing
Bug reports and pull requests are welcome on GitHub at https://github.com/sandergroen/web_authn_ex.