Python WebAuthn Relying Party library
Project description
PyWARP is an implementation of the W3C WebAuthn standard’s Relying Party component in Python. The WebAuthn standard is used to provide advanced authentication security for two-factor, multifactor and passwordless authentication models through the use of dedicated hardware security keys such as Yubico YubiKey and Google Titan.
Compared to legacy two-factor standards like HOTP (RFC 4226) and TOTP (RFC 6238), the FIDO U2F profile of WebAuthn uses asymmetric cryptography to avoid using a shared secret design, which strengthens your authentication solution against server-side attacks. Hardware U2F also sequesters the client secret in a dedicated single-purpose device, which strengthens your clients against client-side attacks. And by automating scoping of credentials to relying party IDs (application origin/domain names), U2F adds protection against phishing attacks.
PyWARP implements the Relying Party component of WebAuthn. A Relying Party is a server-side application that uses WebAuthn APIs in the browser to authenticate its users.
To see an example of PyWARP in action, check the examples directory. Two demos are included: an AWS Chalice app and a Flask app.
In addition to reading the WebAuthn standard, we recommend that implementers read the OWASP Authentication Cheat Sheet and NIST SP 800-63-3: Digital Authentication Guideline for a high level overview of authentication best practices.
Installation
pip install pywarp
Synopsis
from pywarp import TODO
TODOStorage backends
TODOSee the API documentation for more.
Links
Bugs
Please report bugs, issues, feature requests, etc. on GitHub.
License
Licensed under the terms of the Apache License, Version 2.0.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
