@lil5/stupidwebauthn-client@1.8.2
latest
stupidwebauthn/clientWorks with
•JSR Score35%•This package works with BrowsersIt is unknown whether this package works with Cloudflare Workers, Node.js, Deno, Bun
Publisheda year ago (1.8.2)
http://stupidwebauthn.site/
Stupid Webauthn Client
Installation
yarn add stupidwebauthn-client
Code instructions
Add this as a global constant, available for use in any of your frontend's components.
const client = new StupidWebauthnClient();
Register email address
<form> <input name="email" type="email" required /> </form>
const email = e.target.email.value; await client.Register1EmailChallenge(email); // send email
Run on opening at the validation link:
import queryString from "query-string"; const params = queryString.parse(location.search) as { c?: string }; // check if token is add to the url if (!params.c) throw "Invalid email verification url provided"; // validating email await client.Register2EmailVerify(params.c); // email registered successfully // creates an `swa_auth` cookie
Register passkey
const res1 = await client.Register3PasskeyChallenge(); const res2 = await client.Register4PasskeyRegister(res1); await client.Register5PasskeyVerify(res2); // passkey authenticated
Login
<form> <input name="email" type="email" required /> </form>
On form submission:
const email = e.target.email.value; const res1 = await client.Login1Challenge(email); const res2 = await client.Login2Authenticate(res1); await client.Login3Verify(res2); // authenticated // creates an `swa_auth` cookie
Authentication
Check if the swa_auth cookie is valid
client .AuthValidate() .then(() => { // is authenticated }) .catch((err) => { // navigate back to the login page });
Authentication with csrf blocking
await client.AuthCsrfChallenge(); // Or any api call that uses the csrf validate middleware await client.AuthCsrfValidate();
Double Validation
// assuming that the client is authenticated const res1 = await client.AuthDoubleCheck1Challenge(); const res2 = await client.AuthDoubleCheck2Authenticate(res1); await client.AuthDoubleCheckVerify(res2); // creates an `swa_doublecheck_auth` cookie that is valid for a minute // Now make a request to your server which requires an extra check to validate
Logout
await client.Logout(); // Navigate back to the login page
Passkey invalidation
// Removes all passkeys, invalidates all session cookies and logs out await AuthDoubleCheck123(); await AuthPanic(); // Removes current passkey and logs out const res1 = await AuthDoubleCheck1Challenge(); const res2 = await AuthDoubleCheck2Authenticate(res1); await AuthDeletePasskey3(res3);
GDPR Request
// Data Request await AuthDoubleCheck123(); await GdprData(); // Data Deletion Request (will delete the account after 30 days) await AuthDoubleCheck123(); await GdprDeleteSet(); // Retract Deletion Request await AuthDoubleCheck123(); await GdprDeleteUnset();
Add Package
deno add jsr:@lil5/stupidwebauthn-client
Import symbol
import * as stupidwebauthn_client from "@lil5/stupidwebauthn-client";
Import directly with a jsr specifier
import * as stupidwebauthn_client from "jsr:@lil5/stupidwebauthn-client";
Add Package
pnpm i jsr:@lil5/stupidwebauthn-client
pnpm dlx jsr add @lil5/stupidwebauthn-client
Import symbol
import * as stupidwebauthn_client from "@lil5/stupidwebauthn-client";
Add Package
yarn add jsr:@lil5/stupidwebauthn-client
yarn dlx jsr add @lil5/stupidwebauthn-client
Import symbol
import * as stupidwebauthn_client from "@lil5/stupidwebauthn-client";
Add Package
vlt install jsr:@lil5/stupidwebauthn-client
Import symbol
import * as stupidwebauthn_client from "@lil5/stupidwebauthn-client";
Add Package
npx jsr add @lil5/stupidwebauthn-client
Import symbol
import * as stupidwebauthn_client from "@lil5/stupidwebauthn-client";
Add Package
bunx jsr add @lil5/stupidwebauthn-client
Import symbol
import * as stupidwebauthn_client from "@lil5/stupidwebauthn-client";