-
Notifications
You must be signed in to change notification settings - Fork 2
/
index.html
189 lines (163 loc) · 5.72 KB
/
index.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>Hanko Passkey API example</title>
<style>
html {
font-size: 16px;
font-family: system-ui, -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, Oxygen, Ubuntu, Cantarell,
"Open Sans", "Helvetica Neue", sans-serif;
}
* {
font-size: 1rem;
}
hr {
margin-top: 4rem;
margin-bottom: 4rem;
}
button {
cursor: pointer;
background: #007bff;
color: white;
border: none;
padding: 0.4375rem 0.75rem;
border-radius: 0.25rem;
font-weight: 500;
}
#mfa {
flex-direction: column;
align-items: center;
justify-content: center;
text-align: center;
border-radius: 8px;
padding: 4rem;
position: absolute;
top: 50%;
left: 50%;
transform: translate(-50%, -50%);
background: white;
box-shadow: 0 1rem 4rem rgba(0, 0, 0, 0.15);
gap: 2rem;
}
</style>
</head>
<body>
<form id="userpassLoginForm" action="/username-password/login" method="post">
<input type="text" name="username" placeholder="Username" />
<input type="password" name="password" placeholder="Password" />
<button type="submit">Login with username/password</button>
</form>
<form action="/logout" method="post" style="margin-top: 1rem">
<button id="logoutBtn">Logout</button>
</form>
<hr />
<button id="passkeyRegisterBtn"></button>
<button id="passkeyLoginBtn">Login with passkey</button>
<button id="mfaEnableBtn">Enable two-factor</button>
<div id="mfa" style="display: none">
<div>Authenticated successfully, but your account has two-factor authentication enabled.</div>
<div>Please choose the credential you used when first enabling two-factor authentication.</div>
<button id="mfaLoginBtn">Login with two-factor</button>
</div>
<script type="module">
import {
create,
get,
} from "https://unpkg.com/@github/[email protected]/dist/esm/webauthn-json.js?module";
const registerBtn = document.getElementById("passkeyRegisterBtn");
const loginBtn = document.getElementById("passkeyLoginBtn");
const logoutBtn = document.getElementById("logoutBtn");
const form = document.getElementById("userpassLoginForm");
const mfa = document.getElementById("mfa");
const mfaEnableButton = document.getElementById("mfaEnableBtn");
const mfaLoginButton = document.getElementById("mfaLoginBtn");
const me = await getLoggedInProfile();
const isMfaRequired = new URLSearchParams(window.location.search).get("mfa") === "required";
if (isMfaRequired) {
mfa.style.display = "flex";
}
registerBtn.addEventListener("click", () => registerPasskey().then(() => window.location.reload()));
loginBtn.addEventListener("click", () => loginWithPasskey().then(() => window.location.reload()));
mfaEnableButton.addEventListener("click", () => enableMfa().then(() => window.location.reload()));
mfaLoginButton.addEventListener("click", () =>
loginWithMfaCredential().then(() => (window.location.href = "/?mfa=passed"))
);
async function getLoggedInProfile() {
try {
const res = await fetch("/me");
const me = await res.json();
registerBtn.innerText = `Register passkey for ${me.username}`;
loginBtn.outerHTML = "";
form.outerHTML = `Logged in as ${me.email}`;
return me;
} catch (err) {
registerBtn.outerHTML = '<p style="color:red">Not logged in</p>';
logoutBtn.outerHTML = "";
mfaEnableButton.outerHTML = "";
}
}
async function registerPasskey() {
// Let's send a request to our backend to start the registration process.
// The response JSON can directly be passed to create(...) below.
const creationOptions = await fetch("/passkey/start-registration", {
method: "POST",
}).then((res) => res.json());
// Open "create passkey" dialog
const credential = await create(creationOptions);
// User successfully created a passkey on their device.
//
// The resulting `credential` object needs to be sent back to the
// Passkey API as-is, through our backend:
//
// frontend → backend → passkey API
return fetch("/passkey/finalize-registration", {
method: "POST",
headers: { "Content-Type": "application/json" },
body: JSON.stringify(credential),
});
}
async function loginWithPasskey() {
const loginOptions = await fetch("/passkey/start-login", {
method: "POST",
}).then((res) => res.json());
// Open "select passkey" dialog
const credential = await get(loginOptions);
// User selected a passkey to use.
//
// The returned `credential` object needs to be sent back to the
// Passkey API as-is.
return fetch("/passkey/finalize-login", {
method: "POST",
headers: { "Content-Type": "application/json" },
body: JSON.stringify(credential),
});
}
async function enableMfa() {
// This is much like the registration process
const creationOptions = await fetch("/mfa/enable", {
method: "POST",
}).then((res) => res.json());
const credential = await create(creationOptions);
return fetch("/mfa/finalize-enable", {
method: "POST",
headers: { "Content-Type": "application/json" },
body: JSON.stringify(credential),
});
}
async function loginWithMfaCredential() {
// This is much like the login process
const loginOptions = await fetch("/mfa/login", {
method: "POST",
}).then((res) => res.json());
const credential = await get(loginOptions);
return fetch("/mfa/finalize-login", {
method: "POST",
headers: { "Content-Type": "application/json" },
body: JSON.stringify(credential),
});
}
</script>
</body>
</html>