Passkeys / WebAuthn Library v2.0 is there! 馃帀Hello folks, I'm pleased to announce the release of the v2.0 of my WebAuthn library! This library greatly simplifies the usage of passkeys by invoking the WebAuthn protocol more conveniently. It is open source, opinionated, dependency-free and minim...Aug 13, 2024路5 min read
UI, API, DB: pushing "three-tier architecture" too far? 馃What may look ideal in theory, may turn out cumbersome in practice. -- Myself During inception, the Passwordless.ID "app" was built in the purest form of a three-tier architecture. The UI - A vue app "compiled" into a single-page-application The A...Aug 13, 2023路7 min read
Replacing avatar portraitsCurrently, the registration procedure at Passwordless.ID had three steps: Register your device with biometrics/PIN Select your portrait. Fill in the profile information. View your profile and continue. The second step, the portrait selection, w...Jul 10, 2023路1 min read
FastAPI - Authentication demo with Passwordless.IDThis minimal example shows an integration between FastAPI and Passwordless.ID. Source code: https://github.com/passwordless-id/fast-api-demo Running it To run it: uvicorn main:app And open http://localhost:8000/docs For authentication, you can choos...Jun 26, 2023路3 min read
Spring Boot - Authentication demo with Passwordless.IDThis minimalistic repository shows how to use Passwordless.ID to authenticate users. Demo source code: https://github.com/passwordless-id/spring-boot-demo Dependencies Spring Boot already has everything needed built-in for OpenID authentication. Th...Jun 22, 2023路2 min read
OAuth2: Why should we validate the `redirect_uri` when exchanging the authorization code for an access token?Beware, technical article ahead! OAuth 2 and OpenID are complex protocols. It's full of tiny details that are there for the sake of security and it's not always clear why some checks are necessary. This article is about such a detail. Prelude Before...May 31, 2023路3 min read
