This project holds the standard FIDO2 api endpoints and the Proof of Knowledge for Algorand specific private keys. The api is a stateful session-based architecture with endpoint guards. A user must prove ownership of a private key to associate PublicKeyCredentials
- Node.js 18+
- Docker
git clone git@github.com:algorandfoundation/liquid-auth.git && cd liquid-auth
note on VPNs: Ngrok will not work with VPNs, so to run locally the project, disable
it or configure
your VPN's split tunneling to allow ngrok traffic.
Sign up for a free account at ngrok and follow the instructions to get your <NGROK_AUTH_TOKEN> and <NGROK_STATIC_DOMAIN>.
Don't run the ngrok commands directly as expressed in the ngrok guide as it will create run-time port conflicts.
ngrok will ask you to add your auth token to your configuration file.
ngrok config add-authtoken <NGROK_AUTH_TOKEN>
Will then ask you to deploy your static domain, make sure to change the port to 5173 like this:
ngrok http --domain=<NGROK_STATIC_DOMAIN> 5173
Add a ngrok.yml
configuration to the root directory.
version: 2
authtoken: <NGROK_AUTH_TOKEN>
tunnels:
website:
addr: liquid-auth:5173
proto: http
domain: <NGROK_STATIC_DOMAIN>
Make sure to update the authtoken
and domain
in the ngrok.yml
file with your ngrok details.
Update the .env.docker file with the following keys with the values from ngrok:
HOSTNAME=<NGROK_STATIC_DOMAIN>
ORIGIN=https://<NGROK_STATIC_DOMAIN>
Run the following command to start the backend:
docker-compose up -d
Navigate to the ngrok URL in your browser to test the FIDO2 feature.
Install the Android client to your device.
Open the Connect Modal on the website and scan the QR code using the "Connect" button on the Android device. Follow the instructions on the Android device to register a credential.
Once the credential is registered, you can send messages over the peer connection.