Nexmo Verify Passwordless support for Kinto
Project description
Nexmo Verify support for Kinto
kinto-nexmo-verify enables authentication in Kinto applications using *Nexmo Verify* Passwordless Authentication.
It provides:
An authentication policy class;
Integration with Kinto cache backend for token verifications;
Integration with Kinto for heartbeat view checks;
Endpoints to perform the Nexmo dance and grab a JWT authentication token.
Installation
Install the Python package:
pip install kinto-nexmo-verify
Include the package in the project configuration:
kinto.includes = kinto_nexmo_verify
And configure authentication policy using pyramid_multiauth formalism:
multiauth.policies = nexmo multiauth.policy.nexmo.use = kinto_nexmo_verify.authentication.PasswordlessAuthenticationPolicy
By default, it will rely on the cache configured in Kinto.
Configuration
Fill those settings with the values obtained during the application registration:
nexmo.api_key = 89513028159972bc nexmo.api_secret = 9aced230585cc0aaea0a3467dd800 nexmo.webapp.authorized_domains = * # nexmo.cache_ttl_seconds = 300 # nexmo.state.ttl_seconds = 3600
If necessary, override default values for authentication policy:
# multiauth.policy.nexmo.realm = Realm
Login flow
JWT authentication token
Use the JWT token with this header:
Authorization: Nexmo <jwt_token>
- notes:
If the token is not valid, this will result in a 401 error response.
Obtain JWT token flow
To initiate a passwordless session, start by sending the mobile phone number to POST /v1/nexmo/verify
$ http POST http://localhost:8000/v1/nexmo/verify number=447700900000 -v
POST /v1/nexmo/verify HTTP/1.1
Accept: application/json, */*
Accept-Encoding: gzip, deflate
Connection: keep-alive
Content-Length: 44
Content-Type: application/json
Host: localhost:8000
User-Agent: HTTPie/0.9.9
{
"number": "447700900000"
}
HTTP/1.1 200 OK
Content-Length: 51
Content-Type: application/json; charset=UTF-8
Date: Thu, 21 Feb 2019 09:28:37 GMT
Server: waitress
{
"request_id": "89513028159972bc",
"number": "verify"
}
Then, once you receive the message from the number verify, you can read its code and verify it using a POST /v1/nexmo/verify/check
$ http POST http://localhost:8000/v1/nexmo/verify/check request_id=89513028159972bc code=5992 -v
POST /v1/nexmo/verify/check HTTP/1.1
Accept: application/json, */*
Accept-Encoding: gzip, deflate
Connection: keep-alive
Content-Length: 50
Content-Type: application/json
Host: localhost:8000
User-Agent: HTTPie/0.9.9
{
"code": "5992",
"request_id": "89513028159972bc"
}
HTTP/1.1 202 Accepted
Content-Length: 232
Content-Type: application/json; charset=UTF-8
Date: Thu, 21 Feb 2019 09:28:37 GMT
Server: waitress
{
"jwt_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.xOzQ0jczoCaK_6hHUaOfAh8XqU5HRVcIAl-OdXkZVMc",
"payload": {"number": "447700900000"}
}
Changelog
This document describes changes between each past release.
1.0.0 (2020-01-20)
Initial service.
Contributors
Rémy Hubscher <rhubscher@mozilla.com>
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for kinto_nexmo_verify-1.0.0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 7fef88190d0961cc67b42a879b512955d9f99c6be4f56555d6b1a7b54a4a56b3 |
|
MD5 | fe73bfdccf87090ddfdf6894a59bd93e |
|
BLAKE2b-256 | feb36cff737c78b3e91680423d075b3e2341ccf17c2c9c03ba04cc035d947f00 |