Using user's browser fingerprint for authentication in your web application.
pip install bfa==1.2.1
This package allows you to obtain and use a user browser fingerprint for your web application as an authenticator.
If you want to test this method by yourself, check our demo site.
You can install package by:
pip install bfa
At the moment, django and flask support is provided, in the future it is planned to add other frameworks.
Add 'bfa'
to your list of INSTALLED_APPS
in settings.py:
INSTALLED_APPS = [
...
'bfa'
]
You can get user fingerprint by:
bfa.fingerprint.get(request)
In template paste inside <form></form>
:
{% load bfa %}{% fingerprint_input %}
For example:
login.html
...
<form method="post">
{% csrf_token %}
<input name="username">
{% load bfa %}
{% fingerprint_input %}
<button type="submit">Log in</button>
</form>
...
views.py
import bfa
from django.http import HttpResponse
from django.shortcuts import render
...
def login(request):
if request.method == 'POST':
# Getting a username
username = request.POST.get('username')
# Getting a fingerprint
try:
fp = bfa.fingerprint.get(request)
except (ConnectionError, ValueError):
return HttpResponse("Can't get fingerprint")
# Here is the part where you process the
# username and fingerprint, according to the database
...
return HttpResponse("You're logged in")
return render(request, 'login.html')
...
Add bfa context processor to your app.py:
...
import bfa
from flask import Flask
app = Flask(__name__)
@app.context_processor
# Don't change name of this function
def bfa_flask():
return bfa.templatetags.bfa.fingerprint_input()
...
You can get user fingerprint by:
bfa.fingerprint.get(request)
In template paste inside <form></form>
:
{{ fingerprint_input }}
For example:
login.html
...
<form method="post">
<input name="username">
{{ fingerprint_input }}
<button type="submit">Log in</button>
</form>
...
app.py
import bfa
from flask import Flask, request
app = Flask(__name__)
...
@app.route('/login/', methods=['POST', 'GET'])
def login():
if request.method == 'POST':
# Getting a username
username = request.form['username']
# Getting a fingerprint
try:
fp = bfa.fingerprint.get(request)
except (ConnectionError, ValueError):
return "Can't get fingerprint"
# Here is the part where you process the
# username and fingerprint, according to the database
...
return "You're logged in"
else:
return "Login page"
...
You can salt fingerprints by:
bfa.fingerprint.get(request, use_salt=True)
For example:
views.py
import bfa
from django.http import HttpResponse
from django.shortcuts import render
...
def login(request):
if request.method == 'POST':
# Getting a username
username = request.POST.get('username')
# Getting a fingerprint
try:
fp_data = bfa.fingerprint.get(request, use_salt=True)
except (ConnectionError, ValueError):
return HttpResponse("Can't get fingerprint")
fp = fp_data['fp']
salt = fp_data['salt']
# Here is the part where you process the
# username, fingerprint and salt, according to the database
...
return HttpResponse("You're logged in")
return render(request, 'login.html')
...
This project uses:
BFA working on python >=3.5 only.
This project is under Apache 2.0 license.