Leo Hemsted c26a596839 allow sign in via webauthn credentials
The flow of the code is roughly as follows:

  user clicks button on webauthn page
  js sends GET request
  python reads GET request, sets up login challenge
  python returns login challenge in response
  js reads GET response, passes login challenge to browser
  browser asks user to touch yubikey
  browser returns yubikey challenge response data to js
  js sends POST request with yubikey challenge response data
  python reads yubikey challenge and compares with users creds from db
  if its a match, python signs user in

The login challenge is a PublicKeyCredentialRequestOptions: [1]
The browser function we call is navigator.credentials.get(): [2]
The response to the challenge from the browser is a PublicKeyCredential: [3]

The python server does all the work setting those up and tearing them
back down again (and checking them against the values we have stored in
the database), but we need to do work to convert them to-and-from CBOR.

[1] https://developer.mozilla.org/en-US/docs/Web/API/PublicKeyCredentialRequestOptions
[2] https://developer.mozilla.org/en-US/docs/Web/API/CredentialsContainer/get
[3] https://developer.mozilla.org/en-US/docs/Web/API/PublicKeyCredential
2021-06-01 19:08:57 +01:00
2021-02-22 17:19:46 +00:00
2021-03-08 18:48:56 +00:00
2021-03-08 18:48:56 +00:00
2021-06-01 18:44:54 +01:00
2021-03-08 18:48:56 +00:00
2021-05-25 11:21:39 +01:00
2021-05-14 11:10:16 +03:00

notifications-admin

GOV.UK Notify admin application - https://www.notifications.service.gov.uk/

  • Register and manage users
  • Create and manage services
  • Send batch emails and SMS by uploading a CSV
  • Show history of notifications

Setting up

Python version

At the moment we run Python 3.6 in production.

NPM packages

brew install node

NPM is Node's package management tool. n is a tool for managing different versions of Node. The following installs n and uses the long term support (LTS) version of Node.

npm install -g n
n lts

environment.sh

In the root directory of the application, run:

echo "
export NOTIFY_ENVIRONMENT='development'
export FLASK_APP=application.py
export FLASK_ENV=development
export WERKZEUG_DEBUG_PIN=off
"> environment.sh

AWS credentials

To run parts of the app, such as uploading letters, you will need appropriate AWS credentials. See the Wiki for more details.

To run the application

# install dependencies, etc.
make bootstrap

# run the web app
make run-flask

Then visit localhost:6012.

Any Python code changes you make should be picked up automatically in development. If you're developing JavaScript code, run npm run watch to achieve the same.

To test the application

# install dependencies, etc.
make bootstrap

# run all the tests
make test

# continuously run js tests
npm run test-watch

To run a specific JavaScript test, you'll need to copy the full command from package.json.

To update application dependencies

requirements.txt is generated from the requirements.in in order to pin versions of all nested dependencies. If requirements.in has been changed, run make freeze-requirements to regenerate it.

Further docs

Description
The UI of Notify.gov
Readme 560 MiB
Languages
Python 69.3%
HTML 16.6%
JavaScript 11.1%
SCSS 0.9%
Nunjucks 0.7%
Other 1.4%