Overview
Live demo will showcase an example use case of client fingerprinting to alert users of new (unidentified) logins.
- Similar to banking systems and Gmail which notify you of new logins
Services used
- Firebase
- AWS
- Lambda Function
- Lambda Layer
- Cloudwatch logging
- Simple Email Service (SES)
- Relational Database Service (RDS)
Local softwares needed
Prerequisite Setup
- Configure AWS credentials and follow prompts
aws configure
Lambda backend
Setup
- Install dependencies
npm i
- Create
lambda/firebaseAdminCredential.json
and paste credentials you downloaded from https://console.firebase.google.com/u/0/project/<your project id>/settings/serviceaccounts/adminsdk - Update database credentials in
lambda/rds.js
Test locally
- Run local test
node test.js
Website
Setup
- Install dependencies
composer install
- Update AWS profile to your profile (typically
default
) insrc/services/logger.php
- Update
src/services/firebase.php
with configuration from https://console.firebase.google.com/u/0/project/<your project id>/settings/general - Update
vapidKey
ingetFcmToken()
insrc/js/messaging.js
with Web Push certificate Key pair from https://console.firebase.google.com/u/0/project/<your project id>/settings/cloudmessaging - Update database credentials in
src/classes/Db.php
Run
php -S localhost:8000 -t ./src
Go to http://localhost:8000
- You must accept the notifiation popup
- Note: website must be run on a live server (not locally) in order for ip capture to work
Troubleshooting
- Error AwsCloudwatchLogging
- Make sure to configure AWS credentials properly
- Curl SSL error
- Download
cacert.pem
from https://curl.se/docs/caextract.html - Go to PHP directory and update
curl.cainfo = <path to cacert.pem
inphp.ini
- Restart PHP if using XAMP
- Download
- Website is frozen or stuck loading on auth/details page
- Disable your VPN
- Try on a different browser like Chrome, Edge, Safari
- Make sure you're not on an incognito tab