Duo Auth Proxy

The Duo Auth Proxy is an example secure authentication layer that sits between your client applications and the Duo Server. It provides authentication and access control for both HTTP and WebSocket requests, ensuring that only authenticated users can access their wallets. It support MPC actions like keygen, sign, and refresh.

Quick Setup

You can write your own auth-proxy or try this simple example implementation:

Step 1 Docker Setup

Use the following docker-compose configuration to run the complete stack with auth-proxy. Make sure you have access to the required Docker images - if not, contact the team.

docker-compose.yml

docker-compose.yml
version: '3.1'
services:
  db:
    image: postgres:14
    restart: always
    environment:
      POSTGRES_PASSWORD: sigpair
      POSTGRES_USER: sigpair
      POSTGRES_DB: sigpair
    ports:
      - 5432:5432
  sigpair:
    image: ghcr.io/silence-laboratories/duo-server:v2-be33417e65950db0fb9f395ee054371564e33b9d
    restart: always
    environment:
      PGHOST: db
      PGUSER: sigpair
      PGDATABASE: sigpair
      PGPASSWORD: sigpair
    ports:
      - 8080:8080
    depends_on:
      - db
  auth-proxy:
    image: ghcr.io/silence-laboratories/two-party-boilerplate-backend:8f91439ee35bc89ce18813ae8f4a92bfc92933d0
    ports:
      - "9090:9090"
    volumes:
      - ./serviceAccountKey.json:/app/serviceAccountKey.json
    environment:
      - FEATURE_MOCK_FIREBASE=false
      - SECRET_KEY='django-secret-key'
      - FIREBASE_CERT=/app/serviceAccountKey.json
      - TARGET_BASE_URL=sigpair:8080
      - DJANGO_SETTINGS_MODULE=config.settings
    command: >
      sh -c "cd /app/duo_proxy &&
             python manage.py migrate --noinput &&
             daphne -b 0.0.0.0 -p 9090 config.asgi:application"

      

Step 2: Add Firebase service account key

Place your Firebase service account key in the same directory as docker-compose.yml The file should be named serviceAccountKey.json

If you don't have a service account key, you can create one in the Firebase console under Project Settings > Service accounts.

How to get serviceAccountKey.json

Step 3: Start the services

docker compose pull
docker compose up

Step 4: Configure Django Secret Key (Optional)

Replace the SECRET_KEY with your own Django secret key

Your Auth Proxy will be running on http://localhost:9090.

Learn more About Auth Proxy:

📖 API Reference - Complete API specs, if you want to build your own auth-proxy service.
🔧 Custom Authentication - Add or modify authentication methods

Quick Setup​

Step 1 Docker Setup​

Step 2: Add Firebase service account key​

Step 3: Start the services​

Step 4: Configure Django Secret Key (Optional)​

Learn more About Auth Proxy:​