Project description

dj-rest-auth-mfa

Overview

dj-rest-auth-mfa is a Django App that is actually a plugin for the dj-rest-auth that adds mfa support to email/username accounts, by using the django-mfa2 package.

Requirements:

Make sure the requirements for django-allauth, dj-rest-auth and django-mfa2 are met

Installation

To install dj-rest-auth-mfa run:

pip install dj-rest-auth-mfa

In the settings.py you should have the following:

INSTALLED_APPS = [
    # ...
    "corsheaders",
    "rest_framework",
    "rest_framework.authtoken",
    "mfa",  # this is django-mfa2
    "allauth",  # this is django-allauth
    "dj_rest_auth", # this is dj-rest-auth
    "dj_rest_auth_mfa"  # this package
]


MIDDLEWARE = [
    "corsheaders.middleware.CorsMiddleware",
    "django.middleware.security.SecurityMiddleware",
    "django.contrib.sessions.middleware.SessionMiddleware",
    "django.middleware.common.CommonMiddleware",
    "django.middleware.csrf.CsrfViewMiddleware",
    "django.contrib.auth.middleware.AuthenticationMiddleware",
    "django.contrib.messages.middleware.MessageMiddleware",
    "django.middleware.clickjacking.XFrameOptionsMiddleware",
    "allauth.account.middleware.AccountMiddleware", # this is important for allauth
]

Configurations:

beside the configurations required by django-allauth and those required by dj-rest-auth, and the configurations necessary for django-mfa2, there are the following configurations that should be defined in the django settings.py file:

RECOVERY_ITERATION = 720000   # this is the recommended value for hashing iterations
MFA_MANDATORY = False
MFA_ADAPTER_CLASS = "dj_rest_auth_mfa.adapters.DjangoMFA2Adapter"
MFA_GRACE_WINDOW_DAYS = 7

Features

Currently only the following methods are supported

MFA_UNALLOWED_METHODS = [
  "RECOVERY",
  "TOTP
]

Contributing

Contributions to this project are welcomed! The Contributing Guide is still under construction.

When creating a pull request make sure to use the following template:

Change Summary
 - item one
 - item two
Related issue number
 - issue a
 - issue b
Checklist
  [ ] code is ready
  [ ] add tests
  [ ] all tests passing
  [ ] test coverage did not drop
  [ ] PR is ready for review

License

dj-rest-auth-saml is licensed under the MIT License - see the LICENSE file for details.

Project details

These details have not been verified by PyPI

Project links

GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Release history Release notifications | RSS feed

This version

0.0.2

Jan 8, 2024

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

dj-rest-auth-mfa-0.0.2.tar.gz (20.6 kB view hashes)

Uploaded Jan 8, 2024 Source

Built Distribution

dj_rest_auth_mfa-0.0.2-py3-none-any.whl (15.7 kB view hashes)

Uploaded Jan 8, 2024 Python 3

Hashes for dj-rest-auth-mfa-0.0.2.tar.gz

Hashes for dj-rest-auth-mfa-0.0.2.tar.gz
Algorithm	Hash digest
SHA256	`a3e621517759bd4abd101f2a866f568a311ebaaa674c72209d9455eceb84017c`
MD5	`f8add4bea04e33d7414c5fce16648aea`
BLAKE2b-256	`3ca389f00a4f437cb47a742763acab3aec56d67230645278ab7e8b7900fcba92`

Hashes for dj_rest_auth_mfa-0.0.2-py3-none-any.whl

Hashes for dj_rest_auth_mfa-0.0.2-py3-none-any.whl
Algorithm	Hash digest
SHA256	`d3e5f10830886a254feddc94ba807713fc93cef7c05ec67685d2c15aee90f730`
MD5	`76d113d4b93623deb86aaa830bd736b4`
BLAKE2b-256	`c3105efc5c41479b2f53f49ea74411159365aba4447f5a0f482f2acf2abd9128`