A Django App that adds MFA endpoints to dj-rest-auth
Project description
dj-rest-auth-mfa
Overview
dj-rest-auth-mfa
is a Django App that is actually a plugin for the dj-rest-auth
. It adds RESTful API endpoints that adds multifactor authentication (MFA) support to accounts by using the django-mfa2
package.
Requirements:
Besides Django, this package depends on the following projects:
- django-allauth that provides advanced authentication functionality to the Django framework.
- django-rest-framework, DRF, that provides an extendible and flexible way to build Web APIs on top of Django
- dj-rest-auth provides RESTful API endpoints for the django-allauth using DRF (
django-allauth
does not provide API support out of the box yet.) - django-mfa2 which is a Django app that adds supports for TOTP, U2F, FIDO2 U2F (Web Authn), Email Tokens, Trusted Devices, backup codes, and Passkeys. (
django-allauth
only supports TOTP out of the box.)
To use the package effectively, make sure django-allauth
, django-rest-framework
, dj-rest-auth
and django-mfa2
are installed and configured correctly.
Installation
To install dj-rest-auth-mfa
run:
pip install dj-rest-auth-mfa
In the settings.py you should have the following:
INSTALLED_APPS = [
# ...
"django.contrib.auth",
"django.contrib.admin",
"django.contrib.sites",
# ...
"corsheaders",
"rest_framework",
"rest_framework.authtoken",
"mfa", # this is django-mfa2
"allauth", # this is django-allauth
"dj_rest_auth", # this is dj-rest-auth
"dj_rest_auth_mfa" # this package
]
# https://docs.djangoproject.com/en/4.2/ref/contrib/sites/
SITE_ID = 1
MIDDLEWARE = [
"corsheaders.middleware.CorsMiddleware",
"django.middleware.security.SecurityMiddleware",
"django.contrib.sessions.middleware.SessionMiddleware",
"django.middleware.common.CommonMiddleware",
"django.middleware.csrf.CsrfViewMiddleware",
"django.contrib.auth.middleware.AuthenticationMiddleware",
"django.contrib.messages.middleware.MessageMiddleware",
"django.middleware.clickjacking.XFrameOptionsMiddleware",
"allauth.account.middleware.AccountMiddleware", # this is important for allauth
]
Configurations:
beside the configurations required by django-allauth and those required by dj-rest-auth, and the configurations necessary for django-mfa2, there are the following configurations that should be defined in the django settings.py file:
RECOVERY_ITERATION = 720000 # this is the recommended value for hashing iterations
MFA_MANDATORY = False
MFA_ADAPTER_CLASS = "dj_rest_auth_mfa.adapters.DjangoMFA2Adapter"
MFA_GRACE_WINDOW_DAYS = 7
Features
Currently only the following methods are supported
MFA_UNALLOWED_METHODS = [
"RECOVERY",
"TOTP
]
Integration
Ones installed and configured, the package provides the following API nodes:
/totp/
/totp/setup
/totp/verify
/recovery/
/recovery/setup
/recovery/verify
Contributing
Contributions to this project are welcomed! The Contributing Guide is still under construction.
When creating a pull request make sure to use the following template:
Change Summary
- item one
- item two
Related issue number
- issue a
- issue b
Checklist
[ ] code is ready
[ ] add tests
[ ] all tests passing
[ ] test coverage did not drop
[ ] PR is ready for review
License
dj-rest-auth-saml is licensed under the MIT License - see the LICENSE file for details.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file dj_rest_auth_mfa-0.0.3.tar.gz
.
File metadata
- Download URL: dj_rest_auth_mfa-0.0.3.tar.gz
- Upload date:
- Size: 21.7 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.10.16
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 |
8bde00f66f7314c00779ecefb33969eef3edac89ba96abf4f2a50ff0c83b134e
|
|
MD5 |
01c2e919a6df06f225a4989085451c8d
|
|
BLAKE2b-256 |
804dfaa7820c8979c91f051a4ed44b83cdd955e6eb178c3a14c48a3a5accc09c
|
File details
Details for the file dj_rest_auth_mfa-0.0.3-py3-none-any.whl
.
File metadata
- Download URL: dj_rest_auth_mfa-0.0.3-py3-none-any.whl
- Upload date:
- Size: 16.2 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.10.16
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 |
f27327fcd927b2500fcaba6f6e077499e6e49186970bdf502504dcedbac3aba3
|
|
MD5 |
32495cdabd84a09879af6cad9c4a63b0
|
|
BLAKE2b-256 |
f9e446041594dd9fdabc2cf60556b8df7fef2840827dd7bb33d60801a4139f99
|