A Django App that adds MFA endpoints to dj-rest-auth
Project description
dj-rest-auth-mfa
Overview
dj-rest-auth-mfa is a Django App that is actually a plugin for the dj-rest-auth that adds mfa support to email/username accounts, by using the django-mfa2 package.
Requirements:
Make sure the requirements for django-allauth, dj-rest-auth and django-mfa2 are met
Installation
To install dj-rest-auth-mfa run:
pip install dj-rest-auth-mfa
In the settings.py you should have the following:
INSTALLED_APPS = [
# ...
"corsheaders",
"rest_framework",
"rest_framework.authtoken",
"mfa", # this is django-mfa2
"allauth", # this is django-allauth
"dj_rest_auth", # this is dj-rest-auth
"dj_rest_auth_mfa" # this package
]
MIDDLEWARE = [
"corsheaders.middleware.CorsMiddleware",
"django.middleware.security.SecurityMiddleware",
"django.contrib.sessions.middleware.SessionMiddleware",
"django.middleware.common.CommonMiddleware",
"django.middleware.csrf.CsrfViewMiddleware",
"django.contrib.auth.middleware.AuthenticationMiddleware",
"django.contrib.messages.middleware.MessageMiddleware",
"django.middleware.clickjacking.XFrameOptionsMiddleware",
"allauth.account.middleware.AccountMiddleware", # this is important for allauth
]
Configurations:
beside the configurations required by django-allauth and those required by dj-rest-auth, and the configurations necessary for django-mfa2, there are the following configurations that should be defined in the django settings.py file:
RECOVERY_ITERATION = 720000 # this is the recommended value for hashing iterations
MFA_MANDATORY = False
MFA_ADAPTER_CLASS = "dj_rest_auth_mfa.adapters.DjangoMFA2Adapter"
MFA_GRACE_WINDOW_DAYS = 7
Features
Currently only the following methods are supported
MFA_UNALLOWED_METHODS = [
"RECOVERY",
"TOTP
]
Contributing
Contributions to this project are welcomed! The Contributing Guide is still under construction.
When creating a pull request make sure to use the following template:
Change Summary
- item one
- item two
Related issue number
- issue a
- issue b
Checklist
[ ] code is ready
[ ] add tests
[ ] all tests passing
[ ] test coverage did not drop
[ ] PR is ready for review
License
dj-rest-auth-saml is licensed under the MIT License - see the LICENSE file for details.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file dj-rest-auth-mfa-0.0.2.tar.gz.
File metadata
- Download URL: dj-rest-auth-mfa-0.0.2.tar.gz
- Upload date:
- Size: 20.6 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.11.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | a3e621517759bd4abd101f2a866f568a311ebaaa674c72209d9455eceb84017c |
|
| MD5 | f8add4bea04e33d7414c5fce16648aea |
|
| BLAKE2b-256 | 3ca389f00a4f437cb47a742763acab3aec56d67230645278ab7e8b7900fcba92 |
File details
Details for the file dj_rest_auth_mfa-0.0.2-py3-none-any.whl.
File metadata
- Download URL: dj_rest_auth_mfa-0.0.2-py3-none-any.whl
- Upload date:
- Size: 15.7 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.11.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | d3e5f10830886a254feddc94ba807713fc93cef7c05ec67685d2c15aee90f730 |
|
| MD5 | 76d113d4b93623deb86aaa830bd736b4 |
|
| BLAKE2b-256 | c3105efc5c41479b2f53f49ea74411159365aba4447f5a0f482f2acf2abd9128 |
