Authorization for Django admin through one-time codes sent by email.
Project description
DjangoAuthEmailPin library
The free, open-source DjangoAuthEmailPin library is designed for password-free user authorization in the Django admin panel. One-time codes are sent to users by email to enter the admin area.
Installation
pip install django-admin-auth-emailpin
Usage
To send authorization codes, the regular way of sending email in Django is used.
Therefore, in the settings.py file of your project, you must specify the details of the mail server used.
# settings.py
EMAIL_HOST = 'smtp.gmail.com'
EMAIL_PORT = 587
EMAIL_USE_TLS = True
The Django admin user model must have special fields to use the library.
name: primary email address for user.custom_email: optional additional user email.is_active: if this field is set to False, then the user is disabled in admin panel.
The library provides an abstract User class that defines these fields.
This class can be used as a base class when defining the user model of your project.
# models.py
from django_admin_auth_emailpin.models import User
class MyUser(User):
# Titles for fields in Django admin
title_fld_name = "Login"
title_fld_email = "Custom email"
title_fld_active = "Active"
For user authorization using the library, your project must contain a model,
inherited from the PinCode class from the library.
# models.py
from django_admin_auth_emailpin.models import PinCode
class Pin(PinCode):
The following methods need to be defined in this model.
Method mail_secrets
Returns a tuple of three elements specifying the parameters for accessing the mail server.
- address where authorization codes for the
adminuser (database superuser) will be sent - username to connect to the mail server
- password to connect to the mail server
# models.py
@classmethod
def mail_secrets(cls):
return (
'admin@example.com',
'example.admin@gmail.com',
'smtp-password',
)
Method mail_inacive
Gets an instance of the user model that is denied access to the admin panel (the is_active field is set to False).
Returns a tuple of three elements specifying the parameters of the email that will be sent to this user.
- the address from which the email will be sent
- email subject text
- email body text
# models.py
@classmethod
def mail_inacive(cls, user):
return (
"noreply@example.com",
"Failed login at example.com.",
"Your account {} is disabled. Ask for admin to solve issue.".format(user),
)
Method mail_login
Gets the model instance of the user who requested authorization and the model instance of the authorization code generated for that user.
Returns a tuple of three elements defining the parameters of the email with authorization data that will be sent to this user.
- the address from which the email will be sent
- email subject text
- email body text
# models.py
@classmethod
def mail_login(cls, user, pin):
return (
"noreply@example.com",
"Login at example.com",
"To login as {} use PIN code: {}".format(user, pin.code),
)
User Authorizations
To start authorization of a user named username, you need to call the Pin.auth method,
passing it the model class and username.
If there is a user with this name in the database and he is allowed to enter the admin panel (field is_active=True),
a one-time authorization code will be generated for this user and an email with this code will be sent to the user.
The Pin.auth method will return True in this case.
If the user with the given name is not in the database or he is denied access to the admin panel (field is_active=False),
the Pin.auth method will return False.
# views.py
from .models import MyUser, Pin
assert Pin.auth(MyUser, 'username')
To complete the authorization, you need to get the value of the authorization code from the user and call the Pin.is_valid method.
This method should be passed the name of the authorized user and the authorization code.
If a valid code value is used, the method will return True and the authorization code used in the call will become invalid.
# views.py
from django.contrib.auth import login
from django.contrib.auth.models import User
from .models import Pin
if Pin.is_valid(username, code):
user = User.objects.filter(username=username)[0]
login(request, user)
Development
$ git clone git@github.com:vb64/django.admin.auth.emailpin
$ cd django.admin.auth.emailpin
$ make setup PYTHON_BIN=/path/to/python3
$ make tests
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for django_admin_auth_emailpin-1.0.tar.gz
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | d28749cc883f3e064683149bf3a7b60a823a4a4d90f019d00c1fcfafa58a6ca9 |
|
| MD5 | a8e2ae4e9de66a73ad8ec18e3952fde8 |
|
| BLAKE2b-256 | 80d4b66436eab0ae73a242fd10b8158aedb4feae81396dfd92a983cec4aa93ed |
Hashes for django_admin_auth_emailpin-1.0-py3-none-any.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | c7aa4a581f19d47b2bd997da1608904a148f85615396b4d1a2c64a2648fef76a |
|
| MD5 | 31ec7a3a8b255b9f064c09fc2a75523b |
|
| BLAKE2b-256 | 4d759d65dc13122707be37dd974889dd39190418e53fa53fe75d74057c56864b |
