Implements Django Admin OTP Auth

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for whatislove118 from gravatar.com whatislove118

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT
  • Author: whatislove118
  • Requires: Python <=3.13, >=3.10
Report project as malware

Project description

django-admin-otp

Lightweight MFA (TOTP) for Django Admin: enable/disable MFA directly from the admin, verify codes on login, and support "trusted devices" via secure cookies.

Features

  • 🔑 TOTP-based MFA for Django Admin (Google Authenticator, Authy, etc.)
  • 🛠 Setup MFA from the admin panel (QR code + code entry)
  • ❌ Disable MFA with code confirmation
  • 💻 Trusted devices: skip MFA for up to N days
  • ⚙️ Middleware-based enforcement for admin access
  • 📦 Configurable via environment variables
  • 🎨 Ready-to-use templates for verification and setup pages

Installation

pip install django-admin-otp

Quickstart

Add this code to settings.py

# settings.py
INSTALLED_APPS = [
    # ...
    "django.contrib.admin",
    "django_admin_otp",
]
# Should be last middleware
MIDDLEWARE = [
    # ...
    "django_admin_otp.middleware.AdminOTPMiddleware",
]

ADMIN_OTP_PROJECT_NAME = "Your-project-name"

Run migrations and createsuperuser (if it hasn't created yet):

python manage.py migrate django_admin_otp
&
python manage.py createsuperuser

Run server

python manage.py runserver

How to setup OTP

Go to localhost:8000/admin/, login to panel and go to OTP Verifications panel Setup MFA First Step Click on 'Setup MFA for current user' Setup MFA Second Step Scan QR and enter code from your app here. Click on submit. Setup MFA Third Step If code is correct - MFA for your user would be set. You will be redirected to Django Auth Form (via logout). Now you can start login process.

OTP Login process

Login into admin panel. After success - you will see theese form. Login First Step Enter code to from your app and choose trust device option. If would set - you can login from this device without MFA process. (stored in cookie). It would worked for some time (see Configuration section).

How to disable

Go to OTPVerification admin panel. Disconnect MFA First Step If you have already connected to MFA - the button would be "Disable MFA for Current user" Disconnect MFA Second Step Click on it, enter code from your app and your mfa (with trusted devices) would be deleted. Disconnect MFA Third Step

Configuration

Configurable environment variables:

  • ADMIN_OTP_PROJECT_NAME - project name which would display in Auth APP.
  • ADMIN_PATH_PREFIX — admin URL prefix (default "/admin"). Used for cases when your admin app is behind proxy
  • ADMIN_OTP_FORCE (int) — require MFA setup for all admin users (default 0). See Force OTP section for more details.
  • ADMIN_OTP_TRUSTED_DEVICE_DAYS — validity period for trusted devices (defaults 30 days)
  • ADMIN_OTP_DEVICE_TOKEN_COOKIE_NAME — name of trusted device cookie (default "admin_otp_trusted_device").

FORCE OTP

This parameter change default setup mfa behavior. If is set, all users that tries to login into admin panel would be redirected to setup mfa process. Without set mfa - you wouldn't be able to login in admin panel. How it goes: After login you'll see this form Force OTP First Step After setup mfa - you will be redirected on login to OTP process form Login First Step

How to contribute

...

How to develop

How to test

...

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for whatislove118 from gravatar.com whatislove118

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT
  • Author: whatislove118
  • Requires: Python <=3.13, >=3.10

Release history Release notifications | RSS feed

0.1.18

0.1.17

0.1.16

0.1.15

0.1.14

0.1.13

0.1.12

0.1.11

0.1.10

0.1.9

0.1.8

0.1.7

0.1.6

0.1.5

0.1.4

0.1.3

0.1.2

This version

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

django_admin_otp-0.1.1.tar.gz (12.9 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

django_admin_otp-0.1.1-py3-none-any.whl (17.2 kB view details)

Uploaded Python 3

File details

Details for the file django_admin_otp-0.1.1.tar.gz.

File metadata

  • Download URL: django_admin_otp-0.1.1.tar.gz
  • Upload date:
  • Size: 12.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: pdm/2.25.9 CPython/3.13.7 Linux/6.11.0-1018-azure

File hashes

Hashes for django_admin_otp-0.1.1.tar.gz
Algorithm Hash digest
SHA256 6a709ca6b8ad2b06005d2e157606e06166585ec1dbc25f24ac1dd876f44e19ae
MD5 7c80d95993644e55e4680323eb1ec283
BLAKE2b-256 911dbd7a8d449476469a9fb379d0a7e35add7a1a35e1665bbc418891c08eefc7

See more details on using hashes here.

File details

Details for the file django_admin_otp-0.1.1-py3-none-any.whl.

File metadata

  • Download URL: django_admin_otp-0.1.1-py3-none-any.whl
  • Upload date:
  • Size: 17.2 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: pdm/2.25.9 CPython/3.13.7 Linux/6.11.0-1018-azure

File hashes

Hashes for django_admin_otp-0.1.1-py3-none-any.whl
Algorithm Hash digest
SHA256 04e4349f3b6b750d2ffdcf2e8b92ab9e854b113cc5bcb02d4aaf9b28b5836ead
MD5 1f50412d26f5fa1042e4d8480953986d
BLAKE2b-256 3061cfaad03079549eac213348a10cad6b8f241f3011f86764cdc7ff16ba263c

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page