Secure authentication by TOTP, SMS, Codes & Question
Project description
Module which provide secure authentication by TOTP/SMS/Codes/Question. Login protected by IP ranges and with captcha, when login attempt will fail.
Demo installation:
$ sudo apt-get install -y virtualenvwrapper redis-server git python-dev || brew install pyenv-virtualenvwrapper redis git geoip
$ source /usr/share/virtualenvwrapper/virtualenvwrapper.sh || source /usr/local/bin/virtualenvwrapper.sh
$ mkvirtualenv django-secure-auth
$ workon django-secure-auth
$ git clone --depth 1 https://github.com/gotlium/django-secure-auth.git
$ cd django-secure-auth
$ pip install -r requirements.txt
$ python setup.py develop
$ cd demo
$ pip install -r requirements.txt
$ python manage.py syncdb --noinput
$ python manage.py migrate --noinput
$ python manage.py createsuperuser --username admin --email admin@local.host
$ wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz
$ gunzip GeoLiteCity.dat.gz
$ mkdir -p /usr/share/geoip/; mv GeoLiteCity.dat /usr/share/geoip/
$ cd ../
Open settings:
$ vim demo/settings.py
Replace Twilio credentials in AUTH_SMS_BACKEND_AUTH to your demo account settings or change SMS_FORCE to False.
Run Redis server and Celery daemon(or remove ‘djcelery’ from INSTALLED_APPS):
$ make run_redis
$ make run_celery
Run test server:
$ make run_server
Now you can open https://127.0.0.1:8000/accounts/register/ and register new account and setup all available authentication methods.
Note: activation link will be output to console.
Crontab
When you are using TOTP auth method, please update your server time. If your server time is behind from real time, user cannot be authenticated by authenticator app. You can run ntpd clients, or update time on server by cron job:
SHELL=/bin/bash
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games
MAILTO=root@localhost
# Update time
0 */6 * * * ntpdate ntp.ubuntu.com >& /dev/null
Screenshots
Compatibility
Python: 2.7
Django: 1.4, 1.8
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for django_secure_auth-1.3.2-py2-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 143cbe58a1a81ac40467abaab3758b079bd648f39717714da3f036bcf16c1ab7 |
|
MD5 | 0303898ce72a015c37e965d3d993c888 |
|
BLAKE2b-256 | 38a7d0f0d29285292a050356eccdda25d49db203207e0bd89ddfc44c210c377a |