Skip to main content

Add dynamic password authentication to your web service

Project description

Attention! Only for really paranoid people as me.

The project code and bugtracker is hosted on Bitbucket and Github.

Introduction

django-dynamic-password is a django application which allow you to add dynamic password authentication for your web service.

How it works?

Verifies provided password according to DYNAMIC_PASSWORD_PATTERN in your settings.py. You can also enable this feature only for STAFF users, see below.

You can format the value of your DYNAMIC_PASSWORD_PATTERN according to: http://docs.python.org/library/datetime.html#strftime-and-strptime-behavior

Some examples. Let’s assume that today is September 29th, 2022, 8:01 (09-29-2022 8:01). Say your username is “admin” and password “s3kr3t”, according to your DYNAMIC_PASSWORD_PATTERN in settings.py you will have:

Case 1:

DYNAMIC_PASSWORD_PATTERN = '<PASSWORD>%d'
only today valid password: s3kr3t29

Case 2:

DYNAMIC_PASSWORD_PATTERN = '%d<PASSWORD>%H'
only this hour valid password: 29s3kr3t08

Case 3:

DYNAMIC_PASSWORD_PATTERN = '%d<PASSWORD>%H-%M'
only this minute valid password: 29s3kr3t08-01

Installation

There are a few different ways to install dynamic_password:

Using pip

If you have pip install available on your system, just type:

pip install django-dynamic-password

If you’ve already got an old version of dynamic_password, and want to upgrade, use:

pip install -U django-dynamic-password

Installing from a directory

If you’ve obtained a copy of dynamic_password using either Mercurial or a downloadable archive, you’ll need to install the copy you have system-wide. Try running:

python setup.py develop

If that fails, you don’t have setuptools or an equivalent installed; either install them, or run:

python setup.py install

How to configure dynamic_password?

If you have already installed dynamic_password app, you must proceed with the configuration of your project.

Add dynamic_password to the INSTALLED_APPS

Once the dynamic_password is in your Python path, you need to modify the INSTALLED_APPS setting to include the dynamic_password module:

INSTALLED_APPS = (
    # ...,
    # Third-party
    'dynamic_password',
    # ...,
    )

Enable the custom authentication backend

To activate this backend you need at least put dynamic_password.backends. DynamicPasswordBackend line to the AUTHENTICATION_BACKENDS tuple:

AUTHENTICATION_BACKENDS = (
‘dynamic_password.backends.DynamicPasswordBackend’, )

Set the DYNAMIC_PASSWORD_PATTERN in your settings.py

Add this line to your settings.py:

DYNAMIC_PASSWORD_PATTERN = ‘<PASSWORD>%m’

change it’s value according to your needs. Some examples:

DYNAMIC_PASSWORD_PATTERN = '<PASSWORD>%d'
DYNAMIC_PASSWORD_PATTERN = '<PASSWORD>%m'
DYNAMIC_PASSWORD_PATTERN = '%m<PASSWORD>%d'
DYNAMIC_PASSWORD_PATTERN = '%d<PASSWORD>%Y'

You can format this value according to: http://docs.python.org/library/datetime.html#strftime-and-strptime-behavior

Optional: set DYNAMIC_PASSWORD_ONLY_STAFF

In order to enable dynamic_password only for staff users you can add this line to your settings.py:

DYNAMIC_PASSWORD_ONLY_STAFF = True

Future development plans

  • Enable “per user” dynamic password, DYNAMIC_PASSWORD_USERS = (‘user1’, ‘user2’, )

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Filename, size & hash SHA256 hash help File type Python version Upload date
dynamic_password-0.0.3.tar.gz (5.7 kB) Copy SHA256 hash SHA256 Source None

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN SignalFx SignalFx Supporter DigiCert DigiCert EV certificate StatusPage StatusPage Status page