Skip to main content

Interface components to configure and manage multi factor authentication

Project description

Kleides Kleides Multi Factor Authentication

https://img.shields.io/pypi/v/kleides_mfa.svg Continuous Integration Status Documentation Status

Kleides MFA provides a convenient interface to configure, manage and authenticate with multi factor authentication for django-otp plugins. Currently supported plugins are:

Overview of Kleides MFA authentication method interface.

Install

pip install kleides-mfa

Add kleides_mfa to your INSTALLED_APPS with your preferred django-otp plugins:

INSTALLED_APPS = [
    ...
    'django_otp',
    'django_otp.plugins.otp_static',
    'django_otp.plugins.otp_totp',
    'kleides_mfa',
    ...
]

Add kleides_mfa.middleware.KleidesAuthenticationMiddleware to the MIDDLEWARE setting after the Django AuthenticationMiddleware:

MIDDLEWARE = [
    ...
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'kleides_mfa.middleware.KleidesAuthenticationMiddleware',
    ...
]

Do not use django_otp.middleware.OTPMiddleware with Kleides MFA as it will not be able to load the OTP device.

Set the LOGIN_URL:

LOGIN_URL = 'kleides_mfa:login'

Include kleides_mfa.urls in your urlpatterns:

urlpatterns = [
    path('', include('kleides_mfa.urls')),
]

Extending Kleides MFA

You can add or replace authentication methods using the kleides_mfa.registry.KleidesMfaPluginRegistry. Documentation is currently lacking but you can check the implementation of currently supported django-otp plugins to get a basic idea.

In short for devices using django-otp:

  • Register the django-otp model with the registration and verification form in the apps ready.

  • Device registration should be contained in the create_form_class.

  • Device verification should be contained in the verify_form_class.

History

0.2.2 (2024-08-01)

  • Only import otp models that are installed

0.2.1 (2024-03-15)

  • Fix device_id url component converter

  • Update test project for warnings

0.2.0 (2024-02-20)

  • Deprecate KLEIDES_MFA_PATCH_ADMIN for custom AdminConfig app

  • Add decorators and mixins for recent authentication checks

  • Refactor app settings to enable override_settings

  • Include jquery qrcode javascript

  • Run ValidationService migration on routed database

0.1.17 (2022-05-17)

  • Add signals to act on adding/removing MFA devices.

  • Fix compatibility with Django-4.0.

  • Update test matrix for supported releases only.

  • Make device table responsive.

0.1.16 (2021-09-10)

  • Update bootstrap, jquery and popper script tags.

0.1.15 (2021-07-13)

  • Prevent single factor access to device list when multi factor is available.

  • Switch to setuptools_scm for automatic git versioning.

  • Move package data to setup.cfg.

  • Add Python 3.9 and Django 3.2 to the support matrix.

  • Remove Python 3.5 and Django 3.0 which are end of life.

  • Move test dependencies to the kleides-mfa[test] extra.

  • Switch to PEP517 package builder.

0.1.14 (2020-10-22)

  • Configure ValidationService on the database that is being migrated.

0.1.13 (2020-09-29)

  • Send user_login_failed signal on device failures.

  • Test Django login signals with Kleides MFA.

0.1.12 (2020-09-23)

  • Add python 3.8 and Django 3.1 to support matrix.

  • Test unprintable token input.

  • Remove future statements.

  • Remove non-optional PATCH_USER setting.

0.1.11 (2020-06-11)

  • Fix unset plugin attribute on PermissionDeniedError.

0.1.10 (2020-06-09)

  • Restart authentication when accessing a bad device.

0.1.9 (2020-04-15)

  • Replace deprecated Django-3.0 functions.

  • Fix session cleanup after login as different user.

0.1.8 (2019-12-10)

  • Escape the next parameter in the “Other method” device selection.

  • Show device name in verification form.

0.1.7 (2019-11-18)

  • Actually remove django-crispy-forms as a hard dependency.

  • Add function to get the authentication method of a logged in user.

0.1.6 (2019-11-14)

  • Preserve next parameter when redirecting to verification url.

0.1.5 (2019-11-14)

  • Use cloudflare for all external script/style.

  • Remove crispy forms as a hard dependency.

0.1.4 (2019-11-12)

  • Add setting to disable patching of the User models.

  • Patch AnonymousUser to share the properties of the User model.

  • Add configurable redirect for users that login without 2 step authentication.

  • Fix 2 step test login when another user was logged in.

0.1.3 (2019-11-07)

  • Cleanup plugin button/table alignment.

  • Add Yubikey plugin for django-otp-yubikey.

  • Only patch AdminSite when admin is installed.

  • Remove python 2 compatibility classifiers.

0.1.2 (2019-11-06)

  • Improve and fix documentation.

0.1.1 (2019-11-04)

  • Set defaul device name if omitted from POST data.

0.1.0 (2019-11-04)

  • First release on PyPI.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

kleides_mfa-0.2.2.tar.gz (214.7 kB view details)

Uploaded Source

Built Distribution

kleides_mfa-0.2.2-py2.py3-none-any.whl (34.3 kB view details)

Uploaded Python 2 Python 3

File details

Details for the file kleides_mfa-0.2.2.tar.gz.

File metadata

  • Download URL: kleides_mfa-0.2.2.tar.gz
  • Upload date:
  • Size: 214.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/5.1.1 CPython/3.12.3

File hashes

Hashes for kleides_mfa-0.2.2.tar.gz
Algorithm Hash digest
SHA256 8d1f4793f4d89d1c53912d4a0b2bd74c66e5669b89ccaa0ffbb82b212a7e730d
MD5 e793581dd8debb079eaf6c24f1ce6c06
BLAKE2b-256 c5505c6666c027d09419742761683357e009f005fafc74f3613ce02dc50266e8

See more details on using hashes here.

File details

Details for the file kleides_mfa-0.2.2-py2.py3-none-any.whl.

File metadata

File hashes

Hashes for kleides_mfa-0.2.2-py2.py3-none-any.whl
Algorithm Hash digest
SHA256 66c87b71e3890b372c9f7a61e128e3257b5b03fdd38bfdb8510a290ef952c2ff
MD5 545b0e09f94b0b83e0e4f40ca8523882
BLAKE2b-256 df03c4ea7e06ba2d57661289c0ce951e9d5fee91a5765baa72e58a1b248b2085

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page