Interface components to configure and manage multi factor authentication
Project description
Kleides Multi Factor Authentication
Kleides MFA provides a convenient interface to configure, manage and authenticate with multi factor authentication for django-otp plugins. Currently supported plugins are:
Static devices included in django-otp.
TOTP devices included in django-otp.
Yubikey devices using django-otp-yubikey.
U2F devices using django-otp-u2f.
Free software: GNU General Public License v3
Documentation: https://kleides-mfa.readthedocs.io.
Install
pip install kleides-mfa
Add kleides_mfa to your INSTALLED_APPS with your preferred django-otp plugins:
INSTALLED_APPS = [ ... 'django_otp', 'django_otp.plugins.otp_static', 'django_otp.plugins.otp_totp', 'kleides_mfa', ... ]
Add kleides_mfa.middleware.KleidesAuthenticationMiddleware to the MIDDLEWARE setting after the Django AuthenticationMiddleware:
MIDDLEWARE = [ ... 'django.contrib.auth.middleware.AuthenticationMiddleware', 'kleides_mfa.middleware.KleidesAuthenticationMiddleware', ... ]
Do not use django_otp.middleware.OTPMiddleware with Kleides MFA as it will not be able to load the OTP device.
Set the LOGIN_URL:
LOGIN_URL = 'kleides_mfa:login'
Include kleides_mfa.urls in your urlpatterns:
urlpatterns = [ path('', include('kleides_mfa.urls')), ]
Extending Kleides MFA
You can add or replace authentication methods using the kleides_mfa.registry.KleidesMfaPluginRegistry. Documentation is currently lacking but you can check the implementation of currently supported django-otp plugins to get a basic idea.
In short for devices using django-otp:
Register the django-otp model with the registration and verification form in the apps ready.
Device registration should be contained in the create_form_class.
Device verification should be contained in the verify_form_class.
History
0.2.2 (2024-08-01)
Only import otp models that are installed
0.2.1 (2024-03-15)
Fix device_id url component converter
Update test project for warnings
0.2.0 (2024-02-20)
Deprecate KLEIDES_MFA_PATCH_ADMIN for custom AdminConfig app
Add decorators and mixins for recent authentication checks
Refactor app settings to enable override_settings
Include jquery qrcode javascript
Run ValidationService migration on routed database
0.1.17 (2022-05-17)
Add signals to act on adding/removing MFA devices.
Fix compatibility with Django-4.0.
Update test matrix for supported releases only.
Make device table responsive.
0.1.16 (2021-09-10)
Update bootstrap, jquery and popper script tags.
0.1.15 (2021-07-13)
Prevent single factor access to device list when multi factor is available.
Switch to setuptools_scm for automatic git versioning.
Move package data to setup.cfg.
Add Python 3.9 and Django 3.2 to the support matrix.
Remove Python 3.5 and Django 3.0 which are end of life.
Move test dependencies to the kleides-mfa[test] extra.
Switch to PEP517 package builder.
0.1.14 (2020-10-22)
Configure ValidationService on the database that is being migrated.
0.1.13 (2020-09-29)
Send user_login_failed signal on device failures.
Test Django login signals with Kleides MFA.
0.1.12 (2020-09-23)
Add python 3.8 and Django 3.1 to support matrix.
Test unprintable token input.
Remove future statements.
Remove non-optional PATCH_USER setting.
0.1.11 (2020-06-11)
Fix unset plugin attribute on PermissionDeniedError.
0.1.10 (2020-06-09)
Restart authentication when accessing a bad device.
0.1.9 (2020-04-15)
Replace deprecated Django-3.0 functions.
Fix session cleanup after login as different user.
0.1.8 (2019-12-10)
Escape the next parameter in the “Other method” device selection.
Show device name in verification form.
0.1.7 (2019-11-18)
Actually remove django-crispy-forms as a hard dependency.
Add function to get the authentication method of a logged in user.
0.1.6 (2019-11-14)
Preserve next parameter when redirecting to verification url.
0.1.5 (2019-11-14)
Use cloudflare for all external script/style.
Remove crispy forms as a hard dependency.
0.1.4 (2019-11-12)
Add setting to disable patching of the User models.
Patch AnonymousUser to share the properties of the User model.
Add configurable redirect for users that login without 2 step authentication.
Fix 2 step test login when another user was logged in.
0.1.3 (2019-11-07)
Cleanup plugin button/table alignment.
Add Yubikey plugin for django-otp-yubikey.
Only patch AdminSite when admin is installed.
Remove python 2 compatibility classifiers.
0.1.2 (2019-11-06)
Improve and fix documentation.
0.1.1 (2019-11-04)
Set defaul device name if omitted from POST data.
0.1.0 (2019-11-04)
First release on PyPI.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file kleides_mfa-0.2.2.tar.gz
.
File metadata
- Download URL: kleides_mfa-0.2.2.tar.gz
- Upload date:
- Size: 214.7 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.1 CPython/3.12.3
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 8d1f4793f4d89d1c53912d4a0b2bd74c66e5669b89ccaa0ffbb82b212a7e730d |
|
MD5 | e793581dd8debb079eaf6c24f1ce6c06 |
|
BLAKE2b-256 | c5505c6666c027d09419742761683357e009f005fafc74f3613ce02dc50266e8 |
File details
Details for the file kleides_mfa-0.2.2-py2.py3-none-any.whl
.
File metadata
- Download URL: kleides_mfa-0.2.2-py2.py3-none-any.whl
- Upload date:
- Size: 34.3 kB
- Tags: Python 2, Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.1 CPython/3.12.3
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 66c87b71e3890b372c9f7a61e128e3257b5b03fdd38bfdb8510a290ef952c2ff |
|
MD5 | 545b0e09f94b0b83e0e4f40ca8523882 |
|
BLAKE2b-256 | df03c4ea7e06ba2d57661289c0ce951e9d5fee91a5765baa72e58a1b248b2085 |