Complete Two-Factor Authentication for Django

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for bouke from gravatar.com bouke Avatar for jazzband from gravatar.com jazzband Avatar for MarkusH from gravatar.com MarkusH Avatar for moggers87 from gravatar.com moggers87

Unverified details

These details have not been verified by PyPI
Project links
Meta
Classifiers

Project description

Build Status Test Coverage PyPI

Complete Two-Factor Authentication for Django. Built on top of the one-time password framework django-otp and Django’s built-in authentication framework django.contrib.auth for providing the easiest integration into most Django projects. Inspired by the user experience of Google’s Two-Step Authentication, allowing users to authenticate through call, text messages (SMS), by using a token generator app like Google Authenticator or a YubiKey hardware token generator (optional).

I would love to hear your feedback on this package. If you run into problems, please file an issue on GitHub, or contribute to the project by forking the repository and sending some pull requests. The package is currently translated into English, Dutch, Hebrew and Arabic. Please contribute your own language using Transifex.

Test drive this app through the online example app, hosted by Heroku. It demos most features except the Twilio integration. The example also includes django-user-sessions for providing Django sessions with a foreign key to the user. Although the package is optional, it improves account security control over django.contrib.sessions.

Compatible with Django 1.4, 1.5, 1.6 and 1.7 on Python 2.6, 2.7, 3.2, 3.3 and 3.4. Documentation is available at readthedocs.org.

Installation

Installation with pip:

$ pip install django-two-factor-auth

Add the following apps to the INSTALLED_APPS:

INSTALLED_APPS = (
    ...
    'django_otp',
    'django_otp.plugins.otp_static',
    'django_otp.plugins.otp_totp',
    'two_factor',
)

Add django_otp.middleware.OTPMiddleware to MIDDLEWARE_CLASSES. It must be installed after AuthenticationMiddleware:

MIDDLEWARE_CLASSES = [
    'django.middleware.common.CommonMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django_otp.middleware.OTPMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
]

Configure a few urls:

from django.core.urlresolvers import reverse_lazy
LOGIN_URL = reverse_lazy('two_factor:login')

Add the url routes:

urlpatterns = patterns('',
    ...
    url(r'', include('two_factor.urls', 'two_factor')),
)

Be sure to remove any other login routes, otherwise the two-factor authentication might be circumvented. The admin interface should be automatically patched to use the new login method.

Support for YubiKey is disabled by default, but enabling is easy. Please refer to the documentation for instructions.

Contribute

  • Submit issues to the issue tracker on Github

  • Fork the source code at Github

  • Run the tests.

  • Send a pull request with your changes.

  • Provide a translation using Transifex.

Running tests

This project aims for full code-coverage, this means that your code should be well-tested. Also test branches for hardened code. You can run the full test suite with:

make test

Or run a specific test with:

make test TARGET=tests.tests.TwilioGatewayTest

For Python compatibility, tox is used. You can run the full test suite with:

tox

See Also

Have a look at django-user-sessions for Django sessions with a foreign key to the user. This package is also included in the online example app.

License

The project is licensed under the MIT license.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for bouke from gravatar.com bouke Avatar for jazzband from gravatar.com jazzband Avatar for MarkusH from gravatar.com MarkusH Avatar for moggers87 from gravatar.com moggers87

Unverified details

These details have not been verified by PyPI
Project links
Meta
Classifiers

Release history Release notifications | RSS feed

1.17.0

1.16.0

1.15.5

1.15.4

1.15.3

1.15.2

1.15.1

1.15.0

1.14.0

1.13.2

1.13.1

1.13

1.12.1

1.12

1.11.0

1.10.0

1.9.1

1.8.0

1.7.0

1.6.2

1.6.1

1.6.0

1.5.0

1.4.0

1.3.1

1.3.0

1.2.2

1.2.1

1.2.0

1.1.1

1.1.0

1.0.0

This version

1.0.0-beta3 pre-release

1.0.0-beta2 pre-release

1.0.0-beta1 pre-release

0.5.0

0.4.0

0.3.1

0.3.0

0.2.3

0.2.2

0.2.1

0.2.0

0.1.2

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

django-two-factor-auth-1.0.0-beta3.tar.gz (63.2 kB view details)

Uploaded Source

Built Distribution

django_two_factor_auth-1.0.0_beta3-py2.py3-none-any.whl (135.0 kB view details)

Uploaded Python 2 Python 3

File details

Details for the file django-two-factor-auth-1.0.0-beta3.tar.gz.

File metadata

File hashes

Hashes for django-two-factor-auth-1.0.0-beta3.tar.gz
Algorithm Hash digest
SHA256 27cf4ad7f9950523b577b67414d1aad34a0e0a3d23e007f176657cfedcb89b43
MD5 8760809dacf3da3dd453b581d458babb
BLAKE2b-256 4ffe9e2e8adef95e809fa4ebae1802d82d73a75908d461d9753bfa6d5d3b7262

See more details on using hashes here.

File details

Details for the file django_two_factor_auth-1.0.0_beta3-py2.py3-none-any.whl.

File metadata

File hashes

Hashes for django_two_factor_auth-1.0.0_beta3-py2.py3-none-any.whl
Algorithm Hash digest
SHA256 dd10084f2d711c984ae65116fbb260f316b5e46b90eeabcc88acc8aa495a9b98
MD5 d4c3ef1977c2f164c4ec73bfcca4cf2d
BLAKE2b-256 76c65146ace826d13a93cd597df1b44c9bc906585287934310883f1e58d0fde7

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page