django-two-factor-auth

Complete Two-Factor Authentication for Django

These details have been verified by PyPI

Maintainers

bouke jazzband MarkusH moggers87

These details have not been verified by PyPI

Project links

Project description

Complete Two-Factor Authentication for Django. Built on top of the one-time password framework django-otp and Django’s built-in authentication framework django.contrib.auth for providing the easiest integration into most Django projects. Inspired by the user experience of Google’s Two-Step Authentication, allowing users to authenticate through call, text messages (SMS), by using a token generator app like Google Authenticator or a YubiKey hardware token generator (optional).

I would love to hear your feedback on this package. If you run into problems, please file an issue on GitHub, or contribute to the project by forking the repository and sending some pull requests. The package is currently translated into English, Dutch, Hebrew and Arabic. Please contribute your own language using Transifex.

Test drive this app through the online example app, hosted by Heroku. It demos most features except the Twilio integration. The example also includes django-user-sessions for providing Django sessions with a foreign key to the user. Although the package is optional, it improves account security control over django.contrib.sessions.

Compatible with all supported Django (LTS) versions. At the moment of writing that’s including 1.4, 1.7 and 1.8 on Python 2.6, 2.7, 3.2, 3.3 and 3.4. Documentation is available at readthedocs.org.

Installation

Installation with pip:

$ pip install django-two-factor-auth

On Django 1.8, also install django-formtools:

$ pip install django-formtools

Add the following apps to the INSTALLED_APPS:

INSTALLED_APPS = (
    ...
    'django_otp',
    'django_otp.plugins.otp_static',
    'django_otp.plugins.otp_totp',
    'two_factor',
)

Add django_otp.middleware.OTPMiddleware to MIDDLEWARE_CLASSES. It must be installed after AuthenticationMiddleware:

MIDDLEWARE_CLASSES = [
    'django.middleware.common.CommonMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django_otp.middleware.OTPMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
]

Configure a few urls:

from django.core.urlresolvers import reverse_lazy
LOGIN_URL = reverse_lazy('two_factor:login')

Add the url routes:

urlpatterns = patterns('',
    ...
    url(r'', include('two_factor.urls', 'two_factor')),
)

Be sure to remove any other login routes, otherwise the two-factor authentication might be circumvented. The admin interface should be automatically patched to use the new login method.

Support for YubiKey is disabled by default, but enabling is easy. Please refer to the documentation for instructions.

Contribute

Submit issues to the issue tracker on Github
Fork the source code at Github
Run the tests.
Send a pull request with your changes.
Provide a translation using Transifex.

Running tests

This project aims for full code-coverage, this means that your code should be well-tested. Also test branches for hardened code. You can run the full test suite with:

make test

Or run a specific test with:

make test TARGET=tests.tests.TwilioGatewayTest

For Python compatibility, tox is used. You can run the full test suite with:

tox

Releasing

The following actions are required to push a new version:

python example/manage.py makemigrations two_factor git commit -am “Added migrations”

bumpversion [major|minor|patch] git commit -am “Released [version]” git tag [version] python setup.py sdist bdist_wheel upload

License

The project is licensed under the MIT license.

Project details

These details have been verified by PyPI

Maintainers

bouke jazzband MarkusH moggers87

These details have not been verified by PyPI

Project links

Release history Release notifications | RSS feed

1.17.0

Aug 12, 2024

1.16.0

Feb 3, 2024

1.15.5

Sep 22, 2023

1.15.4

Aug 14, 2023

1.15.3

Jun 28, 2023

1.15.2

May 6, 2023

1.15.1

Feb 26, 2023

1.15.0

Jan 18, 2023

1.14.0

Jun 6, 2022

1.13.2

Jan 18, 2022

1.13.1

Apr 1, 2021

1.13

Oct 17, 2020

1.12.1

Jul 8, 2020

1.12

Jul 8, 2020

1.11.0

Mar 13, 2020

1.10.0

Dec 13, 2019

1.9.1

Jul 7, 2019

1.8.0

Aug 3, 2018

1.7.0

Dec 19, 2017

1.6.2

Jul 29, 2017

1.6.1

May 11, 2017

1.6.0

Apr 8, 2017

1.5.0

Jan 4, 2017

1.4.0

Jul 26, 2016

1.3.1

Feb 24, 2016

1.3.0

Jan 5, 2016

1.2.2

Nov 19, 2015

This version

1.2.1

Oct 28, 2015

1.2.0

May 2, 2015

1.1.1

Jan 10, 2015

1.1.0

Jan 7, 2015

1.0.0

Sep 19, 2014

1.0.0-beta3 pre-release

Jun 15, 2014

1.0.0-beta2 pre-release

Jun 4, 2014

1.0.0-beta1 pre-release

Jun 1, 2014

0.5.0

Mar 23, 2014

0.4.0

Jan 30, 2014

0.3.1

Jan 19, 2014

0.3.0

Jan 15, 2014

0.2.3

Jan 3, 2014

0.2.2

Nov 27, 2013

0.2.1

Nov 25, 2013

0.2.0

Nov 20, 2013

0.1.2

Jan 13, 2013

0.1.1

Sep 12, 2012

0.1.0

Sep 12, 2012

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

django-two-factor-auth-1.2.1.tar.gz (64.2 kB view details)

Uploaded Oct 28, 2015 Source

Built Distribution

django_two_factor_auth-1.2.1-py2.py3-none-any.whl (137.4 kB view details)

Uploaded Oct 28, 2015 Python 2 Python 3

File details

Details for the file django-two-factor-auth-1.2.1.tar.gz.

File metadata

Download URL: django-two-factor-auth-1.2.1.tar.gz
Upload date: Oct 28, 2015
Size: 64.2 kB
Tags: Source
Uploaded using Trusted Publishing? No

File hashes

Hashes for django-two-factor-auth-1.2.1.tar.gz
Algorithm	Hash digest
SHA256	`e8ae62cf21d6686dafd45757be41e2f4559acbd403b7d119fd13c444edfbf851`
MD5	`478d526c6f6aeab45115b0a633dc8b37`
BLAKE2b-256	`384cac6528ee38b63256a1960bbac9cfbb3ed6eee04618a4b94d22abd7c31e89`

See more details on using hashes here.

Provenance

File details

Details for the file django_two_factor_auth-1.2.1-py2.py3-none-any.whl.

File metadata

Download URL: django_two_factor_auth-1.2.1-py2.py3-none-any.whl
Upload date: Oct 28, 2015
Size: 137.4 kB
Tags: Python 2, Python 3
Uploaded using Trusted Publishing? No

File hashes

Hashes for django_two_factor_auth-1.2.1-py2.py3-none-any.whl
Algorithm	Hash digest
SHA256	`d05fe1e7df081d9b06786f66de8ce5e0cfa276cef3e1d3f96ba755f361fd26a3`
MD5	`f4d6e631462097971b9d41e9d5b17fa4`
BLAKE2b-256	`a0e03d130004dd2525891a9276565d74e170545a37633ba702cf664b8403540d`