Skip to content
/ django_tfa Public

Two factor authentication support for Django projects (Time based tokens)

2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

lusentis/django_tfa

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

17 Commits
sample
sample
 
 
twofactor
twofactor
 
 
.gitignore
.gitignore
 
 
MANIFEST
MANIFEST
 
 
README.md
README.md
 
 
setup.py
setup.py
 
 

Repository files navigation

Two factor authentication for Django projects

Django_tfa (twofactor) is a Django app that implements Two-Factor authentication based on Django's contrib.auth.

One Time Tokens are generated using Tomasz's onetimepass (https://github.com/tadeck/onetimepass). This module is already included in this distribution (file: otp.py). Django_tfa uses TOTPs (Time-based One Time Passwords) with base32 encoded secrets. It's fully compatible with Google Authenticator (download from http://code.google.com/p/google-authenticator/) and maybe other apps.

Prerequisites

  • Django 1.3+
  • South (optional), install with easy_install south

Installation

Devel:

git clone git://github.com/lusentis/django_tfa.git
sudo python setup.py install

Stable:

sudo easy_install django_tfa

Setup

  1. Add twofactor to your INSTALLED_APPS list.

    INSTALLED_APPS = ( ... 'twofactor', ... )

  2. Sync database (optional: use south)

    # no south:
    ./manage.py syncdb

    # south (recomended):
    ./manage.py schemamigration --initial twofactor
    ./manage.py syncdb
    ./manage.py migrate
  1. Add some settings (optional, defaults are shown)
    from twofactor.callbacks import everyone_must_have_otp
    TWOFACTOR_ENABLED_CALLBACK = everyone_must_have_otp
    TWOFACTOR_ENABLE_AT_FIRST_LOGIN = True
    TWOFACTOR_TOKEN_LENGTH = 32

  1. Add login and logout templates (the same you use with contrib.auth)

  2. Add twofactor urls to your root urls.py

    url(r'^login/$', 'twofactor.views.login_view', {'template_name':'login.html'}, 
        name='login'),
    url(r'^login/tfa$', 'twofactor.views.login_twofactor', {'template_name':'login_twofactor.html'}, 
        name='login_twofactor'),
    url(r'^login/tfa/enable$', 'twofactor.views.twofactor_enable', 
        name='login_twofactor_enable'),

You need to replace your existing /login/ url from django.contrib.auth.

  1. Add some users from Django admin or ./manage.py shell

Bugs

  • Post-login redirect is not handled correctly, so you should have a urlpattern named "home" that is where you want to be reidrected after the login.

  • Putting twofactor's urls in a separate file (eg: twofactor.urls) breaks the urlconf reverse function... why?

Sample

Clone this repo and run:

./manage.py syncdb
./manage.py runserver

and point your browser to http://localhost:8000

About

Two factor authentication support for Django projects (Time based tokens)

Resources

Readme
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages