django_tfa 0.1

Two factor authentication support for Django projects (Time based tokens)
django_tfa is a Django app that implements Two-Factor authentication based on Django's contrib.auth.

One Time Tokens are generated using Tomasz's onetimepass (https://github.com/tadeck/onetimepass). This module is already included in this distribution (file: otp.py). Django_tfa uses TOTPs (Time-based One Time Passwords) with base32 encoded secrets. It's fully compatible with Google Authenticator (download from http://code.google.com/p/google-authenticator/) and maybe other apps.

Installation

Devel:

git clone git://github.com/lusentis/django_tfa.git
sudo python setup.py install


Stable:

sudo easy_install django_tfa

Setup

1. Add twofactor to your INSTALLED_APPS list.

 INSTALLED_APPS = ( ... 'twofactor', ... )

2. Sync database (optional: use south)

 # no south:
 ./manage.py syncdb

 # south (recomended):
 ./manage.py schemamigration --initial twofactor
 ./manage.py syncdb
 ./manage.py migrate


1. Add some settings (optional, defaults are shown)

 from twofactor.callbacks import everyone_must_have_otp
 TWOFACTOR_ENABLED_CALLBACK = everyone_must_have_otp
 TWOFACTOR_ENABLE_AT_FIRST_LOGIN = True
 TWOFACTOR_TOKEN_LENGTH = 32


1. Add login and logout templates (the same you use with contrib.auth)

2. Add twofactor urls to your root urls.py

 url(r'^login/$', 'twofactor.views.login_view', {'template_name':'login.html'},
 name='login'),
 url(r'^login/tfa$', 'twofactor.views.login_twofactor', {'template_name':'login_twofactor.html'},
 name='login_twofactor'),
 url(r'^login/tfa/enable$', 'twofactor.views.twofactor_enable',
 name='login_twofactor_enable'),


You need to replace your existing /login/ url from django.contrib.auth.

1. Add some users from Django admin or ./manage.py shell

Bugs

- Post-login redirect is not handled correctly, so you should have a urlpattern named "home" that is where you want to be reidrected after the login.

- Putting twofactor's urls in a separate file (eg: twofactor.urls) breaks the urlconf reverse function... why?

Sample


Clone this repo and run:

./manage.py syncdb
./manage.py runserver


and point your browser to http://localhost:8000

last updated on:
January 6th, 2012, 4:22 GMT
price:
FREE!
homepage:
github.com
license type:
GPL (GNU General Public License) 
developed by:
Simone Lusenti
category:
ROOT \ Internet \ HTTP (WWW)
django_tfa
Download Button

In a hurry? Add it to your Download Basket!

user rating

UNRATED
0.0/5
 

0/5

Rate it!

Add your review!

SUBMIT