dj-rest-auth-mfa


Namedj-rest-auth-mfa JSON
Version 0.0.3 PyPI version JSON
download
home_pagehttps://github.com/oussjarrousse/dj-rest-auth-mfa
SummaryA Django App that adds MFA endpoints to dj-rest-auth
upload_time2025-02-08 19:04:12
maintainerNone
docs_urlNone
authorOussama Jarrousse
requires_python>=3.6
licenseMIT
keywords django rest allauth dj-rest-auth mfa totp 2fa authentication otp
VCS
bugtrack_url
requirements wheel djangorestframework djangorestframework-simplejwt dj-rest-auth django-cors-headers django-allauth django-mfa2 icecream
Travis-CI No Travis.
coveralls test coverage No coveralls.
            # dj-rest-auth-mfa

## Overview

`dj-rest-auth-mfa` is a Django App that is actually a plugin for the `dj-rest-auth`. It adds RESTful API endpoints that adds multifactor authentication (MFA) support to accounts by using the `django-mfa2` package.

## Requirements:

Besides Django, this package depends on the following projects:
- [django-allauth](https://allauth.org/) that provides advanced authentication functionality to the Django framework.
- [django-rest-framework](https://django-rest-framework.org), DRF, that provides an extendible and flexible way to build Web APIs on top of Django
- [dj-rest-auth](https://dj-rest-auth.readthedocs.io/en/latest/introduction.html) provides RESTful API endpoints for the django-allauth using DRF (`django-allauth` does not provide API support out of the box [yet](https://allauth.org/news/2024/04/api-feedback/).)
- [django-mfa2](https://github.com/mkalioby/django-mfa2) which is a Django app that adds supports for TOTP, U2F, FIDO2 U2F (Web Authn), Email Tokens, Trusted Devices, backup codes, and Passkeys. (`django-allauth` only supports TOTP out of the box.)

To use the package effectively, make sure `django-allauth`, `django-rest-framework`, `dj-rest-auth` and `django-mfa2` are installed and configured correctly.

## Installation

To install `dj-rest-auth-mfa` run:

```bash
pip install dj-rest-auth-mfa
```

In the settings.py you should have the following:

```pytest
INSTALLED_APPS = [
    # ...
    "django.contrib.auth",
    "django.contrib.admin",
    "django.contrib.sites",
    # ...
    "corsheaders",
    "rest_framework",
    "rest_framework.authtoken",
    "mfa",  # this is django-mfa2
    "allauth",  # this is django-allauth
    "dj_rest_auth", # this is dj-rest-auth
    "dj_rest_auth_mfa"  # this package
]

# https://docs.djangoproject.com/en/4.2/ref/contrib/sites/
SITE_ID = 1

MIDDLEWARE = [
    "corsheaders.middleware.CorsMiddleware",
    "django.middleware.security.SecurityMiddleware",
    "django.contrib.sessions.middleware.SessionMiddleware",
    "django.middleware.common.CommonMiddleware",
    "django.middleware.csrf.CsrfViewMiddleware",
    "django.contrib.auth.middleware.AuthenticationMiddleware",
    "django.contrib.messages.middleware.MessageMiddleware",
    "django.middleware.clickjacking.XFrameOptionsMiddleware",
    "allauth.account.middleware.AccountMiddleware", # this is important for allauth
]

```

## Configurations:

beside the configurations required by django-allauth and those required by dj-rest-auth, 
and the configurations necessary for django-mfa2, there are the following configurations that should be defined in the django settings.py file:

```python
RECOVERY_ITERATION = 720000   # this is the recommended value for hashing iterations
MFA_MANDATORY = False
MFA_ADAPTER_CLASS = "dj_rest_auth_mfa.adapters.DjangoMFA2Adapter"
MFA_GRACE_WINDOW_DAYS = 7
```

## Features

Currently only the following methods are supported

```python
MFA_UNALLOWED_METHODS = [
  "RECOVERY",
  "TOTP
]
```

## Integration

Ones installed and configured, the package provides the following API nodes:

```
/totp/
/totp/setup
/totp/verify

/recovery/
/recovery/setup
/recovery/verify
```

## Contributing
Contributions to this project are welcomed! The Contributing Guide is still under construction.

When creating a pull request make sure to use the following template:

```
Change Summary
 - item one
 - item two
Related issue number
 - issue a
 - issue b
Checklist
  [ ] code is ready
  [ ] add tests
  [ ] all tests passing
  [ ] test coverage did not drop
  [ ] PR is ready for review
```

## License
dj-rest-auth-saml is licensed under the MIT License - see the LICENSE file for details.

            

Raw data

            {
    "_id": null,
    "home_page": "https://github.com/oussjarrousse/dj-rest-auth-mfa",
    "name": "dj-rest-auth-mfa",
    "maintainer": null,
    "docs_url": null,
    "requires_python": ">=3.6",
    "maintainer_email": null,
    "keywords": "Django REST allauth dj-rest-auth mfa totp 2fa authentication otp",
    "author": "Oussama Jarrousse",
    "author_email": "oussama@jarrousse.org",
    "download_url": "https://files.pythonhosted.org/packages/80/4d/faa7820c8979c91f051a4ed44b83cdd955e6eb178c3a14c48a3a5accc09c/dj_rest_auth_mfa-0.0.3.tar.gz",
    "platform": "any",
    "description": "# dj-rest-auth-mfa\n\n## Overview\n\n`dj-rest-auth-mfa` is a Django App that is actually a plugin for the `dj-rest-auth`. It adds RESTful API endpoints that adds multifactor authentication (MFA) support to accounts by using the `django-mfa2` package.\n\n## Requirements:\n\nBesides Django, this package depends on the following projects:\n- [django-allauth](https://allauth.org/) that provides advanced authentication functionality to the Django framework.\n- [django-rest-framework](https://django-rest-framework.org), DRF, that provides an extendible and flexible way to build Web APIs on top of Django\n- [dj-rest-auth](https://dj-rest-auth.readthedocs.io/en/latest/introduction.html) provides RESTful API endpoints for the django-allauth using DRF (`django-allauth` does not provide API support out of the box [yet](https://allauth.org/news/2024/04/api-feedback/).)\n- [django-mfa2](https://github.com/mkalioby/django-mfa2) which is a Django app that adds supports for TOTP, U2F, FIDO2 U2F (Web Authn), Email Tokens, Trusted Devices, backup codes, and Passkeys. (`django-allauth` only supports TOTP out of the box.)\n\nTo use the package effectively, make sure `django-allauth`, `django-rest-framework`, `dj-rest-auth` and `django-mfa2` are installed and configured correctly.\n\n## Installation\n\nTo install `dj-rest-auth-mfa` run:\n\n```bash\npip install dj-rest-auth-mfa\n```\n\nIn the settings.py you should have the following:\n\n```pytest\nINSTALLED_APPS = [\n    # ...\n    \"django.contrib.auth\",\n    \"django.contrib.admin\",\n    \"django.contrib.sites\",\n    # ...\n    \"corsheaders\",\n    \"rest_framework\",\n    \"rest_framework.authtoken\",\n    \"mfa\",  # this is django-mfa2\n    \"allauth\",  # this is django-allauth\n    \"dj_rest_auth\", # this is dj-rest-auth\n    \"dj_rest_auth_mfa\"  # this package\n]\n\n# https://docs.djangoproject.com/en/4.2/ref/contrib/sites/\nSITE_ID = 1\n\nMIDDLEWARE = [\n    \"corsheaders.middleware.CorsMiddleware\",\n    \"django.middleware.security.SecurityMiddleware\",\n    \"django.contrib.sessions.middleware.SessionMiddleware\",\n    \"django.middleware.common.CommonMiddleware\",\n    \"django.middleware.csrf.CsrfViewMiddleware\",\n    \"django.contrib.auth.middleware.AuthenticationMiddleware\",\n    \"django.contrib.messages.middleware.MessageMiddleware\",\n    \"django.middleware.clickjacking.XFrameOptionsMiddleware\",\n    \"allauth.account.middleware.AccountMiddleware\", # this is important for allauth\n]\n\n```\n\n## Configurations:\n\nbeside the configurations required by django-allauth and those required by dj-rest-auth, \nand the configurations necessary for django-mfa2, there are the following configurations that should be defined in the django settings.py file:\n\n```python\nRECOVERY_ITERATION = 720000   # this is the recommended value for hashing iterations\nMFA_MANDATORY = False\nMFA_ADAPTER_CLASS = \"dj_rest_auth_mfa.adapters.DjangoMFA2Adapter\"\nMFA_GRACE_WINDOW_DAYS = 7\n```\n\n## Features\n\nCurrently only the following methods are supported\n\n```python\nMFA_UNALLOWED_METHODS = [\n  \"RECOVERY\",\n  \"TOTP\n]\n```\n\n## Integration\n\nOnes installed and configured, the package provides the following API nodes:\n\n```\n/totp/\n/totp/setup\n/totp/verify\n\n/recovery/\n/recovery/setup\n/recovery/verify\n```\n\n## Contributing\nContributions to this project are welcomed! The Contributing Guide is still under construction.\n\nWhen creating a pull request make sure to use the following template:\n\n```\nChange Summary\n - item one\n - item two\nRelated issue number\n - issue a\n - issue b\nChecklist\n  [ ] code is ready\n  [ ] add tests\n  [ ] all tests passing\n  [ ] test coverage did not drop\n  [ ] PR is ready for review\n```\n\n## License\ndj-rest-auth-saml is licensed under the MIT License - see the LICENSE file for details.\n",
    "bugtrack_url": null,
    "license": "MIT",
    "summary": "A Django App that adds MFA endpoints to dj-rest-auth",
    "version": "0.0.3",
    "project_urls": {
        "Homepage": "https://github.com/oussjarrousse/dj-rest-auth-mfa",
        "Source": "https://github.com/oussjarrousse/dj-rest-auth-mfa/",
        "Tracker": "https://github.com/oussjarrousse/dj-rest-auth-mfa/issues"
    },
    "split_keywords": [
        "django",
        "rest",
        "allauth",
        "dj-rest-auth",
        "mfa",
        "totp",
        "2fa",
        "authentication",
        "otp"
    ],
    "urls": [
        {
            "comment_text": null,
            "digests": {
                "blake2b_256": "f9e446041594dd9fdabc2cf60556b8df7fef2840827dd7bb33d60801a4139f99",
                "md5": "32495cdabd84a09879af6cad9c4a63b0",
                "sha256": "f27327fcd927b2500fcaba6f6e077499e6e49186970bdf502504dcedbac3aba3"
            },
            "downloads": -1,
            "filename": "dj_rest_auth_mfa-0.0.3-py3-none-any.whl",
            "has_sig": false,
            "md5_digest": "32495cdabd84a09879af6cad9c4a63b0",
            "packagetype": "bdist_wheel",
            "python_version": "py3",
            "requires_python": ">=3.6",
            "size": 16223,
            "upload_time": "2025-02-08T19:04:10",
            "upload_time_iso_8601": "2025-02-08T19:04:10.635321Z",
            "url": "https://files.pythonhosted.org/packages/f9/e4/46041594dd9fdabc2cf60556b8df7fef2840827dd7bb33d60801a4139f99/dj_rest_auth_mfa-0.0.3-py3-none-any.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": null,
            "digests": {
                "blake2b_256": "804dfaa7820c8979c91f051a4ed44b83cdd955e6eb178c3a14c48a3a5accc09c",
                "md5": "01c2e919a6df06f225a4989085451c8d",
                "sha256": "8bde00f66f7314c00779ecefb33969eef3edac89ba96abf4f2a50ff0c83b134e"
            },
            "downloads": -1,
            "filename": "dj_rest_auth_mfa-0.0.3.tar.gz",
            "has_sig": false,
            "md5_digest": "01c2e919a6df06f225a4989085451c8d",
            "packagetype": "sdist",
            "python_version": "source",
            "requires_python": ">=3.6",
            "size": 21711,
            "upload_time": "2025-02-08T19:04:12",
            "upload_time_iso_8601": "2025-02-08T19:04:12.680668Z",
            "url": "https://files.pythonhosted.org/packages/80/4d/faa7820c8979c91f051a4ed44b83cdd955e6eb178c3a14c48a3a5accc09c/dj_rest_auth_mfa-0.0.3.tar.gz",
            "yanked": false,
            "yanked_reason": null
        }
    ],
    "upload_time": "2025-02-08 19:04:12",
    "github": true,
    "gitlab": false,
    "bitbucket": false,
    "codeberg": false,
    "github_user": "oussjarrousse",
    "github_project": "dj-rest-auth-mfa",
    "travis_ci": false,
    "coveralls": false,
    "github_actions": false,
    "requirements": [
        {
            "name": "wheel",
            "specs": []
        },
        {
            "name": "djangorestframework",
            "specs": [
                [
                    ">=",
                    "3.14.0"
                ]
            ]
        },
        {
            "name": "djangorestframework-simplejwt",
            "specs": []
        },
        {
            "name": "dj-rest-auth",
            "specs": []
        },
        {
            "name": "django-cors-headers",
            "specs": []
        },
        {
            "name": "django-allauth",
            "specs": [
                [
                    "==",
                    "0.57.0"
                ]
            ]
        },
        {
            "name": "django-mfa2",
            "specs": []
        },
        {
            "name": "icecream",
            "specs": []
        }
    ],
    "tox": true,
    "lcname": "dj-rest-auth-mfa"
}
        
Elapsed time: 1.46162s