Django Rest Framework JWT 2FA
=============================
This package provides a Two Factor Authentication for Django Rest
Framework using JSON Web Tokens. The implementation is based on another
DRF authentication library called drf simple jwt.
Overview
--------
The authentication flow uses two JWT tokens and a verification code (update
of lib drf-jwt-2fa in order to use simple jwt lib):
* First a token called Code Token is requested by providing username and
password. If the username and the password are correct, a random
(7 digit) verification code is generated and sent by e-mail to the
user's e-mail address. This verification code is hashed with the
Django's password hasher and the hash is included to the Code Token.
* After the verification code is received a second token called
Authentication Token can be requested. The request is done by
sending the Code Token and the verification code to another endpoint.
If the token and the code are correct, an authentication token is
returned. This authentication token can be used to authenticate the
following API requests. It is in the same format as the JWT tokens
of the drf simple jwt.
Requirements
------------
* Python 3.4, 3.5, or 3.6
* Django 3.0 or more
* Django Rest Framework
Installation
------------
Install the package from PyPI with::
pip install drf-simple-jwt-2fa
Configuration
-------------
Configure Django Rest Framework to use the provided authentication class
by adding something like this to the settings::
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': [
'drf_simple_jwt_2fa.authentication.Jwt2faAuthentication',
]
'DEFAULT_PERMISSION_CLASSES': [
'rest_framework.permissions.IsAuthenticated',
],
}
Note: Authentication token options can be configured with the
``JWT_AUTH`` configuration item as documented in `REST framework Simple
JWT Auth`.
The URLs for the authentication API endpoints can be configured with
something like this in an `urls.py`::
import drf_simple_jwt_2fa.urls
from django.conf.urls import include, url
urlpatterns = [
url(r'^auth/', include(drf_simple_jwt_2fa.urls, namespace='auth')),
]
or by configuring each view individually::
from django.conf.urls import include, url
from drf_simple_jwt_2fa.views import obtain_auth_token, obtain_code_token
urlpatterns = [
url(r'^get-code-token/', obtain_code_token),
url(r'^get-auth-token/', obtain_auth_token),
]
Additional Settings
-------------------
There are some additional settings that you can override. Here are all the
available settings with their default values::
JWT2FA_AUTH = {
# Length of the verification code (digits)
'CODE_LENGTH': 7,
# Characters used in the verification code
'CODE_CHARACTERS': '0123456789',
# Secret key to use for signing the Code Tokens
'CODE_TOKEN_SECRET_KEY': hash_string('2fa-code-' + settings.SECRET_KEY),
# Secret string to extend the verification code with
'CODE_EXTENSION_SECRET': hash_string('2fa-ext-' + settings.SECRET_KEY),
# How long the code token is valid
'CODE_EXPIRATION_TIME': datetime.timedelta(minutes=5),
# Throttle limit for code token requests from same IP
'CODE_TOKEN_THROTTLE_RATE': '12/3h',
# How much time must pass between verification attempts, i.e. to
# request authentication token with a with the same code token and a
# verification code
'AUTH_TOKEN_RETRY_WAIT_TIME': datetime.timedelta(seconds=2),
# Function that sends the verification code to the user
'CODE_SENDER': 'drf_simple_jwt_2fa.sending.send_verification_code_via_email',
# From Address used by the e-mail sender
'EMAIL_SENDER_FROM_ADDRESS': settings.DEFAULT_FROM_EMAIL,
# Set to this to a (translated) string to override the default
# message subject of the e-mail sender
'EMAIL_SENDER_SUBJECT_OVERRIDE': None,
# Set to this to a (translated) string to override the default
# message body of the e-mail sender
'EMAIL_SENDER_BODY_OVERRIDE': None,
}
Raw data
{
"_id": null,
"home_page": "https://github.com/GauthierSgds/drf-simple-jwt-2fa",
"name": "drf-simple-jwt-2fa",
"maintainer": "Gauthier Segonds",
"docs_url": null,
"requires_python": null,
"maintainer_email": "gauthier.segonds@lugos.fr",
"keywords": "Authentication, Two Factor, Django Rest Framework, JSON Web Token, Simple JWT",
"author": null,
"author_email": null,
"download_url": "https://files.pythonhosted.org/packages/36/3f/cbad26175e22ec5cf39bb7bc77b10ee624c1975d582cad2b688eea96713c/drf-simple-jwt-2fa-1.2.7.tar.gz",
"platform": "any",
"description": "Django Rest Framework JWT 2FA\r\n=============================\r\n\r\nThis package provides a Two Factor Authentication for Django Rest\r\nFramework using JSON Web Tokens. The implementation is based on another\r\nDRF authentication library called drf simple jwt.\r\n\r\nOverview\r\n--------\r\n\r\nThe authentication flow uses two JWT tokens and a verification code (update \r\nof lib drf-jwt-2fa in order to use simple jwt lib):\r\n\r\n* First a token called Code Token is requested by providing username and\r\n password. If the username and the password are correct, a random\r\n (7 digit) verification code is generated and sent by e-mail to the\r\n user's e-mail address. This verification code is hashed with the\r\n Django's password hasher and the hash is included to the Code Token.\r\n\r\n* After the verification code is received a second token called\r\n Authentication Token can be requested. The request is done by\r\n sending the Code Token and the verification code to another endpoint.\r\n If the token and the code are correct, an authentication token is\r\n returned. This authentication token can be used to authenticate the\r\n following API requests. It is in the same format as the JWT tokens\r\n of the drf simple jwt.\r\n\r\nRequirements\r\n------------\r\n\r\n* Python 3.4, 3.5, or 3.6\r\n* Django 3.0 or more\r\n* Django Rest Framework\r\n\r\nInstallation\r\n------------\r\n\r\nInstall the package from PyPI with::\r\n\r\n pip install drf-simple-jwt-2fa\r\n\r\nConfiguration\r\n-------------\r\n\r\nConfigure Django Rest Framework to use the provided authentication class\r\nby adding something like this to the settings::\r\n\r\n REST_FRAMEWORK = {\r\n 'DEFAULT_AUTHENTICATION_CLASSES': [\r\n 'drf_simple_jwt_2fa.authentication.Jwt2faAuthentication',\r\n ]\r\n 'DEFAULT_PERMISSION_CLASSES': [\r\n 'rest_framework.permissions.IsAuthenticated',\r\n ],\r\n }\r\n\r\n\r\nNote: Authentication token options can be configured with the\r\n``JWT_AUTH`` configuration item as documented in `REST framework Simple\r\nJWT Auth`.\r\n\r\n\r\nThe URLs for the authentication API endpoints can be configured with\r\nsomething like this in an `urls.py`::\r\n\r\n import drf_simple_jwt_2fa.urls\r\n from django.conf.urls import include, url\r\n\r\n urlpatterns = [\r\n url(r'^auth/', include(drf_simple_jwt_2fa.urls, namespace='auth')),\r\n ]\r\n\r\nor by configuring each view individually::\r\n\r\n from django.conf.urls import include, url\r\n from drf_simple_jwt_2fa.views import obtain_auth_token, obtain_code_token\r\n\r\n urlpatterns = [\r\n url(r'^get-code-token/', obtain_code_token),\r\n url(r'^get-auth-token/', obtain_auth_token),\r\n ]\r\n\r\nAdditional Settings\r\n-------------------\r\n\r\nThere are some additional settings that you can override. Here are all the\r\navailable settings with their default values::\r\n\r\n JWT2FA_AUTH = {\r\n # Length of the verification code (digits)\r\n 'CODE_LENGTH': 7,\r\n\r\n # Characters used in the verification code\r\n 'CODE_CHARACTERS': '0123456789',\r\n\r\n # Secret key to use for signing the Code Tokens\r\n 'CODE_TOKEN_SECRET_KEY': hash_string('2fa-code-' + settings.SECRET_KEY),\r\n\r\n # Secret string to extend the verification code with\r\n 'CODE_EXTENSION_SECRET': hash_string('2fa-ext-' + settings.SECRET_KEY),\r\n\r\n # How long the code token is valid\r\n 'CODE_EXPIRATION_TIME': datetime.timedelta(minutes=5),\r\n\r\n # Throttle limit for code token requests from same IP\r\n 'CODE_TOKEN_THROTTLE_RATE': '12/3h',\r\n\r\n # How much time must pass between verification attempts, i.e. to\r\n # request authentication token with a with the same code token and a\r\n # verification code\r\n 'AUTH_TOKEN_RETRY_WAIT_TIME': datetime.timedelta(seconds=2),\r\n\r\n # Function that sends the verification code to the user\r\n 'CODE_SENDER': 'drf_simple_jwt_2fa.sending.send_verification_code_via_email',\r\n\r\n # From Address used by the e-mail sender\r\n 'EMAIL_SENDER_FROM_ADDRESS': settings.DEFAULT_FROM_EMAIL,\r\n\r\n # Set to this to a (translated) string to override the default\r\n # message subject of the e-mail sender\r\n 'EMAIL_SENDER_SUBJECT_OVERRIDE': None,\r\n\r\n # Set to this to a (translated) string to override the default\r\n # message body of the e-mail sender\r\n 'EMAIL_SENDER_BODY_OVERRIDE': None,\r\n }\r\n",
"bugtrack_url": null,
"license": "MIT",
"summary": "Django Rest Framework Simple JWT 2FA",
"version": "1.2.7",
"project_urls": {
"Homepage": "https://github.com/GauthierSgds/drf-simple-jwt-2fa"
},
"split_keywords": [
"authentication",
" two factor",
" django rest framework",
" json web token",
" simple jwt"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "363fcbad26175e22ec5cf39bb7bc77b10ee624c1975d582cad2b688eea96713c",
"md5": "decee77659618a874005111b406c7be9",
"sha256": "a1cb2efd72003660744a9a15d826985bacfca157e46dc78522e48cb6b15d81dc"
},
"downloads": -1,
"filename": "drf-simple-jwt-2fa-1.2.7.tar.gz",
"has_sig": false,
"md5_digest": "decee77659618a874005111b406c7be9",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 14968,
"upload_time": "2024-04-10T08:47:04",
"upload_time_iso_8601": "2024-04-10T08:47:04.667727Z",
"url": "https://files.pythonhosted.org/packages/36/3f/cbad26175e22ec5cf39bb7bc77b10ee624c1975d582cad2b688eea96713c/drf-simple-jwt-2fa-1.2.7.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-04-10 08:47:04",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "GauthierSgds",
"github_project": "drf-simple-jwt-2fa",
"github_not_found": true,
"lcname": "drf-simple-jwt-2fa"
}
JSON
