Comments (3)
Could you add a little bit more background on the use case? Under what circumstances would you want to make use of this?
from django-allauth.
Thanks for the fast reply!
We have an application where 2FA is mandatory for all users. However the administrator of that system should have the ability to disable it for individual users (for various reasons). If the admin disables it and then later enables it again, ideally the user should not go through the setup process again but just use his already configured authenticator app.
At the moment I am hacking around this issue by creating a backup copy of the users Authenticator
on disable and then restore it again on enable. But it would be nicer if this was just a flag in the Authenticator
Up to now I have used the django-two-factor-auth
package for 2FA, which had exactly this feature, but I switched to allauth now because I like your package much better 😀
from django-allauth.
I am really curious what these "for various reasons" are. Could you elaborate there? I think we need to have a good rationale for a feature like this.
Also wondering, how does this affect what the user sees on screen? I get that the user does not see 2FA kicking in when signing in, but if the user visits the 2FA setup and overview screen, what happens then? Does it appear as if no 2FA is enabled, or do they actually see it is setup but disabled?
from django-allauth.
Related Issues (20)
- Regular accounts only HOT 1
- Get id_token for send to the URL logout keycloak
- Initial value for the SignUpForm
- what is `by_id()` replaced with? HOT 1
- Wrong 'da' translation of "Password Reset Email" /locale/da/LC_MESSAGES /django.po HOT 1
- Microsoft provider does not have extract_email_addresses function defined HOT 1
- TikTok provider needed HOT 5
- keep getting error retrieving access token for microsoft oauth and using 0.61.1 HOT 3
- About old version Document. HOT 1
- Password reset from key (email) issue - invalid link - solved HOT 2
- typo in `authentication_required` in headless RESTView HOT 1
- How to use my custom model instead of django user model?
- Closing -- see SOCIALACCOUNT_EMAIL_AUTHENTICATION. HOT 4
- Tests fail if `ACCOUNT_USER_MODEL_USERNAME_FIELD = None` HOT 2
- SAML username is generic HOT 4
- Doesn't support Android Credential Manager for Google login from Android HOT 4
- Does the MFA feature in django-allauth support FIDO passkeys? Or FIDO is simply handled by the chosen provider? HOT 1
- Is allauth open to including an (optional) honeypot field on registration? HOT 3
- Facebook Graph API v14 support HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from django-allauth.