Code Monkey home page Code Monkey logo

Comments (4)

jmsmkn avatar jmsmkn commented on July 25, 2024 3

We are looking into migrating to the 2FA solution in django-allauth. As far as we can tell the only missing feature for us would be a way of requiring 2FA for certain users, which is implemented in django-allauth-2fa.

We made a PR to add this to django-allauth but despite other users also using this feature it was declared out of scope. It is not clear to us what a "clear de facto way of handling" this feature is, but, I think it would be valuable to many people to maintain this feature somewhere, be it in django-allauth, django-allauth-2fa, or somewhere else.

from django-allauth-2fa.

akx avatar akx commented on July 25, 2024 1

Yeah, I guess an integrated solution will be better (and less maintenance for us, although more for @pennersr).

I suppose we'd need to

  • take a look at feature parity between allauth.mfa and django-allauth-2fa, and if there is something to add, help with that
  • come up with a migration path (cc @violuke from pennersr/django-allauth#3420, anything on that front?) – most likely it'll just be a neat management command in allauth.mfa.
  • eventually archive this project.

from django-allauth-2fa.

akx avatar akx commented on July 25, 2024 1

Copying @pennersr's experimental migration management command here – we have his blessing to use this in this project:

import base64

from allauth.mfa.adapter import get_adapter
from allauth.mfa.models import Authenticator
from django.core.management.base import BaseCommand
from django_otp.plugins.otp_static.models import StaticDevice
from django_otp.plugins.otp_totp.models import TOTPDevice


class Command(BaseCommand):
    def handle(self, **options):
        adapter = get_adapter()
        authenticators = []
        for totp in TOTPDevice.objects.filter(confirmed=True).iterator():
            recovery_codes = set()
            for sdevice in StaticDevice.objects.filter(confirmed=True, user_id=totp.user_id).iterator():
                recovery_codes.update(sdevice.token_set.values_list("token", flat=True))
            secret = base64.b32encode(bytes.fromhex(totp.key)).decode("ascii")
            totp_authenticator = Authenticator(
                user_id=totp.user_id,
                type=Authenticator.Type.TOTP,
                data={"secret": adapter.encrypt(secret)},
            )
            authenticators.append(totp_authenticator)
            authenticators.append(
                Authenticator(
                    user_id=totp.user_id,
                    type=Authenticator.Type.RECOVERY_CODES,
                    data={
                        "migrated_codes": [adapter.encrypt(c) for c in recovery_codes],
                    },
                )
            )
        Authenticator.objects.bulk_create(authenticators)

from django-allauth-2fa.

valberg avatar valberg commented on July 25, 2024

Could we provide the above code as the last migration in django-allauth-2fa? I might be missing something and it won't be a feasible way to go.

from django-allauth-2fa.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    πŸ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. πŸ“ŠπŸ“ˆπŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❀️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.