Comments (4)
We are looking into migrating to the 2FA solution in django-allauth. As far as we can tell the only missing feature for us would be a way of requiring 2FA for certain users, which is implemented in django-allauth-2fa.
We made a PR to add this to django-allauth but despite other users also using this feature it was declared out of scope. It is not clear to us what a "clear de facto way of handling" this feature is, but, I think it would be valuable to many people to maintain this feature somewhere, be it in django-allauth, django-allauth-2fa, or somewhere else.
from django-allauth-2fa.
Yeah, I guess an integrated solution will be better (and less maintenance for us, although more for @pennersr).
I suppose we'd need to
- take a look at feature parity between
allauth.mfa
anddjango-allauth-2fa
, and if there is something to add, help with that - come up with a migration path (cc @violuke from pennersr/django-allauth#3420, anything on that front?) β most likely it'll just be a neat management command in
allauth.mfa
. - eventually archive this project.
from django-allauth-2fa.
Copying @pennersr's experimental migration management command here β we have his blessing to use this in this project:
import base64
from allauth.mfa.adapter import get_adapter
from allauth.mfa.models import Authenticator
from django.core.management.base import BaseCommand
from django_otp.plugins.otp_static.models import StaticDevice
from django_otp.plugins.otp_totp.models import TOTPDevice
class Command(BaseCommand):
def handle(self, **options):
adapter = get_adapter()
authenticators = []
for totp in TOTPDevice.objects.filter(confirmed=True).iterator():
recovery_codes = set()
for sdevice in StaticDevice.objects.filter(confirmed=True, user_id=totp.user_id).iterator():
recovery_codes.update(sdevice.token_set.values_list("token", flat=True))
secret = base64.b32encode(bytes.fromhex(totp.key)).decode("ascii")
totp_authenticator = Authenticator(
user_id=totp.user_id,
type=Authenticator.Type.TOTP,
data={"secret": adapter.encrypt(secret)},
)
authenticators.append(totp_authenticator)
authenticators.append(
Authenticator(
user_id=totp.user_id,
type=Authenticator.Type.RECOVERY_CODES,
data={
"migrated_codes": [adapter.encrypt(c) for c in recovery_codes],
},
)
)
Authenticator.objects.bulk_create(authenticators)
from django-allauth-2fa.
Could we provide the above code as the last migration in django-allauth-2fa? I might be missing something and it won't be a feasible way to go.
from django-allauth-2fa.
Related Issues (20)
- Plan for a 1.0 release HOT 8
- Rename main branch to 'main' HOT 2
- Redirect-to-next breaks with certain view classes
- OTP login breaks with subclassed OTPAdapter
- TypeError at /account/two-factor-authenticate - exists again in 0.9 HOT 2
- Join jazzband? HOT 11
- When usinging allauth with email login the login screen does not navigate to totp entry HOT 1
- can someone point how to enable 2FA using email for all users? HOT 1
- Configurable redirect URLs HOT 1
- Not compatible with function-based login view HOT 4
- Disabling 2FA does not work with a backup token HOT 2
- Success social login directing to failed social login page HOT 2
- ALLAUTH_2FA_SETUP_SUCCESS_URL and ALLAUTH_2FA_REMOVE_SUCCESS_URL not used in views
- RestFul api use HOT 1
- Make it possible to disable 2fa without a token.
- Templates are not included in 0.11.0 wheel distribution HOT 1
- Missing dependabot config HOT 3
- When using with the latest version of django-allauth, 2FAΒ is bypassed HOT 5
- user_logged_in signal from Django is executed twice
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from django-allauth-2fa.