Django Admin Two-Factor Authentication, allows you to login django admin with google authenticator.

Last update: Dec 07, 2022

Overview

Django Admin Two-Factor Authentication

Django Admin Two-Factor Authentication, allows you to login django admin with google authenticator.

Why Django Admin Two-Factor Authentication?

Using google authenticator to login your Django admin.
Used jquery confirm dialog to get code.
Simple interface
Easy integration

How to use it

Download and install last version of Django Admin Two-Factor Authentication:

$ pip install django-admin-two-factor
# or
$ easy_install django-admin-two-factor

Add 'admin_two_factor' application to the INSTALLED_APPS setting of your Django project settings.py file (note it should be before 'django.contrib.admin'):

INSTALLED_APPS = (
'admin_two_factor.apps.TwoStepVerificationConfig',
'django.contrib.admin',
# ...
)

Migrate admin_two_factor:

$ python manage.py migrate admin_two_factor
$ # or
$ python manage.py syncdb

Add ‍‍‍‍ADMIN_TWO_FACTOR_NAME in your settings.py. This value will be displayed in Google Authenticator.

ADMIN_TWO_FACTOR_NAME = 'PROJECT_NAME'

Include the Admin Two Factor URL config in PROJECT_CORE/urls.py:

urlpatterns = [
path('admin/', admin.site.urls),
path('two_factor/', include(('admin_two_factor.urls', 'admin_two_factor'), namespace='two_factor')),
# ...
]

Collect static if you are in production environment:

$ python manage.py collectstatic

Clear your browser cache

Start the app

$ # Set up the database
$ python manage.py makemigrations
$ python manage.py migrate
$
$ # Create the superuser
$ python manage.py createsuperuser
$
$ # Start the application (development mode)
$ python manage.py runserver # default port 8000

Access the admin section in the browser: http://127.0.0.1:8000/

ScreenShoots

User List: the users who have enabled two-factor auth

Add New User:

Scan QRCode and enter the valid code:

Logout and login again with Google Authenticator:

Beihang University Network Authentication Login

北航自动网络认证使用说明主文件 gw_buaa.py # @file gw_buaa.py # @author Dong # @date 2022-01-25 # @email [email protected] # @brief This is a python script to l

0 Jul 22, 2022

Mock authentication API that acceccpts email and password and returns authentication result.

1 Feb 11, 2022

Django CAS 1.0/2.0/3.0 client authentication library, support Django 2.0, 2.1, 2.2, 3.0 and Python 3.5+

django-cas-ng django-cas-ng is Django CAS (Central Authentication Service) 1.0/2.0/3.0 client library to support SSO (Single Sign On) and Single Logou

347 Dec 18, 2022

Login System Using Django

6 Dec 12, 2021

A JSON Web Token authentication plugin for the Django REST Framework.

Simple JWT Abstract Simple JWT is a JSON Web Token authentication plugin for the Django REST Framework. For full documentation, visit django-rest-fram

3.3k Jan 1, 2023

REST implementation of Django authentication system.

djoser REST implementation of Django authentication system. djoser library provides a set of Django Rest Framework views to handle basic actions such

2.2k Jan 1, 2023

Authentication Module for django rest auth

django-rest-knox Authentication Module for django rest auth Knox provides easy to use authentication for Django REST Framework The aim is to allow for

878 Jan 4, 2023

Authentication for Django Rest Framework

Dj-Rest-Auth Drop-in API endpoints for handling authentication securely in Django Rest Framework. Works especially well with SPAs (e.g React, Vue, Ang

1.1k Jan 3, 2023

JSON Web Token Authentication support for Django REST Framework

REST framework JWT Auth Notice This project is currently unmaintained. Check #484 for more details and suggested alternatives. JSON Web Token Authenti

3.2k Dec 31, 2022

Comments

Forbidden (CSRF token from the 'X-Csrftoken' HTTP header has incorrect length.): /two_factor/verification/
Hi

Thank you for your job.

It was working perfectly on my dev environment but not on production. I think the difference is that I am using everything very secure:

SESSION_COOKIE_SECURE="True" SESSION_COOKIE_HTTPONLY="True" CSRF_COOKIE_HTTPONLY="True" SECURE_BROWSER_XSS_FILTER="True" DJANGO_SECURE_SSL_REDIRECT="True" X_FRAME_OPTIONS="DENY"

In the log I get Forbidden (CSRF token from the 'X-Csrftoken' HTTP header has incorrect length.): /two_factor/verification/

When I inspect the request in the browser on the PUT request, in the request header I have : x-csrftoken: undefined

I am not sure but may be this is a way : https://docs.djangoproject.com/fr/4.0/ref/csrf/#setting-the-token-on-the-ajax-request

Also you may add in the documentation to allow PUT request on the webserver for this URL /two_factor/verification/.
opened by pulse-mind 1
(fields.E301) Field defines a relation with the model 'auth.User'

Hello, Please add support for Django custom User model. model.py replace line 8

from django.contrib.auth.models import User

with from django.contrib.auth import get_user_model

line 15 User = get_user_model()

I tested it pass ok with migrate

Im not 100% sure if it fully works like this or need more modifications

opened by residentcode 3

Releases(v0.0.2)

v0.0.2(Oct 12, 2021)

add this package into PyPi
Source code(tar.gz)
Source code(zip)
v0.0.1(Oct 12, 2021)

Two-factor authentication for Django admin. This version only supports the Django main template.
Source code(tar.gz)
Source code(zip)

Owner

Iman Karimi

Experienced web developer with a demonstrated history of working in the web related service and applications industry.

GitHub Repository https://github.com/imankarimi/django-admin-two-factor-auth

Simple Login - Login Extension for Flask - maintainer @cuducos

Login Extension for Flask The simplest way to add login to flask! Top Contributors Add yourself, send a PR! How it works First install it from PyPI. p

181 Jan 01, 2023

Abusing Microsoft 365 OAuth Authorization Flow for Phishing Attack

Microsoft365_devicePhish Abusing Microsoft 365 OAuth Authorization Flow for Phishing Attack This is a simple proof-of-concept script that allows an at

76 Jan 02, 2023

An extension of django rest framework, providing a configurable password reset strategy

Django Rest Password Reset This python package provides a simple password reset strategy for django rest framework, where users can request password r

363 Dec 24, 2022

FastAPI Simple authentication & Login API using GraphQL and JWT

JeffQL A Simple FastAPI authentication & Login API using GraphQL and JWT. I choose this Name JeffQL cause i have a Low level Friend with a Nickname Je

26 Nov 24, 2022

Corsair_scan is a security tool to test Cross-Origin Resource Sharing (CORS).

Welcome to Corsair_scan Corsair_scan is a security tool to test Cross-Origin Resource Sharing (CORS) misconfigurations. CORS is a mechanism that allow

116 Nov 09, 2022

JWT Key Confusion PoC (CVE-2015-9235) Written for the Hack the Box challenge - Under Construction

JWT Key Confusion PoC (CVE-2015-9235) Written for the Hack the Box challenge - Under Construction This script performs a Java Web Token Key Confusion

1 Jan 13, 2022

Complete Two-Factor Authentication for Django providing the easiest integration into most Django projects.

Django Two-Factor Authentication Complete Two-Factor Authentication for Django. Built on top of the one-time password framework django-otp and Django'

1.3k Jan 04, 2023

:couple: Multi-user accounts for Django projects

django-organizations Summary Groups and multi-user account management Author Ben Lopatin (http://benlopatin.com) Status Separate individual user ident

1.1k Jan 09, 2023

Storefront - A store App developed using Django, RESTFul API, JWT

Storefront A store App developed using Django, RESTFul API, JWT. SQLite has been

1 Jan 07, 2022

Toolkit for Pyramid, a Pylons Project, to add Authentication and Authorization using Velruse (OAuth) and/or a local database, CSRF, ReCaptcha, Sessions, Flash messages and I18N

Apex Authentication, Form Library, I18N/L10N, Flash Message Template (not associated with Pyramid, a Pylons project) Uses alchemy Authentication Authe

95 Nov 28, 2022

RSA Cryptography Authentication Proof-of-Concept

RSA Cryptography Authentication Proof-of-Concept This project was a request by Structured Programming lectures in Computer Science college. It runs wi

1 Jan 22, 2022

This script helps you log in to your LMS account and enter the currently running session

This script helps you log in to your LMS account and enter the currently running session, all in a second

5 Sep 01, 2022

Out-of-the-box support register, sign in, email verification and password recovery workflows for websites based on Django and MongoDB

Using djmongoauth What is it? djmongoauth provides out-of-the-box support for basic user management and additional operations including user registrat

3 Oct 21, 2021