-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.19 (Darwin)
iQIcBAEBAgAGBQJR0lZhAAoJENfXJ2LQ+g52N1kP/1mNMfWIQctWwNc9PRKFM01j
QtKmmNjKZv6wvbfNrVrLCqqQlpDWgLlYqG8hG34oaWPbVHmLnEupFgvETVgr7lw8
Ol3HvWK4rzLVyyAzGDvovmQTPDGqUuC4OnrS+3j+5YDdRvhD6q9Or2ZPkLep4VbA
mI5p84TpfLRFjNULfAm8u1Toq7y12FKP2/jJ3e+Y8MgNx6drfwbhfqC1cm3EHjIJ
uWb7oyDo1pOvRak7LBqXE8AVNuQMtVLVIA+oY+RMdY3C5eCgKP8TEtGZUqoxyIZk
0eXtvzi+obSJH/lM0rqIvQVWAL/rQ9KUA+bXxmucyKnt+ktTSfbFGkE0aRxn+r2q
Dq0R8TXWm0xCqi2/QRAK6W0DrAQmZd9XrvijbtikKpSLtY6QLtxSkzrKiiCkFmjd
ZzhCZpbvyUv6ZLRv9LdZyDzTeR2icxNIQCxtK/W0hatnPe4gXp9nBTMydNj+54nU
tt06akiqcNK24AM/PF4fcPEgXAU9OUczC+LjGxYXByJTXNL14nz4YT81Ljgnu71W
+dDsP9goF12vcov7xFmmiSWIDVgXu3UH61v1OvAoscPYTm7I1yuNGr4Wd4lI+1Ja
0ce4BjCrNlMYpx6to5cDHvTwH9DS5hFCrk05zz2tXwKgwdShnDCiYsUay/07wye0
1+by4mPdGcVY0Q8CkUKG
=FG74
-----END PGP SIGNATURE-----
Thanks, I'm glad you like it. I can look into some kind of demo, although Authenticator support is pretty simple. The documentation already links to Google's URI scheme[1], which has all of the details. All you have to do is create a TOTP or HOTP device (usually the former), encode the key with base32, build a URI as documented, and render a QR code for the user to scan. Alternatively, the user can also type the base32-encoded key in manually.
[1] http://code.google.com/p/google-authenticator/wiki/KeyUriFormat
[2] https://pypi.python.org/pypi/qrcode
On Jun 28, 2013, at 10:23 AM, Jason Arnst-Goodrich <goodrichj@gmail.com> wrote:
> I just stumbled on this and it looks absolutely amazing. I do have one request though: can we get a sample project up that uses Google's authenticator (or anything else).
>
> This looks like the best solution for two factor authentication for Django but I don't think many people will know where to start when it comes to using it (myself included).
>
> On Wednesday, September 12, 2012 1:27:26 PM UTC-7, Peter Sagerson wrote:
> I recently released a suite of packages to support two-factor authentication in Django by way of one-time passwords.
>
> The core package is django-otp, which defines the framework and provides all of the shared APIs. Integration is possible at several levels, from low-level APIs (devices_for_user(), match_token(), etc.); to an AuthenticationForm subclass; to a replacement for Django's login view and an OTP-enabled admin site. Other niceties include the otp_required decorator, an analog to login_required. This is not an authentication backend: although it depends on django.contrib.auth for modeling purposes, it operates independently of the normal authentication machinery.
>
> A given user may have zero or more OTP devices against which we can verify a one-time password. The core project includes Django apps that implement common devices such as HOTP and TOTP (compatible with Google Authenticator, among others) and static passwords (typically used as backup codes). The former include standard features such as tolerance and drift. Separately, django-otp-yubikey provides support for YubiKey devices (locally or remotely verified). django-otp-twilio provides support for Twilio's SMS service for delivering codes by SMS. Implementing support for additional mechanisms is as simple as subclassing an abstract model class and implementing a verification method (and optionally a challenge method). Raw implementations of HOTP and TOTP are provided for convenience along with a few other generally useful utility functions.
>
> As a companion to these, I've also released django-agent-trust, which uses Django 1.4's signed key APIs to tag user-agents that the user has identified as trustworthy. In other words, this implements the "This is a private/shared computer" option one often sees on sensitive sites. Features include revocation and expiration (both absolute and by inactivity; globally, per-user, and per-agent). django-otp-agents is a project that glues together django-otp and django-agent-trust to assign trust to user-agents by way of two-factor authentication (one of the most common scenarios, it seems).
>
> Documentation: django-otp, django-otp-yubikey, django-otp-twilio, django-agent-trust, django-otp-agents
> Bitbucket: django-otp, django-agent-trust
>
> As always, the as-is clause in the BSD license isn't kidding. It's early days for these yet and while everything has been carefully documented and unit-tested, not all of the code has had contact with the real world. Feedback is always welcome. The Google group https://groups.google.com/forum/#!forum/django-otp is available for discussion and questions.
>
> Thanks,
> Peter
>
> --
> You received this message because you are subscribed to a topic in the Google Groups "Django users" group.
> To unsubscribe from this topic, visit https://groups.google.com/d/topic/django-users/b47ONAEWFos/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to django-users+unsubscribe@googlegroups.com.
> To post to this group, send email to django-users@googlegroups.com.
> Visit this group at http://groups.google.com/group/django-users.
> For more options, visit https://groups.google.com/groups/opt_out.
>
>
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment