Reputation: 1089
Django Two Factor Authentication Setup
I recently asked a question about Django Two Factor authentication here...Django Two Factor Authentication. Based on the feedback I received I am trying to deploy it in my project. I have read the basic installation instructions, but I can't quite figure out how to get it to work in my project...
I have installed it via...
pip install django-two-factor-auth
Then I added it to my settings.py file...
INSTALLED_APPS = (
...
'django_otp',
'django_otp.plugins.otp_static',
'django_otp.plugins.otp_totp',
'two_factor',
)
And I have added it to my settings.py file...
from django.core.urlresolvers import reverse_lazy
LOGIN_URL = reverse_lazy('two_factor:login')
# this one is optional
LOGIN_REDIRECT_URL = reverse_lazy('two_factor:profile')
And I have added it to my urls.py file...
urlpatterns = patterns(
'',
url(r'', include('two_factor.urls', 'two_factor')),
...
)
I was using the LoginView from from django.contrib.auth.views via the following import...
from django.contrib.auth.views import LoginView
I since have changed it to subclass LoginView from two_factor as shown below:
from two_factor.views import LoginView
Then I set up a two_factor/_base.html file in my project directory...
But when I enter the initial credentials of username and password, I get the following message...
SuspiciousOperation at /project/login/
ManagementForm data is missing or has been tampered.
I'm not sure if any more detailed instructions are available...but I've followed what was there and can't seem to figure out how to get this up and going...
For the record, I'm trying to figure out how to incorporate the two factor authentication at the time the user logs in, and then they have to enter a pin number as an example. I'm also trying to force the user at registration time to set this up as a mandatory login method. I realize now that the LoginView that I'm using is incorrect. I need to figure out how to get this properly set up when the user initially registers.
Not sure where to go next with this. Thanks in advance for any thoughts.
Upvotes: 2
Views: 1898
Answers (1)
Reputation: 1089
After a lot of trial and error...I figured out that I needed to update my settings.py file to account for the fake gateways and I needed to incorporate the logging code to turn on the information messages...
Here is the link to the page that I referenced...
https://django-two-factor-auth.readthedocs.io/en/stable/configuration.html
Once I added the code below to my settings.py file...I was able to get 2FA up and running...
TWO_FACTOR_CALL_GATEWAY = 'two_factor.gateways.fake.Fake'
TWO_FACTOR_SMS_GATEWAY = 'two_factor.gateways.fake.Fake'
LOGGING = {
'version': 1,
'disable_existing_loggers': False,
'handlers': {
'console': {
'level': 'DEBUG',
'class': 'logging.StreamHandler',
},
},
'loggers': {
'two_factor': {
'handlers': ['console'],
'level': 'INFO',
}
}
}
Upvotes: 1
Related Questions
- Adding two factor authentication in Django/Django Rest
- Django register users
- Django Authentication system modifications
- two factor authentication on django
- Django Two Factor Authentication
- Django 2 Login Registration
- Using the django authentication system
- Django Authentication process
- Django-registration & Django-Socialauth
- Django authentication