diff --git a/CHANGELOG.md b/CHANGELOG.md index 1afe5f2..a810f67 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -11,7 +11,7 @@ ## 2.1.1 * Fixed: FIDO2 version in requirements.txt file. - + ## 2.1.0 * Added Support for Touch ID for Mac OSx and iOS 14 on Safari @@ -26,27 +26,27 @@ * Fixed: __version__ to show correct version ## 2.0.2 - * Added: A missing migration + * Added: A missing migration thnks to @swainn ## 2.0.1 * Fixed: issue in migration between Postgres and SQLite - thnks to @swainn and @willingham + thnks to @swainn and @willingham ## 2.0 * Dropped support to djangp-1.8 and Python 2.7 * Added: never-cache decorator - * Fixes to Make Email Method More Robust + * Fixes to Make Email Method More Robust * Addresses several structure and style issues with TOTP and Email dialogs * Updated to fido2 0.8.1 - + Thanks to @swainn ## v1.9.1 * Fixed: is_authenticated #13 * Fixed: is_anonymous #6 - - thanks to @d3cline, + + thanks to @d3cline, ## v1.7 * Better Error Management diff --git a/EXAMPLE.md b/EXAMPLE.md index b38b93a..bd38a7e 100644 --- a/EXAMPLE.md +++ b/EXAMPLE.md @@ -5,4 +5,4 @@ 1. activate env `source venv/bin/activate` 1. install requirements `pip install -r requirements.txt` 1. migrate `python manage.py migrate` -1. create super user 'python manage.py createsuperuser' \ No newline at end of file +1. create super user 'python manage.py createsuperuser' \ No newline at end of file diff --git a/README.md b/README.md index 7d0401b..369921a 100644 --- a/README.md +++ b/README.md @@ -7,9 +7,9 @@ A Django app that handles MFA, it supports TOTP, U2F, FIDO2 U2F (Web Authn), Ema [![Downloads Count](https://static.pepy.tech/personalized-badge/django-mfa2?period=total&units=international_system&left_color=black&right_color=green&left_text=Downloads)](https://pepy.tech/project/django-mfa2) ### Conda Stats -[![Conda Recipe](https://img.shields.io/badge/recipe-django--mfa2-green.svg)](https://anaconda.org/conda-forge/django-mfa2) -[![Conda Downloads](https://img.shields.io/conda/dn/conda-forge/django-mfa2.svg)](https://anaconda.org/conda-forge/django-mfa2) -[![Conda Version](https://img.shields.io/conda/vn/conda-forge/django-mfa2.svg)](https://anaconda.org/conda-forge/django-mfa2) +[![Conda Recipe](https://img.shields.io/badge/recipe-django--mfa2-green.svg)](https://anaconda.org/conda-forge/django-mfa2) +[![Conda Downloads](https://img.shields.io/conda/dn/conda-forge/django-mfa2.svg)](https://anaconda.org/conda-forge/django-mfa2) +[![Conda Version](https://img.shields.io/conda/vn/conda-forge/django-mfa2.svg)](https://anaconda.org/conda-forge/django-mfa2) Web Authencation API (WebAuthn) is state-of-the art techology that is expected to replace passwords. @@ -40,17 +40,17 @@ Depends on * fido2==0.9.0 # Installation -1. using pip +1. using pip `pip install django-mfa2` -2. Using Conda forge - +2. Using Conda forge + `conda config --add channels conda-forge` - + `conda install django-mfa2` - + For more info, see the conda-forge repo (https://github.com/conda-forge/django-mfa2-feedstock) - + Thanks for [swainn](https://github.com/swainn) for adding package to conda-forge # Usage @@ -65,7 +65,7 @@ Depends on `python manage.py collectstatic` 1. Add the following settings to your file - ```python + ```python MFA_UNALLOWED_METHODS=() # Methods that shouldn't be allowed for the user MFA_LOGIN_CALLBACK="" # A function that should be called by username to login the user in session MFA_RECHECK=True # Allow random rechecking of the user @@ -75,7 +75,7 @@ Depends on MFA_RECHECK_MAX=30 # Maximum in seconds MFA_QUICKLOGIN=True # Allow quick login for returning users by provide only their 2FA MFA_HIDE_DISABLE=('FIDO2',) # Can the user disable his key (Added in 1.2.0). - MFA_OWNED_BY_ENTERPRISE = FALSE # Who owns security keys + MFA_OWNED_BY_ENTERPRISE = FALSE # Who owns security keys TOKEN_ISSUER_NAME="PROJECT_NAME" #TOTP Issuer name @@ -90,7 +90,7 @@ Depends on * TOTP * Trusted_Devices * Email - + **Notes**: * Starting version 1.1, ~~FIDO_LOGIN_URL~~ isn't required for FIDO2 anymore. * Starting version 1.7.0, Key owners can be specified. @@ -99,7 +99,7 @@ Depends on 1. Break your login function Usually your login function will check for username and password, log the user in if the username and password are correct and create the user session, to support mfa, this has to change - + * authenticate the user * if username and password are correct , check if the user has mfa or not * if user has mfa then redirect to mfa page @@ -107,17 +107,17 @@ Depends on ```python def login(request): # this function handles the login form POST - user = auth.authenticate(username=username, password=password) + user = auth.authenticate(username=username, password=password) if user is not None: # if the user object exist from mfa.helpers import has_mfa res = has_mfa(username = username,request=request) # has_mfa returns false or HttpResponseRedirect if res: return res - return log_user_in(request,username=user.username) + return log_user_in(request,username=user.username) #log_user_in is a function that handles creatung user session, it should be in the setting file as MFA_CALLBACK ``` 1. Add mfa to urls.py - ```python + ```python import mfa import mfa.TrustedDevice urls_patterns= [ diff --git a/docs/change_login.md b/docs/change_login.md index d1425e6..ed4d7af 100644 --- a/docs/change_login.md +++ b/docs/change_login.md @@ -3,7 +3,7 @@ ## Break your login function Usually your login function will check for username and password, log the user in if the username and password are correct and create the user session, to support mfa, this has to change - + * authenticate the user * if username and password are correct , check if the user has mfa or not * if user has mfa then redirect to mfa page @@ -11,13 +11,13 @@ Usually your login function will check for username and password, log the user i ```python def login(request): # this function handles the login form POST - user = auth.authenticate(username=username, password=password) + user = auth.authenticate(username=username, password=password) if user is not None: # if the user object exist from mfa.helpers import has_mfa res = has_mfa(username = username,request=request) # has_mfa returns false or HttpResponseRedirect if res: return res - return log_user_in(request,username=user.username) + return log_user_in(request,username=user.username) #log_user_in is a function that handles creatung user session, it should be in the setting file as MFA_CALLBACK ``` diff --git a/docs/installation.md b/docs/installation.md index 0859b72..eb4b098 100644 --- a/docs/installation.md +++ b/docs/installation.md @@ -1,5 +1,5 @@ # Installation & Configuration -1. Install the package +1. Install the package ```sh pip install django-mfa2 ``` @@ -17,27 +17,27 @@ MFA_RECHECK=True # Allow random rechecking of the user MFA_RECHECK_MIN=10 # Minimum interval in seconds MFA_RECHECK_MAX=30 # Maximum in seconds - MFA_QUICKLOGIN=True # Allow quick login for returning users by provide only their 2FA - + MFA_QUICKLOGIN=True # Allow quick login for returning users by provide only their 2FA + TOKEN_ISSUER_NAME="PROJECT_NAME" #TOTP Issuer name - + U2F_APPID="https://localhost" #URL For U2 FIDO_SERVER_ID=u"localehost" # Server rp id for FIDO2, it the full domain of your project FIDO_SERVER_NAME=u"PROJECT_NAME" FIDO_LOGIN_URL=BASE_URL ``` - + **Method Names** * U2F * FIDO2 * TOTP * Trusted_Devices * Email - + **Note**: Starting version 1.1, ~~FIDO_LOGIN_URL~~ isn't required for FIDO2 anymore. - + 1. Add mfa to urls.py - + ```python import mfa import mfa.TrustedDevice diff --git a/mkdocs.yml b/mkdocs.yml index a4f0f2c..9040671 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -2,7 +2,7 @@ site_name: MkLorum nav: - Home: index.md - Installation: installation.md - - Code Changes: change_login.md + - Code Changes: change_login.md theme: readthedocs markdown_extensions: - fenced_code