Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/merixstudio/django-trench

django-trench provides a set of REST API endpoints to supplement django-rest-framework with multi-factor authentication (MFA, 2FA). It supports both standard built-in authentication methods, as well as JWT (JSON Web Token).
https://github.com/merixstudio/django-trench

2fa django django-rest-framework python

Last synced: 7 days ago
JSON representation

django-trench provides a set of REST API endpoints to supplement django-rest-framework with multi-factor authentication (MFA, 2FA). It supports both standard built-in authentication methods, as well as JWT (JSON Web Token).

Awesome Lists containing this project

README 

        
=============

django-trench

=============



.. image:: https://cybersecurity-excellence-awards.com/wp-content/uploads/2021/06/badges_2022_Silver.png

   :target: https://cybersecurity-excellence-awards.com/candidates/merixstudio-django-trench-multi-factor-authentication-set/



-----



.. image:: https://github.com/merixstudio/django-trench/actions/workflows/django-package.yml/badge.svg

  :target: https://github.com/merixstudio/django-trench/actions/workflows/django-package.yml



.. image:: https://codecov.io/gh/merixstudio/django-trench/branch/master/graph/badge.svg?token=U4yDiXUDkb

  :target: https://codecov.io/gh/merixstudio/django-trench



.. image:: https://readthedocs.org/projects/django-trench/badge/?version=latest

   :target: https://django-trench.readthedocs.io/en/latest/?badge=latest



.. image:: https://img.shields.io/pypi/v/django-trench

   :target: https://pypi.org/project/django-trench/



| **django-trench** provides a set of REST API endpoints to supplement `django-rest-framework`_ with multi-factor authentication (MFA, 2FA). It supports both standard built-in authentication methods, as well as JWT (JSON Web Token).



| We deliver a couple of sample secondary authentication methods including sending OTP based code by:



* E-mail

* SMS / text

* 3rd party mobile apps

* `YubiKey`_



| Developers can easily add their own authentication backends supporting any communication channel.



Features

********



* Easily pluggable and compatible with `django-rest-framework`_

* Allows user to pick an additional authentication method from range of backends defined by a developer. Read more: `backends`_

* Comes out of a box with email, SMS, mobile apps and YubiKey support



Supported versions

******************



* Python 3.7, 3.8, 3.9, 3.10

* Django 2.0, 2.1, 2.2, 3.0, 3.1, 3.2, 4.0, 4.1

* Django REST Framework 3.10, 3.11, 3.12, 3.13, 3.14



| If you are going to use JWT authentication:



* `djangorestframework-simplejwt`_ >= 4.3.0



Quick Start

***********



1. Install the package using pip:



.. code-block:: python



    pip install django-trench



or add it to your requirements file.



2. Add ``trench`` library to INSTALLED_APPS in your app settings file:



.. code-block:: python



    INSTALLED_APPS = (

        ...,

        'rest_framework',

        'rest_framework.authtoken',  # In case of implementing Token Based Authentication

        ...,

        'trench',

    )



3. Run migrations



| Read further in: `installation`_.



Translation

***********



Trench uses Transifex service to translate our package into other languages.



We will appreciate your help with translation.



https://www.transifex.com/merixstudio/django-trench/dashboard/



.. _backends: https://django-trench.readthedocs.io/en/latest/backends.html

.. _installation: https://django-trench.readthedocs.io/en/latest/installation.html

.. _django-rest-framework: http://www.django-rest-framework.org

.. _djoser: https://github.com/sunscrapers/djoser

.. _django-rest-framework-jwt: https://github.com/GetBlimp/django-rest-framework-jwt

.. _djangorestframework-simplejwt: https://github.com/davesque/django-rest-framework-simplejwt

.. _YubiKey: https://www.yubico.com/



Local development

*****************



1. Clone the repo.



2. Crete virtual environment named e.g. :code:`.venv`:



    .. code-block:: shell



        virtualenv .venv



3. Activate the virtual environment:



    .. code-block:: shell



        source .venv/bin/activate



4. Install dependencies:



    .. code-block:: shell



        pip install black mypy

        pip install -r testproject/requirements.txt



5. Set environment variables:



    .. code-block:: shell



        export PYTHONPATH=./testproject

        export DJANGO_SETTINGS_MODULE=settings

        export SECRET_KEY=YOURsecretGOEShere



6. Create a symbolic link to the :code:`trench/` module inside the :code:`testproject/` directory to emulate the :code:`trench` package being installed.



    .. code-block:: shell



        # make sure you run this command from the root directory of this project

        ln -s $(pwd)/trench/ $(pwd)/testproject/trench



7. Check whether the tests are passing:



    .. code-block:: shell



        pytest --cov=testproject/trench testproject/tests/



Remember - anytime you change something in the :code:`django-trench` source code you need to re-build and re-install

the package (steps 6-7) for the changes to be present during e.g. running the tests.



8. [OPTIONAL] To make the tests run faster you can try to execute them in parallel.

    To do so you need to install the :code:`pytest-xdist` package and run the tests

    with additional parameter of :code:`-n 8` where :code:`8` stands for the number

    of threads that will be spawned for executing the tests. Depending on the machine

    you're using using this tool can speed up the test execution process up to 5 times.



    .. code-block:: shell



        pytest -n 8 --cov=testproject/trench testproject/tests/