Skip to content

Authentication backend for django that uses a one time code instead of passwords

License

Notifications You must be signed in to change notification settings

TabsterApp/django-nopassword

Folders and files

NameName
Last commit message
Last commit date

Latest commit

author
Lars Hopman
Feb 28, 2023
5677143 · Feb 28, 2023
Sep 14, 2018
Apr 6, 2019
Feb 28, 2023
Jul 1, 2022
Sep 14, 2018
Sep 12, 2019
Jan 13, 2014
Sep 26, 2014
Jul 5, 2022
Apr 6, 2019
Jun 29, 2022
Mar 22, 2015
Jul 29, 2015
Sep 14, 2018
Apr 6, 2019

Repository files navigation

django-nopassword

CircleCI

Authentication backend for django that uses a one time code instead of passwords.

This project was originally inspired by Is it time for password-less login? by Ben Brown

Installation

Run this command to install django-nopassword

pip install django-nopassword

Requirements

Django >= 1.11 (custom user is supported)

Usage

Add the app to installed apps

INSTALLED_APPS = (
    ...
    'nopassword',
    'rest_framework_simplejwt',
    ...
)

Add the authentication backend EmailBackend

AUTHENTICATION_BACKENDS = (
    # Needed to login by username in Django admin, regardless of `nopassword`
    'django.contrib.auth.backends.ModelBackend',

    # Send login codes via email
    'nopassword.backends.email.EmailBackend',
)

Add urls to your urls.py

urlpatterns = patterns('',
    ...
    url(r'^accounts/', include('nopassword.urls')),
    ...
)

REST API

To use the REST API, djangorestframework must be installed

pip install djangorestframework

Add rest framework to installed apps

INSTALLED_APPS = (
    ...
    'rest_framework',
    'rest_framework.authtoken',
    'nopassword',
    ...
)

Add TokenAuthentication to default authentication classes

REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': (
        'rest_framework.authentication.TokenAuthentication',
    )
}

Add urls to your urls.py

urlpatterns = patterns('',
    ...
    url(r'^api/accounts/', include('nopassword.rest.urls')),
    ...
)

You will have the following endpoints available:

  • /api/accounts/login/ (POST)
    • username
    • next (optional, will be returned in /api/accounts/login/code/ to be handled by the frontend)
    • Sends a login code to the user
  • /api/accounts/login/code/ (POST)
    • code
    • Returns key (authentication token) and next (provided by /api/accounts/login/)
  • /api/accounts/logout/ (POST)
    • Performs logout

You will need to implement the endpoint to refresh the token on your application.

Settings

Information about the available settings can be found in the docs

Tests

Run with python setup.py test.


MIT © Rolf Erik Lekang

About

Authentication backend for django that uses a one time code instead of passwords

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Python 98.5%
  • HTML 1.5%