{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 Evening l夕情丶 的问题《Django Two Factor Authentication》','https://www.manongdao.com/q-1054983.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I have recently been reading through the documentation about django-two-factor-authentication which I found here : https://django-two-factor-auth.readthedocs.io/en/stable/installation.html The documentation is great. However, I'm trying to understand the full requirements for this solution. If I implement this package, do I then need to rely on a third party to complete this solution or can two factor authentication be achieved without a third party? My primary concern is the cost associated with plugging in to third parties. If it can be avoided, obviously I'd prefer free. If it can't be avoided, does anyone have experience with any of the third party providers offering two factor authentication? I've researched Twillio a bit but I know there are others out there who perform this service as well. Thanks in advance for any input.
相关问题
- Django __str__ returned non-string (type NoneType)
- Django & Amazon SES SMTP. Cannot send email
- Django check user group permissions
- Django restrict pages to certain users
- UnicodeEncodeError with attach_file on EmailMessag
相关文章
- TypeError: 'BaseQuery' object is not calla
- Profiling Django with PyCharm
- Why doesn't Django enforce my unique_together
- MultiValueDictKeyError in Django admin
- Django/Heroku: FATAL: too many connections for rol
- Serialise choice text for IntegerField with choice
- Django is sooo slow? errno 32 broken pipe? dcramer
- Django: Replacement for the default ManyToMany Wid
Steve, you can implement two factor authentication in django without the use of a paid 3rd party.
You can do it by implementing the pyOTP library directly, and then having the user use the Google Authenticator app. Since it is all math there are no third party services when the code is generated or validated.
I have implemented this on a django website before. It involves setting up a OTP secret, verifying it. Then each time an auth is needed, generating the QR code for them to scan using a provisioning URI, then combining the 2FA verification with your auth. All of those steps can be done using the pyOTP library alone. (I also used the pyqrcode library to generate the scannable qr code)
If you search you can probably find some examples of people who have already built out these smaller steps in bigger libraries, like this one.
If you wanted to offer SMS based 2FA you would need to look at using Twilio. But that is perhaps a feature and not necessary.
Two-factor can work not only through SMS messages. It can be also implemented by using for example:
This package supports all of those methods and even more. You can choose any of them, so there is no need to rely on a paid 3rd party SMS provider.