cookiecutter-django
cookiecutter-django copied to clipboard
cookiecutter
Add new Phone number based authentication backend?
Description
Build on top of Django Allauth, a mobile-based authentication backend starting with Twilio.
Rationale
Everyone has mobiles these days and a whole lot more people in developing countries own phones than desktops. For such mobile users, a Phone number is the only thing they have in common. Most don't have emails and probably will never have one. The only way to reach such people would be to create a Phone number based authentication backend.
Use case(s) / visualization(s)
A person who wants to login into a mobile website can simply receive a One Time Password on their phone number and once they enter it correctly they get signed up and an associated user is created for them in the backend.
I completely agree, @arnav13081994. This consideration will definitely be in my next project build. Thanks for the issue.
I'm glad to hear that. I'll try to hack Django All auth's backend and see if I can add phone number as another authentication method.
A dirty way would be to create another model "Phone number" and link it to the users model and basically, whenever the user enters their number to log in, the backend actually gets their email or username and uses that to authenticate?
This way I'm guessing all existing functionality of All Auth can be preserved and shouldn't be a lot of work either.
What do you think @Afrowave?
I did the dirty hack you are talking about in a previous project. What happens now is that the phone is either used for 2FA or it is the only way to authenticate by SMS.
It would be an interesting addition to Django All Auth. I still have not figured out proper configuration with the current Facebook.
https://www.issms2fasecure.com/
Probably better to offer TOTP auth instead of anything SMS based.
Perhaps considering django-allauth-2fa? https://github.com/valohai/django-allauth-2fa
