django-two-factor-auth
django-two-factor-auth copied to clipboard
Existing Admin Users Cannot Enable 2FA
If you already have existing admin users and then install the django-two-factor-auth package, those already existing admin users cannot enable 2FA. Only new admins that get created with python3 manage.py createsuperuser are able to enable 2FA.
There should be some way to detect this or also have the existing admins be able to enable 2FA.
Hello, just clearing my doubts you are saying that existing admins before d2fa installed are unable to enable 2fa for themselves?
@RitvikDayal
python manage.py createsuperuser
Let's say we create a superuser called 'admin1' from that command
pip install django-two-factor-auth
Then we install django-two-factor-auth
When trying to setup 2FA for superuser 'admin1' you cannot do it.
python manage.py createsuperuser
Now we create superuser 'admin2'
Now we can setup 'admin2' with 2FA without any problems since django-two-factor-auth is installed already before running python manage.py createsuperuser
.
This problem exists in django-otp as well https://github.com/django-otp/django-otp/issues/44. So if someone were to make a PR, you would be killing 2 birds with 1 stone.
Thankyou for the explanation I was looking into something else someway related to this.