django-trench icon indicating copy to clipboard operation
django-trench copied to clipboard
verified publisher icon merixstudio

:sparkles: Adds HOTP MFA code support

Open nefrob opened this issue 2 years ago • 2 comments

Resolves #204. ~~Resolves #205.~~

Adds support for counter based 2fa codes for all 2fa methods except app/yubi key.

  • HOTP codes are guaranteed to be unique by incrementing a counter each time a code is generated
  • Consequently generating a new code invalidates the previously generated code
  • Storing a timestamp on code generation allows us to use validity windows
  • Clearing the timestamp on successful verify invalidates the current code so it can't be used again

To switch to HOTP based codes simply override the default message dispatcher used in the trench settings.

Action Items:

  • [x] Correctly generate migrations? I ran python manage.py makemigrations from inside the test project
  • ~~Regenerate documentation?~~

nefrob avatar Feb 01 '23 06:02 nefrob

Hi, Very interesting PR, do you need any help to get this merged ? Thanks.

izimobil avatar Jun 14 '24 10:06 izimobil

@izimobil someone with merge access on this repo would have to do it. It's been a while since I've looked at this PR/repo though so it might need some updates before then as well.

You can always fork this repo and merge this PR there if you need these changes.

nefrob avatar Jun 14 '24 14:06 nefrob