Skip to content
Authentication backend for django that uses a one time code instead of passwords
Python HTML
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.circleci
docs
nopassword
tests
.coveragerc
.gitignore
LICENSE
MANIFEST.in
README.md
manage.py
requirements.txt
runtests.py
setup.cfg
setup.py
tox.ini

README.md

django-nopassword

CircleCI

Authentication backend for django that uses a one time code instead of passwords.

This project was originally inspired by Is it time for password-less login? by Ben Brown

Installation

Run this command to install django-nopassword

pip install django-nopassword

Requirements

Django >= 1.11 (custom user is supported)

Usage

Add the app to installed apps

INSTALLED_APPS = (
    ...
    'nopassword',
    ...
)

Add the authentication backend EmailBackend

AUTHENTICATION_BACKENDS = (
    # Needed to login by username in Django admin, regardless of `nopassword`
    'django.contrib.auth.backends.ModelBackend',

    # Send login codes via email
    'nopassword.backends.email.EmailBackend',
)

Add urls to your urls.py

urlpatterns = patterns('',
    ...
    url(r'^accounts/', include('nopassword.urls')),
    ...
)

REST API

To use the REST API, djangorestframework must be installed

pip install djangorestframework

Add rest framework to installed apps

INSTALLED_APPS = (
    ...
    'rest_framework',
    'rest_framework.authtoken',
    'nopassword',
    ...
)

Add TokenAuthentication to default authentication classes

REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': (
        'rest_framework.authentication.TokenAuthentication',
    )
}

Add urls to your urls.py

urlpatterns = patterns('',
    ...
    url(r'^api/accounts/', include('nopassword.rest.urls')),
    ...
)

You will have the following endpoints available:

  • /api/accounts/login/ (POST)
    • username
    • next (optional, will be returned in /api/accounts/login/code/ to be handled by the frontend)
    • Sends a login code to the user
  • /api/accounts/login/code/ (POST)
    • code
    • Returns key (authentication token) and next (provided by /api/accounts/login/)
  • /api/accounts/logout/ (POST)
    • Performs logout

Settings

Information about the available settings can be found in the docs

Tests

Run with python setup.py test.


MIT © Rolf Erik Lekang

You can’t perform that action at this time.