Metadata-Version: 2.0
Name: django-duo-auth
Version: 0.1.2
Summary: A Django middleware that adds 2-factor authentication via Duo.
Home-page: https://github.com/Elemnir/django-duo-auth
Author: Adam Howard
Author-email: ahoward0920@gmail.com
License: BSD 3-clause
Platform: UNKNOWN
Classifier: Environment :: Web Environment
Classifier: Framework :: Django
Classifier: Framework :: Django :: 2.2
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: BSD License
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.6
Classifier: Programming Language :: Python :: 3.7
Classifier: Programming Language :: Python :: 3.8
Classifier: Topic :: Internet :: WWW/HTTP
Classifier: Topic :: Internet :: WWW/HTTP :: Dynamic Content
Requires-Dist: duo-web

=================
 Django-Duo-Auth
=================

A Django middleware that adds 2-factor authentication via Duo.

``django-duo-auth`` is designed to be easily integrated into an existing Django project to quickly add 2-factor authentication. It supports one or more Duo applications and uses the configured ``AUTHENTICATION_BACKENDS`` to select which users it should authenticate under which circumstance.

--------------
 Installation
--------------

``django-duo-auth`` can be installed from PyPI, and only depends on ``duo-web``.

::

    ?> pip install django-duo-auth

---------------
 Configuration
---------------

To enable Duo authentication, first add the following to ``settings.py``::

    # Add duo_auth to the list of installed apps
    INSTALLED_APPS = [
        # ...
        'duo_auth',
    ]

    # The DuoAuthMiddleware requires and must come after the SessionMiddleware
    # and AuthenticationMiddleware
    MIDDLEWARE = [
        # ...
        'duo_auth.middleware.DuoAuthMiddleware',
    ]

    DUO_CONFIG = {
        'DEFAULT': {
            'HOST': '<api-host-url>',
            'IKEY': '<integration_key>',
            'AKEY': '<app_secret_key>',
            'SKEY': '<secret_key>',
            'FIRST_STAGE_BACKENDS': [
                'django.contrib.auth.backends.ModelBackend',
            ]
        }
    }

Then include the URLs in ``urls.py``::

    from django.urls import path, include

    urlpatterns = [
        # ...
        path('duo/',  include('duo_auth.urls')),
    ]


----------------------
 First Stage Backends
----------------------

The ``FIRST_STAGE_BACKENDS`` key for each entry in ``DUO_CONFIG`` should be a list of the authentication backends that the Duo application should act as a second factor for. If an authentication backend isn't listed in any ``FIRST_STAGE_BACKENDS`` list, then Duo is disabled.

----------------------------------
 Overloading the Default Template
----------------------------------

The Duo login view loads a template named ``duo_auth_form.html`` which must minimally include the following to properly render the Duo I-Frame::

    <form method="POST" id="duo_form">
      {% csrf_token %}
      {% if next %}
        <input type="hidden" name="next" value="{{ next }}"/>
      {% endif %}
      {% if app_name %}
        <input type="hidden" name="app_name" value="{{ app_name }}"/>
      {% endif %}
     </form>

     <link rel="stylesheet" type="text/css" href="{{ duo_css_src }}">
     <script src="{{ duo_js_src }}"></script>
     <iframe id="duo_iframe"
             title="Two-Factor Authentication"
             frameborder="0"
             data-host="{{ duo_host }}"
             data-sig-request="{{ sig_request }}"
             data-post-action="{{ post_action }}"
             >
     </iframe>




