Django两因素验证 [英] Django Two Factor Authentication

问题描述

我最近一直在阅读有关django-two-factor-authentication的文档，该文档在这里找到： https://django-two-factor-auth.readthedocs.io/en/stable/installation.html 该文档很棒。但是，我试图了解此解决方案的全部要求。如果实施此程序包，那么我是否需要依靠第三方来完成此解决方案，或者在没有第三方的情况下是否可以实现两因素身份验证？我主要关心的是与插入第三方相关的成本。如果可以避免的话，显然我更喜欢免费。如果无法避免，是否有人在提供两因素身份验证的任何第三方提供商中都有经验？我对Twillio进行了一些研究，但我知道还有其他人也在执行这项服务。预先感谢您的任何投入。

I have recently been reading through the documentation about django-two-factor-authentication which I found here : https://django-two-factor-auth.readthedocs.io/en/stable/installation.html The documentation is great. However, I'm trying to understand the full requirements for this solution. If I implement this package, do I then need to rely on a third party to complete this solution or can two factor authentication be achieved without a third party? My primary concern is the cost associated with plugging in to third parties. If it can be avoided, obviously I'd prefer free. If it can't be avoided, does anyone have experience with any of the third party providers offering two factor authentication? I've researched Twillio a bit but I know there are others out there who perform this service as well. Thanks in advance for any input.

推荐答案

史蒂夫，您可以在django中实现两因素身份验证，而无需使用付费的第三方。

Steve, you can implement two factor authentication in django without the use of a paid 3rd party.

您可以通过直接实现 pyOTP库来实现此目的让用户使用Google Authenticator应用。由于这完全是数学运算，因此在生成或验证代码时不需要第三方服务。

You can do it by implementing the pyOTP library directly, and then having the user use the Google Authenticator app. Since it is all math there are no third party services when the code is generated or validated.

我以前在django网站上实现了此功能。它涉及设置OTP机密并进行验证。然后，每次需要身份验证时，都将生成QR码以供他们使用配置URI进行扫描，然后将2FA验证与您的身份验证结合在一起。所有这些步骤都可以单独使用pyOTP库完成。 （我还使用了pyqrcode库来生成可扫描的qr代码）

I have implemented this on a django website before. It involves setting up a OTP secret, verifying it. Then each time an auth is needed, generating the QR code for them to scan using a provisioning URI, then combining the 2FA verification with your auth. All of those steps can be done using the pyOTP library alone. (I also used the pyqrcode library to generate the scannable qr code)

如果您进行搜索，您可能会发现一些已经在较大的步骤中完成了这些较小步骤的示例库，像这样的。

If you search you can probably find some examples of people who have already built out these smaller steps in bigger libraries, like this one.

如果您想提供基于SMS的2FA，则需要考虑使用Twilio。但这也许是一项功能，而且不是必需的。

If you wanted to offer SMS based 2FA you would need to look at using Twilio. But that is perhaps a feature and not necessary.

这篇关于Django两因素验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！