-
Notifications
You must be signed in to change notification settings - Fork 0
/
auth_backends.py
36 lines (29 loc) · 1.29 KB
/
auth_backends.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
from django.contrib.auth.models import User
from django.contrib.auth.backends import ModelBackend
from django.conf import settings
from twofactor.models import UserAuthToken
class TwoFactorAuthBackend(ModelBackend):
def authenticate(self, username=None, password=None, token=None):
# Validate username and password first
user_or_none = super( TwoFactorAuthBackend, self )\
.authenticate( username, password )
# Don't bother checking for two-factor tokens when running in a
# DEBUG environment.
if settings.DEBUG or settings.TESTING:
return user_or_none
if user_or_none and isinstance(user_or_none, User):
# Got a valid login. Now check token.
try:
user_token = UserAuthToken.objects.get(user=user_or_none)
except UserAuthToken.DoesNotExist:
# User doesn't have two-factor authentication enabled, so
# just return the User object.
return user_or_none
validate = user_token.check_auth_code(token)
if (validate == True):
# Auth code was valid.
return user_or_none
else:
# Bad auth code
return None
return user_or_none