Hello I have been working with Django Rest Framework with JWT as authentication framework and I successfully made Two factor authentication Login based on Email OTP but one thing I want to improve is I want to improve login and save user's device so that repeated 2FA(Two factor Authentcation) can be minimized?
here is certain instance of code I did for sending otp on user email.
serializers.py
class UserLoginSerializer(serializers.Serializer):
email = serializers.EmailField()
password = PasswordField()
views.py
class UserLoginView(generics.CreateWithMessageAPIView):
"""
Use this end-point to get login for user
"""
message = _('Please check your email for 6 digit OTP code.')
serializer_class = serializers.UserLoginSerializer
def perform_create(self, serializer):
usecases.UserLoginWithOTPUseCase(self.request, serializer=serializer).execute()
usecases.py
class UserLoginWithOTPUseCase(CreateUseCase, OTPMixin):
def __init__(self, request, serializer):
self._request = request
super().__init__(serializer)
def execute(self):
self._factory()
def _factory(self):
credentials = {
'username': self._data['email'],
'password': self._data['password']
}
self._user = authenticate(self._request, **credentials)
if self._user is not None:
"""
Sends email confirmation mail to the user's email
:return: None
"""
code = self._generate_totp(
user=self._user,
purpose='2FA',
interval=180
)
EmailVerificationEmail(
context={
'code': code,
'uuid': self._user.id
}
).send(to=[self._user.email])
else:
raise PermissionDenied(
{
'authentication_error': _('User name or password not matched')
}
)
I am confused how can I allow or save device to prevent repetitive 2FA.
from Django/Django Rest How do I save user device to prevent tedious 2FA on every login?
No comments:
Post a Comment