Complete Two-Factor Authentication for Django providing the easiest integration into most Django projects.
two_factor.utils.get_available_methods()
is replaced by
MethodRegistry.get_methods()
.secret_key
context variable to be able to display
that key elsewhere than in the QR code.idempotent
class variable to tell if the
form can validate more than once with the same input data.EmailDevice
) can now be activated
and used to communicate the second factor token by email.two_factor.plugins.phonenumber
line in your INSTALLED_APPS
setting. Additionally, as the two_factor
templatetags library was only containing phone-related filters, the library
was renamed to phonenumber
.otp_token
form field for AuthenticationTokenForm
is now a Django
RegexField
instead of an IntegerField
.<Pause>
tag.re_path()
to path()
in URLConfDisableView
now checks user has verified before disabling two-factor on
their accountNo changes in this release. Pushed new version to PyPI dropping the plaintext warning.
LoginView
and them needing to re-authenticate. By default this is 10
minutes.LoginView
no longer re-validates a user's credentials.LoginView
no longer stores credentials in plaintext in the
session store.Nothing has been added for this version
mock
dependencyextra_requires
are now listed in lowercase. This is to workaround a bug in pip
.trimmed
option on blocktrans
to avoid garbage newlines in translations.random_hex
from django_otp
0.8.0 will always return a str
, don't try to decode it.