Attention! Only for really paranoid people as me.
The project code and bugtracker is hosted on Bitbucket and Github.
django-dynamic-password is a django application which allow you to add dynamic password authentication for your web service.
Verifies provided password according to DYNAMIC_PASSWORD_PATTERN in your
settings.py. You can also enable this feature only for STAFF users, see below.
You can format the value of your DYNAMIC_PASSWORD_PATTERN according to: http://docs.python.org/library/datetime.html#strftime-and-strptime-behavior
Some examples. Let's assume that today is September 29th, 2022, 8:01 (09-29-2022 8:01). Say your username is "admin" and password "s3kr3t", according to your DYNAMIC_PASSWORD_PATTERN in settings.py you will have:
Case 1:
DYNAMIC_PASSWORD_PATTERN = '<PASSWORD>%d' only today valid password: s3kr3t29
Case 2:
DYNAMIC_PASSWORD_PATTERN = '%d<PASSWORD>%H' only this hour valid password: 29s3kr3t08
Case 3:
DYNAMIC_PASSWORD_PATTERN = '%d<PASSWORD>%H-%M' only this minute valid password: 29s3kr3t08-01
There are a few different ways to install dynamic_password:
If you have pip install available on your system, just type:
pip install django-dynamic-password
If you've already got an old version of dynamic_password, and want to upgrade, use:
pip install -U django-dynamic-password
If you've obtained a copy of dynamic_password using either Mercurial or a downloadable archive, you'll need to install the copy you have system-wide. Try running:
python setup.py develop
If that fails, you don't have setuptools or an equivalent installed;
either install them, or run:
python setup.py install
If you have already installed dynamic_password app, you must proceed with the configuration of your project.
Once the dynamic_password is in your Python path, you need to modify the INSTALLED_APPS setting to include the dynamic_password module:
INSTALLED_APPS = (
# ...,
# Third-party
'dynamic_password',
# ...,
)
To activate this backend you need at least put dynamic_password.backends. DynamicPasswordBackend line to the AUTHENTICATION_BACKENDS tuple:
- AUTHENTICATION_BACKENDS = (
- 'dynamic_password.backends.DynamicPasswordBackend', )
Add this line to your settings.py:
DYNAMIC_PASSWORD_PATTERN = '<PASSWORD>%m'
change it's value according to your needs. Some examples:
DYNAMIC_PASSWORD_PATTERN = '<PASSWORD>%d' DYNAMIC_PASSWORD_PATTERN = '<PASSWORD>%m' DYNAMIC_PASSWORD_PATTERN = '%m<PASSWORD>%d' DYNAMIC_PASSWORD_PATTERN = '%d<PASSWORD>%Y'
You can format this value according to: http://docs.python.org/library/datetime.html#strftime-and-strptime-behavior
In order to enable dynamic_password only for staff users you can add this line to your settings.py:
DYNAMIC_PASSWORD_ONLY_STAFF = True
- Enable "per user" dynamic password, DYNAMIC_PASSWORD_USERS = ('user1', 'user2', )