I am trying to do the two-factor authentication set up for my Django project. Below is the configuration details
settings.py
'django_otp',
'django_otp.plugins.otp_static',
'django_otp.plugins.otp_totp',
'two_factor',
...
]
MIDDLEWARE = [
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django_otp.middleware.OTPMiddleware',
...
]
LOGIN_URL = 'two_factor:login'
LOGIN_REDIRECT_URL = 'two_factor:profile'
TWO_FACTOR_PATCH_ADMIN = True
TWO_FACTOR_CALL_GATEWAY = 'two_factor.gateways.fake.fake'
TWO_FACTOR_SMS_GATEWAY = 'two_factor.gateways.fake.Fake'
AUTH_USER_MODEL ='Products.CustomUser'
AUTHENTICATION_BACKENDS = (
'django.contrib.auth.backends.ModelBackend',
)
LOGGING = {
'version': 1,
'disable_existing_loggers': False,
'handlers': {
'console': {
'level': 'DEBUG',
'class': 'logging.StreamHandler',
},
},
'loggers': {
'two_factor': {
'handlers': ['console'],
'level': 'INFO',
}
}
}
urls.py
urlpatterns = [
path('', include(tf_urls)),
# path('admin/', admin.site.urls),
]
when I access the url http://127.0.0.1:8001/account/login/ it navigates to the token generation page.
when I scan the QR code with google authenticator and then when I enter the token system throws the error
**not a valid token **.
The application is already running with django default authentication using the custom user model. Now I am trying to incorporate the two factor authentication.
Can someone guide me on what is missing in the above configuration?.
Make sure the time on both the server and the phone is set correctly. Even a few seconds off can cause the validation to fail.