Allow specifying user_verification via settings

CZ-NIC / django-fido

Django application for FIDO protocol U2F

GNU General Public License v3.0

28 stars 11 forks source link

Allow specifying user_verification via settings #193

Closed variable closed 1 year ago

variable commented 1 year ago

My company wants to enforce it to be 'Required' but I don't want to create custom views to set the user_verification, can this be set via settings eg.

user_verification = SETTINGS.user_verification

thoughts?

tpazderka commented 1 year ago

You can override the user_verification when you are defining the url:

path('fido2', Fido2View.as_view(user_verification=...)

variable commented 1 year ago

Ah cool didn't realise that I could pass it in like that

variable commented 1 year ago

but @tpazderka that doesn't help if I am using the admin to add the authenticators

tpazderka commented 1 year ago

Yes, then there is currently no easy way.

The easiest is to subclass AuthenticatorAdmin and redefine its get_urls to pass the user_verification as a kwarg.

But doing it a setting is acceptable as well.

variable commented 1 year ago

Cool I will make a PR