search

inventree / InvenTree

Open Source Inventory Management System
https://docs.inventree.org
MIT License
4.15k stars 752 forks source link

Remove django-allauth-2fa #6281

Open matmair opened 8 months ago

matmair commented 8 months ago

We are currently using the awesome django-allauth-2fa. The upstream project django-allauth has added mfa recently and seems to support pretty much everything django-allauth does so IMO it is time to reduce the depency tree and remove django-allauth-2fa.

There are actually docs for this: https://docs.allauth.org/en/latest/mfa/django-allauth-2fa.html. Although it should not really be breaking, I would still consider it as such as this is probably a one-way street.

matmair commented 8 months ago

A few issues are linked to 2fa and it is probalby simpler to first do this and then tackle them: https://github.com/inventree/InvenTree/issues/6200, https://github.com/inventree/InvenTree/issues/6132

Also it seems that django-allauth could gain more factors so it is probably a safer bet long term: https://github.com/pennersr/django-allauth/issues/3550

SchrodingersGat commented 8 months ago

I'm on board with this - makes sense to use a single library rather than maintaining two dependencies. I am also keen to address this soon so we can tackle the other outstanding issues

matmair commented 7 months ago

The release of 0.14.0 is nearing, moving to the next milestone