search

merixstudio / django-trench

django-trench provides a set of REST API endpoints to supplement django-rest-framework with multi-factor authentication (MFA, 2FA). It supports both standard built-in authentication methods, as well as JWT (JSON Web Token).
Other
274 stars 57 forks source link

Allow backends to pass extra context in Step 1 #215

Open funkybob opened 1 year ago

funkybob commented 1 year ago

Is your feature request related to a problem? Please describe. As in many MFA workflows, we wanted to show a masked phone number / email on the front end to indicate to the user which device the code had been sent to.

Describe the solution you'd like Add a hook method to MFAFirstStepMixin to allow customising the content returned, akin to View.get_context_data

Pass in the default content, along with the response from dispatch_message, and perhaps the source_field to provide extra available details.

Describe alternatives you've considered Alternatively:

  1. mask the source field and pass that in the response

  2. It appears currently that dispatch_message already returns a value, but it's not used by MFAFirstStepMixin This could offer a mechanism for a backend to choose what to show.

funkybob commented 1 year ago

In fact, factoring out a whole def token_response() method would make this sort of customisation a lot easier.