django-trench provides a set of REST API endpoints to supplement django-rest-framework with multi-factor authentication (MFA, 2FA). It supports both standard built-in authentication methods, as well as JWT (JSON Web Token).
Other
274
stars
57
forks
source link
Allow backends to pass extra context in Step 1 #215
Is your feature request related to a problem? Please describe.
As in many MFA workflows, we wanted to show a masked phone number / email on the front end to indicate to the user which device the code had been sent to.
Describe the solution you'd like
Add a hook method to MFAFirstStepMixin to allow customising the content returned, akin to View.get_context_data
Pass in the default content, along with the response from dispatch_message, and perhaps the source_field to provide extra available details.
Describe alternatives you've considered
Alternatively:
mask the source field and pass that in the response
It appears currently that dispatch_message already returns a value, but it's not used by MFAFirstStepMixin
This could offer a mechanism for a backend to choose what to show.
Is your feature request related to a problem? Please describe. As in many MFA workflows, we wanted to show a masked phone number / email on the front end to indicate to the user which device the code had been sent to.
Describe the solution you'd like Add a hook method to
MFAFirstStepMixin
to allow customising the content returned, akin toView.get_context_data
Pass in the default content, along with the response from
dispatch_message
, and perhaps thesource_field
to provide extra available details.Describe alternatives you've considered Alternatively:
mask the
source field
and pass that in the responseIt appears currently that
dispatch_message
already returns a value, but it's not used byMFAFirstStepMixin
This could offer a mechanism for a backend to choose what to show.