This Django app add's two factor authentication to Wagtail. Behind the scenes it use django-otp which supports Time-based One-Time Passwords (TOTP). This allows you to use various apps like Authy, Google Authenticator, or 1Password.
pip install wagtail-2fa
Then add the following lines to the INSTALLED_APPS
list in your Django
settings:
INSTALLED_APPS = [
# ...
'wagtail_2fa',
'django_otp',
'django_otp.plugins.otp_totp',
# ...
]
Next add the required middleware to the MIDDLEWARE
. It should come
after the AuthenticationMiddleware:
MIDDLEWARE = [
# .. other middleware
# 'django.contrib.auth.middleware.AuthenticationMiddleware',
'wagtail_2fa.middleware.VerifyUserMiddleware',
# 'wagtail.core.middleware.SiteMiddleware',
# .. other middleware
]
The following settings are available (Set via your Django settings):
WAGTAIL_2FA_REQUIRED
(defaultFalse
): When set to True all staff, superuser and other users with access to the Wagtail Admin site are forced to login using two factor authentication.WAGTAIL_MOUNT_PATH
(default:''
): The uWSGI mount point that Wagtail is running at. Ex./wagtail
WAGTAIL_2FA_OTP_TOTP_NAME
(default:False
): The issuer name to identify which site is which in your authenticator app. If not set andWAGTAIL_SITE_NAME
is defined it uses this. setsOTP_TOTP_ISSUER
under the hood.
First create a new virtualenv with Python 3.6.1 and activate it. Then run the following commands:
- make sandbox
You can then visit http://localhost:8000/admin/ and login with the following credentials:
- E-mail: superuser@example.com
- Password: testing