deux.authtoken.serializers¶
-
class
deux.authtoken.serializers.
MFAAuthTokenSerializer
[source]¶ This extends the
AuthTokenSerializer
to support multifactor authentication.-
backup_code
= None¶ Serializer field for Backup code.
-
mfa_code
= None¶ Serializer field for MFA code field.
-
validate
(attrs)[source]¶ Extends the AuthTokenSerializer validate method to implement multi factor authentication.
If MFA is disabled, authentication requires just a username and password.
If MFA is enabled, authentication requires a username, password, and either a MFA code or a backup code. If the request only provides the username and password, the server will generate an appropriate challenge and respond with mfa_required = True.
Upon using a backup code to authenticate, MFA will be disabled.
Parameters: attrs – Dictionary of data inputted by the user. Raises: serializers.ValidationError – If invalid MFA code or backup code are submitted. Also if both types of code are submitted simultaneously.
-