tweak api

README.md

@@ -7,7 +7,7 @@ NB. Alpha version. Deep refactoring will be completed soon.
 [![pypi version](https://img.shields.io/pypi/v/django-multifactorr-authentication.svg)](https://pypi.org/project/django-multifactor-authentication/)
 
 
-Flexible authentication for web, mobile, desktop and hybrid apps. It can be used for 1fa, 2fa and mfa cases. Easily configurable and extendable with new authentication methods or services. Authenticaton scenarios, called `flows`, based on the next `identifiers` and `secrets`, which can be used or not used in multiple combinations:
+Flexible authentication for web, mobile, desktop and hybrid apps. It can be used for 1fa, 2fa and mfa cases. Easily configurable and extendable with new authentication methods or services. Authenticaton scenarios, called `flows`, are based on `identifiers` and `secrets`, which can be used or not used in multiple combinations:
 - username, email, phone, ...
 - password, passcode (one-time pass or token), hardcode (device or card id), ...
 
@@ -31,18 +31,18 @@ Base settings (required):
 AUTH_USER_MODEL = 'multauth.User'
 AUTHENTICATION_BACKENDS = (
  'multauth.backends.ModelBackend',
- # ...other backends
+ # ...etc
 )
 
 MULTAUTH_DEBUG = True # False by default
 MULTAUTH_PASSCODE_LENGTH = 6 # size in digits
 MULTAUTH_PASSCODE_EXPIRY = 3600 * 24 * 3 # time in seconds
 
-
 MULTAUTH_FLOWS = (
- ('phone', 'hardcode', 'passcode',),
- ('email', 'password', 'passcode',),
- ('username', 'password',),
+ ('phone', 'hardcode', 'passcode',),
+ ('email', 'password', 'passcode',),
+ ('username', 'password',),
+ # ...etc
 )
 
 ```

multauth/api/auth/serializers.py

@@ -22,50 +22,24 @@ class TokenSerializer(serializers.Serializer):
 
 
 class SigninSerializer(serializers.ModelSerializer):
- token = serializers.CharField(required=False) # aka one-time-passcode
-
  class Meta:
  model = get_user_model()
- identifiers_fields = [x for x in model.IDENTIFIERS]
- secrets_fields = [x for x in model.SECRETS]
-
- fields = tuple(identifiers_fields + secrets_fields + [
- 'token'
- ])
+ fields = tuple(list(model.IDENTIFIERS) + list(model.SECRETS))
 
+ # experimental
  extra_kwargs = dict([]
- + [(x, {'required': False, 'validators': None}) for x in identifiers_fields]
- + [(x, {'required': False}) for x in secrets_fields]
+ + [(x, {'required': False, 'validators': None}) for x in model.IDENTIFIERS]
+ + [(x, {'required': False}) for x in model.SECRETS]
  )
 
- # # TODO refactor and add to validate()
- # # the requirements would be: indentifier and at "first" secret are required
- # @classmethod
- # def validate(cls, required_only=True, **fields):
- # # TEMP
- # return
-
- # # TODO: move it to ModelBackend !
- # # TODO: temp
- # required_credentials = list(cls.IDENTIFIERS) + list(cls.SECRETS)
- # # RESERVED
- # # required_credentials = \
- # # cls.get_required_credentials() if required_only else cls._credentials
-
- # # at least one "pair" of credentials should be present
- # if not [
- # credentials for credentials in required_credentials
- # if reduce(lambda b, x: fields.get(x) and b, credentials, True)
- # ]:
- # msg = _('Invalid user credentials. Must include ' + ' or '.join('"' + '/'.join(x) + '"' for x in required_credentials))
- # raise ValueError(msg)
  def validate(self, data):
  model = self.Meta.model
 
- try:
- model.validate(required_only=False, **data) # experimental
- except ValueError as e:
- raise exceptions.ValidationError(str(e))
+ # check identifiers
+ data_identifiers = [x for x in data if x in model.IDENTIFIERS and data.get(x, None)]
+ if not data_identifiers:
+ msg = _('Invalid user credentials. No valid identifier fields found')
+ raise exceptions.ValidationError(msg)
 
  user = authenticate(**data)
 

setup.py

@@ -10,10 +10,10 @@ def read(f):
 
 setup(
  name='django-multifactor-authentication',
- version='0.0.1',
+ version='0.0.3',
  url='https://github.com/andrenerd/django-multifactor-authentication',
  license='BSD',
- description='Combined web and mobile authentication for Django.',
+ description='Flexible authentication for web, mobile, desktop and hybrid apps. It can be used for 1fa, 2fa and mfa cases.',
  long_description=read('README.md'),
  long_description_content_type='text/markdown',
  author='Andrei Vasin',
@@ -29,7 +29,7 @@ def read(f):
  python_requires='>=3.5',
  zip_safe=False,
  classifiers=[
- 'Development Status :: 1 - Planning',
+ 'Development Status :: 3 - Alpha',
  'Environment :: Web Environment',
  'Framework :: Django',
  'Intended Audience :: Developers',