Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

✨ [#1637] added environmental variable to disable 2fa #161

Closed
wants to merge 1 commit into from
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions CHANGELOG.rst
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ Changes

**New features**

* [#1637] Added 2FA which can be disabled by the environment variable``DISABLE_2FA``.
bart-maykin marked this conversation as resolved.
Show resolved Hide resolved
* Made user emails unique to prevent two users logging in with the same email, causing an error


Expand Down
2 changes: 2 additions & 0 deletions src/nrc/conf/ci.py
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,8 @@
os.environ.setdefault("SECRET_KEY", "dummy")
os.environ.setdefault("ENVIRONMENT", "CI")

os.environ.setdefault("DISABLE_2FA", "no")

from .includes.base import * # noqa isort:skip

CACHES = {
Expand Down
6 changes: 2 additions & 4 deletions src/nrc/conf/dev.py
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,8 @@
os.environ.setdefault("DB_USER", "opennotificaties")
os.environ.setdefault("DB_PASSWORD", "opennotificaties")

os.environ.setdefault("DISABLE_2FA", "yes")

from .includes.base import * # noqa isort:skip

#
Expand Down Expand Up @@ -50,10 +52,6 @@
INTERNAL_IPS = ("127.0.0.1",)
DEBUG_TOOLBAR_CONFIG = {"INTERCEPT_REDIRECTS": False}

# None of the authentication backends require two-factor authentication.
if config("DISABLE_2FA", default=True): # pragma: no cover
MAYKIN_2FA_ALLOW_MFA_BYPASS_BACKENDS = AUTHENTICATION_BACKENDS

# in memory cache and django-axes don't get along.
# https://django-axes.readthedocs.io/en/latest/configuration.html#known-configuration-problems
CACHES = {
Expand Down
2 changes: 0 additions & 2 deletions src/nrc/conf/includes/base.py
Original file line number Diff line number Diff line change
Expand Up @@ -79,8 +79,6 @@
# NOTE: We override this setting from open-api-framework, because removing
# this would change the name to `nrc - admin`
TWO_FACTOR_WEBAUTHN_RP_NAME = "Open Notificaties - admin"
# add entries from AUTHENTICATION_BACKENDS that already enforce their own two-factor
# auth, avoiding having some set up MFA again in the project.

# RabbitMQ
BROKER_URL = config("PUBLISH_BROKER_URL", "amqp://guest:guest@localhost:5672/%2F")
Expand Down
1 change: 1 addition & 0 deletions src/nrc/conf/production.py
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@
import os

os.environ.setdefault("ENVIRONMENT", "production")
os.environ.setdefault("DISABLE_2FA", "no")

from .includes.base import * # noqa

Expand Down
1 change: 1 addition & 0 deletions src/nrc/conf/staging.py
Original file line number Diff line number Diff line change
Expand Up @@ -7,5 +7,6 @@
import os

os.environ.setdefault("ENVIRONMENT", "staging")
os.environ.setdefault("DISABLE_2FA", "no")

from .production import * # noqa
Loading