Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FR] Update 2FA library #3359

Closed
SchrodingersGat opened this issue Jul 19, 2022 · 10 comments · Fixed by #5169
Closed

[FR] Update 2FA library #3359

SchrodingersGat opened this issue Jul 19, 2022 · 10 comments · Fixed by #5169
Assignees
@matmair
Labels
dependency Relates to a project dependency enhancement This is an suggested enhancement or new feature security Relates to a security issue
Milestone
0.13.0

Comments

@SchrodingersGat
Copy link
Member

django-allauth-2fa have recently added configurable redirect URLs - will be available in the 1.0 release

Once the 1.0 release is out, we should update and remove our custom view code.
@SchrodingersGat SchrodingersGat added enhancement This is an suggested enhancement or new feature dependency Relates to a project dependency roadmap This is a roadmap feature with no immediate plans for implementation labels Jul 19, 2022
@SchrodingersGat SchrodingersGat added this to the 0.9.0 milestone Jul 19, 2022
@matmair
Copy link
Member

matmair commented Jul 20, 2022

@SchrodingersGat this will remove the need for a bunch of code, great news!

@SchrodingersGat SchrodingersGat removed this from the 0.9.0 milestone Oct 16, 2022
@matmair matmair self-assigned this Oct 17, 2022
@matmair matmair added this to the 0.10.0 milestone Oct 17, 2022
@matmair
Copy link
Member

matmair commented Jan 4, 2023

@SchrodingersGat should we just fork and release to PyPI like brother_ql to update now? Not sure when they will update.
Looking at valohai/django-allauth-2fa#133 and valohai/django-allauth-2fa#119 I am not sure if it is really maintained anymore.

@SchrodingersGat
Copy link
Member Author

I think if we have to add any further custom code, it would be worth it. At the moment our custom views are pretty "stable"?

@SchrodingersGat SchrodingersGat removed this from the 0.10.0 milestone Jan 27, 2023
@SchrodingersGat SchrodingersGat added the security Relates to a security issue label Jan 27, 2023
@github-actions
Copy link
Contributor

This issue seems stale. Please react to show this is still important.

@github-actions github-actions bot added the inactive Indicates lack of activity label Mar 28, 2023
@matmair
Copy link
Member

matmair commented Mar 28, 2023

Seem like there is some movement in the repo again - not sure if there will be releases though - see valohai/django-allauth-2fa#133 .
@SchrodingersGat should we start searching for alternatives?

@github-actions github-actions bot removed the inactive Indicates lack of activity label Mar 29, 2023
@github-actions
Copy link
Contributor

This issue seems stale. Please react to show this is still important.

@github-actions github-actions bot added the inactive Indicates lack of activity label May 28, 2023
@matmair
Copy link
Member

matmair commented May 28, 2023
edited
Loading

Still waiting for a release. Looking at valohai/django-allauth-2fa#119 and other discussions I am not sure there are any concrete plans for a release.
At this point thinking about a fork and releasing that like brother_ql seems like a better idea than waiting - or switching out the 2fa library entirely for something modern with support for #4002.

@github-actions github-actions bot removed the inactive Indicates lack of activity label May 29, 2023
@SchrodingersGat
Copy link
Member Author

@matmair sorry somehow I did not get notified of this one (or missed the notification). Are there any alternative packages which would drop-in for django-allauth-2fa?

@matmair
Copy link
Member

matmair commented Jun 24, 2023

Not without a bunch of work. There are some issues like token management, passkey, passwordless & magic link login etc. that would be easier with a custom user, groups and security stack.
In general, I would love to work on something like this as I reimplement the same things in all of my applications but I value #2789 #4826 #2817 higher rn

@SchrodingersGat
Copy link
Member Author

Fair enough, we'll leave this one hanging for now

@matmair matmair removed the roadmap This is a roadmap feature with no immediate plans for implementation label Jul 4, 2023
@matmair matmair added this to the 0.13.0 milestone Jul 4, 2023
@matmair matmair mentioned this issue Jul 4, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@matmair matmair

Labels
dependency Relates to a project dependency enhancement This is an suggested enhancement or new feature security Relates to a security issue
Projects
None yet
Milestone
0.13.0
Development

Successfully merging a pull request may close this issue.

Update 2fa lib matmair/InvenTree
2 participants
@SchrodingersGat @matmair