Hi, On Friday, April 12, 2019 at 8:06:21 PM UTC+2, Johannes Hoppe wrote: > > I went with the hardest possible way, NO password, NO username. Just one > time passwords send via email or SMS. Similar to Django’s password reset > function. >
I do not think that is the hardest possible way and as your code shows it is quite easy. I think the goal here should be to allow second factor authentication via webauth etc -- ie anything that is multistep. I am not surprised that email login works easily, it is a single step process after all… I published my work just now, https://django-mail-auth.rtfd.io. I would > recommend to have a look at the custom EmailUser > <https://www.google.com/url?q=https%3A%2F%2Fgithub.com%2Fcodingjoe%2Fdjango-mail-auth%2Fblob%2F0.1.2%2Fmailauth%2Fcontrib%2Fuser%2Fmodels.py&sa=D&sntz=1&usg=AFQjCNGFXMLGH8DyIlqee-w3_1gFmCp0xQ> > that > I built. There are a couple of functions and fields that need to be > overridden. BUT to my surprise even the management command > “createsuperuser” worked. > You could have reused https://github.com/aaugustin/django-sesame for the signing stuff :) Cheers, Florian -- You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Django itself)" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-developers+unsubscr...@googlegroups.com. To post to this group, send email to django-developers@googlegroups.com. Visit this group at https://groups.google.com/group/django-developers. To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/27a3e378-09ea-45dd-80e7-f496bcd4ea1c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.