Submitted the pull requests. Source: https://github.com/web2py/web2py/pull/431 Documentation: https://github.com/mdipierro/web2py-book/pull/202
The two-step verification in this pull can be activated on a per-user basis by adding the user to a group named 'web2py Two-Step Authentication'. This string is hard-coded in the code. If a user logs in successfully with their username and password, and they are a part of this group, then the two-step functionality is enabled. The server sends an email to the user's registered email address with a random code. The user has 4 tries to enter this code before they are logged out and must enter username/password again. Possible future enhancements: - Add some ability to customize. Let people create their own two-step auth methods (like the extended_login functionality) - Add TOTP based two-factor authentication instead of sending email (there is already a MOTP plugin for web2py that can be used as base) On Wednesday, May 1, 2013 4:36:43 PM UTC-4, Cliff Kachinske wrote: > > If so, can you share the code? > > If not, I will put it on my todo list, but there are a lot of things in > front of it. > > Thanks, > Cliff Kachinske > > > -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
