A simple fingerprint-based authentication and authorization application using django-mfa2.
django_mfa2_example
Fingerprint-based authentication and authorization system in Python (Django). This can be integrated with e-voting systems and other applications that should be very secure.
and is live here. In the live version, your username must start with CPE.
It is time to get into the meat of the article. Let's add some codes to our accounts/views.py file to handle registration and logging in. For registration, add this code snippet:
This is a function-based view in django. It checks to ensure that the incoming request is a POST and then gets the username and display_name from the registration form found in accounts/templates/register.html. Some of the snippets in this .html file is:
get the value of the field with username and display_name as name attribute respectively. The .replace('/', '') at the end of the username replaces any / with nothing. Which means if you type in CPE/34/3435, username will have CPE343435 without the slashes.
Then, it checks the collected values against some cleaning functions written in accounts/utils.py. Some of the snippets there is:
ain't that necessary. They are just domain-specific for the application I used it for.
The rest lines should be familiar. What really brings up fingerprint is this line:
returnredirect(reverse('start_fido2'))
It redirects the user, having passsed all the conditions stated, to a function in django-mfa that incepts the authentication process. Notice that the user was logged in before redirecting. This is to ensure that the generated public key is linked to a particular user. If you don't want this or if you want users without any authenticator to be removed from the database and then logged out, there is a hack I used and will be shared in a later part of this series.
That is it about the registration. Now to authentication. Add this snippet to the accounts/views.py file:
deflogin(request):ifrequest.method=="POST":username=request.POST.get('username').replace('/','')user=User.objects.filter(username=username).first()err=""ifuserisnotNone:ifuser.is_active:if"mfa"insettings.INSTALLED_APPS:frommfa.helpersimporthas_mfares=has_mfa(request,username=username)ifres:returnresreturnlogin_user_in(request,username)else:err="This student is NOT activated yet."else:err="No student with such matriculation number exists."returnrender(request,'login.html',{"err":err})else:returnrender(request,'login.html')
This should be familiar. The real usage of django-mfa2 comes in these lines:
It first checks to ensure mfa is installed and then verifies that the user coming in has some identity with it. Thence, the user is forwarded to login_user_in(request, username) with the following code snippet:
Note that index is included in the complete code on github. You can also find all the CSS, HTML and JavaScript there.
To use django-mfa2 well, your template should have a file named mfa_auth_base.html with the contents below:
{% extends "base.html" %}
This just extends your base.html file. For all mfa views to have the feel and look of your site, ensure you include the file above and on the head part of your base.html include:
A simple fingerprint-based authentication and authorization application using django-mfa2.
django_mfa2_example
Fingerprint-based authentication and authorization system in Python (Django). This can be integrated with e-voting systems and other applications that should be very secure.
See ya in the next part where we tinker with the django-mfa source code a bit.
Outro
Enjoyed this article? I'm a Software Engineer and Technical Writer actively seeking new opportunities, particularly in areas related to web security, finance, healthcare, and education. If you think my expertise aligns with your team's needs, let's chat! You can find me on LinkedIn and Twitter.
If you found this article valuable, consider sharing it with your network to help spread the knowledge!
