Awesome Open Source
Awesome Open Source

================================ Django Two-Factor Authentication

.. image:: :alt: Build Status :target:

.. image:: :alt: Build Status :target:

.. image:: :alt: Test Coverage :target:

.. image:: :alt: PyPI :target:

Complete Two-Factor Authentication for Django. Built on top of the one-time password framework django-otp_ and Django's built-in authentication framework django.contrib.auth for providing the easiest integration into most Django projects. Inspired by the user experience of Google's Two-Step Authentication, allowing users to authenticate through call, text messages (SMS), by using a token generator app like Google Authenticator or a YubiKey_ hardware token generator (optional).

If you run into problems, please file an issue on GitHub, or contribute to the project by forking the repository and sending some pull requests. The package is translated into English, Dutch and other languages. Please contribute your own language using Transifex_.

Test drive this app through the online example app, hosted by Heroku. It demos most features except the Twilio integration. The example also includes django-user-sessions_ for providing Django sessions with a foreign key to the user. Although the package is optional, it improves account security control over django.contrib.sessions.

Compatible with modern Django versions. At the moment of writing that's including 2.2, 3.0, and 3.1 on Python 3.5, 3.6, 3.7 and 3.8. Documentation is available at readthedocs.org_.


Refer to the installation instructions_ in the documentation.

Getting help

For general questions regarding this package, please hop over to Stack Overflow_. If you think there is an issue with this package; check if the issue is already listed (either open or closed), and file an issue if it's not.


  • Submit issues to the issue tracker_ on Github.
  • Fork the source code_ at Github.
  • Write some code and make sure it is covered with unit tests.
  • Send a pull request with your changes.
  • Provide a translation using Transifex_.

Running tests

This project aims for full code-coverage, this means that your code should be well-tested. Also test branches for hardened code. You can run the full test suite with::

make test

Or run a specific test with::

make test TARGET=tests.tests.TwilioGatewayTest

For Python compatibility, tox_ is used. You can run the full test suite, covering all supported Python and Django version with::



The following actions are required to push a new version:

  • Update release notes

  • If any new translations strings were added, push the new source language to Transifex_. Make sure translators have sufficient time to translate those new strings::

    make tx-push

  • Add migrations::

    python example/ makemigrations two_factor git commit two_factor/migrations -m "Added migrations"

  • Update translations::

    make tx-pull

  • Package and upload::

    bumpversion [major|minor|patch] git push && git push --tags python sdist bdist_wheel twine upload dist/*

See Also

Have a look at django-user-sessions_ for Django sessions with a foreign key to the user. This package is also included in the online example app_.


The project is licensed under the MIT license.

.. _example app: .. _django-otp: .. _Transifex: .. _Twilio: .. _Heroku: .. _django-user-sessions: .. _tox: .. _issue tracker: .. _source code: .. .. _installation instructions: .. _Stack Overflow: .. _Yubikey: .. _Hynek's Sharing Your Labor of Love: PyPI Quick And Dirty: .. _issue 239:

Get A Weekly Email With Trending Projects For These Topics
No Spam. Unsubscribe easily at any time.
python (50,867
django (973
authentication (451
two-factor-authentication (39

Find Open Source By Browsing 7,000 Topics Across 59 Categories