Make sure that the user is whom they say they are. In this video, learn how to create the logic for confirming that an SMS code matches for a user and enables two-factor authentication.
- To confirm and validate the two factor auth code, … we need to define a new class method called validate code. … So it's a class method, … called validate code. … And we pass in the user and the code. … And we're going to first check if the user is anonymous. … And if that is the case, we return False, … then we check if there is an existing auth code that matches … by matching against the user, … and the code that was given. … And sorting by the sent on date, … so that we are matching against the most recently … issued two factor auth code. … If existing is None, there is no match … then we create an activity log. … For this user, where the action is, … they entered, … an incorrect two factor auth code. … And then we return False. … And the last case here, … is that the authentication code they entered is valid … so we're going to delete this auth code … so it can't be re-used. … And then we're going to create a log … for the user. … An action is that they entered … a correct two factor auth code …
Skill Level Advanced
Building a Paid Membership Site with Djangowith Nick Walter1h 15m Intermediate
OWASP Top 10: #7 XSS and #8 Insecure Deserializationwith Caroline Wong26m 31s Intermediate
Building RESTful Web APIs with Djangowith Rudolf Olah1h 9m Intermediate
1. Permissions, Access Controls, Activity Logs
2. Throttling a Flood of Requests
3. Protecting Data and Data Privacy
4. 2FA: Two-Factor Authentication
5. CSRF: Cross-Site Request Forgery Protection
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.