Before actions on data in Django are performed, you need to make sure that the user has permission to do the action. In this video, learn how to implement a way to check that a user has been authenticated and their identity has been confirmed using 2FA.
- [Tutor] To use two factor authentication … with Django and Django REST framework, … we need a way to confirm and validate an action. … Therefore, we need to create a permission class. … We're going to be importing permissions … from Django REST framework, … and we're going to be importing … our TwoFactorAuthCode model. … And the permission class … will be called, TwoFactorAuthRequired. … Inheriting from BasePermission, … and it will be operating at the has_permission level … instead of has object permission. … So we're going to extract the code from any request_data, … and the parameter will be called auth code. … So all requests that require twofactorauth … will have this additional auth code parameter. … And then we're going to be using the TwoFactorAuthCode, … validate_code class method. … So we pass in the request_user … and then we pass in the code. … …
Skill Level Advanced
Building a Paid Membership Site with Djangowith Nick Walter1h 15m Intermediate
OWASP Top 10: #7 XSS and #8 Insecure Deserializationwith Caroline Wong26m 31s Intermediate
Building RESTful Web APIs with Djangowith Rudolf Olah1h 9m Intermediate
1. Permissions, Access Controls, Activity Logs
2. Throttling a Flood of Requests
3. Protecting Data and Data Privacy
4. 2FA: Two-Factor Authentication
5. CSRF: Cross-Site Request Forgery Protection
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.