✨ [#1637] moved environmental variable to disable 2fa to

base.py
open-zaak · Jul 30, 2024 · b5a7af6 · b5a7af6
1 parent 0ef5b11
commit b5a7af6
Show file tree

Hide file tree

Showing 6 changed files with 7 additions and 6 deletions.
diff --git a/CHANGELOG.rst b/CHANGELOG.rst
@@ -7,6 +7,7 @@ Changes
 
 **New features**
 
+* [#1637] Added 2FA which can be disabled by the environment variable``DISABLE_2FA``.
 * Made user emails unique to prevent two users logging in with the same email, causing an error
 
 

diff --git a/src/nrc/conf/ci.py b/src/nrc/conf/ci.py
@@ -8,6 +8,8 @@
 os.environ.setdefault("SECRET_KEY", "dummy")
 os.environ.setdefault("ENVIRONMENT", "CI")
 
+os.environ.setdefault("DISABLE_2FA", "no")
+
 from .includes.base import *  # noqa isort:skip
 
 CACHES = {

diff --git a/src/nrc/conf/dev.py b/src/nrc/conf/dev.py
@@ -15,6 +15,8 @@
 os.environ.setdefault("DB_USER", "opennotificaties")
 os.environ.setdefault("DB_PASSWORD", "opennotificaties")
 
+os.environ.setdefault("DISABLE_2FA", "yes")
+
 from .includes.base import *  # noqa isort:skip
 
 #
@@ -50,10 +52,6 @@
 INTERNAL_IPS = ("127.0.0.1",)
 DEBUG_TOOLBAR_CONFIG = {"INTERCEPT_REDIRECTS": False}
 
-# None of the authentication backends require two-factor authentication.
-if config("DISABLE_2FA", default=True):  # pragma: no cover
-    MAYKIN_2FA_ALLOW_MFA_BYPASS_BACKENDS = AUTHENTICATION_BACKENDS
-
 # in memory cache and django-axes don't get along.
 # https://django-axes.readthedocs.io/en/latest/configuration.html#known-configuration-problems
 CACHES = {

diff --git a/src/nrc/conf/includes/base.py b/src/nrc/conf/includes/base.py
@@ -79,8 +79,6 @@
 # NOTE: We override this setting from open-api-framework, because removing
 # this would change the name to `nrc - admin`
 TWO_FACTOR_WEBAUTHN_RP_NAME = "Open Notificaties - admin"
-# add entries from AUTHENTICATION_BACKENDS that already enforce their own two-factor
-# auth, avoiding having some set up MFA again in the project.
 
 # RabbitMQ
 BROKER_URL = config("PUBLISH_BROKER_URL", "amqp://guest:guest@localhost:5672/%2F")

diff --git a/src/nrc/conf/production.py b/src/nrc/conf/production.py
@@ -8,6 +8,7 @@
 import os
 
 os.environ.setdefault("ENVIRONMENT", "production")
+os.environ.setdefault("DISABLE_2FA", "no")
 
 from .includes.base import *  # noqa
 

diff --git a/src/nrc/conf/staging.py b/src/nrc/conf/staging.py
@@ -7,5 +7,6 @@
 import os
 
 os.environ.setdefault("ENVIRONMENT", "staging")
+os.environ.setdefault("DISABLE_2FA", "no")
 
 from .production import *  # noqa
Original file line number	Diff line number	Diff line change
Expand Up		@@ -7,6 +7,7 @@ Changes

		New features

		* [#1637] Added 2FA which can be disabled by the environment variable``DISABLE_2FA``.
		* Made user emails unique to prevent two users logging in with the same email, causing an error


Expand Down