- Git clone the application repository.
git clone https://github.com/ciscose/duo_django_dashboard.git
- Change directory to the cloned folder.
cd duo_django_dashboard
- Create a virtual environment (duo_env) for the python dependencies.
python3 -m venv duo_env
- Activate the virtual environment.
source duo_env/bin/activate
- Change directory to the Django demo and install all the requirements
cd demos/django
pip install -r requirements.txt
-
Signup for a Duo account if you don’t already have one.
-
Log in to the Duo Admin Panel and navigate to Applications.
-
Click Protect an Application and locate Web SDK in the applications list. Click Protect this Application to get your integration key, secret key, and API hostname. (See Getting Started for help.)
Make sure the Web SDK application global policy is set as:
Enabled. New User Policy. Prompt unenrolled users to enroll whenever possible.
- Open up your code editor (e.g. Visual Studio Code), and add the Duo Integration Key, Secret Key and the API Host to settings.py (in the _duo_python_demos_django_example_site/ folder).
- DUO_IKEY = Integration key
- DUO_SKEY = Secret Key
- DUO_HOST = API Host
-
You are missing one value (the DUO_AKEY), which you have to generate yourself and keep secret from Duo. The security of your Duo application is tied to the security of your skey and akey. Treat these pieces of data like a password. They should be stored in a secure manner with limited access, whether that is in a database, a file on disk, or another storage mechanism.
-
Now you will actually generate an akey, which needs to be at least 40 characters long. You can generate a random string in Python by running these two commands.
python
>>> import os, hashlib
>>> print(hashlib.sha1(os.urandom(32)).hexdigest())
>>> [generated Akey will be printed here]
>>> exit()
-
Open up your code editor, and fill in the DUO_AKEY in the settings.py file with the generated value.
-
Now we will set up Django. First we need to run the initial database migration, by running these two commands.
python manage.py makemigrations
python manage.py migrate
- Create 2 users that will authenticate in the Django web app. The users created are:
-
Username: user1
-
Password: Cisco12345
-
Username: user2
-
Password: C1sco12345
python create_users.py
- Now you are ready to start the Django Web App. Run the following command.
python manage.py runserver
-
Open a browser and go to http://127.0.0.1:8000 and login using user1.
-
After you login you will see the non-Duo protected dashboard. Click on the the dashboard “DB Configuration” button and follow the Duo prompts to setup user1 with 2 factor authentication.
-
Experiment with the dashboard navigation buttons to see how the dashboard database configuration is protected by 2FA.